Network Architecture Flashcards
What is the mnemonic for the OSI model
All Presidents Since Truman Never Did Pot A ppplication P presentation S session T transport N network D data Link P physical
What layer(s) do we use data streams
Application, presentation, and session
What do we call data packages in the transport layer?
TCP - Segment
UDP - Datagram
What technology is found in the physical layer?
NICs, hubs, repeaters, concentrators
What is the function of layer 1
Physical - Convert frame data into bits and transmit the bits across the physical medium
What is the function of layer 2
Data Link - converts packets into frames. Some examples include: Ethernet, Token Ring, FDDI.
What does the ARP do?
Performs IP to MAC lookups
What does the RARP do?
Reverse ARP…. MAC to IP lookup.
What is the function of Layer 3
Network - Adds routing/ addressing information. Technology includes: Router, NAT, and Internet Protocol (IP), IPSEC.
What does a Brouter do and where does it operate?
Bridge router that attempts to route first and then bridge. Operates at level 3
What happens in Layer 4?
Transport - Session management. TCP & UDP happens here.
What is the TCP Handshake?
Syn
Syn/ Ack
Ack
What happens in Layer 5
Session - Establishes, maintains, and terminates sessions. Sessions are simplex, duplex, etc
What technology is found in the Session Layer
NFS, SQL, RPC
What is the difference between full and half duplex?
Full is two way communication that can occur at the same time.
What happens at Layer 6
Presentation - Transforms the application data into a common OSI format (ASCII, JPEG, MPEG)
What happens in Layer 7
Application - HTTP, FTP, EDI, etc
What layers exist in the TCP/IP model?
4 layers - Application, Transport, Internet, and Link
ATIL
What are the intersection points between OSI & TCP/IP?
TCP/IP Application layer combines OSI layers 5,6,&7 into 1 Application layer.
TCP/IP Link layer combines OSI layers 1&2 into 1 Link layer.
What is the function of a port?
Used in TCP to establish a connection between two systems.
How many ports exist in TCP?
65,536
What are service ports?
First 1024 ports in TCP used for well known applications (HTTP, FTP, Telnet, etc)
What are registered ports?
Registered by companies for products. Spans ports 1024-49151.
What are dynamic ports?
Open use from 49152 - 65535
How is a TCP session terminated?
2 Methods
FIN - Finish followed by Ack. Syncs up traffic
RST - Reset… hard stop.
What is the transmission window?
Number of packets sent before an ACK is sent.
What are the key TCP headers?
Unskilled Attackers Pester Real Security Folk U - Urg, Urgent A - Ack, Acknowledgement P - PSH, Push R - RST, Reset S - Syn, Synchronization F - FIN, Finish
Class A subnet mask?
255.0.0.0 or /8
Class B subnet mask?
255.255.0.0 or /16
Class C subnet mask
255.255.255.0 or /24
What is the function of ICMP?
Health check protocol. Technology used: PING, Traceroute, and pathping.
What is IGMP
Internet Group Management Protocol - Supports multi-cast.
What port does telnet use?
TCP - 23
What port does FTP use?
TCP - 20 & 21
What port does TFTP use?
UDP - 69
What port does SMTP use?
TCP - 25
What port does POP3 Use?
TCP - 110
What port does IMAP use?
TCP - 143 This is an email client download utility.
What port does DHCP use?
UDP - 67 & 68
What port does HTTP use?
TCP - 80
What port does SSL Use?
TCP - 443
What port does LPD Use?
TCP - 515
What port does X Windows Use?
TCP 6000-6003
What port does BootP use?
UDP - 67 & 68
What port does NFS Use?
TCP - 2049
What port does SNMP use?
UDP 161 & 162
What is encapsulation and what problems exist?
The ability to carry lower level TCP protocols inside higher layers. Is bad because hackers can hide inside higher layers.
What is pre-admission philosophy?
Form of NAC that requires all policies be met before access to network is granted.
What is post-admission philosophy?
For of NAC that denies activity based on user activity.
What type of firewall filters traffic by inspecting the header against a rules table?
Static Packet
What does an application firewall perform?
Acts as a proxy for things happening in the application layer.
What is stateful packet inspection?
Firewall that looks at many pieces of information inside the packet including source and destination addresses or ports.
What layer does a switch operate?
Layer 2
What layer does a router operate?
Layer 3
What is the CALEA Law?
States that the government must allow a Telco to provide wiretap support. (bypasses strict end to end encryption).
What OSI model manages simplex & duplex communications?
Session
What technology implements 802.3
Ethernet
What is an example of a third generation firewall?
Stateful
Can a firewall block viruses?
False
