Network Design Flashcards

1
Q

OSI Model

A
Application
Presentation
Session
Transport
Network
Data Link
Physical
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Physical Layer

A

§ Represents the actual network cables and radio waves used to carry data over a network
§ Bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Data Link Layer

A

§ Describes how a connection is established, maintained, and transferred over the physical layer and uses physical addressing (MAC addresses)
§ Frames

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Network Layer

A

§ Uses logical address to route or switch information between hosts, the network, and the internetworks
§ Packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Transport Layer

A

§ Manages and ensures transmission of the packets occurs from a host to a destination using either TCP or UDP
§ Segments (TCP) or Datagrams (UDP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Session Layer

A

Manages the establishment, termination, and synchronization of a session over the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Presentation Layer

A

Translates the information into a format that the sender and receiver both understand

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Application Layer

A

§ Layer from which the message is created, formed, and originated
§ Consists of high-level protocols like HTTP, SMTP, and FTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

MAC Flooding

A

§ Attempt to overwhelm the limited switch memory set aside to store the MAC addresses for each port
§ Switches can fail-open when flooded and begin to act like a hub

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MAC Flooding

A

§ Attempt to overwhelm the limited switch memory set aside to store the MAC addresses for each port
§ Switches can fail-open when flooded and begin to act like a hub

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

MAC Spoofing

A

Occurs when an attacker masks their own MAC address to pretend they have the MAC address of another device
MAC Spoofing is often combined with an ARP spoofing attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

MAC Spoofing - Protection

A

§ Limit static MAC addresses accepted
§ Limit duration of time for ARP entry on hosts
§ Conduct ARP inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Routers operate at OSI Layer

A

Routers operate at OSI Layer 3 (Network)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Routers rely on a _______ to determine the proper

destination

A

Routers rely on a packet’s IP Addresses to determine the proper
destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

De-Militarized Zone

A

A segment isolated from the rest of a private network by one or more firewalls that accepts connections from the Internet over designated ports

Focused on providing controlled access to publicly available servers that are hosted within your organizational network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Extranet

A

Specialized type of DMZ that is created for your partner organizations to access over a wide area network

17
Q

Bastion Hosts

A

§ Hosts or servers in the DMZ which are not configured with any services that run on the local network
§ To configure devices in the DMZ, a jumpbox is utilized

18
Q

Jumpbox

A

§ A hardened server that provides access to other hosts within the DMZ § An administrator connects to the jumpbox and the jumpbox
connects to hosts in the DMZ

19
Q

Network Access Control

A

§ Security technique in which devices are scanned to determine its current state prior to being allowed access onto a given network
§ If a device fails the inspection, it is placed into digital quarantine

20
Q

Persistent Agents

Network Access Control

A

A piece of software that is installed on the device requesting access to the network

21
Q

Non-Persistent Agents

Network Access Control

A

Uses a piece of software that scans the device remotely or is installed and subsequently removed after the scan

22
Q

_________ standard is used in port-based NAC

A

IEEE 802.1x standard is used in port-based NAC

23
Q

Switch Spoofing

A

Attacker configures their device to pretend it is a switch and uses it to negotiate a trunk link to break out of a VLAN

24
Q

Double Tagging

A

§ Attacker adds an additional VLAN tag to create an outer and inner tag
§ Prevent double tagging by moving all ports out of the default VLAN group

25
Q

Subnetting

A
§ Act of creating subnetworks logically through the manipulation of IP addresses
§ Efficient use of IP addresses
§ Reduced broadcast traffic
§ Reduced collisions
§ Compartmentalized
26
Q

VLANs Benefits

A
o Segment the network
o Reduce collisions
o Organize the network
o Boost performance
o Increase security
27
Q

Network Address Translation

A

§ Process of changing an IP address while it transits across a router
§ Using NAT can help us hide our network IPs

28
Q

Port Address Translation

A

Router keeps track of requests from internal hosts by assigning them random high number ports for each request

29
Q

Class A IP Range

A

10.0.0.0 to 10.255.255.255

30
Q

Class B IP Range

A

172.16.0.0 to 172.31.255.255

31
Q

Class C IP Range

A

192.168.0.0 to 192.168.255.255