Telecom and Network Sec Flashcards

1
Q

hub

A

repeater with more than 2 ports; has 1 collision domain; half-duplex device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

LLC

A

Link Layer Control: handles LAN communications; touches layer 3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Telnet

A

application layer TCP/IP protocol: provides terminal emulation over a network; port 23; weka, no confidentiality; data tx in plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

packet-switched networks

A

data is broken into packets, each sent individually. Unused bandwidth is available for other connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

OSI Layer 4

A

Transport: handles packet sequencing, flow control, error detection; protocols include TCP, UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SNMP

A

simple network management protocol: application layer TCP/IP protocol; used to monitor network devices; port UDP 161; SNMPv3 provides CIA via encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Token Ring

A

attached resource computer network: LAN Tech/protocol; legacy LAN technology; pass network traffic via tokens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

FDDI

A

Fiber Distributed Data Interface: LAN Tech/protocol; legacy LAN using fiber and token bus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

BGP

A

border gateway protocol: routing protocol used on internet between autonomous systems; considered a path vector routing protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

802.11

A

most common form of wireless data networking standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DCE

A

Data circuit-terminating equipment: aka data communcations equip; networks DTEs (ie router); DCE marks end of ISP’s network and connects to the DTE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CHAP

A

challenge handshake authentication protocol: more secure, not susceptible to replay attacks; relies on shared secret password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RSN

A

robust security network: allows changs to cryptographic ciphers as new vulnerabilities arise; aka WPA2 and uses AES encryption (or TKIP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

OSI Model

A

network model with 7 layers: physical, data link, netork, transport, session, presentation, and application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

broadcast

A

one-to-all on a LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

HDLC modes

A

NRM (normal response mode)2ndary nodes transmit when given permission by primary; ARM (asynchronous response mode)2ndary nodes may inititate comm with primary; ABM (asynchronous balanced mode)nodes may act as primary or 2ndary initiating tx w/o permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

circuit-level proxies

A

operate at layer 5; filters more protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

TCP/IP Layer 1

A

Network access layer=OSI layer 1/2; describes bits and medium used to carry them, converting bits into protocol units (like ethernet frames, MAC addresses, NICs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Ipv4

A

32-bit addresses in dotted quad format

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

WAP

A

wireless application protocol: designed to provide secure web services to handheld devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

RFID

A

radio frequency identification: 3 types: active (has battery broadcasts), semi-passive (has battery but uses reader’s signal for power), passive (uses readers signal for power)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

802.11n

A

144+ Mbps - 2.4/5 GHz

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SSID

A

service set identifier: acts as a network name; normally broadcast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

broadband networks

A

mhave multiple channels and can send multiple signeals at a time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

bastian host

A

any host placed on the internet not protected by another device; must protect themselves and be hardened; usually provide a specific service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

classless inter-domain routing

A

/8 for Class A because first 8 bits are for network. /16 for class B; class C /24; Class D /32

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

screened host

A

older flat network design using one router to filter external traffic to and from a bastion host via an ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

TCP/IP Layer 4

A

Application Layer=OSI layer 5/6/7; most protocols here use client-server architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

AS

A

authentication server: server that authenticates a supplicant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

traceroute

A

uses ICMP time exceeded to tace a network route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TLS

A

transport layer security: latest version of SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

loopback addresses

A

127.0.0.0 or ::1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

802.11a

A

54 Mbps - 5 GHz

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

analog

A

continuous wave of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

EUI-64

A

standard for 64 bit MAC addresses; OUI still 24 bits, but serial number is 40 bits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

convergence

A

all routers on a network agree on the state of routing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

DHCP

A

Dynamic Host Configuration protocol: application layer TCP/IP protocol; designed to replace and improve BOOTP; pool of IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IPS

A

intrusion protection system: preventive device designed to prevent malicious actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

full-duplex

A

communication sends and receives simultaneously (like a phone)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

802.11i

A

first 802.11 standard with reasonable security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

digital

A

communications transfer data in bits (1’s and 0’s)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

DTE

A

Data terminal equipment; network terminal (desktop, server, etc)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

socket pair

A

unique connection between two nodes: sorce port, source IP, Destination port, destination IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

DNS

A

Domain Name Server: application layer TCP/IP protocol; distributed global hierarchical database that translates names to IP addresses and back; uses TCP and UDP; unreliable; no authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

RIP

A

routing information protocol: maximum hop count=15; distance vector routing protocol using hops as metric; used split horizon to help avoid routing loops; ; limited protocol; slow convergence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

TCP flags

A

URG-Urgent; ACK-acknowledge data; PSH-push data to application layer; RST-reset (teardown) connection; SYN-synchronize connection; FIN-finish connection; CWR-congestion window reduced; ECE-explicit congestion notification echo; NS-Nonce sum

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Fiber Optic

A

long distance (> 50 mi), no EMI; multimode=shorter distance, multiple paths of light; singlemode=longer distance, high speed network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

IDS

A

intrusion detection system: detective device designed to detect malicious actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Anomaly detction

A

anomaly detection IDS works by establishing a baseline of normal traffic, then ignores that traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

DSSS

A

direct sequence spread spectrum: uses entire band at once, spreading the signal throughout the band

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

tree

A

LAN physical topology; aka hierarchical network; n/w with root node and branch nodes that are at least 3 levels deep (2 levels make a star)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

RDP

A

remote desktop protocol: different session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

AutoRun

A

best practice to disable AutoRun on microsoft operating systems (in association with removable media)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

bluejacking

A

sending unsolicited messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

ring

A

LAN physical topology; dominant plysical topology; better fault tolerance; more expensive;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

DSL

A

digital Subscriber Line: copper pair; 10 Mbs+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

antivirus

A

most commonly deployed endpoint security product

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

IPv6

A

128-bit addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

protocol behavior

A

protocol behavior IDS works by modeling the way protocols should work, often analyzing RFC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

promiscuous

A

allows access to all unicast traffic on a newtork segment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

NIPS

A

network intrusion prevention system: main difference in NIDS and NIPS is NIPS alters traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

SLIP

A

serial line internet protocol: layer 2 protocol provides IP connectivity via asynchronous connections such as serial lines and modems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

bluesnarking

A

taking info via bluetooth network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

mesh

A

LAN physical topology; interconnects nodes with each other; high availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

packet filter and stateful firewalls

A

devices that filter traffic based on OSI layer 3 (IP addresses) and layer 4 (ports); packet less secure, stateful more secure but slower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

ACL

A

access control List: tells who can gain access to a resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

WPA2

A

wi-fi-protected access 2: aka RSN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

HDLC

A

high-level data link control: WAN technology/protocol; successor to SDLC; adds error correction and flow control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

MPLS

A

multiprotocol label switching: WAN technology/protocol; uses labels and carries ATM, rame relay, IP and others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

authenticator

A

device such as an access point that allows a supplicant to authenticate and connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Pool NAT

A

reserves a number of public IP addresses in a pool; these are used, then returned to the pool

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

VNC

A

virtual network computing: same session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

DNS cache poisoning attack

A

triacks a cachign DNS server into caching a forged response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Baseband networks

A

one channel and can send only one signal at a time (Ethernet is baseband)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

OSI Layer 2

A

data link: handles access to the physical layer as well as LAN communication; includes ethernet card (and MAC address), switches, bridges; divided in 2: Media Access Control (MAC) and Logical Link Control (LLC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

routers

A

layer 3 device that routes traffic from one LAN to another; are default gateways

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Ping

A

sends an ICMP echo request to a node and listens for a reply

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

bluetooth

A

802.15; PAN technology; operates in 2.4 GHz; short distances; must pair devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

IMAP

A

internet message access protocol: application layer TCP/IP protocol; client-server e-mail access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

listen

A

socket that is waiting for a connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

encapsulation

A

takes information from a higher layer and addes header to it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Ipsec

A

designed to privde CIA via encryption for IPv6 and now ported to IPv4; suite of protocols: ESP and AH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

OSI Layer 7

A

application: where you interface with your computer application; web browser, word processor; protocols include Telnet, FTP

64
Q

malware

A

malicious software

65
Q

TCP/IP Layer 2

A

Internet Layer=OSI layer 3; IP address/routing live here

67
Q

network model

A

description of how a network protocol suite operates (such as OSI or TCP/IP models)

69
Q

explain 100base T

A

100=speed base=baseband T=twisted pair

70
Q

OSPF

A

open shortest path first: open link state routing protocol learns the entire network topology for their area; send event driven updates; fast convergence

71
Q

HTTP/HTTPS

A

Hypertext transfer protocol (secure): application layer TCP/IP protocol; used to transfer web=based data (secure via SSL/TLS); HTML used to display web content

72
Q

802.11g

A

54 Mbps - 2.4 GHz

74
Q

switch

A

layer 2 device that carries traffic on one LAN based on media access control (MAC) addresses

75
Q

ARP

A

Address resolution protocol: used to translate between layer 2 MAC address and layer 3 IP address

76
Q

MAC

A

Media Access Control: transfers data to and from physical layer; touches layer 1; unique hardware address of an Ethernet NIC; 48 bits long, 1st 24 form Organizationally Unique Identifier, 2nd 24 form serial #

78
Q

Internet

A

global collection of peereed networks running TCP/IP providing best-effort service

79
Q

UDP scans

A

sends UDP packets to ports and listens for answers; harder and slower then TCP scans

81
Q

half-duplex

A

communication sends or receives at one time only (walkie talkie)

81
Q

TCP/IP Layer 3

A

Host-to-Host Transport Layer=OSI layer 4; connects inernet layer to application layer; where applications are addressed on a network, via ports; TCP and UDP are 2 transport layer protocols of TCP/IP

81
Q

pattern matching

A

pattern matching IDS works by comparing events to static signatures

82
Q

SSH

A

Secure shell: application layer TCP/IP protocol; secure replacement for telnet, FTP and “r” commands; provides confidentiality, intregrity, and secure authentication; port 22

83
Q

VLAN

A

virtual LAN: aka virtual switch

85
Q

TCP/IP model

A

simplet network model with 4 layers: network access, Internet, transport, and application

86
Q

types of Scans

A

attackers scan networks from layers 2-7

87
Q

roaming infected laptop

A

addressed by EAP

88
Q

NAT

A

network address translation: used to translate RFC 1918 addresses as they pass from intranets to the internet; 3 types: static NAT, Pool NAT, Port Address Translation (PAT); hides origin of a packet

89
Q

honeypot

A

system designed to attract attackers; consult with legal before deploying honeypots

91
Q

POPv3

A

post office protocol version 3: application layer TCP/IP protocol; client-server e-mail access

93
Q

SONET

A

synchronous optical network uses multiple T carrier circuits via fiber; physical fiber ring for redundancy

95
Q

CSMA

A

Carrier Sense Multiple access: method used by ehternet networks to allow shared usage of a baseband network and avoid collisions

95
Q

802.11i

A

wireless security standard; describes RSN

96
Q

Difference between a Smurf attack and Fraggle attack

A

Both are denial of service attacks: smurf=TCP; Fraggle=UDP

96
Q

802.11b

A

11 Mbps - 2.4 GHz

98
Q

router

A

layer 3 device that routes traffic from one LAN to another based on IP addresses

99
Q

Extranet

A

connection between private intranets

100
Q

DMZ

A

demilitarized Zone: implies 2 firewall DMZ; servers that receive traffic from untrusted networks should be on DMZ networks

101
Q

PPTP

A

point-to-point tunneling protocol: tunnels PPP via IP; uses generic routing encapsulation to pass PPP via IP and TCP for a control channel

103
Q

OSI Layer 6

A

presentation: presents data to the application (and user); ASCII, JPEG, GIF, TIFF exist here

104
Q

RTP

A

real-time Transport protocol: designed to carry streaming audio and video

105
Q

supplicant

A

an 802.1x client

107
Q

bridge

A

layer 2 device with two ports and connets network segments together; has two collision domains

108
Q

coaxial cable

A

inner copper core, insulator, shield, plastic sheath; used for satellite/cable tv; more resistant to EMI; higher bandwidth; longer connections than UTP

108
Q

TKIP

A

temporal key integrity protocol: uses River Cipher 4 (RC4); used by WPA2

109
Q

PDA

A

personal digital assistant: two major issues: loss of data due to theft, wireless security

110
Q

FTP

A

File Transfer Protol: application layer TCP/IP protocol used to transfer files to/from servers; no confidentiality or integrity; ports 20/21

112
Q

Bus

A

LAN physical topology; connects network nodes in a string; one break brings down entire network

113
Q

LAND attack

A

single packet denial of service attack

114
Q

VPN

A

virtual private network: secure data sent via insecure networks

116
Q

UTP categories

A

Unshielded Twisted Pair: Cat 1

116
Q

SPAN ports

A

switched port analyzer: mirrors traffic from multiple switch ports to one SPAN port; drawback is port bandwidth overload

117
Q

application whitelisting

A

determines in advance which binaries are considered safe to execute on a given system, denies all other binaries tyring to executre

118
Q

FHSS

A

frequency hopping spread spectrum: uses a number of small freq channels throughout the bnd and hops through them in pseudo random order

119
Q

QoS

A

Quality of Service: often applied to Voice over IP; gives specific traffic precedence over other traffic

120
Q

SMTP

A

simple mail trasnfer protocol: application layer TCP/IP protocol; used to transfer email between servers

121
Q

IGP

A

interior gateway protocol (RIP, OSPF); routing protocol; support layer 3

123
Q

UDP

A

user datagram protocol: simplet and faster; no handshake, session, or reliability “send and pray”; used with applications that can handle loss

124
Q

T1, T3, E1, E3

A

WAN technology/protocol; T1=1.544 mb/24 64-bit channels; T3=28 bundled T1’s (45 Mb); E1=2.048 mb/30 channels; E3=16 E1 (34.368 Mb)

125
Q

types of IDS events

A

true positive, true negative, false positive, false negative

126
Q

tripwire

A

well known HIDS

126
Q

hacker

A

someone who uses technology in ways the creators did not intend

127
Q

dual-homed host

A

has 2 NIC?one to trusted network, one to untrusted network

129
Q

OSI Layer 1

A

physical: describes units of data as bits; devices include hubs and repeaters, cabling standards like thinknet, thicknet, UTP

130
Q

TCP

A

Transmission Control Protocol: reliable layer 4 protocol; uses a 3-way handshake to create reliable connections; can reorder out of order segments

131
Q

network stack

A

network protocol suite programmed in software or hardware

132
Q

proxy firewall

A

act as intermediary servers; terminates connections

133
Q

SIP

A

session initiation protocol: includes session teardown

134
Q

IPv4 Classes

A

Class A: 0.0.0.0-127.255.255.255 Class B: 128.0.0.0-191.255.255.255 Class C: 192.0.0.0-223.255.255.255 Class D: 224.0.0.0-239.255.255.255 Class E: 240.0.0.0-255.255.255.255

136
Q

static NAT

A

makes a one-to-one translation between addresses

137
Q

802.1x

A

port-based network access control and includes EAP,

137
Q

three Ipsec architectures

A

host-to-gateway; gateway-to-gateway; host-to-host

139
Q

OSI Layer 3

A

Network: moving data from a asystem on one LAN to a system on another; IP addresses and routers exists here; protocols include IPv4, IPv6

140
Q

VoiP

A

voice over internet protocol: carries voice via data networks; can easedrop easily with wireshark

142
Q

PAT

A

many-to-one translations

143
Q

OSI Layer 5

A

Session: manages sessnios; remote procedure calls exist here; “Connections between applications”; uses simples, half/full duplex

145
Q

static route

A

fixed routing entries; great for simple network with limited or no redundancy

146
Q

HIPS

A

host intrusion prevention system: like NIPS only for a host

148
Q

demarc

A

where DTE and DCE meet?marks the end of ISP responsibility and beginning of users responsibility

149
Q

x.25

A

WAN technology/protocol; older packet-switched WAN protocol; cost effective over long distances

150
Q

ARP scan

A

layer 2 scan that sends ARP requests for each IP address on subnet learning MAC addresses of systems that answer

152
Q

SOCKS

A

circuit-level proxy uses TCP port 1080

153
Q

SSL

A

secure socket layer: designed to protect HTTP data

155
Q

FF:FF:FF:FF:FF:FF

A

ethernet broadcast address

155
Q

MODEM

A

modulator/demodulator: takes binary data and modulates it into analog sound, then reverses it

157
Q

nonce

A

small random string server sends as a challenge in CHAP

158
Q

DSL speeds

A

ADSL 1.5-9 Mbps down - 16-640 kbps up - 18k ft SDSL & HDSL 1.544 Mbps down - 1.5444 Mbps up - 10k ft VDSL 20-50 Mbps down - up to 20 Mbps up - < 5k ft

159
Q

TFTP

A

Trivial FTP: application layer TCP/IP protocol; simpler way to transfer files; no authentication, confidentiality, or integrity; port UDP 69

160
Q

DNSSEC

A

Domain name server security extensions: provides authentication and integrtiy via PKI; no confidentiality

161
Q

EAP

A

extensible authentication protocol: very secure; layer 2, port based

162
Q

CSMA/CA & CD

A

Collision detection (ethernet) and collision avoidance (wireless)

164
Q

ATM

A

Asynchronouse transfer mode: WAN technology/protocol; uses fixed length cells of 53 bytes; reliable

165
Q

RFC 1918

A

private IPv4 addresses that may be sued for internal traffic that does not route via the Internet

167
Q

NIDS

A

network intrusion detection system: detects malicious traffic on a network; usually require promiscuous network access; passive devices

167
Q

802.11

A

2 Mbps - 2.4 GHz

168
Q

unicast

A

one-to-one traffic like client surfing the web

169
Q

TCP Scan

A

sends a TCP SYN and records who responds, then leaves half-open connections

171
Q

ICMP

A

internet control message protocol: helper protocol at layer 3 used to troubleshoot and report error conditions; echo request, echo reply, time to live are here

172
Q

Faraday cage

A

shields things from EMI

173
Q

ARCNET

A

attached resource computer network: LAN Tech/protocol; legacy LAN technology; pass network traffic via tokens

175
Q

PPP

A

point-to-point protocol: layer 2 protocol replaced SLIP; HDLC based and adds CIA via point-to-point links; support synchronous links and asynchronous links

176
Q

simplex

A

one-way communication

178
Q

snort

A

open source NIDS and NIPS

179
Q

multicast

A

one-to-many and the many is preselected

180
Q

firewall

A

filter traffic between networks; TCP/IP packet filter and stateful firewalls=layer3/4; proxy firewalls=layer 5/6/7; they are multi-homed and have multiple NICs

181
Q

WEP

A

wired equivalent privacy: critically weak; new attacks can break WEP key in minutes; little integrity or confidentialiyt; 24 bit initialization vector

182
Q

Protocol Data Units

A

TCP/IP - Layer 4= TCP segment, Layer 3=IP Packet, Layer 2=Ethernet Frame, Layer 1=bits

183
Q

Ethernet

A

LAN Tech/protocol; dominant LAN technology transmits network data via frames

184
Q

switch

A

bridge with more than two ports; provides traffic isolation

185
Q

HIDS

A

host intrusion detection system: like NIDS only for a host

186
Q

repeater

A

layer 1 device; receives bits on one pot and repeats them out on the other; no understanding of protocols; they extend a network

187
Q

ISDN

A

integrated services digital network: early attmpt to provide digital service via “copper pair”

189
Q

packet-switched network

A

form of networking where bandwidth is shared and data is carried in units called packets

190
Q

EGP

A

exterior gateway protocol (BGP): routing protocol; support layer 3

191
Q

OFDM

A

orthogonal frequency division multiplexing: allows simultaneous transmission using multiple independent wireless feqs that don’t interfer with each other

192
Q

TCP SYN flood

A

TCP denial of service attack; attacker sends many SYN, but never ACK resulting in half-open connections

193
Q

Intranet

A

privately owned network running TCP/IP (like a company network)

194
Q

L2TP

A

layer 2 tunneling protocol: combines PPTP and layer 2 forwarding; focuses on authentication and does not provide confidentiality; frequirently used with Ipsec to provide encryption

195
Q

TPM

A

trusted platform module: installed on motherboard dedicated to carrying out security functions that involve storage and processing of keys, hashes, digital certs

196
Q

circuit-switched networks

A

provide dedicated bandwidth to point to point connections, such as a T1 connecting 2 offices

197
Q

teardrop attack

A

denial of service attack that relies on fragmentation reassembly; attacker sends multiple large overlapping IP fragments

198
Q

application-layer proxy firewall

A

operate up to layer 7

199
Q

BOOTP

A

Bootstrap protocol: application layer TCP/IP protocol; used for bootstrappig via a network by diskless systems

200
Q

demultiplexing/de-encapsulation

A

removal of header info as data moves up the stack

201
Q

PAP

A

password authentication protocol; very weak authentication protocol; sends username/password in clear text

202
Q

LAN, MAN, WAN, GAN, PAN

A

Local Area Network, Metro Area Network, Wide Area Network, Global Area Network, Personal Area Network

203
Q

socket

A

combination of an IP address and TCP/UDP port on one node

204
Q

network taps

A

preferred way to provide promiscuous network access; can “Fail open” so traffic will pass in event of a failure

205
Q

SDLC

A

synchronous data link control: WAN technology/protocol; layer 2 WAN protocol that uses polling to transmit data

206
Q

Frame relay

A

WAN technology/protocol; packet-switched layer 2 WAN protocol provides no error recovery and focuses on speed; multiplexes multiple logical connnections over a single physical connection