OSI Model and Diagrams

Question 0

What are the protocol(s) of the Application Layer?

Answer 0

POP3, SMTP, SNMP, FTP, Telnet, HTTP, MIME, PGP (app), S/MIME (app), HTTPS (app), DNS, DHCP

POP3 - Post Office Protocol version 3
SMTP - Simple Mail Transfer Protocol
SNMP - Simple Network Management Protocol
FTP - File Transfer Protocol
MIME - Multipurpose Internet Mail Extensions
HTTP - HyperText Transfer Protocol
PGP - Pretty Good Privacy
DNS - Domain Name Service
DHCP - Dynamic Host Configuration Protocol

Question 1

What are the OSI Model Layers?

Answer 1

Application (7)
Presentation (6)
Session (5)
Transport (4)
Network (3)
Data Link (2)
Physical (1)
Top-Bottom:  "All People Seem To Need Data Processing"
Bottom-Top:  "People Don't Need To See Pink Alligators"

Question 2

What are the protocol(s) of the Presentation Layer?

Answer 2

GIF, TIFF, JPG, character encoding (ASCII, UNICODE, EBCDIC)

Question 3

What are the protocols(s) of the Session Layer?

Answer 3

NFS, SQL, NetBIOS, PPTP, RPC, RTCP

NFS - UNIX stateless Network File System
SQL - Structured Query Language
PPTP - Point-to-Point Tunneling Protocol
RPC - Remote Procedure Call
RTCP - RTP (Real-time Transport Protocol) Control Protocol

Question 4

What are the protocols(s) of the Transport Layer?

Answer 4

TCP, UDP

TCP - Transmission Control Protocol
UDP - User Datagram Protocol

Question 5

What are the protocols(s) of the Network Layer?

Answer 5

IP, ICMP, IGMP, OSPF

IP - Internet Protocol
ICMP - Internet Control Message Protocol
IGMP - Internet Group Management Protocol
OSPF - Open Shortest Path First

Question 6

What are the protocols(s) of the Data Link Layer?

Answer 6

ARP, SLIP, PPP, L2TP, Ethernet, ISDN, Wi-Fi

ARP - Address Resolution Protocol
SLIP - Serial Line Internet Protocol
PPP - Point-to-Point Protocol
L2TP - Layer 2 Tunneling Protocol
ISDN - Internet Services for Digital Network

Question 7

What are the protocols(s) of the Physical Layer?

Answer 7

Pinouts, voltages, cables, antennas, radio waves

Question 8

What are the encryption(s) of the Transport Layer?

Answer 8

SSL2, SSL3, TLS (therefore the encryption in support of HTTPS, POP3S, FTPS)

SSL - Secure Socket Layer
TLS - Transport Layer Security

Question 9

What are the encryption(s) of the Data Link Layer?

Answer 9

WEP, TKIP, CCMP

WEP - Wire Equivalent Privacy
TKIP - Temporal Key Integrity Protocol
CCMP - Counter-Mode/CBC-MAC Protocol

Question 10

What are the encryption(s) of the Network layer?

Answer 10

IPSec Transport ESP
IPSec Tunnel ESP

(RC5, DES, AES)

Question 11

What are the SW/HW of the Application Layer?

Answer 11

SW: Gateways and Proxies

Question 11

What are the encryption(s) of the Presentation Layer?

Answer 11

SSH (therefore, the encryption in support of S-FTP, S-HTTP, PGP, S/MIME)

Question 11

What are the encryption(s) of the Network layer?

Answer 11

IPSec Transport ESP
IPSec Tunnel ESP

(RC5, DES, AES)

Question 12

What are the SW/HW of the Network Layer?

Answer 12

HW: Router

Question 13

What are the SW/HW of the Data Link Layer?

Answer 13

HW: Bridge, L2 Switch

Question 14

What are the SW/HW of the Physical Layer?

Answer 14

HW: Hub, repeater

Question 15

What is the firewall of the Application, Presentation, and Session Layer?

Answer 15

Proxy Firewall

Question 16

What is the firewall of the Session and Transport Layer?

Answer 16

Circuit (SOCKS) Firewall

Question 17

What is the firewall of the Network Layer?

Answer 17

Packet Filter Firewall

Question 18

What is the TCP/IP Model of the Application, Presentation, and Session Layer?

Answer 18

APPLICATION

Question 19

What is the TCP/IP Model of the Session and Transport Layer?

Answer 19

HOST-TO-HOST (Transport)

Question 20

What is the TCP/IP Model of the Network Layer?

Answer 20

INTERNET (Internetwork)

Question 21

What is the TCP/IP Model of the Data Link and Physical Layer?

Answer 21

NETWORK ACCESS (Network Interface)

Question 22

What are the attacks on the Application Layer?

Answer 22

Repudiation
Modification
Buffer Overflow (at any layer & in the OS)
Replay
Viruses, Trojan Horse, Spyware
Keystroke Logger (software)
**the ones above typically occur in the OS, not the stack
DNS Spoofing

Question 23

What are the attacks on the Session Layer?

Answer 23

Fingerprinting (NetBIOS enumeration)

Question 24

What are the attacks on the Transport Layer?

Answer 24

Session Hijacking
TCP Sequences Numbering
Fingerprinting (Port Scan, TCP Scans)
SYN Flooding

Question 25

What are the attacks on the Network Layer?

Answer 25

IP Spoofing
Footprinting (Ping Scan)
Sniffing (Promiscous)
Eavesdropping
Ping of Death
ICMP Redirection

Question 26

What are the attacks on the Data Link Layer?

Answer 26

MAC Spoofing
ARP Poisoning
Deauthentication Attack

Question 27

What are the attacks on the Physical Layer?

Answer 27

Rogue Devices

Keylogger (HW)

Question 28

What are the bandwidth attacks?

Answer 28

DoS (Smurf, Fraggle, Physical Destruction)

DDoS (Botnets, Zombies)

Question 29

What are the social engineering attacks?

Answer 29

Dumpster diving
Shoulder surfing
Snooping
Eavesdropping

Question 30

What are the modem attacks?

Answer 30

War Dialing
Dial-Tone
Eavesdropping

Question 31

What are the entry attacks?

Answer 31

Piggybacking

Tailgating

Question 32

What are the discovery attacks?

Answer 32

War driving

Eavesdropping

Question 33

What is Symmetric Encryption used for?

Answer 33

Bulk Encryption

Question 34

What is Asymmetric Encryption used for?

Answer 34

Authentication
Digital Signatures (non-repudiation)
Digital Certificates
Key Exchange (KEA/RSA)
KSA - Key Exchange Algorithm
RSA - Rivest, Shamir, & Adelman)

Question 35

What is a Hash used for?

Answer 35

Integrity
Digital Signatures (Integrity)
Message Authentication Code (MAC)
Digital Fingerprint

Question 36

What is an example of a stream cipher (symmetric encryption)?

Answer 36

RC4 (64 bit key size)

One-time pad

Question 37

What are some examples of a block cipher (symmetric encryption)?

Answer 37

DES (Digital Encryption Standard, 56 bit key size)
3DES (Triple DES, 168 bit key size)
AES128, AES192, AES256 (Advances Encryption Standard, 128, 192, and 256 bit key size)
RC5 and RC6 (up to 2048 bits)
Blowfish (64 bit block, 32-448 bit key)
Twofish (128 bit block, 128-256 bit key)
SAFER+ (bluetooth keys and bluetooth authentication but not encryption)
SAFER++ (digital signatures, integrity, and encryption; 64 and 128 bit)
IDEA (International Data Encryption Algorithm, 128 bit key, original cipher for PGP)

Question 38

What are some examples of asymmetric encryption (public key)?

Answer 38

RSA (Rivest, Shamir, & Adelman)
El Gamal (based on discrete logarithms)
ECC (Elliptical Curve Cryptosystem)

To provide confidentiality with asymmetric cryptography, encrypt with the receiver’s PUBLIC key and decrypt with the receiver’s PRIVATE key.

Question 39

How do you provide confidentiality with asymmetric cryptography?

Answer 39

To provide confidentiality with asymmetric cryptography, encrypt with the receiver’s PUBLIC key and decrypt with the receiver’s PRIVATE key. (Authentication, Digital Envelope, and confidential transmission of files)

Question 40

How do you provide non-repudiation with asymmetric cryptography?

Answer 40

To provide non-repudiation with asymmetric cryptography, encrypt with the sender’s PRIVATE key and decrypt with the sender’s PUBLIC key. (Digital signatures).

Question 41

How do private keys and public keys work?

Answer 41

Private key - held by owner, never shared, confided, or exchanged
Public key - made publicly available to everyone

Each set of two keys are mathematically related (“key pair”); either can encrypt but ONLY the mated key can decrypt.

The public key can be derived from the private key but the public key CANNOT be used to derive the private key.

Question 42

What are some examples of hash functions?

Answer 42

LANMAN (should not be used)
NTLM v1, v2
MD5 (Message Digest v5, 128 bit)
SHA1 (Secure Hashing Algorithm, 160 bit)
SHA2 (family of functions, SHA256, SHA512, etc.)
MAC (Message Authentication Code)
HMAC (Hashed Message Authentication Code)
RIPEMD (160 bit message digest)

Question 43

What is the encryption of 802.11?

Answer 43

WEP (RC4)

Wired Equivalent Privacy
Rivest Cipher (?)

Question 44

What is the encryption of WPA?

Answer 44

TKIP (RC4)

Temporal Key Integrity Protocol
Rivest Cipher (?)
Wi-Fi Protected Access

Question 45

What is the encryption of WPA2?

Answer 45

CCMP (AES)

Counter-Mode/CBC-MAC Protocol
Advanced Encryption Standard
Wi-Fi Protected Access

Question 46

What is the authentication of 802.11?

Answer 46

Shared Key (CHAP)

Challenge Handshake Authentication Protocol

Question 47

What is the authentication of WPA?

Answer 47

Pre-Shared Key (personal)
802.1X/EAP (enterprise)

Extensible Authentication Protocol
Wi-Fi Protected Access

Question 48

What is the authentication of WPA2?

Answer 48

Pre-Shared Key (personal)
802.1X/EAP (enterprise)

Extensible Authentication Protocol
Wi-Fi Protected Access

Question 49

What is the encryption of IPSec ESP (OSI L3)?

Answer 49

RC5, DES, AES

Rivest Cipher
Digital Encryption Standard
Advanced Encryption Standard

Question 50

What is the encryption of SSL/TLS (OSI L4)?

Answer 50

3DES, AES

Triple DES (Digital Encryption Standard)
Advanced Encryption Standard

Question 51

What is the encryption of SSH (OSI L6/L7)?

Answer 51

3DES, AES

Triple DES (Digital Encryption Standard)
Advanced Encryption Standard

Question 52

What are the hashing functions (MACs) of IPSec ESP (OSI L3), SSL/TLS (OSI L4), and SSH (OSI L6/L7)?

Answer 52

MD5, MAC

Message Digest
Message Authentication Code

Question 53

What are the authentications of IPSec ESP (OSI L3), SSL/TLS (OSI L4), and SSH (OSI L6/L7)?

Answer 53

Digital Certificates

Question 54

What is the key exchange used by IPSec ESP (OSI L3)?

Answer 54

IKE

Internet Key Exchange

Question 55

What are the key exchanges used by SSL/TLS (OSI L4), and SSH (OSI L6/L7)?

Answer 55

Diffie Hellman

RSA (Rivest, Shamir, & Adelman)

Question 56

What are some of the security measures that you can take on a Wireless Access Point?

Answer 56

Change the default SSID
Disable SSID broadcast
Enable MAC filtering
Enable WEP, WPA, or WPA2 (preferred)
Limit power output (reduce range)