Tech Fundamentals Flashcards
What is a DDOS Normal attack ?
A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s one system that is sending the malicious data or requests; a DDoS attack comes from multiple systems.
What is a DDOS Application Layer Attack?
Application layer attacks or layer 7 (L7) DDoS attacks refer to a type of malicious behavior designed to target the “top” layer in the OSI model where common internet requests such as HTTP GET and HTTP POST occur. These layer 7 attacks, in contrast to network layer attacks such as DNS Amplification, are particularly effective due to their consumption of server resources in addition to network resources.
What is a DDOS Protocol Attack Syn Flood?
Protocol attacks look to exhaust resources of a server or those of its networking systems like firewalls, routing engines, or load-balancers. An example of a protocol attack is the SYN flood attack.
Before two computers can initiate a secure communication channel – they must perform a TCP handshake. A TCP handshake is a means for two parties to exchange preliminary information. A SYN packet is typically the first step of the TCP handshake, indicating to the server that the client wants to start a new channel.
In a SYN flood attack, the attacker floods the server with numerous SYN packets, each containing spoofed IP addresses. The server responds to each packet (via SYN-ACKs), requesting the client to complete the handshake. However, the client(s) never respond, and the server keeps waiting. Eventually, it crashes after waiting too long for too many responses.
What is a DDOS Volumetric/Amplification attack?
Volumetric attacks are conducted by bombarding a server with so much traffic that its bandwidth gets completely exhausted. The most common example of a volumetric attack is the DNS amplification attack.
In such an attack, a malicious actor sends requests to a DNS server, using the spoofed IP address of the target. The DNS server then sends its response to the target server. When done at scale, the delugeof DNS responses can wreak havoc on the target server.
What is IP Addressing (v4) - IPv4?
IPv4 stands for Internet Protocol Version 4, which is a standard who enables a total range of 4.2 billion addresses. It consists of four segments which are divided by dots.
Example
197.228.0.32
What is the OSI 7 Layer Model?
The Open Systems Interconnection (OSI) Model is a conceptual and logical layout that defines network communication used by systems open to interconnection and communication with other systems.
The model is broken into seven subcomponents, or layers, each of which represents a conceptual collection of services provided to the layers above and below it. The OSI Model also defines a logical network and effectively describes computer packet transfer by using different layer protocols.
The OSI Model may also be referred to as the seven-layer OSI Model or the seven-layer model.
What is Layer 1 - Physical?
Electrical, mechanical, procedural, functional specifications for activating, maintaining, and deactivating the physical links between end systems. Examples of L1 devices, transceivers, modems, CSU/DSU, and hubs
What is Layer 1 - Physical 2?
Electrical, mechanical, procedural, functional specifications for activating, maintaining, and deactivating the physical links between end systems. Examples of L1 devices, transceivers, modems, CSU/DSU, and hubs
What is Layer 2 - Data Link?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 2 Data Link part 2?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 2 Data Link part 3
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 2 Data Link part 4
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 2 Data Link part 5?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 3 - Network?
Layer 3 provides the network’s routing and switching technologies that create logical paths known as virtual circuits (VC), which are used for the transmission of data between network nodes. The main functions of Layer 3 include routing and forwarding, as well as internetworking, addressing, packet sequencing, congestion control and further error handling.
The protocols used in Layer 3 include:
Internet Protocols IPv4/v6
Internet Control Message Protocol (ICMP)
Distance Vector Multicast Routing Protocol (DVMRP)
Internet Group Management Protocol (IGMP)
Address Resolution Protocol (ARP)
Internet Protocol Security (IPsec)
Routing Information Protocol (RIP)
What is Layer 3 -Routing Table and Routes?
Routing Table:
A routing table is a set of rules, often viewed in table format, that is used to determine where data packets traveling over an Internet Protocol (IP) network will be directed. All IP-enabled devices, including routers and switches, use routing tables. See below a Routing Table:
Destination Subnet mask Interface
128.75.43.0 255.255.255.0 Eth0
128.75.43.0 255.255.255.128 Eth1
192.12.17.5 255.255.255.255 Eth3
default Eth2
The entry corresponding to the default gateway configuration is a network destination of 0.0.0.0 with a network mask (netmask) of 0.0.0.0. The Subnet Mask of default route is always 255.255.255.255 .
What is Layer 3 - Address Resolution Protocol (ARP)?
Address Resolution Protocol (ARP) is a low-level network protocol for translating network layer addresses into link layer addresses.
ARP lies between layers 2 and 3 of the OSI model, although ARP was not included in the OSI framework and allows computers to introduce each other across a network prior to communication.
Because protocols are basic network communication units, address resolution is dependent on protocols such as ARP, which is the only reliable method of handling required tasks.
What is Layer 3 - IP Routing?
IP routing is the process of transporting data from source to destination on a determined path across two or more networks. IP routing enables two or more devices on different TCP/IP networks to connect with each other. IP routing provides the path for reaching the destination device.
What are the Layer 3 Problems?
What is Layer 4 - Transport?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 4 - Transport part 2?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 4 - Transport part 3?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 4 - Transport part 4?
The data link layer is used for the encoding, decoding and logical organization of data bits. Data packets are framed and addressed by this layer, which has two sublayers.
The data link layer’s first sublayer is the media access control (MAC) layer. It is used for source and destination addresses. The MAC layer allows the data link layer to provide the best data transmission vehicle and manage data flow control.
The data link layer’s second sublayer is the logical link control. It manages error checking and data flow over a network.
What is Layer 5 - Session?
The Layer 5 - Session is the layer that handles the sessions between end user applications by establishing, synchronizing, terminating and maintaining them. As per Firewall, the session layer handles the separation of one application’s data from another one.
Session layer is also crucial in terms of password validation. Hence, we can say that authentication and authorization is handled in this layer.
Remote Procedure Call Protocol (RPC), Point-to-Point Tunnelling Protocol (PPTP), Session Control Protocol (SCP), Session Description Protocol (SDP) are some of the important protocols that are used in this layer.
What is NAT?
Network address translation (NAT) is a router function that enables public and private network connections and allows single IP address communication. While there are many public networks worldwide, there is a limited number of private networks. NAT was introduced as an effective, timely solution to heavy network volume traffic.
What is NAT part 2?
Network address translation (NAT) is a router function that enables public and private network connections and allows single IP address communication. While there are many public networks worldwide, there is a limited number of private networks. NAT was introduced as an effective, timely solution to heavy network volume traffic.
What is NAT part 3?
Network address translation (NAT) is a router function that enables public and private network connections and allows single IP address communication. While there are many public networks worldwide, there is a limited number of private networks. NAT was introduced as an effective, timely solution to heavy network volume traffic.
What is SSL/TLS?
Secure Sockets layer / Transport Layer Security - An encryption layer of HTTP that uses public key cryptography to establish a secure connection.
What is a subnet mask?
A subnet mask is a 32-bit number used to differentiate the network component of an IP address by dividing the IP address into a network address and host address. It does so with bit arithmetic whereby a network address is bit multiplied by the subnet mask reveal the underlying subnetwork. Like the IP address, a subnet mask is written using the “dotted-decimal” notation.
A subnet mask is also known as an address mask.
Binary to Decimal conversion chart part 1
Binary to Decimal conversion chart part 2
SUB MASK CHEAT SHEET
What is Network Address Translation (NAT)?
Network address translation (NAT) is a router function that enables public and private network connections and allows single IP address communication. While there are many public networks worldwide, there is a limited number of private networks. NAT was introduced as an effective, timely solution to heavy network volume traffic.
What is IP Subnetting?
What is IP subnetting continued?
