Networks and Network Security Flashcards
What are networks?
A group of connected devices
What is a LAN?
Local Area Network
a network that spans a small area life home, schools or office
What is a WAN?
Wide Area Network
a network that spans a wide geographic area like a city, state or country.
What is a hub?
A network device that broadcast information to every device on a network.
What is a switch?
a device that make connections between specific devices on a network by sending and receiving data between them.
What is a router?
a network that connects multiple devices together
What is a modem?
It connects the router to the internet and brings internet access to the lan.
What is a virtualization tool?
Pieces of software that performs network operations.
What is cloud computing?
The practice of using remote servers, applications and network services that are hosted on the internet instead of on local physical devices
What is a cloud network?
A collection of servers or computers that store resources and data in remote data centers that can be accessed via internet
What is a data packet?
A basic unit information that travels from one device to another within a network.
What is bandwidth?
The amount of data a device receives every second.
What is speed?
The rate at which data packets are received or downloaded.
What is packet sniffing?
The practice of capturing and inspecting data packets across a network.
Transmission Control Protocol, also called TCP stands for what?
An internet communication protocol that allows two devices to form a connection and stream data
Internet Protocol, also called IP stands for what?
A set of standards used for routing and addressing data packets as they travel between devices on a networks.
What is a port?
a software based location that organizes sending and receiving of data between devices on a network
Port 25 is for what?
Port 443 is for what?
secured internet communication
port 20 is for what?
Large file transfers
What is the TCP/IP model?
a framework used to visualize how data is organized and transmitted across the network.
What are the 4 layers of the TCP/IP Model?
- Network access layer
- Internet layer
- Transport layer
- Application layer
The TCP/IP model is a condensed form of what model?
OSI Open systems interconnection
How many layers is the OSI?
7 Layers
What is an IP address?
A unique string of characters that identifies the location a device on the internet
How many type of IP addresses are there?
2
IP Version 4 (IPv4)
IP Version 6 (IPv6)
Example of IPv4?
19.117.63.126
smaller than IPv6
Example of IPv6
684D:1111:222:3333:4444:5555:6:77
consist of 32 characters
larger than IPv4
What is a MAC address?
A unique alphanumeric identifier that is assigned to each physical device on an network.
What is a User Datagram Protocol (UDP)
A connectionless protocol that does not establish a connection between devices before transmissions
Network Protocols
A set of rules used by two or more devices on a network to describe the order of delivery and structure of the data.
Address resolution protocol (ARP)
a network protocol used to determine the MAC address of the next router or device on the path.
Hypertext transfer protocol Secure (HTTPS)
a network protocol that provides a secure method of communication between clients and web servers
Domain Name System (DNS)
A network protocol that translates internet domain into IP addresses
Network Protocols are divided into what 3 main categories ?
- Communication protocols
- Management protocols
- Security protocols
IEEE 802.11 ( WiFi)
A set of standards that define communication for wireless LANs
WiFi Protected Access (WPA)
A wireless security protocol for devices to connect to the internet.
Firewall
Is a network security device that monitors traffic to and from your network
Port filtering
A firewall function that blocks or allows certain port numbers to limit unwanted communication
Cloud based firewalls
Software firewalls that are hosted b y a cloud based provider
Stateful
A class of firewall that keeps track of information passing through it and proactively filters out threats.
Stateless
A class of firewall that operates based open predefined rules and does not keep track of information from data packets
What is NGFW
Next Generation Firewalls
What are the benefits of NGFW/ Next generation Firewalls
- Deep Packet inspection
2.Intrusion protection - Threat intelligence
Virtual Private Network, also known as a VPN
A network security service that changes your public IP address and hides your virtual location so that you can keep your data packet private when using a public network like the internet
Encapsulation
A processed performed by a VPN service that protects your data by wrapping sensitive data in other data packets.
Security zone
A segment of a network that protects the internal network from the internet
Network segmentation
a security technique that divides the network into different segments
What are the two types of security zones?
- Uncontrolled zones
- Controlled zones
Uncontrolled zone
Any network outside of the organizationals control
Controlled zone
A subnet that protects the internal network from the uncontrolled zone
Areas in the controlled zone
- Demilitarized zone
- Internal networks
- Restricted zone
Subnetting
is the process of dividing a larger network into smaller, more manageable subnetworks
CIDR IP addresses are formatted like IPv4 addresses, but they include a ____ followed by a number at the end of the address
slash (“/’”)
198.51.100.0/24
Proxy server
A server that refills the request of a client by forwarding them to other servers
Forward proxy server
Regulates and restricts a person’s access to the internet
Reverse proxy server
Regulates and restricts the internet access to an internal server
Secure shell (SSH)
A security protocol used to create a shell with a remote system
What are some common network intrusion attack?
- Malware
2.Spoofing - Packet sniffing
4.Packet flooding
Attacks can harm an organization by
- Leaking valuable or confidential information
- Damaging an organization reputation
- Impacting customer retention
- Costing money and time
Denial of service (DoS)
a attack that targets a network or server and flood it with network traffic
Distributed denial of service attack (DDos)
a type of denial of service attack that uses multiple devices or servers in different locations to flood the target network with unwanted traffic.
SYN (synchronize) Flood attack
a type of Dos attack that simulates a TCP connection and floods a server with SYN packets
Internet Control Message Protocol
ICMP
An internet protocol used by devices to tell each other about data transmission errors across the network
Internet Control Message Protocol Flood
A type of Dos attack performed by an attacker repeadetly sending ICMP packets to a network server
Ping of death
a type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB
What is a Network Protocol Analyzer
Also know as a packet analyzer, is a tool designed to capture and analyze data traffic within a network. They are commonly used as investigative tools to monitor networks and identify suspicious activity.
Tcpdump
a command-line network protocol analyzer.
tcpdump provides a brief packet analysis and converts key information about network traffic into formats easily read by humans
botnet
a collection of computers infected by malware that are under the control of a single threat actor, known as the “bot-herder.”
Each computer in the botnet can be remotely controlled to send a data packet to a target system.
In a botnet attack, cyber criminals instruct all the bots on the botnet to send data packets to the target system at the same time, resulting in a DDoS attack.
Passive packet sniffing
a type of attack where data are read in transit
Active packet sniffing
a type of attack where data is manipulated in transit
IP Spoofing
A network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network
Common IP spoofing attacks
- On path attacks
- Replay attacks
- Smurf attacks
On path attack
An attack where malicious actor places themselves in the middle of an authorized connection and intercepts and alters the data in transit.
Replay attacks
A network attack performed when a malicious actor intercepts a data packet in transit and delays it or repeats it at another time.
Smurf attacks
a network attack performed when an attacker sniffs and authorized user IP address and floods it with packets.
Where can security hardening occur?
- devices
- networks
- applications
- cloud infrastructures
Security hardening
the process of strengthening a system to reduce its vulnerability and attack surface
attack surface
all the potential vulnerabilities that an threat actor could exploit
security hardening is conducted on?`
- Hardware
- Operating systems
- Applications
- computer network
- Database
Penetration testing AKA Pen Testing
A simulated attack that helps identify vulnerabilities in a system, network, websites, applications and processes.
Operating System AKA OS
The interface between computer hardware and the user.
Patch Update
A software and operating system update that addresses security vulnerabilities within a program or product
Baseline configuration (baseline image)
a documented set of specifications within a system that is used as a basis for future builds, release and updates.
Multi-Factor authentication AKA MFA
a security measure which requires a user to verify identity in two or more ways to access a system or network.
brute force attack
a trial-and-error process of discovering private information.
Network security hardening focuses on what?
- Port filtering
2.Network access privilege - Encryption
Network log analysis
the process of examining network logs to identify event of interest
System information and event management tools (SIEM)
An application that collects and analyzes log data to monitor critical activities in an organization
port filtering
a firewall function that blocks or allows certain port numbers to limit unwanted communications
intrusion prevention system (IPS)
is an application that monitors system activity for intrusive activity and takes action to stop the activity.
Cloud Network
a collection of servers or computers that stores resources and data in remote data centers that can be accessed via internet.
World-writable file
A file that can be altered by anyone in the world
