Network Devices Flashcards

1
Q

Switch

A

Switch

  • Connects hosts; directs traffic based on MAC address
  • Unicast traffic only between communicating computers
  • Port security - MAC address filtering - switch limits number of MAC addresses per port, or restricts physical ports to specific MAC addresses
  • Switches pass broadcast traffic to all ports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Hub

A

Hub

  • Unicast traffic goes to all ports
  • Replace hubs with switches
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Router

A

Router

  • Connect multiple networks to create larger network
  • Directs traffic based on destination IP address
  • Routers do not pass broadcast traffic - reduce traffic on a segment
  • Segments separated by subnet - reduces collisions
  • Can implement ACLs - antispoofing - allow/block IP addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

STP

A

STP
Spanning Tree Protocol
-Prevents loops (connecting two ports, or wall jacks)
-Also RSTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

MAC Flood Attack

A

MAC Flood Attack

  • Normally one device per switch physical port
  • Switch internal table stores MAC address/port associations
  • Send large amount of traffic with spoofed MAC address to same port
  • Switch runs out of memory and fails open - becomes hub
  • Can use protocol analyzer on any port to see traffic between other ports
  • Flood guard can prevent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Flood Guard

A

Flood Guard

  • Limit memory to store MAC address for each switch physical port
  • Switches: prevents MAC flood attacks
  • Routers: prevents SYN flood attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Network Bridge

A

Network Bridge

  • Connects multiple networks
  • Can be used instead of router sometimes
  • Directs traffic to subnets based on MAC address
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Firewall

A

Firewall

-Packet filtering with ACLs (implicit deny)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Host-Based Firewall

A

Host-Based Firewall

  • Monitor traffic into/out of single host
  • OS includes SW to do: Linux xtables, iptables
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Stateless Firewall

A

Stateless Firewall

  • Rules implemented as ACLs
  • Implicit deny
  • permission/protocol/source/destination/port
  • permission: permit/deny
  • protocol: TCP, UDP, IP (both TCP and UDP), ICPM
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Statefull Firewall

A

Statefull Firewall

  • Decision to allow/deny based on context/state of traffic
  • Block traffic not part of established session
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WAF

A

WAF
Web Application Firewall
-Can include load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

NAT

A

Network Address Translation

  • Translates public IP address to private
  • home wifi router, internet facing firewall does
  • PAT - Port Address Translation - common form of NAT
  • Multiple computers can access internet through one router running NAT
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Layer 2 Switch

A

Layer 2 Switch

  • Traditional
  • Uses MAC address in packets to forward to right port
  • Forwards broadcasts to all ports
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Layer 3 Switch

A

Layer 3 Switch

  • Like router
  • Forwards based on IP address
  • Blocks broadcast traffic
  • Allows VLAN creation
  • Not susceptible to ARP attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Transparent Proxy Server

A

Transparent Proxy Server

  • Accepts and forwards requests (for URLs) without modifying
  • Caches for performance
17
Q

Nontransparent Proxy Server

A

Nontransparent Proxy Server

-URL filters restrict what users can request

18
Q

Reverse Proxy

-What else does it do (two things)?

A

Reverse Proxy

  • Accepts requests from internet, forwards to web server
  • Allows web server to be behind firewall
  • Caches web pages to improve performance
  • Can be load balancer (when multiple web servers)
19
Q

UTM

A
UTM
Unified Threat Management
-Single solution combining multiple security controls
-URL filtering
-Malware inspection
-Content inspection
-DDoS Mitigator
-Mail gateway (maybe)
20
Q

Switch Use Cases

A

Switch Use Cases

  • Prevent switching loops (STP or RSTP)
  • Block MAC flood attacks (flood guards)
  • Prevent unauthorized users from connecting to unused ports (disabling unused ports)
  • Segmentation (VLANS w/ layer 3 switches)
21
Q

SNMP

A

SNMP
Simple Network Management Protocol
-Monitors and manages network devices
-Agent on devices