Network Operations And Diagnostic (Chapter 6)

Question 1

NIC Property Settings (Wired)

Answer 1

Auto Negotiation (speed & duplex)
- allows the NIC to communicate at varying signaling speeds and Half/full duplex.
- most settings can be left to default.

Question 2

NIC Properties (Wireless)

Answer 2

Auto Negotiation
- Wireless mode needs to speak to the same frequency as the access point
- Transmit power set to high as default
Wake on LAN
- Allows the NIC to be active during standby
- Boots pc with ‘magic packet’

Question 3

NIC Properties location

Answer 3

Control Panel -> Network & Sharing -> Change Adapter settings.
Select network adapter properties -> configure -> advanced

Question 4

WPA2

Answer 4

Wi-fi Protected Access
A security protocol for WiFi that simplifies secure access point setup
- NIC and Access points must be compatible with WPA being used
- TKIP (randomly refreshes encryption keys)

Question 5

QoS

Answer 5

QoS (quality of service)
- network protocol that prioritizes certain types of data (Voice, Video, Data), usually configured at a switch
- used in private networks

Question 6

Common SOHO Security Issues

Answer 6

SSID - change default name
Physical Security - ensure router is in a safe location
Updating Firmware - do it inside the SOHO with the correct route update
Static IP - ensure it stays static

Question 7

Latency

Answer 7

Is the slow down in communication speeds

Question 8

Jitter

Answer 8

Is the slow down in communication speed due to
- congestion
- configuration issue
- interference

Question 9

Proxy Server

Answer 9

Is a server that routs all data flowing from a network to the internet through it self thus masking the IP address of the network.
Transparent Proxy - automatically intercepts data
Non-Transparent - requires user to set up IP address and proxy server
- has caching functionality for commonly used webpages this speed up connection

Question 10

UTM

Answer 10

Unified Threat Management
- a single appliance/gateway that preforms multiple security functions
- Firewall
- Intrusion Detection Service (IDS)
- anti-virus/anti-maleware
- Spam gateway
- Content filter
- Data leak Prevention (DLP)

Question 11

Spam Gateway

Answer 11

Uses SPF, DKIM, DMARC to verify the authenticity of mail servers to filter and prevent any unwanted emails.

Question 12

Load balance

Answer 12

Distributes client requests over multiple servers with the same function
- allows more clients without congestion
- fault tolerance

Question 13

SCADA

Answer 13

Supervisor Control and Data Acquisition System
- is a system that is used to monitor and control multiple sites ICSs (Industrial Control System)
- operated within a closed network

HMI
- Human-machine interface
- output and configuration for PLC

PLC
- programming logic controller
- link HMI to industrial components via cables

OT
- Operational Technology
- a network of embedded systems that is disconnected from the internet

Question 14

Firewall

Answer 14

Is a data check that only allows verified traffic packet through.
- check are based on rules configured in the firewall
- Network/Host based firewalls

Question 15

Firewall Settings

Answer 15

Disabling ports
- can disable physical ports on the pc

MAC filtering
- allows a statically assigned MAC address to the access point for a device to connect to the network

Content Filtering
- blocks websites/service based of criteria

Whitelist/Blacklist

Question 16

Port forwarding

Answer 16

A network configuration that allows devices outside of a private network to access services/data from a configured systems (server, computer)

Question 17

DMZ

Answer 17

A system that receives and handles all port forwarding requests that is separate from the private network

Question 18

Firewall location awareness

Answer 18

The location in which you are connecting to a network determines how stricted the Firewall rules are
- home (relax)
- work ( semi)
- public ( stricted)

Question 19

UPnP

Answer 19

Universal Plug and Play
A feature on a router that reduces complexity when setting up a firewall for LAN gaming network.
- not very secured

Question 20

Window Remote Access Tools

Answer 20

Remote Desktop Protocol (RDP)
-Windows protocol for operating remote GUI remotely from another window system
- Remote Desktop
– allows a user to access a desktop remotely
– Port 3389
– PC can only be operated by remote user when RDP is in progress
- Remote Assistant
– allows user to request help from a windows technician that has the ability to take control
– does not pass through firewall

Question 21

Remote Configuration

Answer 21

-Location:
System properties/ Remote
- Remote assist allow by default
RDP (Remote Desktop Protocol)
- data transmission during session is encrypted and using TCP connection
- select user that can access desktop

Question 22

Remote Credentials Guards

Answer 22

Desktop comprised my malware are at risk of sharing Remote Credentials
- RDPRA
remote desktop protocol restricted access
Only allows user with certain privileges to access RDP

Question 23

Remote Assist Process

Answer 23

Connects within a Private LAN
- invitation sent to allow recipient to connect (file,email or Easy connect)
- Host user gives access to the invitation recipient by acknowledging they are connecting
- Remote Desktop tools and chat tools will open

Question 24

Remote Desktop setup

Answer 24

Accessories/Communication menu
Or type MSTSC into command prompt
- input server/desktop name or IP
- will need to meet desktop security info

Question 25

Telnet

Answer 25

Is both a protocol and a terminal emulation program that transmits shell commands from a host computer to a remote machine ( can be used for non windows devices)
- Not encrypted
Protocol;
TCP port 23

Question 26

SSH

Answer 26

Secure shell
The means of obtaining secure access to a UNIX, Linux server or network appliance (switch, router)
- used to secure Telnet or FTP
- access is given based on public/private keys
TCP Port 22

Question 27

SSH Authentication Method

Answer 27

• public/private keys used to set up channel for SSH
• Username/password
• Kerberos (authentication protocol)
• Host-Based
• Public Key

Question 28

Screen Sharing

Answer 28

The ability to share a devices screen with other users on their devices

VNC is a freeware programme that is similar to RDP that is used to build a screen Sharing program
- Freeware VNC doesn’t have security
- Commercial have encryption
TCP port 5900

Question 29

Ping

Answer 29

A troubleshooting technique that sends 4 packets over a network to different devices ( host system, system on network, default Gateway & device on internet) and receives confirmation
–127.0.0.1 ping IP Address
– Command prompt: ping 12.0.0.1

Question 30

IP Configuration troubleshooting

Answer 30

If Host IP Configuration is incorrect the system won’t be able to connect to the network correctly.
- command prompt
– ipconfig (windows) – ifconfig (Linux)
– /all (show all properties of IP config)
– /release (deletes IP config)
– /renew (re-config IP config)
– /displaydns (shows all DNS info)
– /flushdnse (deletes all DNS info)

Question 31

Tracert

Answer 31

Is a command prompt command that checks if the router is able to connect/ reach a designated IP address or webpage/system name, it’ll list all
- router hop
- ingress interface
- response time
- Asterick * if no response

Question 32

Netstat

Answer 32

Command prompt command that check which network ports are currently being utilized
netstat has multiple switches that show different information about the ports
- -a
- -b
- -n

Question 33

nslookup

Answer 33

A command prompt command that checks the name to IP address pairs of a DNS records

Question 34

Reverse look up

Answer 34

Is using the IP address of a webpage/system in a command prompt command instead of its name, thus allows you to bypass the DNS which allows you to check if the DNS is faulty if you can access the webpage/system with IP address rather than the name