OSI Model and Diagrams Flashcards
What are the protocol(s) of the Application Layer?
POP3, SMTP, SNMP, FTP, Telnet, HTTP, MIME, PGP (app), S/MIME (app), HTTPS (app), DNS, DHCP
POP3 - Post Office Protocol version 3
SMTP - Simple Mail Transfer Protocol
SNMP - Simple Network Management Protocol
FTP - File Transfer Protocol
MIME - Multipurpose Internet Mail Extensions
HTTP - HyperText Transfer Protocol
PGP - Pretty Good Privacy
DNS - Domain Name Service
DHCP - Dynamic Host Configuration Protocol
What are the OSI Model Layers?
Application (7) Presentation (6) Session (5) Transport (4) Network (3) Data Link (2) Physical (1) Top-Bottom: "All People Seem To Need Data Processing" Bottom-Top: "People Don't Need To See Pink Alligators"
What are the protocol(s) of the Presentation Layer?
GIF, TIFF, JPG, character encoding (ASCII, UNICODE, EBCDIC)
What are the protocols(s) of the Session Layer?
NFS, SQL, NetBIOS, PPTP, RPC, RTCP
NFS - UNIX stateless Network File System SQL - Structured Query Language PPTP - Point-to-Point Tunneling Protocol RPC - Remote Procedure Call RTCP - RTP (Real-time Transport Protocol) Control Protocol
What are the protocols(s) of the Transport Layer?
TCP, UDP
TCP - Transmission Control Protocol
UDP - User Datagram Protocol
What are the protocols(s) of the Network Layer?
IP, ICMP, IGMP, OSPF
IP - Internet Protocol
ICMP - Internet Control Message Protocol
IGMP - Internet Group Management Protocol
OSPF - Open Shortest Path First
What are the protocols(s) of the Data Link Layer?
ARP, SLIP, PPP, L2TP, Ethernet, ISDN, Wi-Fi
ARP - Address Resolution Protocol SLIP - Serial Line Internet Protocol PPP - Point-to-Point Protocol L2TP - Layer 2 Tunneling Protocol ISDN - Internet Services for Digital Network
What are the protocols(s) of the Physical Layer?
Pinouts, voltages, cables, antennas, radio waves
What are the encryption(s) of the Transport Layer?
SSL2, SSL3, TLS (therefore the encryption in support of HTTPS, POP3S, FTPS)
SSL - Secure Socket Layer
TLS - Transport Layer Security
What are the encryption(s) of the Data Link Layer?
WEP, TKIP, CCMP
WEP - Wire Equivalent Privacy
TKIP - Temporal Key Integrity Protocol
CCMP - Counter-Mode/CBC-MAC Protocol
What are the encryption(s) of the Network layer?
IPSec Transport ESP
IPSec Tunnel ESP
(RC5, DES, AES)
What are the SW/HW of the Application Layer?
SW: Gateways and Proxies
What are the encryption(s) of the Presentation Layer?
SSH (therefore, the encryption in support of S-FTP, S-HTTP, PGP, S/MIME)
What are the encryption(s) of the Network layer?
IPSec Transport ESP
IPSec Tunnel ESP
(RC5, DES, AES)
What are the SW/HW of the Network Layer?
HW: Router
What are the SW/HW of the Data Link Layer?
HW: Bridge, L2 Switch
What are the SW/HW of the Physical Layer?
HW: Hub, repeater
What is the firewall of the Application, Presentation, and Session Layer?
Proxy Firewall
What is the firewall of the Session and Transport Layer?
Circuit (SOCKS) Firewall
What is the firewall of the Network Layer?
Packet Filter Firewall
What is the TCP/IP Model of the Application, Presentation, and Session Layer?
APPLICATION
What is the TCP/IP Model of the Session and Transport Layer?
HOST-TO-HOST (Transport)
What is the TCP/IP Model of the Network Layer?
INTERNET (Internetwork)
What is the TCP/IP Model of the Data Link and Physical Layer?
NETWORK ACCESS (Network Interface)
What are the attacks on the Application Layer?
Repudiation Modification Buffer Overflow (at any layer & in the OS) Replay Viruses, Trojan Horse, Spyware Keystroke Logger (software) **the ones above typically occur in the OS, not the stack DNS Spoofing
What are the attacks on the Session Layer?
Fingerprinting (NetBIOS enumeration)
What are the attacks on the Transport Layer?
Session Hijacking
TCP Sequences Numbering
Fingerprinting (Port Scan, TCP Scans)
SYN Flooding
What are the attacks on the Network Layer?
IP Spoofing Footprinting (Ping Scan) Sniffing (Promiscous) Eavesdropping Ping of Death ICMP Redirection
What are the attacks on the Data Link Layer?
MAC Spoofing
ARP Poisoning
Deauthentication Attack
What are the attacks on the Physical Layer?
Rogue Devices
Keylogger (HW)
What are the bandwidth attacks?
DoS (Smurf, Fraggle, Physical Destruction)
DDoS (Botnets, Zombies)
What are the social engineering attacks?
Dumpster diving
Shoulder surfing
Snooping
Eavesdropping
What are the modem attacks?
War Dialing
Dial-Tone
Eavesdropping
What are the entry attacks?
Piggybacking
Tailgating
What are the discovery attacks?
War driving
Eavesdropping
What is Symmetric Encryption used for?
Bulk Encryption
What is Asymmetric Encryption used for?
Authentication Digital Signatures (non-repudiation) Digital Certificates Key Exchange (KEA/RSA) KSA - Key Exchange Algorithm RSA - Rivest, Shamir, & Adelman)
What is a Hash used for?
Integrity
Digital Signatures (Integrity)
Message Authentication Code (MAC)
Digital Fingerprint
What is an example of a stream cipher (symmetric encryption)?
RC4 (64 bit key size)
One-time pad
What are some examples of a block cipher (symmetric encryption)?
DES (Digital Encryption Standard, 56 bit key size)
3DES (Triple DES, 168 bit key size)
AES128, AES192, AES256 (Advances Encryption Standard, 128, 192, and 256 bit key size)
RC5 and RC6 (up to 2048 bits)
Blowfish (64 bit block, 32-448 bit key)
Twofish (128 bit block, 128-256 bit key)
SAFER+ (bluetooth keys and bluetooth authentication but not encryption)
SAFER++ (digital signatures, integrity, and encryption; 64 and 128 bit)
IDEA (International Data Encryption Algorithm, 128 bit key, original cipher for PGP)
What are some examples of asymmetric encryption (public key)?
RSA (Rivest, Shamir, & Adelman) El Gamal (based on discrete logarithms) ECC (Elliptical Curve Cryptosystem)
To provide confidentiality with asymmetric cryptography, encrypt with the receiver’s PUBLIC key and decrypt with the receiver’s PRIVATE key.
How do you provide confidentiality with asymmetric cryptography?
To provide confidentiality with asymmetric cryptography, encrypt with the receiver’s PUBLIC key and decrypt with the receiver’s PRIVATE key. (Authentication, Digital Envelope, and confidential transmission of files)
How do you provide non-repudiation with asymmetric cryptography?
To provide non-repudiation with asymmetric cryptography, encrypt with the sender’s PRIVATE key and decrypt with the sender’s PUBLIC key. (Digital signatures).
How do private keys and public keys work?
Private key - held by owner, never shared, confided, or exchanged
Public key - made publicly available to everyone
Each set of two keys are mathematically related (“key pair”); either can encrypt but ONLY the mated key can decrypt.
The public key can be derived from the private key but the public key CANNOT be used to derive the private key.
What are some examples of hash functions?
LANMAN (should not be used) NTLM v1, v2 MD5 (Message Digest v5, 128 bit) SHA1 (Secure Hashing Algorithm, 160 bit) SHA2 (family of functions, SHA256, SHA512, etc.) MAC (Message Authentication Code) HMAC (Hashed Message Authentication Code) RIPEMD (160 bit message digest)
What is the encryption of 802.11?
WEP (RC4)
Wired Equivalent Privacy Rivest Cipher (?)
What is the encryption of WPA?
TKIP (RC4)
Temporal Key Integrity Protocol
Rivest Cipher (?)
Wi-Fi Protected Access
What is the encryption of WPA2?
CCMP (AES)
Counter-Mode/CBC-MAC Protocol
Advanced Encryption Standard
Wi-Fi Protected Access
What is the authentication of 802.11?
Shared Key (CHAP)
Challenge Handshake Authentication Protocol
What is the authentication of WPA?
Pre-Shared Key (personal)
802.1X/EAP (enterprise)
Extensible Authentication Protocol
Wi-Fi Protected Access
What is the authentication of WPA2?
Pre-Shared Key (personal)
802.1X/EAP (enterprise)
Extensible Authentication Protocol
Wi-Fi Protected Access
What is the encryption of IPSec ESP (OSI L3)?
RC5, DES, AES
Rivest Cipher
Digital Encryption Standard
Advanced Encryption Standard
What is the encryption of SSL/TLS (OSI L4)?
3DES, AES
Triple DES (Digital Encryption Standard) Advanced Encryption Standard
What is the encryption of SSH (OSI L6/L7)?
3DES, AES
Triple DES (Digital Encryption Standard) Advanced Encryption Standard
What are the hashing functions (MACs) of IPSec ESP (OSI L3), SSL/TLS (OSI L4), and SSH (OSI L6/L7)?
MD5, MAC
Message Digest
Message Authentication Code
What are the authentications of IPSec ESP (OSI L3), SSL/TLS (OSI L4), and SSH (OSI L6/L7)?
Digital Certificates
What is the key exchange used by IPSec ESP (OSI L3)?
IKE
Internet Key Exchange
What are the key exchanges used by SSL/TLS (OSI L4), and SSH (OSI L6/L7)?
Diffie Hellman
RSA (Rivest, Shamir, & Adelman)
What are some of the security measures that you can take on a Wireless Access Point?
Change the default SSID Disable SSID broadcast Enable MAC filtering Enable WEP, WPA, or WPA2 (preferred) Limit power output (reduce range)