network security

Question 1

what is network security

Answer 1

an activity designed to protect the usability and integrity of your network and data
can be hardware or software

Question 2

what are some network types

Answer 2

lan: local area network
pan: private area network
wlan: wireless lan
can: campus area network
man: metropolitan area network
wan: wide area network

Question 3

lan

Answer 3

allows users to connect within a short distance in a common area

Question 4

pan

Answer 4

small scale network revolving around one person or a device

Question 5

can

Answer 5

networks used in educational environments

Question 6

man

Answer 6

medium sized networks larger than a can

Question 7

wan

Answer 7

large network with far reaching connectivity used by large corporations

Question 8

what are some examples of things that a hacker could do

Answer 8

intercept or modify data in transit
block selected or all traffic
run a program at a remote host
insert or delay previous communications
gain unauthorised access to or modify data or programs in a remote host

Question 9

what are the 2 network models

Answer 9

osi; open systems interconnection
tcp/ip

Question 10

what are the 7 layers in the osi model

Answer 10

application
process/ presentation
session
transport
network
data link
physical

Question 11

what are the 4 layers in the tcp/ip model

Answer 11

application
transport
network
network access

Question 12

what does the iso model do

Answer 12

provides a universal language for computer networking allowing different technologies communicate

Question 13

application layer (iso model)

Answer 13

the type of app and its protocols

Question 14

presentation layer (iso model)

Answer 14

the syntax of the data to send and receive packets

Question 15

session layer (iso model)

Answer 15

network coordination between apps in a session

Question 16

what is the role of a session

Answer 16

managing the beginning and end of a one-to-one app connection

Question 17

transport layer (iso model)

Answer 17

ensures packets arrive in the correct order and without losses and errors

Question 18

when should we use tcp and what is an example

Answer 18

when all the data must be intact
e.g. file sharing

Question 19

when should we use udp and what is an example

Answer 19

when retaining all packets is not critical
e.g. video streaming

Question 20

network layer (iso model)

Answer 20

routing, forwarding, addressing and providing common protocols of communication across the network

Question 21

data link layer (iso model)

Answer 21

technologies used to connect machines across a network and managing data frames

Question 22

which layer in the iso model is seen as the weakest link and why

Answer 22

data link layer: no encryption or authentication

Question 23

physical layer (iso model)

Answer 23

physical communications mediums and tech used to transmit across it

Question 24

what are some examples of physical communications mediums

Answer 24

fibre optic cable
copper cables
air (wireless)

Question 25

why do we use tcp/ip

Answer 25

as its a less complicated version of the iso model

Question 26

network access layer (tcp/ip model)

Answer 26

a collection of applications that require network communication generates data and establishes physical connections

Question 27

network layer (tcp/ip model)

Answer 27

defines protocols responsible for data transmission across the network

Question 28

which protocols are used in the network layer (tcp/ip model)

Answer 28

ip icmp arp

Question 29

ip: internet protocol

Answer 29

delivers packets between the source and destination via the ip address in headers

Question 30

icmp: internet control message protocol

Answer 30

encapsulated in ip datagrams and gives hosts information about network problems

Question 31

arp: address resolution protocol

Answer 31

finds the hardware address from a known ip

Question 32

transport layer (tcp/ip model)

Answer 32

exchanged acknowledgements and retransmits missing packets

Question 33

which protocols are used in the transport layer (tcp/ip model)

Answer 33

udp tcp

Question 34

how is udp connectionless

Answer 34

messages are sent without negotiating/establishing a connection it also doesnt keep track of what its sent

Question 35

how is tcp connection based

Answer 35

must establish a connection before sending data

Question 36

what does tcp use to establish a connection and how does it work

Answer 36

three way handshake 1. the client sends a segment with the syn(synchronize sequence number) 2. the server responds with an syn-ack signal 3. the client sends an ack again and the reliable connection is established

Question 37

application layer (tcp/ip model)

Answer 37

end-to-end communication and error free delivery contains the osi app process and application layers

Question 38

which protocols are used in the application layer (tcp/ip model)

Answer 38

http(s) ssh:

Question 39

http

Answer 39

used by the www to manage communication between browsers and servers

Question 40

what is the difference between http and https

Answer 40

secure uses http and ssl(secure socket layer)

Question 41

ssh: secure shell

Answer 41

terminal emulation software that sets up a secure session over tcp/ip

Question 42

what are some common network attacks

Answer 42

ip spoofing arp spoofing network sniffing tcp sequence number prediction dos ddos

Question 43

what is the difference between dos and ddos and what makes ddos worse

Answer 43

ddos used multiple machines/ a botnet to flood the target harder to stop the attack by blocking a source

Question 44

tcp sequence number prediction

Answer 44

if the correct sequence number is guessed they can now counterfeit packets

Question 45

network sniffing

Answer 45

monitoring data transmission on a network usually the attacker preparing to enter the network

Question 46

arp spoofing

Answer 46

sending falsifies arp messages over a lan the lan devices update their arp cache with the attacker mac instead of the real one traffic meant for the device on the lan is now being sent to the attacker

Question 47

ip spoofing

Answer 47

attacks the network layer via manipulating datagrams and pretending to be a different ip can be done via packet generators

Question 48

what are some common security threats

Answer 48

pranks ransome-ware spyware trojans backdoors/ root-kits

Question 49

pranks

Answer 49

web site defacement fake news

Question 50

spy ware

Answer 50

apps installed to monitor communication

Question 51

backdoors

Answer 51

establishing a connection to a system in a secret way and maintaining control

Question 52

what are some common delivery methods of threats

Answer 52

viruses worms phishing sql injections cross side scripting

Question 53

what are 2 examples of software vulnerability

Answer 53

sql injections cross side scripting

Question 54

sql injections

Answer 54

attacks data driven apps via inserting malicious sql statements into an entry field for execution

Question 55

cross side scripting

Answer 55

inject client side scripts into web pages viewed by other users

Question 56

viruses

Answer 56

replicate themselves by modifying other programs and inserting its own code

Question 57

worms

Answer 57

replicates itself in order to spread to other computers over a network

Question 58

what are advanced persistent threats and what does each part of its name mean

Answer 58

the intruder establishes an undetected presence in a network advances: can operate in the full spectrum of the computer intrusion persistent: wont give up as its formally tasked with accomplishing the mission will analyse and may propose another method treat: not a mindless piece of code, usually a group behind it that is funded and motivated

Question 59

what are some common characteristics of phishing emails

Answer 59

urgent demand attractive or interesting content (free gift, promotion) disguising as a legitimate entitiy (e.g. bank) asking for personal information contains deceitful url or attachments asks to communicate in other channels to bypass security measures

Question 60

what are a few ways of handling suspicious emails

Answer 60

check sender address, should be legit dont open url unless youre sure its safe dont provide personal/ financial info dont trust offers that are too goof or unrealistic demands