Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network and Security Foundations > Network and Security > Flashcards

Network and Security Flashcards

1
Q

Wireless Access Point

A

-Extends a wired network to wireless connections
-Involves the IEEE 802.11 group of standards that defines wireless LAN’s {WLAN’s}
-Central connecting point for computers equipped with wireless network adapters
-Identifies each computer by its MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network Interface Layer

A

This layer establishes how data should be physically sent through the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Session Layer (Layer 5)

A

This layer is responsible for connection establishment, session maintenance, and authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Presentation Layer (Layer 6)

A

This layer is responsible for translating data from the application layer into the format required to transmit the data over the network as well as encrypting the data for security if encryption is used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Hub (Physical Layer)

A

-The simplest device used on an Ethernet network for connecting devices to each other.
-Split the bandwidth of a connection among all the computers connected to it
-Does not perform any packet filtering or addressing functions but instead broadcasts data to all computers connected to it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Switch (Data and Network Layer)

A

-Provides connectivity to devices in a local network
-Creates a dedicated full-speed connection between two computers that are communicating with each other
-Makes use of the MAC address to deliver the message to the right destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Router (Network Layer)

A

-Interconnect two or more networks
-Operates at the border of your network
-Stores information about the systems that are connected to it and where to send requests when the destination is unknown
-Works at the network layer of the OSI model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Patch panel

A

-A box designed as a junction point for twisted pair (TP) cable and fiber cable sed in networks
-First step in organizing your cables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Firewall

A

-A security hardware appliance or software application that protects a computer or network from unwanted intrusion
-Blocks unwanted connections from untrusted networks and can block basic network attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Modem (Physical and Data Link Layer)

A

-Connects a LAN to an internet service provider
-Converts digital signals into analog signals and vice versa.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

TCP/IP

A

Transmission Control Protocol/Internet Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Application Layer

A

This layer is responsible for the communication protocols between nodes. The protocols in this layer include hypertext transfer protocol (HTTP and HTTPS), Secure Shell (SSH), and Network Time Protocol (NTP), among many others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Transport Layer

A

This layer is responsible for the end-to-end transport of data. The protocols that live in this layer are transmission control protocol (TCP) and user datagram protocol (UDP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Network Layer

A

This layer defines the logical transmission protocols for the whole network. The main protocols that live in this layer are internet protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolution Protocol (ARP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

OSI Model

A

Open Systems Interconnection Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Physical Layer (Layer 1)

A

This layer is responsible for the physical connections of the devices in the network. This layer is implemented through the use of devices such as hubs, repeaters, modem devices, and physical cabling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Data Link Layer (Layer 2)

A

This layer is responsible for the error-free delivery of data to the receiving device or node. This layer is implemented through the use of devices such as switches and bridge devices, as well as anything with a network interface, like wireless or wired network cards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Network Layer (Layer 3)

A

This layer is responsible for the transmission of data between hosts in different networks as well as routing of data packets. This layer is implemented through the use of devices such as routers and some switches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Transport Layer (Layer 4)

A

In this layer protocols ensure that data is transferred from point A to point B reliably and without errors. This layer services include flow control, acknowledgment, error correction, segmentation, reassembly, and sequencing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Application Layer (Layer 7)

A

This layer is responsible for network applications (like HTTP or FTP) and their production of data to be transferred over the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Network Interface Card (NIC) {Physical Layer}

A

-The interface on a computer or other device that connects to the LAN
-Designed to take the communication off the physical cable or wireless signal and present it to the computer for processing
-Each NIC has a unique physical address known as a MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Bridge (Data Link Layer)

A

-Connects two or more networks
-Forwards data to next network
-Not widely used in modern networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Repeater (Physical Layer)

A

Amplifies that signal it receives so that it can travel a longer distance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Unshielded Twisted Pair (UTP)

A

These cables are created when pairs of wires are tested around each other to protect and cancel out interference from each other and outside sources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Fiber-Optic Cable

A

Cables that use light guided through thin glass tubes instead of electrical signals to transmit data. It is very fast, but also expensive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Single-mode Fiber

A

Has several thin glass strands (in rare cases, plastic) covered protective insulation. Single-mode cables have thin 10-micron strands and support a narrow range of wavelengths and higher bandwidth, making them ideal for submarine cabling across continents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Multi-mode Fiber

A

Much cheaper than single mode across shorter distances. The fiber in these cables is thicker, from 50to 100 microns, Because of their thickness, they can run a wider frequency of light over shorter distances, from a couple of thousand meters to a couples of miles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Coaxial Cable

A

A single copper wire surrounded by layers of plastic insulation and sheathing is used mainly in cable internet service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Ping Command

A

-Tools for testing connectivity to other hosts
-Sends internet control message protocol (ICMP) to a host and listens for the reply
-Replies displays tie it took and time to live (TTL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Traceroute/Tracert Command

A

-Trace the route an IP packet takes to its destination
-Displays each hop (next route) with its IP address and the time it takes to receive the packet
-Traceroute is Linux command (can only be used by super user)
-Traceroute is windows command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Tracepath command

A

-Similar to traceroute/tracert
-Display the path taken by packet to its destination
-Used in Linux (any user can use)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

IpConfig

A

-Provides the user with the IP, subnet mask, and default gateway for each network adapter
-With/all can display MAC address, DHCP status and lease information
-Used in windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

-IfConfig

A

-Similar to IpConfig
-Used to configure the network interface
-Used in Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

ARP

A

-Address Resolution Protocol
-Displays the MAC address mapping for the hosts that have been discovered in the ARP cache

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Netstat

A

-Displays information about active ports and their state
-Useful for troubleshooting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

nslookup

A

-Displays information for display DNS information
-used for troubleshooting DNS problems
-Displays names to ip address mappings
-Primarily used in windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Dig

A

-Used to query the DNS name servers
-Helpful in troubleshooting DNS problems
-Replaced nslookup in Linux OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Who is

A

-Used to lookup who owns a domain or block of IP address
-Included: name, email address and physical address
-Can purchase privacy to hide this information
-Primarily used on Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Route

A

-Used to display the current route tables on a hot
-Can be used to add or remove routes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

SCP

A

-Secure Copy Protection
-Used to copy files between servers
-Uses SSH for authentication and encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

FTP

A

-File Transfer Protocol
-Copies files from one host to another host
-Data is unencrypted; for encryption, use FTPS, which utilizes SSL/TLS)
-Uses TCP for reliability
-Used often on WAN’s and the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

TFTP (Trivial File Transfer Protocol)

A

-Transfers a file from a client to a server or from server to a client
-Uses UDP
-Used on reliable (Local) network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Finger

A

-Displays information about a user or users on a remote system
-Includes last log-in and username
-Primarily used in Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Nmap (Network Mapper)

A

-Scans networks for hosts and open ports
-Used to determine what is deployed on a network
-Not native to either Linux or Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

TCP Dump

A

-Displays TCP/IP packets and other network packets that are being transmitted over the network
-Used a packet sniffer
-Displays in readable format for troubleshooting
-Not native to either Linux or Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Telnet/SSH

A

-Both used to manage accounts and devices remotely
-SSH is encrypted
-Telnet is unencrypted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Personal Area Network (PAN)

A

-A network that is created to center around a person and their devices
-Communication over connections such as bluetooth or USB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Local Area Network (LAN)

A

-Consists of computers connected within a limited area, such as a house, lab, or office building
-LAN’s use Ethernet, Wi-Fi, or a combination of both.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Wireless Local Area Network (WLAN)

A

-A LAN with all devices connected wirelessly
-Users ad devices can be placed anywhere and moved anywhere in the coverage area
-Easy and inexpensive to install

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Campus Area Network (CAN)

A

-Provides networking of multiple LAN’s across a limited area
-Each single building would typically have its own LAN
-Typically, connects LANs owned by a single company university, government, agency, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Metropolitan Area Network (MAN)

A

-Provides networking across a larger area, such as a whole city
-Made up as many organizations within a city

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Wide Area Network (WAN)

A

-Covers a large geographical area within its network
-WAN networks can span cities, countries, or the entire globe
-The internet is an example of WAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Storage Area Network (SAN)

A

-A network that allows access to storage devices instead of general network purposes
-SANs are dedicated to storage devices and the servers that need access to them
-Allows servers to access tape libraries and disk array like they are locally attacked devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Bus Topology

A

-All the devices are connected to a shared single cable
-Bus topologies are uncommon today
-Computers in a bus topology physically tap into the network cable using special adapters
-The ends of the cables have terminators
-In a bus topology only one computer can communicate at a time
-All traffic transmitted is received by everyone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Ring Topology

A

-The computers are connected to form a closed loop
-The computers are connected in a single line
-Each computer on the ring has an input port and an output port
-More reliable than a bus topology but communication still falls if the ring is broken
-A dual-ring topology provides high availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Star Topology

A

-Also known as a hub-and-spoke network
-Composed of a central network device, such as a switch or hub
-Each device is individually connected to the central network device
-Star topologies are the most common type found in LANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Mesh Topology

A

-Full mesh: Every mode of connection to all other nodes
-Partial mesh: Each node connects to a few other nodes
-Typically used for requirements of high availability and redundancy
-The most expensive and most complex topology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Tree Topology

A

-Acts as both a star and bus topology
-The network is divided into multiple levels or layers
-The top device is known as a root node
-A parent-child hierarchy between nodes

59
Q

Hybrid Topology

A

-A combination of different topologies
-Inherits the advantages and disadvantages of each combined topology
-Offers the benefits of flexibility
-Very effective and sealable but can be costly

60
Q

Centralization

A

Users logged on to machines called dumb terminals to perform their task. They were so named because the terminal had no intelligence or sophistication.

61
Q

Decentralization

A

An approach that puts the computer power in the user’s devices rather than a data center

62
Q

Client/Server model

A

This approach offloads some of the computing requirements from the data center’s servers, but more importantly, the client-server model allows application designers to implement advanced user interfaces that would not otherwise be possible in a web-based or terminal-based application.

63
Q

Peer-to-Peer Model

A

In this network, client computers act as both servers and workstations because they share files and printers while allowing a user to log on and use the client computer for normal tasks.

64
Q

Virtualization

A

-Creates multiple “virtual” machines on a single computing device
-Virtual devices operate similarly to their physical counterparts
-Benefits: Deploy new virtual device quickly, it is easier to move virtual devices within data center or between data centers, and can increase or decrease resources allocated based on its utilization rising and falling

65
Q

Hypervisor

A

Software that creates and manages virtual machines on a server or on a local computer.
Also called a virtual machine manager (VMM)

66
Q

Type 1 Hypervisor

A

-Also referred to as a bare-metal hypervisor, bare-metal systems are ones that do not have an operating system already installed
-Accessing details and managing your virtual machines is done through a remote system
-Examples: VMware exsi, Microsoft hyper-v

67
Q

Type 2 hypervisor

A

-Sometimes referred to as a hosted hypervisor
-Installed as an application on a personal computer and laptop
-Virtual machine shares the hardware resources with the hosted system
-Examples: VMware Workstation, Virtual box

68
Q

Cloud Computing

A

Consider the meaning and business implications of some of the more well-known and accepted characteristics of cloud-computing: on-demand, self-service, resource pooling, elastic, accessible, and measurable.

69
Q

IaaS (Infrastructure as a Service)

A

Infrastructure refers to the physical layers (servers), storage, and networking that are required to exist before you can create any virtual servers or install any application

70
Q

PaaS (Platform as a Service)

A

The cloud provider is responsible for the virtual servers and, in some cases, the services that run on top of them, such as database engines, and provides you with a platform on which you can run your code or store your data.

71
Q

SaaS (Software as a Service)

A

Allows consumers to store and potentially publish information without the need to manage the underlying application or infrastructure.

72
Q

Private Cloud

A

A cloud that is owned and operated by an organization for its own benefit

73
Q

Public Cloud

A

There are many public cloud providers, but some providers, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), are more well-known because of their marketing and experience in the industry

74
Q

Community Cloud

A

These clouds are data centers that are jointly owned and operated by the tenants

75
Q

Hybrid Cloud

A

For hybrid cloud computing, the customer will require a dedicated connection between their on-premises data center and the public cloud provider. This connection may be a virtual private network (VPN) established over the internet or a dedicated wide area network (WAN) connection maintained by a telecommunications provider.

76
Q

Multi-Cloud

A

A cloud deployment model where the cloud consumer uses multiple public cloud services.

77
Q

Weak Password

A

A password that is short in length (less than 15 characters), uses a common word (princess), a predictable sequence of characters (abc123), or personal information (Braden).

78
Q

Default password

A

Passwords on system administration, user, or service accounts predefined in a system, application, or device; usually associated with the default account. Default accounts and passwords are published, well known, and therefore easily guessed.

79
Q

Misconfigured Firewall

A

Can allow traffic that should be blocked and reduce the overall security of the network. It is a good policy to regularly review your firewall configuration identify what each rule does, remove only rules that are no longer needed, and regularly change the password.

80
Q

Personal Devices Within the Network

A

Many businesses are adopting a mobile computing strategy that often includes a concept known as bring your own device, (BYOD), which encourages users to bring their personal computers, tablets, or phones to work to use on the network

81
Q

Advanced Persistent Threat(APT)

A

A network attack in which an intruder gains access to a network and stays there undetected with the intention of stealing data over a long period of time.

82
Q

Zero Day

A

The term zero-day alludes to the fact that the exploit or vulnerability is not yet known by the public, meaning there is no patch available to mitigate this vulnerability.

83
Q

Red Team

A

The red team attempts to compromise the securityB

84
Q

Blue team

A

The blue team defends

85
Q

White team

A

Observes the festivities and may even serve as referee

86
Q

Vulnerability tester

A

Responsible for scanning servers and network devices for known vulnerabilities

87
Q

Purple team

A

A mode of penetration testing where red and blue teams share information and collaborate throughout the engagement

88
Q

White hat hackers

A

Non-malicious hackers who attempt to break into a company’s systems at their request

89
Q

Black hat hackers

A

May or may or be IT professionals but possess the knowledge and will to breach system for profit.

90
Q

Gray hat hackers

A

A cross between black and white. They will often illegally break into systems merely to flaunt their expertise to the administrator of the system they penetrated or to attempt to sell their services in repairing security breaches.

91
Q

Insider threats

A

Some of the most potent threats come from people within your organization. Because they have legitimate access to systems, they are in a position to hack from inside of the network, often undetected.

92
Q

Industrial espionage

A

The process of gathering corporate information illegally or unethically.

93
Q

Nation states

A

Have substantially larger budgets to hire hackers then the average criminal enterprise.

94
Q

Script kiddie

A

An attacker with little expertise or sophistication. Script kiddies use existing scripts to launch attacks.

95
Q

Wire tapping

A

The process of clipping the taps to the telephone wire became known colloquially as “wiretapping.” Today, it refers to any process that allows an attacker to electronically eavesdrop on a conversation, whether between two humans or two computers.

96
Q

Port Scanning

A

An application called a “port scanner” can systematically check each of these ports by sending thousands of TCP/IP packets to the victim’s computer, each packet on a different TCP port. The victim’s computer will discard requests made to a port that is not assigned to a running application or service.

97
Q

SQL injection

A

A particularly well-known attack that allows an attacker to take control of a database server by inserting special commands into input boxes instead of entering basic text.

98
Q

Buffer overflow

A

The attacker purposefully entered test that was too large to fit within a region of memory called a “Buffer”

99
Q

Spoofing

A

To gain access to the information, the hacker needs to get into the middle of the conversation; however, to do so, the attacker must impersonate the sender and receiver of the traffic.

100
Q

Man-in-the-middle

A

An attacker wants to intercept the communication between a client computer and the server. The attacker will likely use two network interfaces, one that is spoofed to look like the server and another to look like the client.

101
Q

ARP poisoning

A

Is a methos attackers use to cause an Ethernet switch to flood all traffic to every port on the switch, including the attacker computer.

102
Q

Denial of Service (DoS)

A

They deny someone the access to a serv ice, usually by overwhelming the victim with enormous amounts of useless traffic

103
Q

Ping of death

A

A trick whereby the attacker would send the victim a malformed ICMP packet that would cause the victim’s computer to crash or stop functioning on the network.

104
Q

Ping flood

A

Overwhelms a victim’s computer with an immense volume of ICMP echo-request packets, all containing a forged, randomized source address.

105
Q

Smurf attack

A

A distributed denial-of-service attack, which means that instead of one computer spending forged packets on a victim, in the Smurf attack, potentially thousands of computers will bombard the victim

106
Q

SSL attack

A

Causes the victim’s computer to consume excessive CPU time as it constantly set up and tears down thousands of SSL encryption sessions over and over

107
Q

Social Engineering

A

The art of manipulating human trust to gain access to information

108
Q

Phishing

A

An attacker that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

109
Q

Honey pot

A

Is a server or device that is configured to look very authentic, potentially containing data that appears to be legitimate user data or configuration files that seem authentic

110
Q

Confidentiality

A

This principle helps limit access to information, which by definition can contradict some of the recommendations found in the availability principle. The goal of copying or transmitting the information.

111
Q

Integrity

A

Helps identify the trustworthiness of the information. it is possible to identify where the information came from and if the data has changed since it was originally sent.

112
Q

Availability

A

Goal is to ensure the data is always accessible by its authorized user.

113
Q

Firewalls

A

Is a barrier that intercepts and inspects traffic moving from one area of the network to another.

114
Q

Packet Filter Firewall (Layer 3 and 4)

A

Inspects incoming and outgoing traffic and compare the following attributes to a database of packet filter rules that determine if the firewall will forward or drop the traffic.

115
Q

Circuit-level gateway

A

Is a device that operates as a middleman between two or more systems to help conceal the true identity of the client and serve

116
Q

Stateful Inspection (layer 3, 4, and 5)

A

To reduce the number of firewall rules needed to support TCP communication, firewall vendor implemented a feature known as stateful inspection.

117
Q

Application Level

A

To combat this potential weakness in security, network administrators began using proxy servers that could act as a middleman, reading and parsing the traffic payload and then forwarding it on to the intended destination if the payload was safe

118
Q

Intrusion Prevention System (IPS)

A

Intercepts potentially hostile activity prior to its being processed

119
Q

Intrusion Detection System (IDS)

A

Monitor the network to detect threats

120
Q

MFA (Multifactor Authentication

A

An authentication scheme that requires the user to present at least two different factors as credentials, from something you know, something you are, something you do, and somewhere you are. Specifying two factors is known as 2FA.

121
Q

Accounting

A

Includes verifying the correct access control settings on data files, providing a forensic trail after a security breach to determine how the attacker got in (to harden defenses for the future) and what they accessed (for damage control and potential changes to permissions in the future)

122
Q

Authorization

A

This system steps in to determine what the user may access. For example, can the user access resource in a particular subnet? Does the user have access to a particular server or file? If data access is in question, can the user write to or delete the data or is the access read-only? The list of questions (and potential restrictions) goes on almost endlessly.

123
Q

Authentication

A

Is the process of confirming a person’s identity. A system can confirm your identity via usernames and passwords or with certificates, as is the case with public key infrastructure (PKI)

124
Q

Fake Access

A

In this attack type, an attacker sets up an illegitimate wireless network using their own WAP and may even share their own cellular data to create an internet hotspot. The attacker usually opens this network without any security or authentication so as to entice people in a hurry to connect to the attacker’s rogue WAP.

125
Q

Deauth Attack

A

Is a denial-of-service (DoS) attack where the attacker can force any client (or even every client) off of the network. Worse yet, the attacker does not even need to be on the network they are attacking. That is right, the attacker can kick anyone off the network without even joining that wireless network. But what is the point? Users can simply reconnect.

126
Q

Infrastructure

A

In almost all cases, a WAP or wireless router is used to connect wireless devices to the network. The WAP acts like an Ethernet switch in wired networking and often has a physical cable that connects it to the rest of the network. A wireless router is a WAP, and a router combined into a single device and is most often used in home and small business environments to connect to the internet while also providing wireless connectivity for nearby devices.

127
Q

Ad-hoc

A

All wireless communication is performed in a peer-to-peer fashion and does not require or involve a WAP. Are rarely used in homes or offices, but they can be helpful in setting up a new device, such as a printer by connecting them directly, much as one would do with a physical cable. Are occasionally used to transfer files between devices, such as between a camera and a laptop.

128
Q

Layer 1 - Physical

A

All physical vulnerabilities and threats are layer 1 risks. For instance, check the security of the locks on the doors to the data center, equipment racks, and wiring closets throughout your building.

129
Q

Layer 2 - Data Link

A

Wired networks are just as susceptible to attack at layer 2. Consider the Ethernet-based attack known as ARP poisoning, which allows an attacker to eavesdrop on all network traffic sent through an Ethernet switch. The attacker sends special Ethernet frames on the network to quickly poison or overwhelm the switch’s internal traffic, and so it begins flooding all its ports with every frame it receives.

130
Q

Layer 3 - Network

A

IT allows computers on different networks to exchange data. This is where you will find the IP and ICMP protocols, which belong to the TCP/IP protocol suite.

131
Q

Layer 4 - Transport

A

When a service is run on a computer, that service will open specific ports at the transport layer to allow the service to receive incoming connections from other computers. For example, the DNS service opens TCP port 53 to allow computers to perform name-to-address resolution. An attacker wishing to know which services are running on a victim’s computer could run a tool called a port scanner that, as the name implies, allows the attacker to scan the victim’s computer for open ports that they could layer attack. A packet-filtering firewall is an appropriate defense against port scanners.

132
Q

Layer 5 - Session

A

This would be similar to you keeping track of different conversations that you are having with the same person. You might talk about one topic for a while, then switch topics back and forth as you chat. In networking, remote procedure call (RPC) is an example protocol at Layer 5 and is used by computers to execute functions and procedures on other computers, such as a central server launching a program or print job. RPC has often been the target of many attacks over the years, but with regular operating system and application patching, you can mitigate most of these attacks.

133
Q

Layer 6 - Presentation

A

Both SSL and TLS have been subject to a number of attacks that target weaknesses in the protocol itself. The goal of many of these attacks is to create a man-in-the-middle attack where the attacker inserts themselves between the victim and an encrypted target, such as the website of a bank. The attacker then impersonates the bank’s web security by exploiting a vulnerability in the encryption or by fooling the victim into accepting a false security certificate. The attacker completes the attack by encrypting the traffic between themselves and the target (the bank in this case). The attack is named after the fact that the attacker becomes the man-in-the-middle of the conversation, able to see everything the victim does without encryption. Many of these attacks can be mitigated using an application-layer proxy or an IPS, through training the users about fake security certificates are equally important.

134
Q

Layer 7 - Application

A

Defines how users connect with the application services through protocols such as HTTP. IT is the final layer of the OSI model, and like the first layer, it is host to as many different attacks as there are applications. An example of this layer is an application programming interface (API) endpoint for web services and websites, both of which leverage the HTTP and HTTPS protocols. Prime targets are web servers, especially web servers that host APIs.

135
Q

Symmetric Key Encryption

A

Also known as the private key encryption, uses the same key to encrypt the data as it does to decrypt the data, meaning that when used for data transmissions symmetric key encryption requires that both the sender and the receiver possess the same cipher key.

136
Q

Asymmetric Key encryption

A

Rely on two different keys to encrypt and decrypt the traffic. This is particularly useful on the internet where the encryption of the data being sent to and from e-commerce and banking websites is needed. The customers have no reliable and secure means to exchange a secret key prior to the data transfer, so public key infrastructure (PKI) is relied upon.

137
Q

SSL/TLS Encryption

A

Creates a secure channel over the Internet between a client computer and a server by exchanging a public key in the form of a certificate

138
Q

IPSec Encryption

A

Provides an authentication and encryption solution that secures IP network traffic at Layer 3 of the OSI model

139
Q

Data Security

A

Data classification, access control, data protection, and encryption all play a role in protecting data and collectively affect an organization’s decision to adopt a particular cloud deployment model.

140
Q

Data classification

A

System of organizing data according to its sensitivity. Common classification include public, highly confidential, and top secret.

141
Q

Private cloud

A

Are scalable, single-tenant clusters of computing, storage, and networking resources owned and maintained by a single company, typically (but not always) located within a data center belonging to that company. The owner of the equipment typically holds the final responsibility for all the hardware and most, if not all, of the physical data center security concerns.

142
Q

Public cloud

A

Are hosted by companies, such as Amazon Web Services (AWS), Microsoft Azure, and Google cloud Platform (GCP), and tend to offer highly scalable, multi-tenant solutions in data centers placed around the world. Public cloud providers generally are responsible for the physical data center security and most of the physical hardware security concerns.

143
Q

Hybrid cloud

A

Is the combination of services running in both public and private clouds. The security concerns typically fall along the lines of the owners of the equipment, much like in private and public clouds, with the addition of the data link between the public and private cloud networks, which may be maintained and secured by a third party.

Network and Security Foundations (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions