Telecommunications - Domain 2 Flashcards

1
Q

What are the 7 layers of the OSI model and give an example:

A

Top Application - HTTP, Presentation - JPEG, Session - Appletalk, Transport - TCP/UDP, Network - IP/IPX (router), Data - Ethernet (switch) and Physical - Ethernet (hub) Bottom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Purpose of the OSI Model

A
  1. Increase interoperability between vendor products. 2. Clarify network services functionality and communications processes. 3. Modular approach so that component can be modified without affecting others.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Data Encapsulation - OSI Model

A

Each layer adds its own information to the data as it travels down the layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Physical Layer - OSI Model

A
  1. Specifies how signals are transmitted on the network. 2. Interface to media. 3. Responsible for encoding scheme - Manchester Encoding.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Data Link Layer - OSI Model

A
  1. Sender breaks data into frames. 2. Formats for proper technology - Token Ring, Ethernet, and ATM. 3. Media Access. 4. Media access methods a. CSMA/CD ethernet 802.3 b. Collision/Contention based c. Token Passing 802.5 Token Ring FDDI d. 802.11 Wireless e. 802.12 Polling 5. Synchronization and Error Control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Network Layer - OSI Model (Routing)

A
  1. Routes data between systems or different networks. 2. Confidentiality, authentication, and integrity can be provided at this layer. 3. Select route for packets to take. 4. Fragmentation for dissimilar frame sizes.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Transport Layer - OSI Model

A
  1. End to end packet xfer use connection-oriented or connection services. 2. Buffering of data until all is sent or receiving system can process. 3. Error control and recovery if necessary. 4. Use of ports to communicate with higher level protocols. 5. Segmenting packets for processing by the network layer. 6. Packet sequencing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Session Layer - OSI Model - diagram

A
  1. Sets up communication with destination. 2. Maintenance of connection. 3. SQL, NFS, and RPC
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Session Layer - OSI Model

A
  1. Allows applications to organize and synchronize how they will transfer data. 2. Exception reporting. 3. Session setup, maintenance, session tear down. 4. Provides recovery services if required. 5. Full-duplex: two way conversations at the same time. 6. Half-duplex - only on node can speak at a time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Presentation Layer - OSI Model - diagram

A
  1. Translates message into standard presentations. 2. Formatting and encoding. 3. File level encryption. 4. File level compression.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Presentation Layer - OSI Model

A
  1. Specifies or negotiates how data is represented in binary when exchanged by applications. 2. Encoding (ASCII or EBCDIC). 3. Formatting (TIFF, GIF, JPEG).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Application Layer - OSI Model

A
  1. Functionality. 2. Services and protocols-FTP, Email, Access Control Services, Gateways, File Management, Web Browser, non-repudiation.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

OSI Model - Acronym

A

APSTNDP All people seem to need delicious pizza.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

OSI Model - PROTOCOLS - Application Layer

A

FTP TFTP BOOTP SNMP RLOGIN SMTP MIME FINGER TELNET NCP APPC AFP SMB HTTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

OSI Model - PROTOCOLS - Presentation Layer

A

ASCII TIFF GIF JPEG MPEG MIDI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

OSI Model - PROTOCOLS - Session Layer

A

DNS NETBIOS NFS RPC SQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

OSI Model - PROTOCOLS - Transport Layer

A

TCP UDP SPX SSL TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

OSI Model - PROTOCOLS - Network Layer

A

IP ICMP RIP IGMP IPX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

OSI Model - PROTOCOLS - Data Layer

A

SLIP PPP ARP RARP L2F L2TP ETHERNET TOKEN RING X.25 FRAME RELAY ATM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

OSI Model - PROTOCOLS - Physical Layer

A

HSSI X.21 EIA/TIA-232 EIA/TIA-449 SONET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Protocols - what are they?

A
  1. Rules used to allow two or more computers to send and receive data. 2. Allow different operating systems and applications to communicate. 3. Different protocols have different functionalities and goals. 4. Different network models specify services carried out by protocols. 5. Protocol stack means modules of functionality at different layers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

TCP/IP - Protocol of the Internet

A
  1. Transmission Control Protocol/Internet Protocol. 2. Suite of protocols that govern how data is transmitted. 3. Port numbers track different conversations-20 and 21 (FTP), 25 (SMTP), 161 (SNMP), 80 (HTTP), and 23 (TELNET). 4. Source port numbers are dynamic. 5. Destination values are usually under 1024.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

TCP vs UDP

A
  1. TCP -Connection oriented, Reliable, and provides flow control. 2. UDP - connectionless, non-reliable, no handshake is performed, and it is best effort protocol.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

IPv4 addressing

A
  1. 32 bits (4 bytes long) 2. uniquely identify a particular network interface 3. contains two parts-network ID and locally administered bits.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

IPv4 Class A addressing

A

RFC 721 0.0.0.0 to 126.0.0.0 - first byte defines network 8 networks 24 hosts 126 total networks 16.7 M hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

IPv4 Class B addressing

A

RFC 721 128.0.0.0 to 191.0.0.0 - first two byte defines network 16 networks 16 hosts 65K total networks 65K hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

IPv4 Class C addressing

A

RFC 721 192.0.0.0 to 223.0.0.0 - first three byte defines network 24 networks 8 hosts 16.7M total networks 254 hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

IPv4 Class D addressing

A

RFC 721 224.0.0.0 to 239.0.0.0 - Multicast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

IPv4 Class E addressing

A

RFC 721 240.0.0.0 to 255.0.0.0 - reserved for future use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

IPv6

A
  1. 128 bit addresses. 2. Eight blocks for four hex digits. 3. colon’d hex. 4. Can be shortened be deleting leading zeros. Adjacent blocks of zero’s can be replaced with ::, but only once.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Unique local Addresses

A
  1. Equivalent of IPv4 private address (10.x.x.x, 172.16.x.x, and 192.168.x.x). 2. Routable between subnets on a private network only. 3. Begin with “fd”. 4. The next 40 bits are the global ID and is randomly generated value that identifies a specific sit within the organization. 5. Next 16 bits represent subnet ID. 6. Last 64 bits represent the interface ID.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Signals

A
  1. Analog-varying electromagnetic waves and varied by amplification vs 2. Digital-electric pulses representation binary digits (on and off only).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Signaling Techniques

A
  1. Sync Transmission-stream of data, two systems sync before data is sent and used to transfer large amounts of data. 2. Async Transmission-bits are sent sequentially, xfer small amounts of data, start and stop bits used, and modems and dialup are main tech.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Baseband vs Broadband

A
  1. Baseband-cable only uses one channel and uses dedicated freqs. 2. Broadband-cable uses several channels and can xmit more data per unit of time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Coaxial Cable construction

A

Sheath then braided shielding then insulation then conducting core.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Twisted pair construction

A

Low speed xmit using twisted copper-STP, UTP. UTP vulnerable to interference. UTP is less secure then STP and fiber.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Fiber characteristics

A
  1. Data travels as light over glass medium. 2. Hi-speed less attenuation. 3. Extremely resistant to eavesdropping. 4. Very expensive. 5. Hard to work. 6. Most secure cabling type.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Cable issues

A
  1. Noise-dirty signals. 2. Attenuation-LOS. 3. Cross talk-signals spills onto other wires. UTP most susceptible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Twisted Pair Speeds

A
  1. UTP/STP 100M RJ-45 connector. 2. CAT 3-10 MBPS 2 pairs. 3. CAT 5-100M 4 pairs. 4. CAT 5e/6 1000M. 5. CAT 7 10 GBPS.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Fiber Optic design

A
  1. Singe Mode 2000M. 2. Multimode 500M-both ST (twist), SC (clip) connectors.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Transmission methods

A

1.Unicast-one to one. 2. Multicast-one to many. 3. Broadcast-one to all.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

LAN Protocols - Address Resolution Protocol (ARP)

A
  1. Maps the IP address to the MAC. 2. MAC is only used to forward frames on the same network segment, not for routing. 3. LAN media only understand MAC addresses not IP.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

LAN Protocols - Reverse Address Resolution Protocol (RARP)

A
  1. Has MAC address and broadcasts to get matching IP address. 2. RARP server responds to RARP broadcast. 3. Used in dumb terminals. 4. BOOTP was created after RARP and has more functions-gives station IP, gateway IP, and name server IP.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

LAN Protocols - Dynamic Host Configuration Protocol (DHCP)

A
  1. Automates IP config. 2. Creates scopes to manage. 3. Options added to scope to set add’l TCP/IP parms. 4. Support for Superscopes and Multicast scopes. 5. Integration with DNS.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

DHCP Leasing Process- DORA acronym

A
  1. Client boots and broadcasts DHCPDiscover message. 2. Server(s) respond and returns a DHCPOffer message. 3. Client chooses first DHCPO it receives and sends DHCPRequst accepting info from that server. 4. Server sends DHCPAck. 5. DHCP renewal-client requests from original server 50% lease time, if no response, sends request to any server for 87.5% lease time.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Internet Control Message Protocol

A
  1. Message protocol for IP. 2. IP sends ICMP. 3. Status and error messages. 4. Ping. 5. Routers put ICMP messages into IP datagrams to indicate a message could not be delivered. 6. Can be used to trick routers into changing their tables thus redirecting traffic.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Hub characteristics

A
  1. Layer 1. 2. Connects multiple LAN devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Switch characteristics (Bridge)

A
  1. Layer 2. Forwards frame to correct network segment. 3. Data link layer device. 4. Subject to MAC flooding.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Router characteristics

A
  1. Layer 3. 2. Routes packets based on IP address in header. 3. Can connect to similar or different networks. 4. Uses ACL security. 5. Network layering device.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Routing protocol types

A
  1. Distance vector based. 2. Link states. 3. Border protocols. - interior routing (RIP, OSPF) exterior routing (BGP).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Distance Vector Protocols

A
  1. List of destination networks with direction and distance hops. 2. Routing by rumor. 3. Each router periodically sends its entire table to a neighbor router. 4. Should not update from unauthorized routers. 5. Noisey-not efficient. 6. Infinity = 16 to prevent loops. Small newtkrk usage only.
52
Q

Link state Protocol - Open Shortest Path First (OSPF)

A
  1. Each router keeps a topo map of the net and identifies all routers and sub-nets. 2. Route is determined from shortest path (speed) to dest. 3. Routers elect DR (designated router) within an area. 4. All routers establish their topology database using DR as gateway between areas. 6. LSA (Link State Advertisements are used to communicate between devices to ensure the topology has not changed. 7. These protocols can be very resource intensive.
53
Q

Gateway

A
  1. Layers 5, 6, 7. 2. Usually software that links two different networks. 2. Not to be confused with “default gateway” which is usually a router. 3. Translates different protocols or applications.
54
Q

Firewall

A
  1. Layers 3 to 7. 2. A combination of SW and HW that supports and enforces network security policy. 3. restrict access from one net to another. 4. 5 types are Static Packet filtering, Stageful Packet Filtering, Circuit Proxy, Application Proxy, and Kernel proxy.
55
Q

Packet Filtering

A
  1. Uses ACL’s to make decisions. 2. Access is based on source and destination IP’s and port #’s. 3. Network layer service.
56
Q

Static Packet Filter Firewall

A
  1. Simplest and least expensive method to stop messages based on addresses, ports, and protocol type. 2. Minimum security for low-risk environments. 3. Screening routers with rules for accepting or rejecting data. 4. Cannot keep state information.
57
Q

Stateful Firewalls

A
  1. Packets are captured by inspection engine and each OSI layer is inspected. 2. Keeps track of the “state” or dialog of a communication stream. 3. Build a state table to monitor each comm dialog. 4. Tracks connectionless protocols. 5. Can enforce context access control.
58
Q

Proxy Firewall

A
  1. Circuit and Application Gateways. 2. Middleman between communicating computers. 3. Masks source computer by copying the packet and inserting its own address. 4. High processing on each packet means low performance.
59
Q

Circuit Level Firewall

A

1 Does not look as deep into the packet as application-level proxy. 2. Provides protection for a wide variety of protocols and is easier to maintain. 3. Makes access decision based on source and dest address, port, and protocol. 4. Similar functionality as a packet filter, but breaks connection.

60
Q

Kernel Proxy

A
  1. Build a virtual stack to examine each packet at each layer to ensure integrity. 2. Faster then app proxy. Takes place in the kernel.3. Performs NAT.
61
Q

Bastion Host

A
  1. Also known as a hardened system or a locked down system. 2. Disable unnecessary services and subsystems. No file sharing. Limited ports. No unnecessary SW or utilities. 3. Computers in DMZ’s should be hardened.
62
Q

Firewall Placement

A
  1. Protect an internal network from ext net and act as a choke point. 2. Segment net sections and enforce access controls between different subnets. 3. Construct a DMZ to provide a buffer zone between the internal and external net. 4. Architectures defined by NIST-Screened host, dual-homed firewall and screened subnet.
63
Q

Screened host Firewall

A
  1. Proxy directly behind a packet-filtering router. 2. Separates trusted and non-trusted networks.
64
Q

Dual-homed Firewall

A
  1. Two interfaces-one for each network. 2. Forwarding and routing is turned off so packets can be inspected.
65
Q

Screened subnet

A
  1. A DMZ created by implementing two screened routers (Internet-router-DMZ w/ FW - router - LAN). 2. Optionally can include a proxy.
66
Q

Demilitarized Zone (DMZ)

A
  1. Network segment between protected network and external non-trusted network. 2. Creates a buffer zone between the internal and external network. 3. Bastion Hosts are put in DMZ. One router or firewall should connect the trusted network to the DMZ. 5. One entry path.
67
Q

Firewalls should:

A
  1. Should deny all traffic unless expressly permitted (white listing). 2. Should block directed broadcasts (defense against surf and fragile attacks). 3. Block traffic leaving the net from a non-internal address (indicitive of a Zombie or DDoS attack). 4. Block all traffic entering the network from an internal IP address (Spoofing). 5. If security is important then packets should be reassembled before forwarding (slow).
68
Q

Downfalls of firewalls:

A
  1. Security is concentrated in one spot. 2. Firewalls present a postnatal bottleneck to the flow of traffic. 3. firewalls may restrict service users want to use. 4. Most firewalls do not protect from viruses in emil. 5. Firewalls provide little protection against an insider attack.
69
Q

Domain Name Service (DNS)

A
  1. Network service that translates host names to IP addresses. 2. Host names are divided into zones. 3. DNS server that holds resource records for a zone is the authritive DNS server for that zone.
70
Q

Securing DNS

A
  1. Enable DNSSec. 2. Place a DNS server on both ext and int networks. 3. Limited DNS interface access.
71
Q

Network Address Translation (NAT)

A
  1. NAT allows the use of private addresses. 2. NAT device has a pool of public IP addresses that get mapped to internal computers. 3. Limits the understanding of the internal net to ext entities.
72
Q

NAT**

A
  1. Converts addresses used internally and internet IP addresses. 2. Developed because quick depletion of public IP addresses and ability to hide internal addresses. 3. Static NAT - each internal system has a corresponding external routable IP address. 4. Hiding NAT - all systems share same external routable IP address. Dynamic or static mapping.
73
Q

Classless Internet Domain Routing (CIDR)

A
  1. Subnetting - borrowing bits from host portion to use for the network portion. 2. Supernetting - aggregating multiple networks to borrow bits from the host portion to make a larger network.
74
Q

Circuit Switching

A
  1. A virtual connection that acts like a dedicated link is built for two device to communicate. 2. Connection oriented virtual link. 3. Trafic travels in a predictable and constant manner. 4. Fixed delays. 5. Usually carries voice.
75
Q

Packet Switching

A
  1. Packets can use many different dynamic paths to get to the same destination. 2. Supports traffic that is bursty. 3. Variable delays. 4. Data oriented comms.
76
Q

Multiplexing

A
  1. Device that combines two or more channels. 2. The path is a physical (cable) or is a logically separated (freq or TDM).
77
Q

Fiber Distributed Data Interface (FDDI)

A
  1. High Speed token passing media access technology. 2. Dual rings going in opposite directions for fault tolerance. 3. 100 MBPS 3. Long distance at high speeds with minimal interference. 5. CDDI uses UTP. Usually for MANs.
78
Q

Sync Optical Net (SONET)

A
  1. Standard for transferring data over fiber. 2. Backbone carrier network-defines transmission rates, signal formats, and optical interfaces and the way phone companies transmit digital voice and data over optical networks. 3. Layer 1. 4. Many channels multiplexed together. 5. Self-healing. SDH in England.
79
Q

Metro Ethernet

A
  1. Next gen LAn tech. 2. Emerging tech.
80
Q

WAN Tech

A

WAN PSTN ISDN DSL Frame Relay X.25 ATM VOIP MPLS Metro Ethernet

81
Q

PBX Protection

A
  1. Change Admin PWD regularly. 2. Change default config. 3. Disable maint. modems. 4. Block remote calling after hours. 5. Block unassigned access codes. 6. Use call detail recording. 8. Review telephone bills.
82
Q

Issues w/ Telephone Security

A
  1. Phreaker-Blue box tones to trick a phone company into free LD, Red boxes simulated the sound of coins dropping into the phone and Black boxes manipulated line voltage to get free LD. 2. Slamming and Cramming-Slamming change a carrier without the cusomters approval. Cramming a- adding additional features without the customers approval.
83
Q

Smart phone/Blue tooth attacks

A
  1. Spoofing based on serial number for free LD. 2. Bluetooth attacks-bluejack anon spam to victim, bluebof, overflow in services remotely, bluebug, use AT commands on victims phone. 3. Bluesnarfing-stealing information from a blue tooth device.
84
Q

Dedicated Lines

A
  1. Only end points talk to each other. Secure. 2. Inflexible and expensive. 3. T1, T3.
85
Q

Channel Service Unit/Data Service Unit (CSU/DSU)

A
  1. HW required to allow network devices to communicate with a telephone network. 2. Converts digital signals from network devices to signals that can go over SP’s digital lines. 3. DSU connects to customers device and CSU connects to Telco.
86
Q

X.25

A
  1. First packet switching technology that also used switched and permanent virtual networks. 2. Slower than frame relay because of all the error correction a nd error detection. 3. Developed when Internet was not stable or redundant. Uses Link Access Procedure-Baanced for error detection and correction procedures.
87
Q

Frame Relay

A
  1. Faster WAN packet-switching protocol-simple framing and no error detection. 2. Permanent Virtual Circuit-construction to ensure customer gets a certain bandwidth level and configured into supporting switches. 3. Switched Virtual Circuit (SVC)-dynamically built when required. 4. Committed Information Rate (CIR)-customer pays a certain monthly payment to en
88
Q

Asynchronous Transfer Mode (ATM)

A
  1. High band width tech that uses switching and multiplexing. 2. 53 byte fixed cells instead of various frame lengths. 3. Cell switching technology.
89
Q

Multiple Protocol Label Switching (MPLS)

A
  1. secure WAN 2. virtual 3. faster because P2P VPN’s are not needed.
90
Q

Voice over IP (VOIP)

A
  1. tech that combines data, voice or video into one packet. 2. Higher performance. 3. Reduced operational costs. 4. Greater flexibility. 5. Ease of administration.
91
Q

How VOIP works:

A
  1. Converts analog to digital through use of telephony adapter or smart phone. 2. Data is channeled though gateways . 3. At the other end the smartphone or TA converts the signal back to analog.
92
Q

Challenges with VOIP:

A
  1. IP was designed for bursty data. When voice and data are combined jittering can happen. 2. IP is connectionless, so packets can arrive out of sequence. 3. IP is a store and forward tech. Each hop introduces the potential for latency.
93
Q

Session Initiation Protocol (SIP)

A
  1. Allows for the establishment of user location-user name to their network address. 2. Provides for feature negotiation so all parties are in agreement to what features are available. 3. A mechanism for call management-adding, dropping, transferring participants. 4. Allows for changing features of a session while it is in progress. 5. Provides signaling Service. Realtime transfer protocol (RTP) carries the voice stream.
94
Q

Integrated Services Digital Network (ISDN)

A
  1. Circuit switched tech to get digital services over standard voice lines for last mile. 2. Popular for dial backup on routers because control channel is out of band, which allows for quicker call setup and tear down. 3. Signal does not need to be converted from analog to digital. 4. Has a basic service (data transmission) and supplementary (call waiting, call transfer).
95
Q

ISDN Tech

A
  1. Allows for digital signals to be xmit over pots. 2. Basic Rate Interface (BRI)- this implements 2 B channels and 1 D channel for a combined bandwidth of 144K. 3. Primary Rate Interface (PRI)-Implements up to 23 B channels and 1 D channel for a total of T1 (1.544MB/s).
96
Q

Digital Subscriber Line (DSL)

A
  1. Provides high digital data xmi over POTS. 2. Higher speeds then ISDN and dialup. 3. Security issue of always being “on”. 4. Users should use a personal firewall and shutdown system when not in use.
97
Q

Cable Modem

A
  1. High speed access to the internet provided by a cable company. 2. All cable modems within an area eventually share the same coaxial trunks, thus one neighbor can easily “sniff” another neighbors traffic. 3. Insecure and users should implement personal firewalls. 4. Always “on” technology.
98
Q

Remote Access

A
  1. Older tech that allows road warriors or home-based users to access network resources.2. Reduces the cost of dedicated leased lines. 3. Provides flexibility.
99
Q

Dial-up Security Mechanisms

A
  1. Call back-user provides reds, access server calls back at a pre-configured number (dont know who is at initiating end). 2. Caller ID-verifies number user is calling from and compares it against acceptable phone numbers before establishing the session and more flexible.
100
Q

VPN’s provide three capabilities:

A
  1. Authentication 2. Encryption 3. Tunneling
101
Q

VPN/Tunneling Protocols

A
  1. Remote Access 2. Dial-up and RAS 3. Dial-up protocols (PPP, PAP, CHAP, EAP). 3. Tunneling protocols (PPTP, L2TP, SSTP, IPSec). 5. VPN.
102
Q

Point-to-Point Protocol

A
  1. Protocol used to encapsulate data over a serial line for dial-up connectivity. 2. Authentication (PAP,CHAP, EAP)
103
Q

Tunneling

A
  1. Preserves original headers. 2. Frame is wrapped in a second frame to travers another network. 3. Second protocol insulates the frame and created the illusion of a tunnel for the data to travel through. 4. The frame of one protocol is the data of another. (First protocol may not be routable and first frame may need to be encrypted for confidentiality).
104
Q

Tunneling Protocol - PPTP

A
  1. Point-to-point tunneling protocol. 2. Encapsulation protocol based on PPP. 3. Data link layer protocol that provides single PTP connections. 4. Data can be encrypted but negotiation information is in clear text. 5. Works only over IP traffic.
105
Q

Tunneling Protocol - Layer 2 Tunneling Protocol (L2TP)

A
  1. Hybrid of L2F and PPTP. 2. Sets up a single P2P connection between to computers. 3. Works at the data link layer. 4. Transmits over multiple types of networks. (any layer 3 protocol). 5. Combined with IPsec for security.
106
Q

Virtual Private Network (VPN)

A
  1. Trusted comm channel through a network that is not trusted. 2. Cheaper and more flexible than dedicated links. 3. VPN is usually configured on the firewall - different link and trust levels.
107
Q

Password Authentication Protocol (PAP)

A
  1. Auth protocol used be remote users. 2. Auth after a PPP connection is up. 3. Creds are sent in clear text. 4. Vulnerable to sniffing, man-in-the-middle, and replay attacks.
108
Q

Challenge Handshake Authentication Protocol (CHAP)

A
  1. Challenge Handshake Authentication Protocol. 2. Auth protocol that sends a challenge response. 3. User’s password is used to encrypt challenge value. 4. Periodical sends a challenge to protect against man-in-the-middle attacks. 5. Password is not sent over the wire.
109
Q

Extensible Authentication Protocol (EAP)

A
  1. EAP is a general protocol for auth that also supports multiple auth methods: a. token Ring b. Kerberos c. OTP 4. public key auth. 2. IEEE 802.1x specifies how EAp is encapsulated in ethernet.
110
Q

Wireless transmission methods

A
  1. First wireless network standard: 802.11. 2. Defines three physical layers: a. infrared b. narrowband c. spread spectrum. 2. Spread spectrum-derived from military comms. 3. Variations: a. DSSS b. FHSS c. ODM.
111
Q

WLan Freq and Signals

A
  1. 802.11a - more channels and high speed less interference. 2. 802.11b - protocol of wifi revolution-first standard. 3. 802.11g - similar to b only faster. 4. 802.11i - adds WPA. 5. 802.11n - 450 MBPS. 6. 802.16 - long distance wireless.
112
Q

WLan Components

A
  1. Access Point - a. infrastructure and peer to peer. 2. Service Set ID (SSID). 3. Encryption - most AP’s come without encryption enabled.
113
Q

WLan Security

A

Securing WLans is harder then LAN. 2. Includes WEP, WPA, WPA2 aka 802.11i.

114
Q

Wireless Standards - Wired Equivalent Privacy (WEP)

A
  1. Wired Equivalent Privacy. 2. Wep is based on RC4 (weak). 3. Easy to recover the key: single shared key, cleartext IV transmission, Weak IV’s and no checking for rx of same packet.
115
Q

Wireless Standards - Wifi Protected Access (WPA)

A
  1. Replaces WEP. 2. More secure: a. uses TKIP b. 48-bit IV, uses a different session key for each packet, uses MIC to detect invalid packets. 3. WPA-Enterprise a method for net auth using EAP/TLS, TTLS or PEAP. 4. WPA-Personal - uses a shared passphrase.
116
Q

Wireless Standards - Wifi Protected Access 2 (WPA2)

A
  1. 802.11i standard. 2. CCMP (Counter mode with cipher block chaining message authentication code protocol) - an AES based encryption mech that is stronger than TKIP. 3. AES uses 128, 192, or 256 bit encryption.
117
Q

Wireless Network Attacks

A
  1. Wireless networking opens up a network to attacks. 2. Attacks include: a. detection (wardriving) b. eavesdropping c. open auth d. spoofing e. denial of service.
118
Q

War driving for wireless LANs

A
  1. War walking-walking around looking for open networks 2. wardriving - driving around looking for open networks 3. war flying - flying around looking for open networks 4. warchalking - using chalk around looking for open networks 5. GPS used to mark location of open networks. 6. BlueJacking - sending unsolicited messages to a blue tooth enabled device.
119
Q

Wireless Application Protocol (WAP)

A
  1. Set of protocols provides same type of functionality as HTML and TCP/IP. 2. Allows wireless device to access the internet. 3. Lower overhead protocol than what is used in PC’s. 4. Wireless devices have limited storage, memory and processing power.
120
Q

Attacks - Impersonation

A
  1. Impersonate a user with reds, alter MAC addresses to impersonate another computer, email spoof. 2. Countermeasures: strong auth mech (2FA), digital signature, OTP.
121
Q

Attacks -Packet Modification

A
  1. Data altered during xmit. 2. Countermeasures: hashes, digital signatures.
122
Q

Attacks - Flooding

A
  1. Sending more data than a system can handle - ping. 2. Countermeasures: filter packets before reaching destination, patch system.
123
Q

Attacks - Web Spoofing

A
  1. Redirecting to a different site. 2. Changing a DNS record to point to a different site.
124
Q

Attacks - DNS Poisoning

A
  1. Bogus resource records. 2. Countermeasure: DNSSEC.
125
Q

Attacks - Login Spoofing

A
  1. Counterfeit page inserted for login process. 2. Counter measure: mutual auth.
126
Q

Attacks - Tunneling

A
  1. Use a mechanism in a way that it was not designed-insert data behind ICMP header and send malware through port 80. 2. Countermeasure - firewall device that looks deeper into packet (appliance level proxy).