Network Operations And Diagnostic (Chapter 6) Flashcards
NIC Property Settings (Wired)
Auto Negotiation (speed & duplex)
- allows the NIC to communicate at varying signaling speeds and Half/full duplex.
- most settings can be left to default.
NIC Properties (Wireless)
Auto Negotiation
- Wireless mode needs to speak to the same frequency as the access point
- Transmit power set to high as default
Wake on LAN
- Allows the NIC to be active during standby
- Boots pc with ‘magic packet’
NIC Properties location
Control Panel -> Network & Sharing -> Change Adapter settings.
Select network adapter properties -> configure -> advanced
WPA2
Wi-fi Protected Access
A security protocol for WiFi that simplifies secure access point setup
- NIC and Access points must be compatible with WPA being used
- TKIP (randomly refreshes encryption keys)
QoS
QoS (quality of service)
- network protocol that prioritizes certain types of data (Voice, Video, Data), usually configured at a switch
- used in private networks
Common SOHO Security Issues
SSID - change default name
Physical Security - ensure router is in a safe location
Updating Firmware - do it inside the SOHO with the correct route update
Static IP - ensure it stays static
Latency
Is the slow down in communication speeds
Jitter
Is the slow down in communication speed due to
- congestion
- configuration issue
- interference
Proxy Server
Is a server that routs all data flowing from a network to the internet through it self thus masking the IP address of the network.
Transparent Proxy - automatically intercepts data
Non-Transparent - requires user to set up IP address and proxy server
- has caching functionality for commonly used webpages this speed up connection
UTM
Unified Threat Management
- a single appliance/gateway that preforms multiple security functions
- Firewall
- Intrusion Detection Service (IDS)
- anti-virus/anti-maleware
- Spam gateway
- Content filter
- Data leak Prevention (DLP)
Spam Gateway
Uses SPF, DKIM, DMARC to verify the authenticity of mail servers to filter and prevent any unwanted emails.
Load balance
Distributes client requests over multiple servers with the same function
- allows more clients without congestion
- fault tolerance
SCADA
Supervisor Control and Data Acquisition System
- is a system that is used to monitor and control multiple sites ICSs (Industrial Control System)
- operated within a closed network
HMI
- Human-machine interface
- output and configuration for PLC
PLC
- programming logic controller
- link HMI to industrial components via cables
OT
- Operational Technology
- a network of embedded systems that is disconnected from the internet
Firewall
Is a data check that only allows verified traffic packet through.
- check are based on rules configured in the firewall
- Network/Host based firewalls
Firewall Settings
Disabling ports
- can disable physical ports on the pc
MAC filtering
- allows a statically assigned MAC address to the access point for a device to connect to the network
Content Filtering
- blocks websites/service based of criteria
Whitelist/Blacklist
Port forwarding
A network configuration that allows devices outside of a private network to access services/data from a configured systems (server, computer)
DMZ
A system that receives and handles all port forwarding requests that is separate from the private network
Firewall location awareness
The location in which you are connecting to a network determines how stricted the Firewall rules are
- home (relax)
- work ( semi)
- public ( stricted)
UPnP
Universal Plug and Play
A feature on a router that reduces complexity when setting up a firewall for LAN gaming network.
- not very secured
Window Remote Access Tools
Remote Desktop Protocol (RDP)
-Windows protocol for operating remote GUI remotely from another window system
- Remote Desktop
– allows a user to access a desktop remotely
– Port 3389
– PC can only be operated by remote user when RDP is in progress
- Remote Assistant
– allows user to request help from a windows technician that has the ability to take control
– does not pass through firewall
Remote Configuration
-Location:
System properties/ Remote
- Remote assist allow by default
RDP (Remote Desktop Protocol)
- data transmission during session is encrypted and using TCP connection
- select user that can access desktop
Remote Credentials Guards
Desktop comprised my malware are at risk of sharing Remote Credentials
- RDPRA
remote desktop protocol restricted access
Only allows user with certain privileges to access RDP
Remote Assist Process
Connects within a Private LAN
- invitation sent to allow recipient to connect (file,email or Easy connect)
- Host user gives access to the invitation recipient by acknowledging they are connecting
- Remote Desktop tools and chat tools will open
Remote Desktop setup
Accessories/Communication menu
Or type MSTSC into command prompt
- input server/desktop name or IP
- will need to meet desktop security info
Telnet
Is both a protocol and a terminal emulation program that transmits shell commands from a host computer to a remote machine ( can be used for non windows devices)
- Not encrypted
Protocol;
TCP port 23
SSH
Secure shell
The means of obtaining secure access to a UNIX, Linux server or network appliance (switch, router)
- used to secure Telnet or FTP
- access is given based on public/private keys
TCP Port 22
SSH Authentication Method
- public/private keys used to set up channel for SSH
- Username/password
- Kerberos (authentication protocol)
- Host-Based
- Public Key
Screen Sharing
The ability to share a devices screen with other users on their devices
VNC is a freeware programme that is similar to RDP that is used to build a screen Sharing program
- Freeware VNC doesn’t have security
- Commercial have encryption
TCP port 5900
Ping
A troubleshooting technique that sends 4 packets over a network to different devices ( host system, system on network, default Gateway & device on internet) and receives confirmation
–127.0.0.1 ping IP Address
– Command prompt: ping 12.0.0.1
IP Configuration troubleshooting
If Host IP Configuration is incorrect the system won’t be able to connect to the network correctly.
- command prompt
– ipconfig (windows) – ifconfig (Linux)
– /all (show all properties of IP config)
– /release (deletes IP config)
– /renew (re-config IP config)
– /displaydns (shows all DNS info)
– /flushdnse (deletes all DNS info)
Tracert
Is a command prompt command that checks if the router is able to connect/ reach a designated IP address or webpage/system name, it’ll list all
- router hop
- ingress interface
- response time
- Asterick * if no response
Netstat
Command prompt command that check which network ports are currently being utilized
netstat has multiple switches that show different information about the ports
- -a
- -b
- -n
nslookup
A command prompt command that checks the name to IP address pairs of a DNS records
Reverse look up
Is using the IP address of a webpage/system in a command prompt command instead of its name, thus allows you to bypass the DNS which allows you to check if the DNS is faulty if you can access the webpage/system with IP address rather than the name