Network + Network Security

Question 1

what is the purpose of a router?

Answer 1

it is a device that connects different computer networks and direct data packets to their destination.(it uses the IP address in the packet header to determine where to send the packet)

Question 2

what is the purpose of a switch?

Answer 2

A switch is a device that connects other nodes (devices) to form a LAN and forwards data frames based on their MAC addresses.

Question 3

what are the differnet network topologies and what are their advantages and disadvantages?

Answer 3

bus topology:
+ low cost + easy to connect + less cable length
- entire system fail if there is a break in the main connector or if T connector breaks

ring topology:
+ organised + all have equal access to resources
- slower than star topology since need pass through all the hosts between source and destination + if one down all down

fully mesh topology:
+ network traffic can be redirected to other nodes if one goes down
- expensive and requires most cable length

star topology:
+ if cable failure, only 1 node is affected
- if central device has any failure, entire system will fail

Question 4

what is the difference between the World Wide Web (www) and the Internet?

Answer 4

the internet is a global network of networks while the web is a collection of information which is accessed via the internet

internet is the infrastructure while the Web is the service on top of the infrastructure

Question 5

how does a network device receive its IP address when it joins a network?

Answer 5

static IP address assignment:
- network administrator (the poor engineer) manually configure each device with an IP address, a subnet mask, a default gateway and a DNS server

dynamic IP address assignment:
- network device automatically obtains an IP address from a DHCP (dynamic host configuration protocol) server which is usually configured on the router.

Question 6

how does a DNS work? (domain name server)

Answer 6

1. the dns resolver will first check its local cache to see if the IP address associated with the domain name is stored, if it is, then immediately return it
2. if not, the query is routed to a recursive DNS resolver which is normally managed by the ISP.
3. the recursive dns resolver forwards the request to a DNS root name server
4. the root DNS servers return the IP address of the TLD (top-level domain) name server associated with the domain
5. the TLD server directs to the authoritative DNS server
6. the authoritative DNS servers return the IP address of the requested domain name to the local DNS
7. the local DNS stores in the cache for future use for a specified time.

Question 7

what are the layers in the TCP/IP suite?

Answer 7

application layer
transport layer
internet layer
network access layer

Question 8

why are the protocols arranged in layers in the TCP/IP suite?

Answer 8

to simplify the design aand implementation of the network system by dividing it into smaller and manageable modules

makes troubleshooting easiser since engineers can focus on a particular layer

each layer can be changed and modified with affecting the other layers

Question 9

why do we even need protocols?

Answer 9

protocols ensure reliability, security and efficiency of data transmission

protocols provide a consistent and standardised way of communication, reducing errors and conflicts and enhances performance and functionality.

Question 10

what information is added into the head in each layer?

Answer 10

application layer:
- raw data

transport layer:
- source and destination ports
- sequence number (for reordering)
- acknowledgement number (in TCP)
- checksum (to check if the data is modified)

internet layer:
- source destination IP address
- TTL (time to live -> ensure that the packet isnt floating around forever if not sent)
- header checksum

network access layer:
- source destination MAC address

Question 11

what is the difference between TCP and UDP?

Answer 11

TCP is a connection-oriented protocol while UDP is a connectionless protocol. TCP estasblishes a connection with receiver before sending/receiver but UDP doesnt

TCP is more reliable than UDP as it ensures that every packet sent is received and acknowledged by receiver

UDP is faster than UDP (since it doesnt care if receiver actually receives the data)

twitch uses UDP while netflix uses TCP woahhh

Question 12

what is data packetisation?

Answer 12

(data segmentation + data packetisation)
it involves the breaking down of large data into smaller segments (transport layer). headers and trailers are added to the data segments which contains information like source and destination addresses and create packets that can be transmitted over the network. (internet layer)

Question 13

explain the term packet-switching

Answer 13

1. it refers to the breaking down of large messages into smaller messages and sends them individually
2. each packet travels from router to router until it reaches its destination
3. since packets can arrive out of order, they will be reordered sequentially to recreate the original message

Question 14

explain what is a packet-switching network

Answer 14

1. its a network that transfers data by dividing to smaller packets
2. packet contains header with information like source + destination address and contains a portion of the data
3. packets are sent individually and may take different paths
4. packets are reassembled to form the original data

Question 15

what are some types of malware?

Answer 15

• virus
• worm
• trojan

Question 16

how to prevent and remove malware?

Answer 16

• use reputable antivirus / antimalware software
• scan system regularly and remove suspicious or infected programs
• avoid opening/downloading files from unknown/untrusted sources
• backup important data and files regularly and store them in a safe location

Question 17

what are some types of cyberattacks?

Answer 17

• DOS attack: tries to disrupt the normal traffic of a targeted server, service or network by sending a large number of requests or data to overload the server and cause it to slowdown or crash, preventing legitimate users from accessing it. (can be done using a botnet)
• code injection attack: tries to execute malicious code on a target system
• sql injection attack: inserts malicious sql statements into the input field for a database query (flashback to wenqi string formatting sql query gggggg)
• malware attack: tries to install or run malicious software on a target system (can be done by opening email attachment/downloading sus files)
• phishing attack: tries to obtain sensitive information from the user by impersonating a trsutworthy entity

Question 18

how does a firewall work?

Answer 18

its a network security system that monitors and controls incominig and outgoing network traffic based on predetermined security rules. it imposes restrictions on incoming and outgoing network packets and can be based on IP source address or port number

Question 19

how does a signature-based IDS work? (intruder detection system)

Answer 19

it monitors a network or system for malicious activity or policy violations. specifically, signature-based IDS looks for specific patterns such as byte sequences in network traffic or instruction sequences used by malware

+ it can easily detect known attacks
- it is difficult to detect new attacks

Question 20

how does an anomaly-based IDS work?

Answer 20

specifically used to detect unknown attacks due to the rapid development of malware.

Question 21

how does an IPS (intrusion prevention system) work?

Answer 21

as soon as IPS detects an intrusion event, it can reconfigure or reprogram the firewall to prevent similar attacks in the future. it also alerts the system administrator.

basically IPS can detect AND respond while IDS can only detect

Question 22

how does a digital signature work?

Answer 22

1. document contents are hased to create a digest.
2. the digest is encrypted using the sender’s private key
3. digest is embedded in the document which is then sent
4. the recipient decrypts the digest using the sender’s public key
5. receipt calculates a hash from the document contents
6. if the recalculated digest matches the decrypted digest, the document has not been tampered with since it was sent.

Question 23

what is a digital certificate?

Answer 23

they are the credentials that facilitate the verification of identities between users in a transaction. its used to validate the identity of someone.

Question 24

what are some methods of authentication?

Answer 24

1. 2FA
2. biometric authentication
3. public key authentication
4. password with pin
5. SMS authentication