Module 1 Flashcards

1
Q

What is the OSI model?

A

The OSI (Open Systems Interconnection) model is a framework for understanding how communications protocols work. It divides the process of transmitting data over a network into seven layers, each with a specific function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How many layers does the OSI model have?

A

The OSI model has seven layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the function of the Physical layer in the OSI model?

A

The Physical layer deals with the physical connection between devices, such as cables and switches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the function of the Data Link layer in the OSI model?

A

The Data Link layer deals with the transmission of data over a physical connection. It is responsible for creating and interpreting packets of data, and providing error checking and correction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the function of the Network layer in the OSI model?

A

The Network layer deals with the routing of packets between devices. It is responsible for determining the best path for data to take across a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the function of the Transport layer in the OSI model?

A

The Transport layer provides end-to-end communication between applications running on different devices. It is responsible for ensuring that data is delivered reliably and in the correct order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the function of the Session layer in the OSI model?

A

The Session layer establishes, maintains, and terminates connections between applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the function of the Presentation layer in the OSI model?

A

The Presentation layer deals with the format of the data being transmitted, such as converting it between different types of encoding.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the function of the Application layer in the OSI model?

A

The Application layer is the top layer, which provides the interface for applications to access the network and send and receive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the TCP/IP protocol suite?

A

The TCP/IP (Transmission Control Protocol/Internet Protocol) protocol suite is a set of protocols that are used to transmit data over networks, including the internet. It is the foundation of all internet communication and is based on the four-layer conceptual model (also known as the “Internet Protocol Suite”).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How many layers does the TCP/IP model have?

A

The TCP/IP model has four layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the function of the Link Layer in the TCP/IP model?

A

The Link Layer corresponds to the Data Link layer in the OSI model. It is responsible for establishing and maintaining the physical link between devices, such as through the use of Ethernet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the function of the Internet Layer in the TCP/IP model?

A

The Internet Layer corresponds to the Network layer in the OSI model. It is responsible for routing packets of data between devices, through the use of the IP (Internet Protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the function of the Transport Layer in the TCP/IP model?

A

The Transport Layer corresponds to the Transport layer in the OSI model. It is responsible for providing end-to-end communication between applications, through the use of the TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the function of the Application Layer in the TCP/IP model?

A

The Application Layer corresponds to the Application layer in the OSI model. It is responsible for providing interfaces for applications to access the network and send and receive data. Examples of protocols at this layer include HTTP, FTP, DNS, and SMTP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Is the TCP/IP protocol suite only used on the Internet?

A

No, the TCP/IP protocol suite is widely adopted as a standard for communication over networks and it’s also commonly used in local area networks (LANs) and wide area networks (WANs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the TCP protocol?

A

TCP (Transmission Control Protocol) is a transport layer protocol used to establish a reliable, ordered and error-checked channel between two devices for the communication of data. It is one of the core protocols of the Internet Protocol (IP) suite, and is used by many of the most popular internet applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How does TCP establish a connection?

A

TCP is a connection-oriented protocol. When a device wants to establish a connection with another device, it sends a TCP packet called a SYN (synchronize) packet to initiate the connection. The receiving device responds with a SYN-ACK (synchronize-acknowledge) packet to confirm that the connection has been established.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How does TCP exchange data?

A

Once the connection is established, the devices can exchange data by sending TCP packets, which include a sequence number and an acknowledgement number. The sequence number is used to keep track of the order of the packets, and the acknowledgement number is used to confirm that packets have been received.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

How does TCP close a connection?

A

When the communication is finished, the connection is closed by sending a FIN (finish) packet from one device to the other, which will be acknowledged with an ACK packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the main advantage of TCP?

A

TCP is considered a reliable protocol because it guarantees that packets will be delivered to their destination in the correct order and without errors, if any error occurs, it will retransmit the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the main disadvantage of TCP?

A

The main disadvantage of TCP is that it has a higher overhead and it’s slower than the UDP protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the UDP protocol?

A

UDP (User Datagram Protocol) is a transport layer protocol that is used to send data over a network. It is a connectionless protocol, which means that it does not establish a virtual connection before exchanging data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How does UDP differ from TCP in terms of error checking and retransmission?

A

Unlike TCP, UDP does not provide any error-checking or retransmission of lost packets. This means that UDP packets may be lost, duplicated or delivered out of order and the sender or receiver have no way to know it. Because of this, UDP is considered an unreliable protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are the common uses of UDP?

A

UDP is commonly used for applications that require low latency, such as online gaming, video conferencing, and streaming of multimedia content. Additionally, it’s used for some specific services like Domain Name System (DNS) or Simple Network Management Protocol (SNMP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the structure of a UDP packet?

A

UDP packets have a very simple structure, they consist of a header and the payload. The header contains the source and destination port numbers, as well as the length of the packet. The payload contains the actual data being sent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the main advantage of UDP?

A

The main advantage of UDP is that it has lower overhead and it is faster than TCP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the IP protocol?

A

IP (Internet Protocol) is a network layer protocol that is responsible for routing packets of data across a network. It is one of the core protocols of the Internet Protocol (IP) suite and is used by most devices that connect to the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the main function of IP?

A

The main function of IP is to deliver packets of data, called datagrams, from the source device to the destination device based on the destination IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

How is the structure of an IP packet?

A

IP packets have a simple structure, consisting of a header and a payload. The header contains the source and destination IP addresses, as well as other information such as the time to live (TTL) and the protocol being used at the transport layer. The payload contains the actual data being sent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

How does IP work?

A

IP is a connectionless protocol, meaning it doesn’t establish a virtual connection before sending data. IP is responsible for routing the packets of data to the right destination.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

How does IP route data across networks?

A

IP is responsible for routing data across networks, even if they are not directly connected. This is done through the use of routers, which forward IP packets based on their destination IP address and the routing tables stored in their memory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What are the two versions of IP that are widely used today?

A

IP version 4 (IPv4) and IP version 6 (IPv6) are the two versions of IP that are widely used today. IPv4 addresses are 32-bit and IPv6 addresses are 128-bit, and IPv6 is designed to solve the address exhaustion problem of IPv4.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is the ARP protocol?

A

ARP (Address Resolution Protocol) is a protocol that is used to map a network layer protocol address, such as an IP address, to a link layer protocol address, such as a MAC (Media Access Control) address. It is used to find the MAC address of a device on a local area network (LAN) when only its IP address is known.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How does ARP work?

A

When a device wants to communicate with another device on a LAN, it first needs to determine the MAC address of the destination device. It does this by sending an ARP request packet, which contains the IP address of the destination device. The device with that IP address will then respond with its MAC address in an ARP reply packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is Reverse ARP (RARP)?

A

Reverse ARP (RARP) is a variation of ARP, it’s used to find the IP address of a device when only its MAC address is known, by sending an ARP request packet with the MAC address and waiting for an ARP reply packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Is ARP a stateless protocol?

A

Yes, ARP is a stateless protocol, which means that it does not maintain a table of previously looked-up addresses. Each ARP request is sent independently, and the information is not stored for future use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

How are ARP requests and replies sent?

A

ARP request and reply packets are broadcast to all devices on the LAN, but only the device with the matching IP address will respond.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is the ICMP protocol?

A

ICMP (Internet Control Message Protocol) is a network layer protocol that is used to send error messages and operational information about network conditions. It is a integral part of the Internet Protocol (IP) suite, and is used by devices to send error messages and operational information about network conditions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What are the common uses of ICMP?

A

ICMP messages are typically generated by network devices, such as routers, to indicate error conditions or to provide other information about the status of the network. For example, an ICMP “destination unreachable” message may be sent by a router to inform a sending device that a destination host or network is unreachable. Similarly, ICMP “time exceeded” message may be sent by a router to inform a sending device that a packet has been discarded because it exceeded the maximum time allowed for it to traverse the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is the “ping” message?

A

One of the most well-known ICMP message is the “ping” message, which is used to test the reachability of a host and to measure the round-trip time for packets to travel from the source host to the destination host and back. A ping packet is a echo request packet, when it reaches the destination host, it sends an echo reply packet back.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

How does ICMP differ from other protocols in the IP suite?

A

ICMP is an integral part of IP, but it has some specific characteristics, it is unreliable and it’s not connection-oriented, so it can’t guarantee that the message will be delivered or in what order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is the main use of ICMP?

A

In summary, ICMP is a network protocol that is used to send error messages and operational information about network conditions, and it’s widely used to diagnose and troubleshoot network issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What is the structure of a TCP datagram?

A

The structure of a TCP datagram includes several fields that are used for various purposes such as identifying the sender and receiver, controlling the flow of data, and ensuring data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Q: What is the purpose of the source port field in a TCP datagram?

A

A: The source port field is a 16-bit field that identifies the sender’s port number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Q: What is the purpose of the sequence number field in a TCP datagram?

A

A: The sequence number field is a 32-bit field that is used to keep track of the order of the packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Q: What is the purpose of the control bits field in a TCP datagram?

A

A: The control bits field is a 6-bit field that contains various control flags such as SYN, FIN, ACK, and RST.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Q: What is the purpose of the window size field in a TCP datagram?

A

A: The window size field is a 16-bit field that indicates the number of bytes that the sender is willing to receive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Q: What is the purpose of the checksum field in a TCP datagram?

A

A: The checksum field is a 16-bit field that is used to ensure data integrity by detecting errors in the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Q: What is the purpose of the options field in a TCP datagram?

A

A: The options field is a variable-length field that can be used to include additional information such as the maximum segment size and timestamps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Q: What is the structure of a UDP datagram?

A

A: The structure of a UDP datagram is simpler than that of a TCP datagram, as it is a connectionless, unreliable protocol. It includes fields for source and destination port numbers, length and checksum.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Q: What is the purpose of the source port field in a UDP datagram?

A

A: The source port field is a 16-bit field that identifies the sender’s port number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Q: What is the purpose of the destination port field in a UDP datagram?

A

A: The destination port field is a 16-bit field that identifies the receiver’s port number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Q: What is the purpose of the length field in a UDP datagram?

A

A: The length field is a 16-bit field that indicates the total length of the UDP datagram, including the header and data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Q: What is the purpose of the checksum field in a UDP datagram?

A

A: The checksum field is a 16-bit field that is used to detect errors in the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Q: Is the checksum field mandatory in UDP?

A

A: The checksum field is optional in UDP, if it’s not used, the value in this field is set to zero.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Q: What is the structure of an IP packet?

A

A: The structure of an IP packet includes several fields that are used for various purposes such as identifying the sender and receiver, controlling the flow of data, and ensuring data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Q: What is the purpose of the version field in an IP packet?

A

A: The version field is a 4-bit field that indicates the version of IP being used (4 for IPv4 and 6 for IPv6).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Q: What is the purpose of the Type of Service (ToS) field in an IP packet?

A

A: The Type of Service (ToS) field is an 8-bit field that is used to indicate the quality of service (QoS) desired for the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Q: What is the purpose of the Time To Live (TTL) field in an IP packet?

A

A: The Time To Live (TTL) field is an 8-bit field that is used to indicate the maximum number of hops a packet can traverse before being discarded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Q: What is the purpose of the Protocol field in an IP packet?

A

The Protocol field in an IP packet is an 8-bit field that indicates the type of transport layer protocol being used (e.g. TCP, UDP, ICMP) in the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Q: What is the structure of an Ethernet frame?

A

A: The structure of an Ethernet frame includes several fields that are used for various purposes such as identifying the sender and receiver, controlling the flow of data, and ensuring data integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Q: What is the purpose of the destination MAC address field in an Ethernet frame?

A

A: The destination MAC address field is a 48-bit field that contains the MAC address of the intended recipient of the frame.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Q: What is the purpose of the source MAC address field in an Ethernet frame?

A

A: The source MAC address field is a 48-bit field that contains the MAC address of the sender.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Q: What is the purpose of the EtherType field in an Ethernet frame?

A

A: The EtherType field is a 16-bit field that indicates the type of payload that is included in the frame (e.g. IP, ARP, VLAN).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Q: What is the purpose of the Frame Check Sequence (FCS) field in an Ethernet frame?

A

A: The Frame Check Sequence (FCS) field is a 32-bit field that is used to detect errors in the frame.

67
Q

Q: What is the main difference between TCP and UDP?

A

A: The main difference between TCP and UDP is that TCP is a reliable, connection-oriented protocol that establishes a connection before transmitting data and uses flow control and error checking mechanisms to ensure that data is transmitted correctly and in the right order. UDP is a connectionless, unreliable protocol that doesn’t have flow control and error checking mechanisms like TCP.

68
Q

Q: What is the main purpose of IP?

A

A: The main purpose of IP is to route packets between devices on a network by using the IP addresses in the packet header.

69
Q

Q: What is the main purpose of Ethernet?

A

A: The main purpose of Ethernet is to transmit data over a local area network (LAN) by using MAC addresses in the frame header.

70
Q

Q: What is the main difference between IP and Ethernet?

A

A: The main difference between IP and Ethernet is that IP is a network layer protocol that is used to route data between devices, and Ethernet is a Data-Link Layer protocol that is used to transmit data over LANs.

71
Q

Q: What is the main difference between Ethernet frame structure and IP packet structure?

A

A: The main difference between Ethernet frame structure and IP packet structure is that Ethernet frame is used to transmit data over LANs by using MAC addresses in the frame header, and IP packet is used to route packets between devices on a network by using the IP addresses in the packet header.

72
Q

Q: What are well-known ports?

A

A: Well-known ports are specific port numbers that are reserved for use by specific services or protocols. These ports are typically assigned by the Internet Assigned Numbers Authority (IANA) and are in the range of 0 to 1023.

73
Q

Q: What is the use of port 21?

A

A: Port 21 is used for the File Transfer Protocol (FTP) service, which is used for transferring files between computers.

74
Q

Q: What is the use of port 22?

A

A: Port 22 is used for the Secure Shell (SSH) service, which is used for securely accessing remote computers and servers.

75
Q

Q: What is the use of port 23?

A

A: Port 23 is used for the Telnet service, which is used for remotely accessing and managing network devices.

76
Q

Q: What is the use of port 25?

A

A: Port 25 is used for the Simple Mail Transfer Protocol (SMTP) service, which is used for sending and receiving email.

77
Q

Q: What is the use of port 53?

A

A: Port 53 is used for the Domain Name System (DNS) service, which is used for resolving domain names to IP addresses.

78
Q

Q: What is the use of port 80?

A

A: Port 80 is used for the Hypertext Transfer Protocol (HTTP) service, which is used for accessing web pages.

79
Q

Q: What is the use of port 110?

A

A: Port 110 is used for the Post Office Protocol version 3 (POP3) service, which is used for retrieving email from a mail server.

80
Q

Q: What is the use of port 443?

A

A: Port 443 is used for the Hypertext Transfer Protocol Secure (HTTPS) service, which is used for accessing secure web pages.

81
Q

Q: What is the process of establishing a TCP session called?

A

A: The process of establishing a TCP session is called the three-way handshake.

82
Q

Q: What is the purpose of the SYN flag in the first segment of the three-way handshake?

A

A: The purpose of the SYN flag in the first segment of the three-way handshake is to initiate the connection.

83
Q

Q: What is the purpose of the SYN-ACK flag in the second segment of the three-way handshake?

A

A: The purpose of the SYN-ACK flag in the second segment of the three-way handshake is to acknowledge the receipt of the SYN flag and to synchronize the sequence numbers.

84
Q

Q: What is the purpose of the ACK flag in the third segment of the three-way handshake?

A

A: The purpose of the ACK flag in the third segment of the three-way handshake is to confirm that the connection has been established.

85
Q

Q: What is the process of tearing down a TCP connection called?

A

A: The process of tearing down a TCP connection is called the four-way handshake.

86
Q

Q: What is the purpose of the FIN flag in the first segment of the four-way handshake?

A

A: The purpose of the FIN flag in the first segment of the four-way handshake is to indicate that the sender is finished sending data.

87
Q

Q: What is the internet?

A

A: The internet is a global network of interconnected computers and servers that communicate with each other using a common set of protocols, such as TCP/IP. It enables users to access a wide range of services and information, including email, the World Wide Web, and file sharing.

88
Q

Q: What is an intranet?

A

A: An intranet is a private network that is built using internet technologies and is accessible only to a specific group of users, such as employees of a company or members of an organization. It is typically used for internal communication and collaboration, and may include features such as file sharing, email, and instant messaging.

89
Q

Q: What is an extranet?

A

A: An extranet is a private network that is built using internet technologies and is accessible to a specific group of external users, such as customers, partners, or vendors. It allows these external users to access certain parts of the intranet, such as specific resources or applications, while still maintaining security and privacy. Extranets are often used to share information and collaborate with external partners, and they may include features such as file sharing, secure email, and secure data transmission.

90
Q

Q: How does an intranet differ from an extranet?

A

A: An intranet is a private network that is accessible only to a specific group of internal users, such as employees of a company, while an extranet is a private network that is accessible to a specific group of external users, such as customers, partners, or vendors.

91
Q

Q: How does the internet differ from an intranet and an extranet?

A

The internet is a global network that is available to anyone with an internet connection, while an intranet is a private network that is accessible only to a specific group of users within an organization, and an extranet is a private network that is accessible to a specific group of external users such as partners or customers.

92
Q

Q: What is malware and how can it be mitigated?

A

A: Malware is a type of software specifically designed to cause harm to a computer or network. It can be mitigated by using antivirus software, firewalls, intrusion detection systems, regularly updating software and software patches.

93
Q

Q: What is phishing and how can it be mitigated?

A

A: Phishing is a type of social engineering attack in which attackers try to trick users into providing sensitive information. It can be mitigated by educating employees about the dangers of phishing, using anti-phishing software, and regularly monitoring network logs for suspicious activity.

94
Q

Q: What is DDoS attack and how can it be mitigated?

A

A: DDoS attack is a type of attack in which a network or website is flooded with traffic from multiple sources in an attempt to overload it and make it unavailable to legitimate users. It can be mitigated by using DDoS mitigation services, such as a cloud-based DDoS protection service, or by limiting the amount of traffic that can be directed to a website or service.

95
Q

Q: What is Man-in-the-Middle (MitM) attack and how can it be mitigated?

A

A: MitM attack is an attack in which an attacker intercepts and alters communications between two parties without either party knowing. It can be mitigated by using secure protocols such as HTTPS and SSL/TLS and implementing secure network segmentation to limit the scope of an attack.

96
Q

Q: What is the threat of unpatched software and how it can be mitigated?

A

A: Unpatched software can be exploited by attackers to gain unauthorized access to a network or steal data. It can be mitigated by regularly updating software and software patches.

97
Q

Q: What is the threat of password cracking and how it can be mitigated?

A

A: Password cracking is a technique used by attackers to gain unauthorized access to a network by guessing or cracking passwords. It can be mitigated by using complex passwords, using multi-factor authentication, and regularly updating passwords.

98
Q

Q: What is the threat of insider threats and how it can be mitigated?

A

A: Insider threats are a type of threat that come from individuals who have legitimate access to an organization’s network and use this access to steal data or cause damage. It can be mitigated by using monitoring and logging tools to detect suspicious activity, limiting the access of privileged users, having a good employee training program, background checks, and monitoring of their activities.

99
Q

Q: What is a firewall?

A

A: A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules and policies. It acts as a barrier between a trusted internal network and an untrusted external network, such as the Internet.

100
Q

Q: How does a firewall work?

A

A: Firewalls can be configured to permit or block specific types of traffic based on different criteria such as source IP address, destination IP address, port number, and protocol. They can also be configured to perform deep packet inspection, which allows them to examine the contents of packets as they pass through the firewall and to make access decisions based on the contents of the packet.

101
Q

Q: What are the different types of firewalls?

A

A: Firewalls can be classified into two types: network-based firewall and host-based firewall. Network-based firewall is placed at a strategic point within a network to monitor all traffic passing through the network. Host-based firewall is placed on individual hosts and monitors traffic to and from the host.

102
Q

Q: Why are firewalls important?

A

A: Firewalls are a critical component of an organization’s security infrastructure, as they provide an important first line of defense against cyber threats.

103
Q

Q: How do firewalls block unwanted traffic?

A

A: Firewalls can block unwanted traffic by using security rules and policies that specify which types of traffic should be blocked.

104
Q

Q: How can a firewall be configured?

A

A: Firewalls can be configured to permit or block specific types of traffic based on different criteria such as source IP address, destination IP address, port number, and protocol.

105
Q

Q: What is deep packet inspection?

A

A: Deep packet inspection is a technique that allows firewalls to examine the contents of packets as they pass through the firewall and to make access decisions based on the contents of the packet.

106
Q

Q: What are security zones?

A

A: Security zones, also known as security domains or security contexts, are logical or physical boundaries created within a network to separate different types of traffic based on security level or trust level.

107
Q

Q: Why are security zones important?

A

A: Security zones are important as they enable organizations to control and isolate the flow of traffic between different parts of the network and to provide different levels of security for different types of resources or devices.

108
Q

Q: What are examples of typical security zones?

A

A: A typical security zone configuration would include a DMZ (demilitarized zone) for public-facing servers, a LAN (local area network) for internal users, and a secure zone for sensitive resources such as databases or financial systems.

109
Q

Q: How are traffic between security zones controlled?

A

A: Traffic between security zones is typically restricted by firewalls, routers or other networking devices, which are configured to allow or block traffic based on the security level of the zones involved, and according to the security policies of the organization.

110
Q

Q: What are the other uses of security zones?

A

A: Security zones can also be created to isolate different functions within an organization’s network, such as guest access, wireless network, and IoT. This enables organizations to have different policies for different types of traffic and control the access to resources.

111
Q

Q: How does security zone make it difficult for an attacker to move laterally within the network?

A

A: By creating logical or physical boundaries to separate different types of traffic and applying different levels of security, it makes it more difficult for an attacker to move laterally within the network and access sensitive resources or information.

112
Q

Q: Why is remote access necessary?

A

A: Remote access is necessary for a number of reasons, including increased productivity, flexibility, cost-effectiveness, business continuity, collaboration and communication, global reach, access to specialized talent, and compliance with regulations.

113
Q

Q: How does remote access increase productivity?

A

A: Remote access allows employees to work from anywhere, at any time, using their own device, which can increase productivity as employees are not limited by location or time.

114
Q

Q: Why is remote access beneficial for employers?

A

A: Remote access can save organizations money by reducing the need for office space, equipment, and other resources, and can also help in Business continuity.

115
Q

Q: How does remote access enable collaboration and communication?

A

A: Remote access allows employees to communicate and collaborate with colleagues and partners, regardless of their location.

116
Q

Q: What is the benefit of remote access for organizations in terms of global reach?

A

A: Remote access enables organizations to expand their reach and serve customers or clients globally.

117
Q

Q: How does remote access enable organizations to access specialized talent?

A

A: Remote access allows organizations to access specialized talent from anywhere in the world, regardless of location.

118
Q

Q: How does remote access help organizations to meet compliance requirements?

A

A: Remote access helps organizations to meet compliance requirements by allowing employees and partners to access data and systems from anywhere, as per regulations of many industries like healthcare and finance sector.

119
Q

Q: What are remote access solutions?

A

A: Remote access solutions refer to the technologies and tools that enable remote users to securely connect to a network, access resources, and perform work tasks from any location.

120
Q

Q: What is a Virtual Private Network (VPN)?

A

A: A VPN creates a secure, encrypted connection between a remote device and a private network, allowing remote users to access the network as if they were physically present.

121
Q

Q: What is Remote Desktop Protocol (RDP)?

A

A: RDP allows remote users to access and control a desktop or server remotely, as if they were sitting in front of it.

122
Q

Q: What is Remote Desktop Services (RDS)?

A

A: RDS is a Microsoft technology that enables remote users to access Windows applications, desktops, and data from any device.

123
Q

Q: What is Remote Application Server (RAS)?

A

A: RAS allows remote users to access and run applications on a remote server, rather than on their own device.

124
Q

Q: What is Remote File Access?

A

A: Remote File Access allows users to access and transfer files from a remote server or cloud storage, such as FTP, SFTP, and cloud-based file sharing services like Dropbox and Google Drive.

125
Q

Q: What is Remote Management?

A

A: Remote Management solutions allow IT admin to remotely manage the network and devices. Such as Remote Desktop Gateway, Remote Management gateway and Remote Management services.

126
Q

Q: What are cloud-based remote access solutions?

A

A: Cloud-based remote access solutions such as Microsoft Azure RemoteApp, Amazon Workspaces, and Google Cloud Remote Desktop enable remote users to access applications and desktops hosted in the cloud.

127
Q

Q: What is a Virtual Private Network (VPN)?

A

A: A Virtual Private Network (VPN) is a remote access solution that enables users to securely connect to a private network from a remote location. It creates a secure, encrypted “tunnel” between the user’s device and the private network.

128
Q

Q: How does VPN work?

A

A: A VPN creates a secure, encrypted connection between a remote device and a private network, allowing remote users to access the network as if they were physically present. This can be done either by connecting to a VPN server or through a VPN client software installed on the device.

129
Q

Q: What are the main categories of VPNs?

A

A: VPNs can be divided into two main categories: Remote-access VPNs and Site-to-site VPNs.

130
Q

Q: What are the main protocols used by VPNs to establish a secure connection?

A

A: PPTP, L2TP, IPSec, OpenVPN, and SSTP are the main protocols used by VPNs to establish a secure connection and protect data.

131
Q

Q: What are the different ways in which VPNs can be implemented?

A

A: VPNs can be implemented in different ways, such as software-based VPNs, where a VPN client software is installed on the user’s device, and hardware-based VPNs, where a VPN appliance is installed on the network.

132
Q

Q: What are the main use cases of VPNs?

A

A: VPNs can be used for a variety of purposes such as remote access for employees, securely connecting to a public Wi-Fi, and bypassing geo-restrictions.

133
Q

Q: What is a site-to-site VPN?

A

A: A site-to-site VPN is a type of virtual private network (VPN) that connects two or more separate networks together, such as connecting a branch office to the main office’s network.

134
Q

Q: What is the main purpose of a site-to-site VPN?

A

A: The main purpose of a site-to-site VPN is to extend the private network of an organization to remote locations, allowing employees at these locations to access the resources and applications on the main office’s network as if they were locally connected.

135
Q

Q: What are the main types of protocols used in site-to-site VPNs?

A

A: IPSec, PPTP, L2TP, and SSL are the main protocols used in site-to-site VPNs.

136
Q

Q: What are the two main types of site-to-site VPNs?

A

A: The two main types of site-to-site VPNs are intranet-based and extranet-based.

137
Q

Q: What are the main use cases of site-to-site VPNs?

A

A: Site-to-site VPNs are typically used by organizations with multiple branch offices, but they can also be used to connect remote workers or mobile users to the main office’s network. It’s also useful for organizations that have to connect to third-party networks, such as a cloud provider or a customer’s network.

138
Q

Q: How does a site-to-site VPN benefit an organization?

A

A: Site-to-site VPNs provide a secure and reliable way for organizations to connect remote locations to their main office, and enables employees at these locations to access the resources and applications they need to do their job.

139
Q

Q: What is encryption and why is it important for VPN connections?

A

A: Encryption is a method of protecting data as it travels over the public internet. VPN connections use encryption to ensure that data is secure and private as it travels between the user’s device and the private network. It’s important for VPN connections because it prevents unauthorized access to the data.

140
Q

Q: What is authentication and why is it important for VPN connections?

A

A: Authentication is a method of verifying the identity of a user. VPN connections use authentication to ensure that only authorized users can connect to the network. This is important for VPN connections because it prevents unauthorized access to the network.

141
Q

Q: What is Tunneling and why is it important for VPN connections?

A

A: Tunneling is a method of creating a secure “tunnel” between the user’s device and the private network. VPN connections use tunneling to transmit data between the two locations, and it’s important for VPN connections because it provides a secure path for data to travel.

142
Q

Q: What is remote access and why is it important for VPN connections?

A

A: Remote access is the ability for users to securely connect to a private network from a remote location. VPN connections allow remote access, which is important for VPN connections because it enables employees to access the resources and applications they need to do their job from anywhere.

143
Q

Q: What is split-tunneling and why is it useful for VPN connections?

A

A: Split-tunneling is a feature that allows specific apps or websites to bypass the VPN connection. It’s useful for VPN connections because it can reduce the load on the VPN connection and improve performance.

144
Q

Q: What is NAT and why is it important for VPN connections?

A

A: Network Address Translation (NAT) is a method of allowing multiple devices on the same network to share a single IP address. NAT is important for VPN connections because it can help to conserve IP addresses and improve security.

145
Q

Q: What is firewall and why is it important for VPN connections?

A

A: Firewall is a method of protecting the private network from unauthorized access and malicious attacks. VPN connections can use firewalls to protect the private network, which is important for VPN connections because it helps to ensure the security of the network.

146
Q

Q: What is Quality of Service (QoS) and why is it important for VPN connections?

A

A: Quality of Service (QoS) is a method of prioritizing different types of network traffic and ensuring that critical applications get the bandwidth they need. QoS is important for VPN connections because it can help to improve the performance of critical applications and ensure that the network is running efficiently.

147
Q

Q: What is IPSec and what are its main features?

A

A: IPSec (Internet Protocol Security) is a set of protocols that provide security for internet protocol (IP) communications. It can be used to establish a secure site-to-site VPN connection. It can encrypt data, authenticate users and it can be used in two different modes: Transport mode, which encrypts only the data portion of the IP packet, and Tunnel mode, which encrypts the entire IP packet.

148
Q

Q: What is PPTP and what are its main features?

A

A: PPTP (Point-to-Point Tunneling Protocol) is a VPN protocol that uses a Point-to-Point Tunneling Protocol (PPTP) to create a secure connection between two networks. It’s considered less secure than IPSec and it’s mostly used for legacy systems.

149
Q

Q: What is L2TP and what are its main features?

A

A: L2TP (Layer 2 Tunneling Protocol) is a VPN protocol that combines the security of PPTP with the functionality of L2F (Layer 2 Forwarding Protocol). It’s considered more secure than PPTP but less secure than IPSec. It’s mostly used in conjunction with IPSec to provide an extra layer of security.

150
Q

Q: What is SSL and what are its main features?

A

A: SSL (Secure Sockets Layer) is a protocol that is primarily used to establish secure connections between web browsers and web servers. It’s not typically used to establish VPN connections but it’s mostly used to secure web-based applications and data. SSL was succeeded by TLS (Transport Layer Security) but the name SSL is still widely used in the industry.

151
Q

Q: What are the main differences between IPSec, PPTP, L2TP, and SSL?

A

A: IPSec is considered the most secure and widely used protocol for VPN connections, PPTP is considered less secure and mostly used for legacy systems, L2TP is considered more secure than PPTP but less secure than IPSec and it’s mostly used in conjunction with IPSec to provide an extra layer of security, SSL primarily used to establish secure connections between web browsers and web servers.

152
Q

Q: What is a VPN tunnel?

A

A: A VPN tunnel is a secure connection that is established between two or more devices over a public network, such as the internet. The data transmitted between the devices is encrypted, and the tunnel provides a secure path for the data to travel.

153
Q

Q: What are the main types of VPN tunnel connections?

A

A: The main types of VPN tunnel connections are site-to-site, remote access, extranet and intranet.

154
Q

Q: How does a VPN tunnel provide security?

A

A: A VPN tunnel encrypts data as it travels over the public internet, making it difficult for unauthorized users to intercept and read the data.

155
Q

Q: What are the benefits of using a VPN tunnel?

A

A: The benefits of using a VPN tunnel include security, remote access, and cost savings.

156
Q

Q: What are the differences between a site-to-site VPN, remote access VPN, extranet VPN, and intranet VPN?

A

A: Site-to-site VPN connects two or more private networks together, allowing the devices on the networks to communicate with each other as if they were on the same network. Remote access VPN allows users to securely connect to a private network from a remote location, such as a home office or a public wifi. Extranet VPN allows a business to securely connect with its partners and customers and intranet VPN allows employees to securely access resources on the company’s internal network from remote locations.

157
Q

Q: What are the common VPN protocols used to establish a VPN tunnel?

A

A: IPSec, PPTP, L2TP, and SSL are common VPN protocols used to establish a VPN tunnel.

158
Q

Q: What is VPN authentication?

A

A: VPN authentication is the process of verifying the identity of a user or device that is attempting to establish a VPN connection.

159
Q

Q: What are the different types of VPN authentication methods?

A

A: The different types of VPN authentication methods include password-based authentication, two-factor authentication, certificate-based authentication, biometric authentication, one-time passwords, and RADIUS or TACACS+.

160
Q

Q: How does VPN authentication help to secure a VPN connection?

A

A: VPN authentication helps to ensure that only authorized users and devices are able to access the private network.

161
Q

Q: What is the difference between password-based authentication and two-factor authentication?

A

A: Password-based authentication involves verifying the identity of a user by requiring them to enter a username and password, while two-factor authentication involves requiring a user to provide two forms of identification, such as a password and a security token, to confirm their identity.

162
Q

Q: What is the purpose of certificate-based authentication?

A

A: Certificate-based authentication involves using digital certificates to verify the identity of a user or device. It helps ensure that only authorized users and devices are able to access the VPN.

163
Q

Q: What is the difference between RADIUS and TACACS+?

A

A: RADIUS and TACACS+ are centralized authentication servers that can be used to authenticate users and devices that are attempting to establish a VPN connection. The main difference is that TACACS+ is an older protocol and it encrypts the entire packet, while RADIUS encrypts only the password and it’s more widely used.

164
Q

Q: What is the benefit of using multiple VPN authentication methods?

A

A: Using multiple VPN authentication methods can provide an additional layer of security, making it more difficult for an unauthorized user to gain access to the VPN.