S14 - Network Services Flashcards
What can be done to a server for file share
Can be configured to allow the clients on the network to access the network and be able to read and write to its disk
Define print server
another server that could be a physical workstation or network infrastructure that provides printing functionality
2 common types of file and printer server
Windows-based / Linux or Unix-based
What does windows-based file and printer server rely on
NetBIOS protocol or SMB
Function of Sambda
Provides the ability for a linux or unix server to be able to host files or printers that can then be used by windows clients running the SMB protocol
What do IP-based File and Print Server / Cloud printing allow for
Printing from anywhere in the world
Define web server
any server that provides access to a website
Define Internet Information Services (IIS)
Web server software created by Microsoft (HTTP,HTTP/2,HTTPS)
Function of apache
Most popular way to run a web server these days
Function of NGINX
Reverse proxy, load balancer, mail proxy and HTTP cache
What makes something a FQDN, provide an example
the whole url:
[https:// : protocol]
[www : server].
[google: domain/name].
[com: top level domain]
Simple Mail Transfer Protocol (SMTP) function
specifies how emails should be delivered from one mail domain to another
Post Office Protocol 3 (POP3) definition
older email protocol that operates over port 110
Internet Message Access Protocol (IMAP) function
Mail retrieval protocol
Define Microsoft Exchange (widely used in corporate environment)
Mailbox server env designed for windows-based domain envs, using pop3/imap/smtp
What do the As in AAA server stand for
authentication, authorization, accounting
Define 802.1x
Standardised framework used for port-based authentication on wired and wireless networks
Define authentication
Occurs when a person’s identity is established with proof and is confirmed by the system
define Lightweight directory access protocol (LDAP)
A database used to centralise info about clients and objects on the network, port 389 (unencrypted), port 636 (encrypted)
function of Active Directory (AD)
Used to organise and manage the network, including clients, servers, devices, users and groups
Function of Remote authentication Dial-In User service (RADIUS)
Provides centralised admin of dial-up, VPN, and wireless authentication services for 802.1x and the EAP
Function of Terminal Access Controller Access-Control System Plus (TACACS+)
Proprietary version of RADIUS that can perform the role of an authenticator in 802.1x networks, CISCO only
Define Authorisation
Occurs when a user is given access to a certain piece of data or certain areas of a building
Function of Kerberos
Authentication protocol used by windows to provide 2-way authentication using a system of tickets
Define accounting
Ensures tracking of data, computer usage, network resources are maintained
Define non-repudiation
when you have proof that someone has taken an action
What can be used to create a secure connection to tunnel into the RDP
Remote Desktop Gateway (RDG)
Function of Virtual Network Computing (VNC) over port 5900
Remote connection method designed for thin client architectures
Define Terminal Emulator (TTY)
Any kind of software that replicates the TTY I/O functionality to remotely connect to a device
Function of Syslog-ng
Enables different appliances and software application to transmit logs to a centralised server, VERY COMMON
What can syslog refer to
Protocol used/server/log entries
Function of Simple network management protocol (SNMP)
TCP/IP protocol that aids in monitoring network-attached devices and computers
Define managed devices
Computer and other network-attached devices monitored through the use of agents by a network management system
Define agents
Software that is loaded on a managed device to redirect info to the network management system
Define Network management system (NMS)
Software running on one or more server to control the monitoring or network-attached devices and computers
Define in-band communication
Where data is sent over the same network that’s carrying the corporate data
Define out-of-band
Second network where all the management occurs where the main network is used solely for corporate data transfers, added security by doing this
Define proxy server
Devices that create a network connection between an end user’s client machine and a remote resource (web server)
Function of a load balancer/content switch
Distributes incoming requests across a number of servers inside a server farm or a cloud infrastructure e.g. 3 servers with 600 bits of data, load balancer would spread it evenly, each server dealing with 200 bits
Why is a load balancer such an important preventative measure
One of the key things that allows for defence against a DOS/DDOS attack
Define Blackholing/Sinkholing
Identifies any attacking IP addresses and routers their traffic through a knoll interface
Function of Intrusion Prevention System (IPS)
Works for small-scale attacks against DoS
Function of elastic cloud
allows to scale up the demand as needed
Define Access Control List (ACL)
Rule sets placed on the firewalls, routers and other network devices that permit or allow traffic through a particular interface
Explain ACL in terms of rules
Work top down, meaning that the most specific most be placed at the top
Basic explanation of firewall
Inspects and controls the traffic that is trying to enter of leave a network’s boundary
Define Unified threat management (UTM)
Provides the ability to conduct security function within a single device or network appliance
Define IT
Includes computers, servers, networks and cloud platforms
Define operation technology (OT)
Communications network designed to implement and ICS, tech that interacts with the real world
Define Industrial Control System (ICS)
Provides the mechanisms for workflow and process automation by controlling machinery using embedded devices
What do multiple ICSs create
Distributed Control System (DCS)
Define Fieldbus
Digital serial data communication protocol used in OT networks to link different PLCs
Define Programmable logic controller (PLC)
Type of digital computer used in industrial settings that enables automation and assembly lines, autonomous field operations, robotics and other applications
Define Human-Machine Interface (HMI)
Can be a local control panel or software that runs on a computers
Define Supervisory control and data acquisition (SCADA)
Type of ICS used to manage largescale multi-site devices and equipment in a geographic region from a host computer
ICS,DCS,SCADA in terms of size
ICS : single plant/system
DCS: small connection of the ICS system in a single area
SCADA: different ICS and DCS plants in a WAN
Define Embedded system
A computer system that is designed to perform specific and designated functions
What type of environment are embedded system considered
Static, where frequent changes aren’t allowed
Define Programmable Logic Controller (PLC)
Type of digital computer used in industrial or outdoor settings
Define Real-time Operating System (RTOS)
Type of OS that prioritises deterministic execution of operations that ensure consistent response for time-critical tasks
Define System-on-a-chip
Processor integrates the platform for functionality of multiple logical controllers onto a single chip
What should be done when working with legacy systems
Identify them and put mitigations in place to keep operating such systems as they no longer receive patches
