Network Security 4 Flashcards
displays the IP to physical (MAC) address mappings for hosts that have been discovered in the ___ cache. ___ can be used to add, remove, or modify entries in the ___ cache.
*** CAN (campus area network) = provides networking of multiple LAN’s across a limited area like university or group of buildings owned by a company.
*** client-server = server system stores the data and client is machine that needs access to that data.
ARP (Address Resolution Protocol)
displays information about active ports and their state and can be useful in troubleshooting and capacity management. The command _______ -r displays routing information for network adapters.
*** peer-to-peer : each machine on network acts as both server and client sometimes requesting data from other nodes and sometimes answering request from others.
*** Finger displays information about a user or users on a remote system, including things such as last log-in time and username. It is primarily used in Linux.
Netstat (network statistics)
displays information for displaying DNS information and troubleshooting DNS problems. It is useful in displaying names to IP address mappings.
*** Star Toplogy : Instead of running cables from computer to computer, in a star topology, network cables are often run in the walls to a central closet.
*** Mesh toplogy : may connect using Wi-Fi or radio signals or by virtual links such as virtual private networks (VPNs).
Nslookup (name server lookup)
___ is a command used to query the DNS name servers. It is also used for lookups and will display answers from the query.
*** The SCP (Secure Copy Protocol) command is used to securely copy files between servers, leveraging SSH (secure shell) for authentication and encryption.
*** FTPS uses SSL/TLS (Secure Sockets Layer, replaced by Transport Layer Security; the same encryption used in https). FTP data is unencrypted.
Dig (domain information groper) Command etc …
displays TCP/IP packets and other network packets that are being transmitted over the network system. It is a form of protocol analyzer (sometimes called a sniffer) and is designed to show the contents of network packets in human-readable form for troubleshooting, security analysis, etc.
*** TFTP (trivial file transfer protocol) transfers a file from either a client to a server or from a server to a client using UDP (user datagram protocol) instead of TCP, and so it is usually used on reliable (local) networks.
Tcpdump
is a single line of devices connected together by one shared network cable; ends of cable must be properly terminated (communicate in half-duplex mode = cant receive or send simultaneously), overcrowding of devices can make network unstable or unusable.
*** dumb terminal : machine had no intelligence, just accepted commands and rendered a display with results.
*** SaaS : allows consumers to store and potentially publish information without the need to manage the underlying applications or infrastructure.
A bus network topology
the network cable is interrupted by each computer on the ring, and the cable is connected back to itself instead of using terminators. a dual-ring topology can be used. In this case, there are two sets of cables, and each computer has two network cards, one for each ring. In the event of a single cable break, the second ring can take over, allowing network traffic to continue to flow. However, the dual-ring topology has its greatest benefit in the event that both rings are simultaneously cut. In this case, the two loose ends on either side of the cable break can be connected together, merging the two broken rings into one much larger, but continuous, ring, where traffic can flow.
ring topology
placing computing and network power in a central location, where computing and network power is centralized in a large secure data center where users log in to dumb terminals to access mainframe data and perform tasks.
Centralization
puts the computing power in user’s device rather than a data center. Decentralized systems are able to operate without a network connection and be portable because their data and applications are available locally. This is ideal for portable systems more so than stationary desktop computers. Another advantage of decentralization is the lack of a single point of failure, or, perhaps more accurately, each computer is its own single point of failure because the computers do not rely on each other.
Decentralization
alludes to the shared responsibility of the centralized server and the decentralized client computer that accesses the server, Client/server applications tend to store data in the centralized data center but may leverage the computing power of the user’s client computer to perform some tasks. This approach offloads some of the computing requirements from the data center’s servers, but more importantly, the client/server model allows application designers to implement advanced user interfaces that would not otherwise be possible in a web-based or terminal-based application. Though the data is stored centrally, the data entry and scanning are performed by the client computer. This could lead to data inconsistency issues if multiple users have the client software installed but they are running different versions of the client software. Additionally, client software is generally created for specific operating system versions, which may complicate future upgrades on the client computers. In addition to the user interface, client software, unlike web browsers, usually has access to the hardware of the client computer.
client/server
