Telecom and Network Sec

Question 1

hub

Answer 1

repeater with more than 2 ports; has 1 collision domain; half-duplex device

Question 2

LLC

Answer 2

Link Layer Control: handles LAN communications; touches layer 3

Question 2

Telnet

Answer 2

application layer TCP/IP protocol: provides terminal emulation over a network; port 23; weka, no confidentiality; data tx in plaintext

Question 3

packet-switched networks

Answer 3

data is broken into packets, each sent individually. Unused bandwidth is available for other connections

Question 3

OSI Layer 4

Answer 3

Transport: handles packet sequencing, flow control, error detection; protocols include TCP, UDP

Question 3

SNMP

Answer 3

simple network management protocol: application layer TCP/IP protocol; used to monitor network devices; port UDP 161; SNMPv3 provides CIA via encryption

Question 3

Token Ring

Answer 3

attached resource computer network: LAN Tech/protocol; legacy LAN technology; pass network traffic via tokens

Question 4

FDDI

Answer 4

Fiber Distributed Data Interface: LAN Tech/protocol; legacy LAN using fiber and token bus

Question 4

BGP

Answer 4

border gateway protocol: routing protocol used on internet between autonomous systems; considered a path vector routing protocol

Question 4

802.11

Answer 4

most common form of wireless data networking standard

Question 5

DCE

Answer 5

Data circuit-terminating equipment: aka data communcations equip; networks DTEs (ie router); DCE marks end of ISP’s network and connects to the DTE

Question 5

CHAP

Answer 5

challenge handshake authentication protocol: more secure, not susceptible to replay attacks; relies on shared secret password

Question 5

RSN

Answer 5

robust security network: allows changs to cryptographic ciphers as new vulnerabilities arise; aka WPA2 and uses AES encryption (or TKIP)

Question 6

OSI Model

Answer 6

network model with 7 layers: physical, data link, netork, transport, session, presentation, and application

Question 6

broadcast

Answer 6

one-to-all on a LAN

Question 6

HDLC modes

Answer 6

NRM (normal response mode)2ndary nodes transmit when given permission by primary; ARM (asynchronous response mode)2ndary nodes may inititate comm with primary; ABM (asynchronous balanced mode)nodes may act as primary or 2ndary initiating tx w/o permission

Question 6

circuit-level proxies

Answer 6

operate at layer 5; filters more protocols

Question 7

TCP/IP Layer 1

Answer 7

Network access layer=OSI layer 1/2; describes bits and medium used to carry them, converting bits into protocol units (like ethernet frames, MAC addresses, NICs)

Question 8

Ipv4

Answer 8

32-bit addresses in dotted quad format

Question 8

WAP

Answer 8

wireless application protocol: designed to provide secure web services to handheld devices

Question 8

RFID

Answer 8

radio frequency identification: 3 types: active (has battery broadcasts), semi-passive (has battery but uses reader’s signal for power), passive (uses readers signal for power)

Question 9

802.11n

Answer 9

144+ Mbps - 2.4/5 GHz

Question 10

SSID

Answer 10

service set identifier: acts as a network name; normally broadcast

Question 12

broadband networks

Answer 12

mhave multiple channels and can send multiple signeals at a time

Question 13

bastian host

Answer 13

any host placed on the internet not protected by another device; must protect themselves and be hardened; usually provide a specific service

Question 14

classless inter-domain routing

Answer 14

/8 for Class A because first 8 bits are for network. /16 for class B; class C /24; Class D /32

Question 14

screened host

Answer 14

older flat network design using one router to filter external traffic to and from a bastion host via an ACL

Question 15

TCP/IP Layer 4

Answer 15

Application Layer=OSI layer 5/6/7; most protocols here use client-server architecture

Question 16

AS

Answer 16

authentication server: server that authenticates a supplicant

Question 17

traceroute

Answer 17

uses ICMP time exceeded to tace a network route

Question 17

TLS

Answer 17

transport layer security: latest version of SSL

Question 18

loopback addresses

Answer 18

127.0.0.0 or ::1

Question 18

802.11a

Answer 18

54 Mbps - 5 GHz

Question 19

analog

Answer 19

continuous wave of information

Question 20

EUI-64

Answer 20

standard for 64 bit MAC addresses; OUI still 24 bits, but serial number is 40 bits

Question 21

convergence

Answer 21

all routers on a network agree on the state of routing

Question 22

DHCP

Answer 22

Dynamic Host Configuration protocol: application layer TCP/IP protocol; designed to replace and improve BOOTP; pool of IP addresses

Question 22

IPS

Answer 22

intrusion protection system: preventive device designed to prevent malicious actions

Question 23

full-duplex

Answer 23

communication sends and receives simultaneously (like a phone)

Question 24

802.11i

Answer 24

first 802.11 standard with reasonable security

Question 25

digital

Answer 25

communications transfer data in bits (1’s and 0’s)

Question 25

DTE

Answer 25

Data terminal equipment; network terminal (desktop, server, etc)

Question 26

socket pair

Answer 26

unique connection between two nodes: sorce port, source IP, Destination port, destination IP

Question 27

DNS

Answer 27

Domain Name Server: application layer TCP/IP protocol; distributed global hierarchical database that translates names to IP addresses and back; uses TCP and UDP; unreliable; no authentication

Question 27

RIP

Answer 27

routing information protocol: maximum hop count=15; distance vector routing protocol using hops as metric; used split horizon to help avoid routing loops; ; limited protocol; slow convergence

Question 28

TCP flags

Answer 28

URG-Urgent; ACK-acknowledge data; PSH-push data to application layer; RST-reset (teardown) connection; SYN-synchronize connection; FIN-finish connection; CWR-congestion window reduced; ECE-explicit congestion notification echo; NS-Nonce sum

Question 29

Fiber Optic

Answer 29

long distance (> 50 mi), no EMI; multimode=shorter distance, multiple paths of light; singlemode=longer distance, high speed network

Question 29

IDS

Answer 29

intrusion detection system: detective device designed to detect malicious actions

Question 29

Anomaly detction

Answer 29

anomaly detection IDS works by establishing a baseline of normal traffic, then ignores that traffic

Question 29

DSSS

Answer 29

direct sequence spread spectrum: uses entire band at once, spreading the signal throughout the band

Question 30

tree

Answer 30

LAN physical topology; aka hierarchical network; n/w with root node and branch nodes that are at least 3 levels deep (2 levels make a star)

Question 31

RDP

Answer 31

remote desktop protocol: different session

Question 32

AutoRun

Answer 32

best practice to disable AutoRun on microsoft operating systems (in association with removable media)

Question 32

bluejacking

Answer 32

sending unsolicited messages

Question 33

ring

Answer 33

LAN physical topology; dominant plysical topology; better fault tolerance; more expensive;

Question 34

DSL

Answer 34

digital Subscriber Line: copper pair; 10 Mbs+

Question 35

antivirus

Answer 35

most commonly deployed endpoint security product

Question 37

IPv6

Answer 37

128-bit addresses

Question 37

protocol behavior

Answer 37

protocol behavior IDS works by modeling the way protocols should work, often analyzing RFC

Question 39

promiscuous

Answer 39

allows access to all unicast traffic on a newtork segment

Question 40

NIPS

Answer 40

network intrusion prevention system: main difference in NIDS and NIPS is NIPS alters traffic

Question 41

SLIP

Answer 41

serial line internet protocol: layer 2 protocol provides IP connectivity via asynchronous connections such as serial lines and modems

Question 42

bluesnarking

Answer 42

taking info via bluetooth network

Question 43

mesh

Answer 43

LAN physical topology; interconnects nodes with each other; high availability

Question 44

packet filter and stateful firewalls

Answer 44

devices that filter traffic based on OSI layer 3 (IP addresses) and layer 4 (ports); packet less secure, stateful more secure but slower

Question 44

ACL

Answer 44

access control List: tells who can gain access to a resource

Question 45

WPA2

Answer 45

wi-fi-protected access 2: aka RSN

Question 46

HDLC

Answer 46

high-level data link control: WAN technology/protocol; successor to SDLC; adds error correction and flow control

Question 47

MPLS

Answer 47

multiprotocol label switching: WAN technology/protocol; uses labels and carries ATM, rame relay, IP and others

Question 47

authenticator

Answer 47

device such as an access point that allows a supplicant to authenticate and connect

Question 48

Pool NAT

Answer 48

reserves a number of public IP addresses in a pool; these are used, then returned to the pool

Question 49

VNC

Answer 49

virtual network computing: same session

Question 50

DNS cache poisoning attack

Answer 50

triacks a cachign DNS server into caching a forged response

Question 51

Baseband networks

Answer 51

one channel and can send only one signal at a time (Ethernet is baseband)

Question 53

OSI Layer 2

Answer 53

data link: handles access to the physical layer as well as LAN communication; includes ethernet card (and MAC address), switches, bridges; divided in 2: Media Access Control (MAC) and Logical Link Control (LLC)

Question 53

routers

Answer 53

layer 3 device that routes traffic from one LAN to another; are default gateways

Question 55

Ping

Answer 55

sends an ICMP echo request to a node and listens for a reply

Question 56

bluetooth

Answer 56

802.15; PAN technology; operates in 2.4 GHz; short distances; must pair devices

Question 58

IMAP

Answer 58

internet message access protocol: application layer TCP/IP protocol; client-server e-mail access

Question 59

listen

Answer 59

socket that is waiting for a connection

Question 60

encapsulation

Answer 60

takes information from a higher layer and addes header to it

Question 61

Ipsec

Answer 61

designed to privde CIA via encryption for IPv6 and now ported to IPv4; suite of protocols: ESP and AH

Question 62

OSI Layer 7

Answer 62

application: where you interface with your computer application; web browser, word processor; protocols include Telnet, FTP

Question 64

malware

Answer 64

malicious software

Question 65

TCP/IP Layer 2

Answer 65

Internet Layer=OSI layer 3; IP address/routing live here

Question 67

network model

Answer 67

description of how a network protocol suite operates (such as OSI or TCP/IP models)

Question 69

explain 100base T

Answer 69

100=speed base=baseband T=twisted pair

Question 70

OSPF

Answer 70

open shortest path first: open link state routing protocol learns the entire network topology for their area; send event driven updates; fast convergence

Question 71

HTTP/HTTPS

Answer 71

Hypertext transfer protocol (secure): application layer TCP/IP protocol; used to transfer web=based data (secure via SSL/TLS); HTML used to display web content

Question 72

802.11g

Answer 72

54 Mbps - 2.4 GHz

Question 74

switch

Answer 74

layer 2 device that carries traffic on one LAN based on media access control (MAC) addresses

Question 75

ARP

Answer 75

Address resolution protocol: used to translate between layer 2 MAC address and layer 3 IP address

Question 76

MAC

Answer 76

Media Access Control: transfers data to and from physical layer; touches layer 1; unique hardware address of an Ethernet NIC; 48 bits long, 1st 24 form Organizationally Unique Identifier, 2nd 24 form serial #

Question 78

Internet

Answer 78

global collection of peereed networks running TCP/IP providing best-effort service

Question 79

UDP scans

Answer 79

sends UDP packets to ports and listens for answers; harder and slower then TCP scans

Question 81

half-duplex

Answer 81

communication sends or receives at one time only (walkie talkie)

Question 81

TCP/IP Layer 3

Answer 81

Host-to-Host Transport Layer=OSI layer 4; connects inernet layer to application layer; where applications are addressed on a network, via ports; TCP and UDP are 2 transport layer protocols of TCP/IP

Question 81

pattern matching

Answer 81

pattern matching IDS works by comparing events to static signatures

Question 82

SSH

Answer 82

Secure shell: application layer TCP/IP protocol; secure replacement for telnet, FTP and “r” commands; provides confidentiality, intregrity, and secure authentication; port 22

Question 83

VLAN

Answer 83

virtual LAN: aka virtual switch

Question 85

TCP/IP model

Answer 85

simplet network model with 4 layers: network access, Internet, transport, and application

Question 86

types of Scans

Answer 86

attackers scan networks from layers 2-7

Question 87

roaming infected laptop

Answer 87

addressed by EAP

Question 88

NAT

Answer 88

network address translation: used to translate RFC 1918 addresses as they pass from intranets to the internet; 3 types: static NAT, Pool NAT, Port Address Translation (PAT); hides origin of a packet

Question 89

honeypot

Answer 89

system designed to attract attackers; consult with legal before deploying honeypots

Question 91

POPv3

Answer 91

post office protocol version 3: application layer TCP/IP protocol; client-server e-mail access

Question 93

SONET

Answer 93

synchronous optical network uses multiple T carrier circuits via fiber; physical fiber ring for redundancy

Question 95

CSMA

Answer 95

Carrier Sense Multiple access: method used by ehternet networks to allow shared usage of a baseband network and avoid collisions

Question 95

802.11i

Answer 95

wireless security standard; describes RSN

Question 96

Difference between a Smurf attack and Fraggle attack

Answer 96

Both are denial of service attacks: smurf=TCP; Fraggle=UDP

Question 96

802.11b

Answer 96

11 Mbps - 2.4 GHz

Question 98

router

Answer 98

layer 3 device that routes traffic from one LAN to another based on IP addresses

Question 99

Extranet

Answer 99

connection between private intranets

Question 100

DMZ

Answer 100

demilitarized Zone: implies 2 firewall DMZ; servers that receive traffic from untrusted networks should be on DMZ networks

Question 101

PPTP

Answer 101

point-to-point tunneling protocol: tunnels PPP via IP; uses generic routing encapsulation to pass PPP via IP and TCP for a control channel

Question 103

OSI Layer 6

Answer 103

presentation: presents data to the application (and user); ASCII, JPEG, GIF, TIFF exist here

Question 104

RTP

Answer 104

real-time Transport protocol: designed to carry streaming audio and video

Question 105

supplicant

Answer 105

an 802.1x client

Question 107

bridge

Answer 107

layer 2 device with two ports and connets network segments together; has two collision domains

Question 108

coaxial cable

Answer 108

inner copper core, insulator, shield, plastic sheath; used for satellite/cable tv; more resistant to EMI; higher bandwidth; longer connections than UTP

Question 108

TKIP

Answer 108

temporal key integrity protocol: uses River Cipher 4 (RC4); used by WPA2

Question 109

PDA

Answer 109

personal digital assistant: two major issues: loss of data due to theft, wireless security

Question 110

FTP

Answer 110

File Transfer Protol: application layer TCP/IP protocol used to transfer files to/from servers; no confidentiality or integrity; ports 20/21

Question 112

Bus

Answer 112

LAN physical topology; connects network nodes in a string; one break brings down entire network

Question 113

LAND attack

Answer 113

single packet denial of service attack

Question 114

VPN

Answer 114

virtual private network: secure data sent via insecure networks

Question 116

UTP categories

Answer 116

Unshielded Twisted Pair: Cat 1

Question 116

SPAN ports

Answer 116

switched port analyzer: mirrors traffic from multiple switch ports to one SPAN port; drawback is port bandwidth overload

Question 117

application whitelisting

Answer 117

determines in advance which binaries are considered safe to execute on a given system, denies all other binaries tyring to executre

Question 118

FHSS

Answer 118

frequency hopping spread spectrum: uses a number of small freq channels throughout the bnd and hops through them in pseudo random order

Question 119

QoS

Answer 119

Quality of Service: often applied to Voice over IP; gives specific traffic precedence over other traffic

Question 120

SMTP

Answer 120

simple mail trasnfer protocol: application layer TCP/IP protocol; used to transfer email between servers

Question 121

IGP

Answer 121

interior gateway protocol (RIP, OSPF); routing protocol; support layer 3

Question 123

UDP

Answer 123

user datagram protocol: simplet and faster; no handshake, session, or reliability “send and pray”; used with applications that can handle loss

Question 124

T1, T3, E1, E3

Answer 124

WAN technology/protocol; T1=1.544 mb/24 64-bit channels; T3=28 bundled T1’s (45 Mb); E1=2.048 mb/30 channels; E3=16 E1 (34.368 Mb)

Question 125

types of IDS events

Answer 125

true positive, true negative, false positive, false negative

Question 126

tripwire

Answer 126

well known HIDS

Question 126

hacker

Answer 126

someone who uses technology in ways the creators did not intend

Question 127

dual-homed host

Answer 127

has 2 NIC?one to trusted network, one to untrusted network

Question 129

OSI Layer 1

Answer 129

physical: describes units of data as bits; devices include hubs and repeaters, cabling standards like thinknet, thicknet, UTP

Question 130

TCP

Answer 130

Transmission Control Protocol: reliable layer 4 protocol; uses a 3-way handshake to create reliable connections; can reorder out of order segments

Question 131

network stack

Answer 131

network protocol suite programmed in software or hardware

Question 132

proxy firewall

Answer 132

act as intermediary servers; terminates connections

Question 133

SIP

Answer 133

session initiation protocol: includes session teardown

Question 134

IPv4 Classes

Answer 134

Class A: 0.0.0.0-127.255.255.255 Class B: 128.0.0.0-191.255.255.255 Class C: 192.0.0.0-223.255.255.255 Class D: 224.0.0.0-239.255.255.255 Class E: 240.0.0.0-255.255.255.255

Question 136

static NAT

Answer 136

makes a one-to-one translation between addresses

Question 137

802.1x

Answer 137

port-based network access control and includes EAP,

Question 137

three Ipsec architectures

Answer 137

host-to-gateway; gateway-to-gateway; host-to-host

Question 139

OSI Layer 3

Answer 139

Network: moving data from a asystem on one LAN to a system on another; IP addresses and routers exists here; protocols include IPv4, IPv6

Question 140

VoiP

Answer 140

voice over internet protocol: carries voice via data networks; can easedrop easily with wireshark

Question 142

PAT

Answer 142

many-to-one translations

Question 143

OSI Layer 5

Answer 143

Session: manages sessnios; remote procedure calls exist here; “Connections between applications”; uses simples, half/full duplex

Question 145

static route

Answer 145

fixed routing entries; great for simple network with limited or no redundancy

Question 146

HIPS

Answer 146

host intrusion prevention system: like NIPS only for a host

Question 148

demarc

Answer 148

where DTE and DCE meet?marks the end of ISP responsibility and beginning of users responsibility

Question 149

x.25

Answer 149

WAN technology/protocol; older packet-switched WAN protocol; cost effective over long distances

Question 150

ARP scan

Answer 150

layer 2 scan that sends ARP requests for each IP address on subnet learning MAC addresses of systems that answer

Question 152

SOCKS

Answer 152

circuit-level proxy uses TCP port 1080

Question 153

SSL

Answer 153

secure socket layer: designed to protect HTTP data

Question 155

FF:FF:FF:FF:FF:FF

Answer 155

ethernet broadcast address

Question 155

MODEM

Answer 155

modulator/demodulator: takes binary data and modulates it into analog sound, then reverses it

Question 157

nonce

Answer 157

small random string server sends as a challenge in CHAP

Question 158

DSL speeds

Answer 158

ADSL 1.5-9 Mbps down - 16-640 kbps up - 18k ft SDSL & HDSL 1.544 Mbps down - 1.5444 Mbps up - 10k ft VDSL 20-50 Mbps down - up to 20 Mbps up - < 5k ft

Question 159

TFTP

Answer 159

Trivial FTP: application layer TCP/IP protocol; simpler way to transfer files; no authentication, confidentiality, or integrity; port UDP 69

Question 160

DNSSEC

Answer 160

Domain name server security extensions: provides authentication and integrtiy via PKI; no confidentiality

Question 161

EAP

Answer 161

extensible authentication protocol: very secure; layer 2, port based

Question 162

CSMA/CA & CD

Answer 162

Collision detection (ethernet) and collision avoidance (wireless)

Question 164

ATM

Answer 164

Asynchronouse transfer mode: WAN technology/protocol; uses fixed length cells of 53 bytes; reliable

Question 165

RFC 1918

Answer 165

private IPv4 addresses that may be sued for internal traffic that does not route via the Internet

Question 167

NIDS

Answer 167

network intrusion detection system: detects malicious traffic on a network; usually require promiscuous network access; passive devices

Question 167

802.11

Answer 167

2 Mbps - 2.4 GHz

Question 168

unicast

Answer 168

one-to-one traffic like client surfing the web

Question 169

TCP Scan

Answer 169

sends a TCP SYN and records who responds, then leaves half-open connections

Question 171

ICMP

Answer 171

internet control message protocol: helper protocol at layer 3 used to troubleshoot and report error conditions; echo request, echo reply, time to live are here

Question 172

Faraday cage

Answer 172

shields things from EMI

Question 173

ARCNET

Answer 173

attached resource computer network: LAN Tech/protocol; legacy LAN technology; pass network traffic via tokens

Question 175

PPP

Answer 175

point-to-point protocol: layer 2 protocol replaced SLIP; HDLC based and adds CIA via point-to-point links; support synchronous links and asynchronous links

Question 176

simplex

Answer 176

one-way communication

Question 178

snort

Answer 178

open source NIDS and NIPS

Question 179

multicast

Answer 179

one-to-many and the many is preselected

Question 180

firewall

Answer 180

filter traffic between networks; TCP/IP packet filter and stateful firewalls=layer3/4; proxy firewalls=layer 5/6/7; they are multi-homed and have multiple NICs

Question 181

WEP

Answer 181

wired equivalent privacy: critically weak; new attacks can break WEP key in minutes; little integrity or confidentialiyt; 24 bit initialization vector

Question 182

Protocol Data Units

Answer 182

TCP/IP - Layer 4= TCP segment, Layer 3=IP Packet, Layer 2=Ethernet Frame, Layer 1=bits

Question 183

Ethernet

Answer 183

LAN Tech/protocol; dominant LAN technology transmits network data via frames

Question 184

switch

Answer 184

bridge with more than two ports; provides traffic isolation

Question 185

HIDS

Answer 185

host intrusion detection system: like NIDS only for a host

Question 186

repeater

Answer 186

layer 1 device; receives bits on one pot and repeats them out on the other; no understanding of protocols; they extend a network

Question 187

ISDN

Answer 187

integrated services digital network: early attmpt to provide digital service via “copper pair”

Question 189

packet-switched network

Answer 189

form of networking where bandwidth is shared and data is carried in units called packets

Question 190

EGP

Answer 190

exterior gateway protocol (BGP): routing protocol; support layer 3

Question 191

OFDM

Answer 191

orthogonal frequency division multiplexing: allows simultaneous transmission using multiple independent wireless feqs that don’t interfer with each other

Question 192

TCP SYN flood

Answer 192

TCP denial of service attack; attacker sends many SYN, but never ACK resulting in half-open connections

Question 193

Intranet

Answer 193

privately owned network running TCP/IP (like a company network)

Question 194

L2TP

Answer 194

layer 2 tunneling protocol: combines PPTP and layer 2 forwarding; focuses on authentication and does not provide confidentiality; frequirently used with Ipsec to provide encryption

Question 195

TPM

Answer 195

trusted platform module: installed on motherboard dedicated to carrying out security functions that involve storage and processing of keys, hashes, digital certs

Question 196

circuit-switched networks

Answer 196

provide dedicated bandwidth to point to point connections, such as a T1 connecting 2 offices

Question 197

teardrop attack

Answer 197

denial of service attack that relies on fragmentation reassembly; attacker sends multiple large overlapping IP fragments

Question 198

application-layer proxy firewall

Answer 198

operate up to layer 7

Question 199

BOOTP

Answer 199

Bootstrap protocol: application layer TCP/IP protocol; used for bootstrappig via a network by diskless systems

Question 200

demultiplexing/de-encapsulation

Answer 200

removal of header info as data moves up the stack

Question 201

PAP

Answer 201

password authentication protocol; very weak authentication protocol; sends username/password in clear text

Question 202

LAN, MAN, WAN, GAN, PAN

Answer 202

Local Area Network, Metro Area Network, Wide Area Network, Global Area Network, Personal Area Network

Question 203

socket

Answer 203

combination of an IP address and TCP/UDP port on one node

Question 204

network taps

Answer 204

preferred way to provide promiscuous network access; can “Fail open” so traffic will pass in event of a failure

Question 205

SDLC

Answer 205

synchronous data link control: WAN technology/protocol; layer 2 WAN protocol that uses polling to transmit data

Question 206

Frame relay

Answer 206

WAN technology/protocol; packet-switched layer 2 WAN protocol provides no error recovery and focuses on speed; multiplexes multiple logical connnections over a single physical connection