Secure Communications and Network Attacks Flashcards
Describe the differences between transport mode and tunnel mode of IPSec
IPSec’s transport mode is used for host-to-host links and encrypts only the payload, not the header. IPSec’s tunnel mode is used for host-to-LAN and LAN-to-LAN links and encrypts the entire original payload and header and then adds a link header.
Discuss the benefits of NAT.
Network Address Translation (NAT) allows for the identity of internal systems to be hidden from external entities. Often NAT is used to translate between RFC 1918 private IP addresses and leased public addresses. NAT serves as a one-way firewall because it allows only inbound traffic that is a response to a previous internal query. NAT also allows a few leased public addresses to be used to grant Internet connectivity to a larger number of internal systems.
What are the main differences between circuit switching and packet switching?
Circuit switching is usually associated with physical connections. The link itself is physically established and then dismantled for the communication. Circuit switching offers known fixed delays, supports constant traffic, is connection oriented, is sensitive only to the loss of the connection rather than the communication, and was most often used for voice transmissions. Packet switching is usually associated with logical connections because the link is just a logically defined path among possible paths. Within a packet-switching system, each system or link can be employed simultaneously by other circuits. Packet switching divides the communication into segments, and each segment traverses the circuit to the destination. Packet switching has variable delays because each segment could take a unique path, is usually employed for bursty traffic, is not physically connection oriented but often uses virtual circuits, is sensitive to the loss of data, and is used for any form of communication.
What are some security issues with email and options for safeguarding against them?
Email is inherently insecure because it is primarily a plain-text communication medium and employs nonencrypted transmissions protocols. This allows for email to be easily spoofed, spammed, flooded, eavesdropped on, interfered with, and hijacked. Defenses against these issues primarily include having stronger authentication requirements and using encryption to protect the content while in transit.
_________________ is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints.
A. ISDN
B. Frame Relay
C. SMDS
D. ATM
B. Frame Relay is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between the communication endpoints. The Frame Relay network is a shared medium across which virtual circuits are created to provide point-to-point communications. All virtual circuits are independent of and invisible to each other.
Tunnel connections can be established over all except for which of the following?
A. WAN links
B. LAN pathways
C. Dial-up connections
D. Stand-alone systems
D. A stand-alone system has no need for tunneling because no communications between systems are occurring and no intermediary network is present.
__________________ is a standards-based mechanism for providing encryption for point-to-point TCP/IP traffic.
A. UDP
B. IDEA
C. IPSec
D. SDLC
C. IPSec, or IP Security, is a standards-based mechanism for providing encryption for point-to-point TCP/IP traffic.
Which of the following IP addresses is not a private IP address as defined by RFC 1918?
A. 10.0.0.18
B. 169.254.1.119
C. 172.31.8.204
D. 192.168.6.43
B. The 169.254.x.x subnet is in the APIPA range, which is not part of RFC 1918. The addresses in RFC 1918 are 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0–192.168.255.255.
Which of the following cannot be linked over a VPN?
A. Two distant Internet-connected LANs
B. Two systems on the same LAN
C. A system connected to the Internet and a LAN connected to the Internet
D. Two systems without an intermediary network connection
D. An intermediary network connection is required for a VPN link to be established.
What is needed to allow an external client to initiate a communication session with an internal system if the network uses a NAT proxy?
A. IPSec tunnel
B. Static mode NAT
C. Static private IP address
D. Reverse DNS
B. Static mode NAT is needed to allow an outside entity to initiate communications with an internal system behind a NAT proxy.
Which of the following VPN protocols do not offer native data encryption? (Choose all that apply.)
A. L2F
B. L2TP
C. IPSec
D. PPTP
A, B, D. L2F, L2TP, and PPTP all lack native data encryption. Only IPSec includes native data encryption.
At which OSI model layer does the IPSec protocol function?
A. Data Link
B. Transport
C. Session
D. Network
D. IPSec operates at the Network layer (layer 3).
Which of the following is not defined in RFC 1918 as one of the private IP address ranges that are not routed on the Internet?
A. 169.172.0.0–169.191.255.255
B. 192.168.0.0–192.168.255.255
C. 10.0.0.0–10.255.255.255
D. 172.16.0.0–172.31.255.255
A. The address range 169.172.0.0–169.191.255.255 is not listed in RFC 1918 as a private IP address range. It is in fact a public IP address range.
Which of the following is not a benefit of NAT?
A. Hiding the internal IP addressing scheme
B. Sharing a few public Internet addresses with a large number of internal clients
C. Using the private IP addresses from RFC 1918 on an internal network
D. filtering network traffic to prevent brute-force attacks
D. NAT does not protect against or prevent brute-force attacks.
A significant benefit of a security control is when it goes unnoticed by users. What is this called?
A. Invisibility
B. Transparency
C. Diversion
D. Hiding in plain sight
B. When transparency is a characteristic of a service, security control, or access mechanism it is unseen by users.