S13 - Network Configurations Flashcards
stand for TCP/IP
Transmission Control Protocol / Internet Protocol
Define Link/Network interface layer
Puts frames in the physical network’s transmission media (copper wires/WI-FI)
Where can the data get to on the Link/Network Layer
Through the Local Area Network
Define Internet Layer
Used to address packets and router them across the network, where to send the packets
Common Protocols in Transport layer
TCP & UDP
Define Transport layer
Shows how to send the packets
Define Application layer
contains all the protocols that perform higher level functions (e.g. email, encryption etc) Which format the data should be sent as
What do the 0s in the subnet mask refer to
Host bits
What do the 1s in the subnet mask refer to
Network bits
Define classful mask
A network class being aligned with perfect
Define classless inter-domain routing (CIDR)
Allows for borrowing of some host bits and reassigning them to the network portion
What does the /24 after an IP refer to
the amount of network bits e.g. (255.255.255.0 = 24 bits to network and 8 to host)
2 types of IPv4 IPs
Public (Routable), Private (Non-routable)
Define Public IP
Can be accessed over the internet and is assigned to the network by an internet service provider
Define Private IPs
Can be used by anyone at any time, only within LAN
Define Network Address Translation (NAT)
Allows for less IP consumption, translates public to private and vice versa
Define Automatic Private IP addresses (APIPA)
Used when a device doesn’t have a static IP or cannot reach a DHCP address 169.254.0.0 - 169.254.255.255
DHCP proccess
DORA - Discover, Offer, Request, Acknowledge
What is static assignment
Manually typing the Ip for the host, subnet mask, default gateway, DNS server
What are the components of a fully configured host
IP, subnet mask, default gateway, server address
Define domain name system (DNS)
Translates the domain names used by the website into the IP address of its server. Names to numbers, numbers to names
Define Windows Internet name service (WINS)
Identifies NetBIOS systems on a TCP/IP network and convert those NetBIOS names to IP addresses
4 protocols for dynamic assignment of critical info
BOOTP, DHCP, APIPA, ZeroConf
Define BOOTP
legacy method of dynamically assigning IPs and allow workstation to load a copy of boot image over network
What is the modern version of BOOTP
DHCP
Benefit of IPIPA
Allows for quick config of a LAN without need for DHCP server
Drawback of APIPA in terms of communication
IPIPA devices can’t be routed outside of network, can only communicate with IPIPA devices
Define Zero-Conf
New version of APIPA
Define DHCP reservation
Excludes some IP addresses from being handed to devices unless they meet a certain condition (e.g. assigning printers to having a certain IP)
Define Fully-Qualified Domain Name (FQDN)
Domain name under a top-top level provider (www/ftp/etc)
Define Uniform Resource Locator (URL)
Contains he FQDN with the method of accessing information (https://, http:/, ftp://)
Define Sender Policy Framework (SPF)
Method of configuring who can send emails to host
Define DomainKeys Identified Mail (DKIM)
provides the cryptographic authentication mechanism using a public key published as a DNS record
Define domain-based message authentication, reporting & conformance (DMARC)
Framework that is used for proper application of SPF and DKIM, using a policy that is published as a public DNS record
Define internal DNS
allows cloud instances on the same network access each other using internal DNS names
Define External DNS
records created around the domain names from a central authority and used on the public internet
Define Time to live (TTL)
tells the DNS resolver how long to cache a query before requesting a new one
Define DNS resolver/DNS cache
makes a local copy of every DNS entry it resolves when connecting to websites
Define recursive lookup
DNS server communicates with several other DNS servers to hunt down the IP address and return to the client
Define iterative lookup
Each DNS server responds directly to the client with an address for another DNS sever that may have the correct IP address
Define Virtual local area network (VLAN)
allows different networks to share the same physical hardware and provided added security and efficiency
Define VPN
Extends a private network across a public network and enables sending and receiving of data across shared/public networks
3 types of VPN configs
site to site, client to site, clientless
Define full tunnel VPN
Routes and encrypts all network requests through the VPN connection back to the headquarters
define split tunnel VPN
Routes and encrypts only the traffic bound for the HQ over the VPN, sends the rest of the traffic over regular internet
For VPNs in terms of security and performance which should we use
Security: Full tunnel Performance: Split tunnel
Define clientless VPN
Creates a secure remote-access VPN tunnel using a web browser without requiring any software or hardware clients
Define Secure Socket Layer (SSL)
[outdated] Provides cryptography and reliability using the upper layers of the OSI model (5,6,7)
Modern alternative to SSL
TLS
Define Transport Layer Security (TLS)
Provides secure web browsing over HTTPS
Benefits over IPv6
Larger address space, No broadcasts, No fragmentation, Can coexist with IPv4, simplified header (5 headers instead of 12)
Define Dual Stack
Simultaneously runs both the IPv4 and IPv6 protocols on the same network devices
Define tunneling
Allows an existing IPv4 router to carry IPv6 traffic
What does IPv6 use to represent itself
Hexadecimal, 128 bits
How to identify a mac address
6x2 e.g. 12:34:56:78:90:AB
Define Unicast address
Used to identify a single interface
Define Globally-routed
Similar to IPv4’s unicast class A,B,C addresses and begins with 2000-3999
Define Link-Local/Local use
Used like a private IP in IPv4 that can only be used on the local area network and begins with FE80
Define Stateless Address Auto Config (SLAAC)
Eliminates the need to obtain addresses or other config information from a central server
Define Multicast address
Used to identify a set of interfaces and begins with FF
How do we identify a multicast address
begins with FF
Define anycast address
Used to identify a set of interfaces so that a packet can be sent to any member of a set
Define Extended Unique Identifier (EUI)
Allows a host to assign itself a unique 64-bit IPv6 interface identifier called EUI-64
Define DHCP Protocol
Allows DHCP to automatically assign addresses from a DHCPv6 server
Define Neighbour Discovery Protocol (NDP)
Used to determine the layer 2 addresses that are on a given network, used on IPv6
Define Port
Logical communication endpoint that exists on a computer or a server
Define Inbound port
Opening on a server that is listening for connection from a client
Define Outbound port
Opening created on a client in order to call out to a server that is listening for a connection
Port range
0-65,535
Define well-known ports
ports 0-1023 are considered well-known and are assigned by the internet assigned numbers authority (IANA)
Define registered ports
ports 1024 to 49151 are considered registered and are usually assigned to proprietary protcolos
Define Dynamic or Private ports
Ports 49152 to 65535 can be used by an application without being registered with IANA
What are dynamic or private ports usually used for
gaming, instant messaging and chat
FTP port + function
20,21 + provides insecure file transfers
Secure Shell (SSH) port + function
22 + secure remote control of another machine using a text- based environment
Telnet port + function
23 + Provides insecure remote control of another machine using a text-based environment
Simple Mail Transfer Protocol (SMTP) + function
25, Provides the ability to send emails over the network
Domain Name Service (DNS) port + function
53, Domain Names to IP addresses and Ip addresses to Domain Names
Dynamic Host Control Configuration (DHCP) Port + function
67,68 + Automatically provides network parameters such as assigned IP address, subnet mask, default gateway, and the DNS server
Hypertext Transfer Protocol (HTTP) Port + function
80, insecure web browsing
Post Office Protocol Version 3 (POP3) Port + function
110 + Used for receiving incoming emails
Network Basic I/O System (NetBIOS) Port + function
137,139 + File or printer sharing in a WINDOWS network
Internet Mail Application Protocol (IMAP) Port + function
143, A newer method of retrieving incoming emails, better version of POP3
Simple Network Management Protocol (SNMP) port + function
161,162 + Used to collect data about network devices and monitor their status
Lightweight Directory Access Protocol (LDAP) port + function
389 + provides directory services to your network
Hypertext Transfer Protocol - Secure (HTTPS) port + function
443 + Secure and encrypted version of web browsing
Server Message Block (SMB) port + function
445 + Windows file and printer sharing services
Remote Desktop Protocol (RDP) port + function
3389 + graphical remote control of another client/server
Define Transmission Control Protocol (TCP)
Connection-oriented protocol, which means it’s a reliable way to transport segments across the network, involves checks to see if the data was transmitted successfully
What is involved in the 3 way handshake
SYN, SYN/ACK, ACK
Define User Datagram Protocol (UDP)
Unreliable and it transmits segments called datagrams, great for audio and visual streaming
TCP (connection-oriented) is used for
SSH, HTTP, HTTPS
UDP (connectionless) is used for
Audio/Video streaming, DHCP, TFTP
Trivial File Transfer Protocol (TFTP) port + function
69 + connectionless protocol that uses UDP as its transport
