osi model

Question 1

Layer 1

Answer 1

Physical (stucture) Layer: Cabling (coax, fiber, wireless, hubs repeaters)

Question 2

Layer 2

Answer 2

Datalink: Frames - arp, ethernet, ppp (comunication protocol between two routers directly without any host or any other networking in between), switch, bridge.

Question 3

Layer 3

Answer 3

Network -Packet - ip, icmp (error reporting), ipSec, igmp (multicasting)

Question 4

layer 4

Answer 4

Transport end to end connections- tcp udp

Question 5

layer 5

Answer 5

Session - Synch and Send: api, socket connections, winSock

Question 6

layer 6

Answer 6

presentation syntax layer: encyption occurs here. XDR, TLS, SSL and MIME

Question 7

layer 7

Answer 7

applicationEnd User Layer - HTTP, FTP, IRC, SSH, DNS

Question 8

1xx

Answer 8

Information response

Question 9

2xx

Answer 9

Success response

Question 10

3xx

Answer 10

Statuses showing a redirection.

Question 11

4xx

Answer 11

Statuses showing a client-side error.
404 Not Found
403 Forbidden
400 Bad Request
401 Unauthorised

Question 12

5xx

Answer 12

Statuses showing a server-side error.
500 Internal Server Error
503 Service Unavailable:

Question 13

What is XSS?

Answer 13

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Inserted into blog post.
Input Validation/Output Sanitization, with focus on the latter

Question 14

What is Cross-Site Request Forgery

Answer 14

when an attacker gets a victim’s browser to make requests, ideally with their credentials included, without their knowing. A solid example of this is when an IMG tag points to a URL associated with an action, e.g. http://foo.com/logout/.

Question 15

Where do you get your security news from

Answer 15

packetstorm, rootsecure, cisa, threatPost, security week, fulldiclosure

Question 16

Ports 20 and 21

Answer 16

File Transfer Protocol (FTP). FTP is for transferring files between a client and a server.

Question 17

Port 22

Answer 17

SSh secure Shell

Question 18

port 23

Answer 18

Telnet

Question 19

port 25

Answer 19

Simple Mail Transfer Protocol - email

Question 20

Port 53

Answer 20

Domain name system

Question 21

Port 80

Answer 21

Http

Question 22

Port 123

Answer 22

NTP

Question 23

port 179

Answer 23

Border gateway protocol - large networlks that make up ther internet use this to broadcast which IP addresses they control

Question 24

port 443

Answer 24

https

Question 25

Port 3389

Answer 25

Remote Desktop Protocol

Question 26

port 161

Answer 26

SNMP snmp3

Question 27

Port 137-138

Answer 27

NetBios udp

Question 28

port 139/ 445

Answer 28

SMB tcp

Question 29

left to right ip packet headers

Answer 29

version, int header length, TOS (Diff service, ecn, length. Identification, flags , fragment offset TTL protocol (Linux/Unix is 64, Windows is 128) checksum source address destination address options padding

Question 30

tcp logical protocol

Answer 30

telnet SSH ftp smtp pop3 imap http bgp

Question 31

UDP

Answer 31

DNS, SNMP, Syslog, NTP (listen on 514),

Question 32

NTP

Answer 32

Port 123

Question 33

NetBios udp

Answer 33

137-138

Question 34

SNMP snmp3

Answer 34

161

Question 35

Remote Desktop Protocol

Answer 35

3389

Question 36

https

Answer 36

port 443

Question 37

Border gateway protocol

Answer 37

port 179

Question 38

Http

Answer 38

port 80

Question 39

Domain name system

Answer 39

port 53

Question 40

Simple Mail Transfer Protocol

Answer 40

port 25

Question 41

Telnet

Answer 41

port 23

Question 42

SSh secure Shell

Answer 42

Port 22

Question 43

File Transfer Protocol (FTP)

Answer 43

Ports 20 and 21

Question 44

SMB

Answer 44

port 139/ 445