Telecom and Network Sec Flashcards
hub
repeater with more than 2 ports; has 1 collision domain; half-duplex device
LLC
Link Layer Control: handles LAN communications; touches layer 3
Telnet
application layer TCP/IP protocol: provides terminal emulation over a network; port 23; weka, no confidentiality; data tx in plaintext
packet-switched networks
data is broken into packets, each sent individually. Unused bandwidth is available for other connections
OSI Layer 4
Transport: handles packet sequencing, flow control, error detection; protocols include TCP, UDP
SNMP
simple network management protocol: application layer TCP/IP protocol; used to monitor network devices; port UDP 161; SNMPv3 provides CIA via encryption
Token Ring
attached resource computer network: LAN Tech/protocol; legacy LAN technology; pass network traffic via tokens
FDDI
Fiber Distributed Data Interface: LAN Tech/protocol; legacy LAN using fiber and token bus
BGP
border gateway protocol: routing protocol used on internet between autonomous systems; considered a path vector routing protocol
802.11
most common form of wireless data networking standard
DCE
Data circuit-terminating equipment: aka data communcations equip; networks DTEs (ie router); DCE marks end of ISP’s network and connects to the DTE
CHAP
challenge handshake authentication protocol: more secure, not susceptible to replay attacks; relies on shared secret password
RSN
robust security network: allows changs to cryptographic ciphers as new vulnerabilities arise; aka WPA2 and uses AES encryption (or TKIP)
OSI Model
network model with 7 layers: physical, data link, netork, transport, session, presentation, and application
broadcast
one-to-all on a LAN
HDLC modes
NRM (normal response mode)2ndary nodes transmit when given permission by primary; ARM (asynchronous response mode)2ndary nodes may inititate comm with primary; ABM (asynchronous balanced mode)nodes may act as primary or 2ndary initiating tx w/o permission
circuit-level proxies
operate at layer 5; filters more protocols
TCP/IP Layer 1
Network access layer=OSI layer 1/2; describes bits and medium used to carry them, converting bits into protocol units (like ethernet frames, MAC addresses, NICs)
Ipv4
32-bit addresses in dotted quad format
WAP
wireless application protocol: designed to provide secure web services to handheld devices
RFID
radio frequency identification: 3 types: active (has battery broadcasts), semi-passive (has battery but uses reader’s signal for power), passive (uses readers signal for power)
802.11n
144+ Mbps - 2.4/5 GHz
SSID
service set identifier: acts as a network name; normally broadcast
broadband networks
mhave multiple channels and can send multiple signeals at a time
bastian host
any host placed on the internet not protected by another device; must protect themselves and be hardened; usually provide a specific service
classless inter-domain routing
/8 for Class A because first 8 bits are for network. /16 for class B; class C /24; Class D /32
screened host
older flat network design using one router to filter external traffic to and from a bastion host via an ACL
TCP/IP Layer 4
Application Layer=OSI layer 5/6/7; most protocols here use client-server architecture
AS
authentication server: server that authenticates a supplicant
traceroute
uses ICMP time exceeded to tace a network route
TLS
transport layer security: latest version of SSL
loopback addresses
127.0.0.0 or ::1
802.11a
54 Mbps - 5 GHz
analog
continuous wave of information
EUI-64
standard for 64 bit MAC addresses; OUI still 24 bits, but serial number is 40 bits
convergence
all routers on a network agree on the state of routing
DHCP
Dynamic Host Configuration protocol: application layer TCP/IP protocol; designed to replace and improve BOOTP; pool of IP addresses
IPS
intrusion protection system: preventive device designed to prevent malicious actions
full-duplex
communication sends and receives simultaneously (like a phone)
802.11i
first 802.11 standard with reasonable security
digital
communications transfer data in bits (1’s and 0’s)
DTE
Data terminal equipment; network terminal (desktop, server, etc)
socket pair
unique connection between two nodes: sorce port, source IP, Destination port, destination IP
DNS
Domain Name Server: application layer TCP/IP protocol; distributed global hierarchical database that translates names to IP addresses and back; uses TCP and UDP; unreliable; no authentication
RIP
routing information protocol: maximum hop count=15; distance vector routing protocol using hops as metric; used split horizon to help avoid routing loops; ; limited protocol; slow convergence
TCP flags
URG-Urgent; ACK-acknowledge data; PSH-push data to application layer; RST-reset (teardown) connection; SYN-synchronize connection; FIN-finish connection; CWR-congestion window reduced; ECE-explicit congestion notification echo; NS-Nonce sum
Fiber Optic
long distance (> 50 mi), no EMI; multimode=shorter distance, multiple paths of light; singlemode=longer distance, high speed network
IDS
intrusion detection system: detective device designed to detect malicious actions
Anomaly detction
anomaly detection IDS works by establishing a baseline of normal traffic, then ignores that traffic
DSSS
direct sequence spread spectrum: uses entire band at once, spreading the signal throughout the band
tree
LAN physical topology; aka hierarchical network; n/w with root node and branch nodes that are at least 3 levels deep (2 levels make a star)
RDP
remote desktop protocol: different session
AutoRun
best practice to disable AutoRun on microsoft operating systems (in association with removable media)
bluejacking
sending unsolicited messages
ring
LAN physical topology; dominant plysical topology; better fault tolerance; more expensive;
DSL
digital Subscriber Line: copper pair; 10 Mbs+
antivirus
most commonly deployed endpoint security product
IPv6
128-bit addresses
protocol behavior
protocol behavior IDS works by modeling the way protocols should work, often analyzing RFC
promiscuous
allows access to all unicast traffic on a newtork segment
NIPS
network intrusion prevention system: main difference in NIDS and NIPS is NIPS alters traffic
SLIP
serial line internet protocol: layer 2 protocol provides IP connectivity via asynchronous connections such as serial lines and modems
bluesnarking
taking info via bluetooth network
mesh
LAN physical topology; interconnects nodes with each other; high availability
packet filter and stateful firewalls
devices that filter traffic based on OSI layer 3 (IP addresses) and layer 4 (ports); packet less secure, stateful more secure but slower
ACL
access control List: tells who can gain access to a resource
WPA2
wi-fi-protected access 2: aka RSN
HDLC
high-level data link control: WAN technology/protocol; successor to SDLC; adds error correction and flow control
MPLS
multiprotocol label switching: WAN technology/protocol; uses labels and carries ATM, rame relay, IP and others
authenticator
device such as an access point that allows a supplicant to authenticate and connect
Pool NAT
reserves a number of public IP addresses in a pool; these are used, then returned to the pool
VNC
virtual network computing: same session
DNS cache poisoning attack
triacks a cachign DNS server into caching a forged response
Baseband networks
one channel and can send only one signal at a time (Ethernet is baseband)
OSI Layer 2
data link: handles access to the physical layer as well as LAN communication; includes ethernet card (and MAC address), switches, bridges; divided in 2: Media Access Control (MAC) and Logical Link Control (LLC)
routers
layer 3 device that routes traffic from one LAN to another; are default gateways
Ping
sends an ICMP echo request to a node and listens for a reply
bluetooth
802.15; PAN technology; operates in 2.4 GHz; short distances; must pair devices
IMAP
internet message access protocol: application layer TCP/IP protocol; client-server e-mail access
listen
socket that is waiting for a connection
encapsulation
takes information from a higher layer and addes header to it
Ipsec
designed to privde CIA via encryption for IPv6 and now ported to IPv4; suite of protocols: ESP and AH