Network Flashcards
Used to explain network communications between a host and remote device over LAN or WAN
OSI Model
Layer of OSI Model represent the actual network cables and radio waves used to carry date over network
Physical Layer
A data carried over a network to Physical layer
Bits
Describes how a connection is established, maintained and transferred over the physical layer and uses physical addressing
MAC Addresses
Data Link Layer
Its a group of bits in the data link layer
Frames
Uses logical address to route or switch information and between host, the network and the internetworks
Network Layer
At network layer the frames are taken and group. An example of this are the IP addresses.
Packets
Manages and ensures transmission of the packets occurs from a host to a designation using either TCP or UDP
Transport layer
Manages the establishment, termination and synchronization of a session over the network
Session Layer
Translate the information into a format that the sender and receiver both understand
Presentaion Layer
Layer from which the message is created, formed and originated. It consist of high level protocols like HTTP, SMTP and FTP
Application Layer
It is the combine evolution of hubs and bridges. It improves the data transfer and security through the intelligent use of MAC Addresses being able to figure out where a device is and only sending information out that particular port of the switch and ignoring the rest.
Switch
Attempt to overwhelmed the limited switch memory set aside to store the MAC address for each port and this is known as the content addressable memory or CAM table
MAC Flooding
Occurs when an attacker masks their own MAC address to pretend they have the MAC address of another device
MAC Spoofing
It is a man in the middle (MitM) attack that allows the attacker to intercept the communication between network devices. The forge the responses advertise that the correct MAC address for both IP addressess, belongin to the router and workstation, is the attacker’s MAC address ( MAC Spoofing). Mac spoofing is often combine with this attack.
ARP Spoofing/ ARP Poinsoning
Occurs when an attacker attempts to gain physical access.
Physical tampering
It operates at layer lll
Used to connect two or more networks to form an internetwork
It rely on a packets IP Addresses to determine the proper destination
Once on the network, it conducts an ARP request to find final destination
Routers
It can be configure on router’s interface to control the flow of traffic into or put of a
Certain part of the network.
It is an ordered set of rules that a router uses to decide where to permit or deny traffic based upon given characteristics like its source or destination IP address the ports associated with it and the application.
Access Control List
It is used to trick a router’s ACL
IP Spoofing
Focuses on providing controlled access to publicly available servers that are hosted within your organization network
De-Militarized Zone DMZ
Can be created to provide addtional protection for some servers
Sub zones
Specialized type of DMZ that is created for your partner organization to access overa wide area network
Extranet
Used when only one company is involved
Intranet
Any host that accepts inbound connections from the internet
Internet-facing host
A segment isolated from the rest of a private network by one or more firewalls that accepts connections from the internet over designated ports
Demilitarized Zone DMZ
Host or services in the DMZ which are not configured with any services that run on the local network
Bastion Host
Used to configure device in the DMZ. A hardened server that provides access to other host within the DMZ. Administrator connects to it and it connects to the hose in the DMZ
Jumpbox
Security technique in which a devices are scanned to determine its current state prior to being allowed access onto given network
Network Access Control
A NAC solution piece of software that is installed on the device requesting access to the network
Persistent Agents
A NAC solution that uses a piece of software that scans the device remotely or is installed and subsequently removed after the scan
Non-Persistent Agents
Standard Access control mechanism used in port-based NAC
IEEE 802.1x
This adds a layer of separation to networks without requiring to purchase additional switches that have to be configured and installed on the network. It is implemented to segment the network, reduce collisions, organize the network,boost performance and increase security
Vlans Virtual Local Area Network
Attacker configures their device to pretend it is a switch and uses it to negotiate a trunk link to break out of a VLAN
Switch spoofing
Attacker adds an additional VLAN tag to create an outer and inner tag
Double Tagging
Acts of creating subnetworks logically through the manipulation of IP addresses. It compartmentalized networks to more efficiently use the IP address space that is given.
Subnetting
Process of changing an IP address while it. Transits acrooss a router. It helps hide network IP from attackers.
Network Address Translation
Router Keeps track of request from internal host by assigning them random high number ports for each request.
Port Address Translation
Term used to describe drvices that provide voice communication to users
Telephony
A device that could modulate digital information into an analog signal for transmission over a standard dial-up phone line.
Modem
An attacker starts dialing random phone numbers to see if any modem would answer on the other side
War dialing
Internal phone system used in large organization
Public Branch Exchange PBX
Digital phone service provided by software or hardware devices over a data network
(Voice Over Internet Protocol) VoIP
