Telecommunications and Network Security Flashcards
The ____ _____ layer is the lowest layer at which meaning is assigned to the
bits that are transmitted over the network.
Data Link
Data-link protocols address things, such as?
Size of each packet of data to be sent, a means of addressing each packet so that it’s delivered to the
intended recipient, and a way to ensure that two or more nodes don’t try to
transmit data on the network at the same time.
What does the data link layer provide for the network layer?
The data
link layer provides transparent network services to the network layer so the
network layer can be ignorant about the underlying physical network topology
What kind of devices operate of the Data Link layer?
Switches, bridges,
WAPs, and NICs
The ______ ______ layer is concerned with the local delivery of frames
between devices on the same LAN.
Data Link
What are the two sublayers of the Data link layer?
Logical Link Control
and Media Access Control
What services does the Data link Media access control sublayer provide?
Multiple access protocols (CSMA/CD for Ethernet bus and hub networks or
CSMA/CA for wireless networks), MAC Addressing, LAN switching (packet
switching), Data packet queuing, Quality of Service control, and VLANs
What layer handles the task of routing network messages from one computer to
another?
Network Layer
What is a Logical Address?
Logical addresses are created and used by
Network Layer protocols, such as IP or IPX. The Network Layer protocol
translates logical addresses to MAC addresses
What are the five steps of Data Encapsulation?
1) The application,
presentation, and session layer take user input and convert it into data
2)The transport layer adds a segment header converting the data into segments
3) The network layer adds a network header and converts the segments into
packets/datagrams
4) The data link layer adds a frame header converting the
packets/datagrams into frames 5) The MAC sublayer converts the frames into
bits, which the physical layer can put on the wire
What are two important functions of the Network layer?
Logical addressing
and routing
What type of threats are there to layer 1?
Theft, Unauthorized access, Vandalism, Sniffing, Interference, Data Emanation
What are some ways to strengthen security at the Data Link Layer (Layer 2)?
Disable unused ports in order to prevent fraudulent connections which could
lead to eavesdropping, flooding attacks, or ARP spoofing. Using secure
protocols for communication (using WPA2 or WPA over WEP) and correctly
configuring VLANs
What are the four general classes of Malware?
Virus, Worm, Trojan Horse,
Spyware
What framework handles multiple connections at the same time, provides
secure authentication and encryption, and works at the network layer and
provides security on top of IP?
IPSec
What does IPSec help protect against?
Network-based attacks from untrusted
computers, attacks that can result in the DOS of applications, services, or
the network, Data corruption, Data theft, User credential theft,
Administrative control of servers, other computers, and the network
What service usually runs on port 25?
Simple Mail Transfer Protocol (SMTP)
What service usually runs on port 21?
File Transfer Protocol (FTP)
What service usually runs on port 23?
Telnet
What service usually runs on port 53?
Domain Name Service (DNS)
What is the range of the Well Known Ports?
0 through 1023
Ports from 1024 through 49151 are called?
Registered Ports
Ports from 49152 through 65535 are called?
Dynamic and/or Private Ports
What is an example of a fast packet-switching network that can be used for
either data, voice or video, but packets are of a fixed size?
Asynchronous Transfer Mode (ATM)
What was developed to support TCP/IP networking over low-speed serial
interfaces?
Serial Line IP (SLIP)
What is Wireless Transport Layer Security?
A communication protocol
that allows wireless devices to send and receive encrypted information over
the Internet.
What is the Internet?
The Internet is a global network of public networks
and Internet Service Providers throughout the world.
________ switching is a network switching technique in which data is routed
in its entirety from the source node to the destination node, one hop at a
time.
Message
What is it called when messages are divided into packets before they are
sent and each packet can be transmitted individually and can follow
different routes to its destination?
Packet switching
What is circuit switching?
Circuit switching is a methodology of
implementing a telecom network in which two network nodes establish a
dedicated comm channel (circuit) through the network before they communicate
A _______ _______ protocol allows higher level protocols to avoid dealing
with the division of data into segments, packets, or frames
Virtual
Circuit
IPSec provides confidentiality and integrity to information transferred over
IP networks through ________ layer encryption and authentication.
Network
What is a communication channel that is divided into an arbitrary number of
variable bit-rate digital channels or data streams?
Statistical
multiplexing
Information from each data channel is allocated bandwidth based on
pre-assigned time slots, regardless of whether there is data to transmit?
Time-division multiplexing (TDM)
ATM uses ______ _______ ______ _______, and encodes data into small
fixed-sized packets called cells.
Asynchronous time-division
multiplexing
What is a technique by which the total bandwidth available in a comm medium
is divided into a series of non-overlapping frequency sub-bands, each of
which is used to carry a separate signal?
Frequency Division
Multiplexing (FDM)
What was designed to support multiple network types over the same serial
link?
Point-to-Point Protocol (PPP)
What was designed to support multiple network types over the same LAN?
Ethernet
This is used when a dest IP address is not located on the current LAN
segment. It consist of a list of station and network addresses and a
corresponding gateway IP address.
IP Routing Table
Most modern Wide Area Network (WAN) protocols, including TCP/IP, X.25, and
Frame Relay, are based on what?
Packet switching technologies
What is circuit switching best used for?
Real time data such as live
audio and video
What is port knocking?
Port knocking is where the client will attempt to
connect to a predefined set of ports to identify him as an authorized
client. The port knocking sequence is used to identify the client as a
legitimate user.
What’s a security benefit of using a full-duplex switch?
That is
ensures that most traffic is segregated between computer and switch and not
broadcast to all hosts
Which OSI model layer manages communications in simplex, half-duplex, and
full-duplex modes?
Session
______ ________ firewalls are able to grant a broader range of access for
authorized users and activities and actively watch for unauthorized users
and activities.
Stateful Inspection
What is a TCP wrapper?
A TCP wrapper is an application that can serve as a basic firewall by
restricting access based on user IDs or system IDs.
What can be described as a logical circuit that always exists and is waiting
for the customer to send data?
Permanent Virtual Circuit (PVC)
What is an amendment to the 802.11 standard that defines a new
authentication and encryption technique that is similar to IPSec and no
real-world attack has compromised this wireless network?
802.11i(WPA-2)
802.1q defines what?
VLAN tagging, it is used by switches and bridges to manage traffic within
and between VLANs.
What is a form of wireless authentication protection that requires all
wireless clients to pass a gauntlet of RADIUS or TACACS services before
network access is granted?
802.1x
What is 1000Base-T commonly called? 100Base-TX?
Giga-bit Ethernet, Fast Ethernet
10Base2 is also called? 10Base5? 10Base-T?
Thinnet, Thicknet, Twisted-pair
A peer-to-peer wireless network connection between two(or more) individual
systems without the need for a wireless base station?
Ad-hoc
A subprotocol of the TCP/IP protocol suite that operates at the Data Link
Layer, normally used to discover the MAC address of systems by polling using
its IP address?
Address Resolution Protocol (ARP)
Suite of protocols developed by Apple for networking of Macintosh Systems?
AppleTalk(No longer in use by Apple since 2009)
What is a type of firewall that filters traffic based on the internet
service used to transmit or receive the data(Also known as second gen
firewalls)?
Application-level gateway firewall
What kind of WAN tech is this? Uses cell-switching rather than
packet-switching and uses virtual circuits but guarantee’s throughput due to
the fixed size frames or cells, is also excellent for voice and
videoconferencing.
Asynchronous transfer mode(ATM)
Attenuation is what?
The loss of signal strength and integrity on a cable because of the length
of the cable
What is the IP address range used by Automatic Private IP addressing
(APIPA)?
169.254.0.0 - 169.254.255.255
What is a feature/benefit provided by service providers that allows clients
to consume more bandwidth when needed and if the carrier network has the
capacity(such consumption is often charged at a higher rate)?
Bandwidth on demand
What is baseband?
A communication medium that supports only a single communication signal at a
time
What is Base Rate Interface (BRI)?
An ISDN service type
What is a beacon frame?
A type of wireless network packet that broadcasts the presence of the
wireless network by announcing the network’s SSID or network name
What is a device used to simulate 2600 Hz tones to interact directly with
telephone network trunk systems aka backbones?
Blue box
What is an attack that grants hackers remote control over the features and
functions of a Bluetooth device?
Bluebugging
Hijacking a Bluetooth connection to eavesdrop or extract information from
devices
Bluejacking
What is an attack that allows hackers to connect with your Bluetooth devices
without your knowledge and extract information from them?
Bluesnarfing
What is a wireless standard commonly used to pair accessories to mobile
phones or computers?
Bluetooth (802.15)
What is a bridge?
A network device used to connect networks with different speeds, cable
types, or topologies that still use the same protocol(This is considered a
layer 2 device)
A form of wireless access point deployment that is used to link two wired
networks together over a wireless bridged connection?
Bridge mode
What is broadband?
A communication medium that supports multiple communication signals
simultaneously
What is a communications transmission to multiple but unidentified
recipients?
Broadcast
What is a Broadcast address?
The address that all devices within a given network grouping or container
receive data on
A group of networked systems in which all other members receive a broadcast
signal when one of the members of the group transmits it?
Broadcast domain
A communication system based on or dependent on broadcasts rather than
unicast signaling?
Broadcast technology
What is a brouter?
A network device that first attempts to route and then defaults to bridging
if routing fails
What is a network that spans a college, university, or multi building office
complex?
Campus area network (CAN)
What is a captive portal?
An authentication technique that redirects a newly connected wireless web
client to a portal access control page, the page may require the user to
input payment information, provide logon creds, or input an access code
What is the designed replacement for WEP and TKIP/WPA(Implements AES with a 128 bit key as a stream cipher)?
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
(CCMP)
What is an authentication protocol used over PPP links and it encrypts
usernames and passwords?
Challenge Handshake Authentication Protocol (CHAP)
What is a channel service unit/data service unit (CSU/DSU)?
A border connection device that converts LAN signals into the format used by
the WAN carrier network, and vice versa
What is a firewall used to manage communications sessions between trusted
partners and operates at the Session layer?
Circuit-level gateway firewall
What is fairly EMI resistant, low cost, easy to install cable?
Coaxial Cable or coax
What is a minimum guaranteed bandwidth allocation for a virtual circuit?
Committed information rate (CIR)
What is common mode noise?
EMI noise generated by the difference in power between the hot and ground
wires of a power source or operating electrical equipment
What is a content-distribution network(CDN) or content delivery network?
A collection of resource services deployed in numerous data centers across
the Internet in order to provide low latency, high performance, high
availability of the hosted content. CDNs provide the desired multimedia
performance quality demanded by customers through the concept of distributed
data hosts.
What are converged protocols?
The merging of specialty or proprietary protocols with standard protocols,
such as those from the TCP/IP suite. Some common examples of converged
protocols include FCoE, MPLS, iSCSI, and VoIP.
What is the deployment of FDDI using twisted-pair(copper) wires(susceptible
to interference)?
Copper Distributed Data Interface (CDDI)
Similar to a hash total, a value that indicates whether a message has been
altered or damaged in transit?
Cyclic Redundancy Check (CRC)
What is a Data Circuit-Terminating equipment (DCE)?
A networking device that performs the actual transmission of data over the
Frame Relay as well as establishing and maintaining the virtual circuit for
the customer.
What is the combination of Transport Layer UDP header and payload?
Datagram
What is a data stream?
Data from an application sent into a protocol stack. The data stream
becomes the initial payload of the top layer protocol
What is a networking device that acts like a router or a switch and provides
the customers network access to the frame relay network?
Data terminal equipment (DTE)
What is a dead zone?
A network segment using an alternative Network layer protocol instead of IP,
such as IPX or AppleTalk.
What is deencapsulation?
The process of stripping a layer’s header and footer from a PDU as it
travels up the OSI model layers
What is a wireless tech that employs all of the available frequencies
simultaneously in parallel?
Direct Sequence Spread Spectrum (DSSS)
What is distance vector routing protocol?
A routing protocol that maintains a list of destination networks along with
metrics of direction and distance as measured in hops(in other words, the
number of routers to cross to reach the destination)
What is a client/server model of networking where client may be local or
connected over WAN links, including VPNs and the Internet?
Distributed architecture
What is Dynamic Host Configuration Protocol(DHCP)?
A protocol used to assign TCP/IP configuration settings to systems upon
bootup. DHCP uses UDP port 67 for server point-to-point response and port
68 for client request broadcast. DHCP supports centralized control and
management of network addressing.
What is a dynamic packet-filtering firewall?
A firewall that enables real-time modification of the filtering rules based
on traffic content. Dynamic packet-filtering firewalls are known as fourth
generation firewalls
What is a type of electrical noise that can do more than just cause problems
with how equipment functions; it can also interfere with the quality of
communications, transmissions, and playback?
Electromagnetic Interference (EMI)
What is Encapsulating Security Payload (ESP)?
An element of IPSec that provides encryption to protect the confidentiality
of transmitted data but can also perform limited authentication
What is encapsulation?
The process of adding a header and footer to a PDU as it travels down the
OSI model layers
What is the use of multiple wireless access points to support a single
wireless network over a larger geographic area than could be supported by a
single wireless access point?
Enterprise extended mode
What is Ethernet?
A common shared media LAN tech
What is a extranet?
A cross between the internet and an intranet. An extranet is a section of
an organization’s network that has been sectioned off so that it acts as an
intranet for the private network but also serves information to a limited
number of specific outsiders. Often access into an extranet from the
internet requires a VPN connection. Extranets are often used in B2B
applications, between customers and suppliers.
What is Fibre Channel over Ethernet (FCoE)?
A converged protocol used to encapsulate Fibre Channel communications over
Ethernet networks. It typically requires 10 Gbps Either in order to
support the Fibre Channel protocol
What is a high speed token passing tech that employs two rings with traffic
flowing in opposite directions, offers transmission rates of 100 Mbps, and
is often used as a backbone to large enterprise networks?
Fiber Distributed Data Interface (FDDI)
What is fiber optic cabling?
A cabling form that transmits light instead of electrical signals. Fiber
optic cable supports throughputs up to 2 Gbps and lengths of up to 2 km
What is a set of rules or restrictions commonly found on security devices,
such as firewalls and proxies(also known as rules and ACLs)?
Filter(s)
What is a firewall?
A network device used to filter traffic. A firewall is typically deployed
between a private network and a link to the internet, but it can be deployed
between departments within an organization. Firewalls filter traffic based
on a defined set of rules.
What is a footer?
Information added by a protocol to the end of a payload received from a
higher layer protocol
What is a fragment?
When a network receives a packet larger than its maximum allowable packet
size, it breaks it up into two or more fragments. These fragments are each
assigned a size(corresponding to the length fo the fragment) and an offset
(corresponding to the starting location of the fragment)
What is the combination of data Link layer header, payload, and footer?
Frame
What is a frame relay?
A shared connection medium that uses packet-switching tech to establish
virtual circuits for customers