Network Devices Flashcards
1
Q
Switch
A
Switch
- Connects hosts; directs traffic based on MAC address
- Unicast traffic only between communicating computers
- Port security - MAC address filtering - switch limits number of MAC addresses per port, or restricts physical ports to specific MAC addresses
- Switches pass broadcast traffic to all ports
2
Q
Hub
A
Hub
- Unicast traffic goes to all ports
- Replace hubs with switches
3
Q
Router
A
Router
- Connect multiple networks to create larger network
- Directs traffic based on destination IP address
- Routers do not pass broadcast traffic - reduce traffic on a segment
- Segments separated by subnet - reduces collisions
- Can implement ACLs - antispoofing - allow/block IP addresses
4
Q
STP
A
STP
Spanning Tree Protocol
-Prevents loops (connecting two ports, or wall jacks)
-Also RSTP
5
Q
MAC Flood Attack
A
MAC Flood Attack
- Normally one device per switch physical port
- Switch internal table stores MAC address/port associations
- Send large amount of traffic with spoofed MAC address to same port
- Switch runs out of memory and fails open - becomes hub
- Can use protocol analyzer on any port to see traffic between other ports
- Flood guard can prevent
6
Q
Flood Guard
A
Flood Guard
- Limit memory to store MAC address for each switch physical port
- Switches: prevents MAC flood attacks
- Routers: prevents SYN flood attacks
7
Q
Network Bridge
A
Network Bridge
- Connects multiple networks
- Can be used instead of router sometimes
- Directs traffic to subnets based on MAC address
8
Q
Firewall
A
Firewall
-Packet filtering with ACLs (implicit deny)
9
Q
Host-Based Firewall
A
Host-Based Firewall
- Monitor traffic into/out of single host
- OS includes SW to do: Linux xtables, iptables
10
Q
Stateless Firewall
A
Stateless Firewall
- Rules implemented as ACLs
- Implicit deny
- permission/protocol/source/destination/port
- permission: permit/deny
- protocol: TCP, UDP, IP (both TCP and UDP), ICPM
11
Q
Statefull Firewall
A
Statefull Firewall
- Decision to allow/deny based on context/state of traffic
- Block traffic not part of established session
12
Q
WAF
A
WAF
Web Application Firewall
-Can include load balancing
13
Q
NAT
A
Network Address Translation
- Translates public IP address to private
- home wifi router, internet facing firewall does
- PAT - Port Address Translation - common form of NAT
- Multiple computers can access internet through one router running NAT
14
Q
Layer 2 Switch
A
Layer 2 Switch
- Traditional
- Uses MAC address in packets to forward to right port
- Forwards broadcasts to all ports
15
Q
Layer 3 Switch
A
Layer 3 Switch
- Like router
- Forwards based on IP address
- Blocks broadcast traffic
- Allows VLAN creation
- Not susceptible to ARP attacks