Technology & Tools . Flashcards
What are the 7 layers of the OSI Model?
- Application
- Presentation
- Session
- Transport
- Network
- Data Link
- Physical
Verbiage To Remember (Going Down)
- All People Seem To Need Data Processing.
Verbiage To Remember (Going Up)
- Please Do Not Transport Santa’s Presentation Appliances.
This layer of the OSI Model…
Encodes data into bits for transmission over wire, fiber, or radio.
Physical Layer
This layer of the OSI Model…
Formats packets for transmission; Ethernet, ARP, MAC addresses
Data Link Layer
This layer of the OSI Model…
Routes packets over the network; IP, ICMP, BGP, IPSec, NAT.
Network Layer
This layer of the OSI Model…
Managed Connection integrity; TCP, UDP, SSL, TLS.
Transport Layer
This layer of the OSI Model…
Establishes, maintains, and terminates sessions.
Session Layer
This layer of the OSI Model…
Transforms user-friendly data into machine-friendly data; encryption.
Presentation Layer
This layer of the OSI Model…
Serves as the point of integration for user applications with the network.
Application Layer
______ is a connection-oriented protocol, while ______ is a connectionless protocol that does not guarantee delivery.
- TCP
- UDP
_______ converts between IP addresses and domain names.
DNS
_______ converts between MAC addresses and IP addresses.
ARP
______ converts between public and private IP addresses.
NAT
Wireless networks should be secured using WPA or WPA2 encryption, not WEP (T/F)?
True!
________ _______ distribute connection requests among many identical servers.
Load balancers
_______ ________ generally work at layer 2 and connect directly to endpoints or other switches.
Network Switches
Switches can create _________ to further segment internal networks at layer 2.
Virtual LANs (VLANs)
PORT(S)…
20, 21
FTP
File Transfer Protocol
PORT(S)…
22
SSH
SECURE SHELL
PORT(S)…
23
Telnet
PORT(S)…
25
SMTP
Simple Mail Transfer Protocol
PORT(S)…
53
DNS
Domain Name Server
PORT(S)…
80
HTTP
Hypertext Transfer Protocol
PORT(S)…
110
POP3
Post Office Protocol 3
PORT(S)…
123
NTP
Network Time Protocol
PORT(S)…
135, 137-139, 445
Windows File Sharing
PORT(S)…
143
IMAP
Internet Message Access Protocol
PORT(S)…
161/162
SNMP
Simple Network Management Protocol
PORT(S)…
443
HTTPS
Hypertext Transfer Protocol Secure
PORT(S)…
1433/1434
SQL Server
Structured Query Language Server
PORT(S)…
1521
Oracle
PORT(S)…
1720
H.323
PORT(S)…
1723
PPTP
Point-to-Point Tunneling Protocol
PORT(S)…
3389
RDP
Remote Desktop Protocol
PORT(S)…
9100
HP JetDirrect Printing
______ generally work at layer 3 and connect networks to each other.
Routers
_______ are the primary network security control used to separate networks of differing security levels.
Firewalls
TLS should be used to secure network communications because SSL is not secure (T/F) ?
True!
Most Virtual Private Networks (VPNs) use either ______ or _______ .
TLS or IPsec
IPsec uses Authentication ________ to provide authentication, integrity, and nonrepudiation and _________ Security _________ to provide confidentiality.
- Headers
- Encapsulating Security Payload
______ tunnel VPNs only send traffic destined for the corporate network through VPN while _____ tunnel VPNs send all traffic through the VPN.
- Split
- Full
Network admission Control (NAC) systems screen devices before allowing them to connect to the network (T/F)?
True!
- This screening may include both user authentication and device health checking.
This tool…
Monitors a host or network for signs of intrusion and report to administrators.
Intrusion Detection System
This tool…
Monitor a host or network for signs of intrusion and attempt to block malicious traffic automatically.
Intrusion Prevention Systems
This tool…
Aggregates and correlates security information received from other systems.
Security Information & Event Management System
This tool…
Restricts network traffic to authorized connections.
Firewall
This tool…
Limits applications to those on an approved list.
Application Whitelisting
This tool…
Blocks applications on an unapproved list.
Application Blacklisting
This tool…
Provides a safe space to run potentially malicious code.
Sandbox
This tool…
Is a system that serves as a decoy to attract attackers.
Honeypot
This tool…
Is unused networks designed to capture probing traffic.
Honeynet
This tool…
Provides a central aggregation point for VPN connections.
VPN Concentrator
This tool…
Makes requests to other servers on behalf of an end user, providing anonymization and performance enhancement.
Proxy Server
This tool…
Blocks the exfiltration of sensitive information from an organization.
Data Loss Prevention
This tool…
Screens inbound messages for malicious content.
Mail Gateway
Security professionals use a variety of command-line tools to assist in their work (T/F)?
True!
This command-line tool…
Verifies connectivity to a remote networked system and is Windows based.
Ping
This command-line tool…
Lists open network connections and listening ports on a system.
Netstat
This command-line tool…
Determined the network path between two systems.
Tracert
This command-line tool…
Performs DNS queries.
nslookup
This command-line tool…
Performs MAC address queries.
arp
This command-line tool…
Queries network configuration information on a Linux/Mac system.
ifconfig
This command-line tool…
Scans for open network ports on a remote system.
nmap
This command-line tool…
Reads and writes traffic to/from network communications.
netcat
These two types of models allows users to mix personal and business use?
- Bring Your Own Device (BYOD)
- Corporate Owned, Personally Enabled (COPE)
Companies should use _______ _______ ________ (MDM) tools you enforce a variety of mobile security controls, such as:
- Restricting applications
- Remote wiping off lost/stolen devices
- Geolocation and geofencing services
- Screen locking and password/ PIN requirements
- Full device encryption
Mobile Device Management
Telnet, HTTP, LDAP, and FTP are secure protocols (T/F)?
False!
- They are insecure.
SSH, HTTPS, LDAPS, and FTPS or SFTP are insecure protocols (T/F)?
False!
- They are secure.
Data Loss Prevention can be used to secure mail gateways (T/F)?
True!
With DLP, outgoing e-mails can be scanned to ensure they don’t contain any confidential or proprietary information.
What do spam filters prevent?
They prevent unsolicited e-mail messages from reaching users’ mailboxes.
What does configuring server-to-server encryption do on the mail gateway?
Allows for any mail message sent from the internal network to external services located on the Internet to be encrypted.
** This ensures the message contents aren’t transmitted as plain text.
Which are the CLI commands that are used exclusively with Linux? (Choose Three)
- netstat
- tcpdump
- arp
- dig
- ifconfig
- tcpdump
- dig
- ifconfig
Which technology allows users to use the same identification data to gain access to network resources across multiple different enterprises?
A. Trusted OS
B. Federation
C. RADIUS
D. Certificate Authority
B. Federation
aka Federated Identity Management (FIM)
