Sybex Chp 11

Question 1

This layer of the OSI contains the device drivers that tell the protocol how to employ the hardware for the transmission and reception of bits.

Answer 1

Layer 1 - Physical Layer

Question 2

ARP resolves __________ into __________

Answer 2

ARP resolved IP Addresses into MAC Addresses

Question 3

What is the concern with firewalls and non-IP protocols on private networks?

Answer 3

Firewalls may not be able to inspect the packet header, address, or payload content of non-IP protocols. The firewalls must be configured to allow all or deny all.

Question 4

List the example(s) of Distant Vector Protocols.

OSPF
RIP
IGRP
BGP

Answer 4

The following are Distant Vector Protocols:
RIP
IGRP
BGP

OSPF is a Link State Routing Protocol

Question 5

This layer of OSI provides segmentation and sequencing.

Answer 5

Transport Layer 4

Question 6

This layer of OSI has half-duplex, full-duplex, and sinplex

Answer 6

Session Layer 5

Question 7

In the OSI Layer 7, is the user application (ex: MS Word) loaded into this layer?

Answer 7

No

Question 8

What is the TCP Model and OSI Model mapping?

Answer 8

TCP Application Layer has OSI layers 7,6,5

TCP Transport Layer has OSI Layer 4 (Transport)

TCP Internet Layer has OSI Layer 3 (Network)

TCP Link Layer has OSO layers 2,1

Question 9

Protocols used to establish VPNs:

Answer 9

PPTP - IP only
L2F - encapsulate any LAN protocol
L2TP - encapsulate any LAN protocol
IPSec - IP only

Question 10

True / False

UDP is half-duplex

Answer 10

False

UDP is Simplex Connectionless

TCP is Full-Duplex Connection-oriented

Question 11

True / False

A TCP Wrapper serves as a basic firewall.

Answer 11

True

A TCP Wrapper serves as a basic firewall because it restricts access to ports and resources based on USER IDs or SYSTEM IDs.

TCP Wrappers is a form of port-based access control.

Question 12

True / False

TCP has sequence numbers

Answer 12

True

TCP uses sequence numbers to rebuild original communication by reordering received segments using the sequence number

Question 13

Name the TCP Flags in order

Answer 13

“Unskilled Attackers Pester Real Security Folk”

URG
ACK
PSH
RST
SYN
FIN

Question 14

Ping of Death does what?

Answer 14

Ping of Death sends a malformed ping larger than 65,535 bytes.

Question 15

Smurf Attack does what?

Answer 15

Smurf attack generates generate large amounts of traffic by spoofing broadcast pings

Question 16

True / False

ARP uses caching while RARP uses broadcasting.

Answer 16

False

Both ARP and RARP use caching and broadcasting

Question 17

What OSI layer does Fiber Channel over Ethernet (FCoE) operate?

Answer 17

FCoE - Network Layer 3

• used for network attached storage
• operates at 10 Gbps
• used to encapsulate Fiber Channel over Ethernet

iSCSI is considered a low-cost alternative

Question 18

What is Software Defined Networking?

Answer 18

SDN aims at separating the infrastructure layer from the control layer

mix and match hardware - centralized administration

-network virtualization

Question 19

What is Content Distribution Networks?

Answer 19

Collection of resource services deployed in numerous data centers across the Internet in order to provide low latency, high performance, and high availability of the hosted content.

Question 20

What is the difference between wireless infrastructure mode and wireless ad-hoc mode?

Answer 20

Ad hoc Mode means that two wireless devices can communicate without a centralized control authority (w/o an AP)

Infrastructure Mode means that wireless devices require an AP to communicate. This mode has the following:

Stand-alone: APs connected to each other (like a hub) but not to a wired connection.

Wired Extension: AP acts like a connection point to the wired network

Enterprise Extended: allows for wired roaming across multiple APs.

Question 21

Wireless security

Answer 21

SSID should be changed to something unique

SSID broadcasting should be disabled

Treat wireless as remote access (802.1X)

Treat wireless as external access (Separate wireless from wired with a firewall)

Treat wireless as an entry point for attackers (use IDS)

Require all wireless communications to be encrypted

Question 22

WPA pass-phrases are recommended to be how long?

Answer 22

14 characters or more

Question 23

Wireless omidirectional antennas should point what direction?

Answer 23

Up

Directional antennas should point in whatever direction you want.

Question 24

What is a wireless captive portal?

Answer 24

Authentication technique that redirects newly connected wireless web clients to a portal page (input logon creds, privacy policy, etc.)

Question 25

Security aspect of Network Access Control

Answer 25

802. 1X is not enough
803. preadmission philosophy requires clients to be fully patched / AV etc before it is allowed to connect to the network
804. postadmission philosophy allows or denies access based on user activity, which is a predefined authorization matrix

Question 26

True or False

Firewalls can block viruses or malicious code

Answer 26

False

Question 27

True or False

Firewalls can prevent attacks by malicious users already behind the firewall

Answer 27

False

Question 28

True or False

Static Packet-Filtering Firewalls filters traffic by examining data from a messag eheader

Answer 28

True - these are at OSI Layer 3

Question 29

True or False

Application-level gateway firewalls are known as second-generation firewalls

Answer 29

True

These operate at OSI Layer 7

Question 30

True or False

Circuit-level gateway firewalls are known as second-generation firewalls

Answer 30

True

These operate at OSI Layer 5

Question 31

True or False

Stateful inspection firewalls are known as second-generation firewalls

Answer 31

False

Stateful inspection firewalls are third-generation firewalls

Operate at layer 3 and 4 of OSI

Question 32

Collision domains are divided layer __________

Answer 32

Collision Domains are divided by Layer 2

Broadcasts Domains are divided by Layer 3

Question 33

Broadcast domains are divided layer __________

Answer 33

Broadcasts Domains are divided by Layer 3

Collision Domains are divided by Layer 2

Question 34

Systems on either side of a repeater, concentrator, or amplifier are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 34

Same Collision and Broadcast Domains

Question 35

Systems on either side of a hub are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 35

Same Collision and Broadcast Domains

Question 36

Systems on either side of a bridge are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 36

same Broadcast Domain

different Collision Domain

Question 37

Systems on either side of a Layer 2 Switch or Brouter are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 37

same Broadcast Domain

different Collision Domain

Question 38

Systems on either side of a Layer 3 Switch or Brouter are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 38

different Broadcast Domain

different Collision Domain

Question 39

Systems on either side of a Router are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 39

different Broadcast Domain

different Collision Domain

Question 40

Systems on either side of a proxy are part of:

(same / different) Collision Domain
(same / different) Broadcast Domain

Answer 40

different Broadcast Domain

different Collision Domain

Question 41

True / False

Communications over a cell provider’s network are secure

Answer 41

False

Cell Towers can be used for man-in-the-middle attacks

Cell conversations can be sniffed

All traffic is unencrypted at some point to be recorded (by law) - so pre-encrypt your traffic before sending it out on a telcom link.