Telecommunications & Network Security Flashcards

Question 1

Q

What is a LAN ?

Answer

A

Local Area Network, small in scope (building, floor), connects servers, workstations, printers.

Typically High Speed and cheap (compared to a WAN).

Question 2

Q

What is a WAN ?

Answer

A

Wide Area Network - connects multiple LANs and other WANs by using telecommunications devices and facilities to form an internetwork. typically consists of Routers, CSU/DSU, FireWalls. VPN concentrators.

Typically Low Speed (compared to the LAN), Expensive.

Question 3

Q

What is the OSI Model ?

Answer

A

The OSI model defines standard protocols for communication and interoperability by using a layered approach. This approach divides complex networking issues into simpler functional components that help the understanding, design, and development of networking solutions

Question 4

Q

How many Layers does the OSI Model have ?

Question 5

Q

What are the 7 Layers ?

Answer

A

Application, Presentation, Session, Transport, Network, Data link, Physical.

Adult People Should Try New Dairy Products.

Question 6

Q

What is Data Encapsulation ?

Answer

A

encapsulation. Data encapsulation wraps protocol information from the layer immediately above in the data section of the layer immediately below.

Question 7

Q

What is a PAN ?

Answer

A

Personal Area Network - Laptop, phone, PDA, (personal devices) that can be connected together via cables, bluetooth and wireless.

Question 8

Q

What is a SAN ?

Answer

A

Storage Area Network - A Huge array of hard drives that appear as a logical entity to servers and the like. They uses technologies such as iSCSI, SCSI, Fibre Channel. They have redundency built into them.

Question 9

Q

What is a VLAN ?

Answer

A

Virtual Local Area Network - it exists with a single or multiple switches and logically groups devices, users or groups together. Provide security and easy of management as well as layer 2 security. `

Question 10

Q

What is a CAN ?

Answer

A

Campus Area Network - exists within a small area and connects buildings together with a ‘campus’

Question 11

Q

What is a MAN ?

Answer

A

Metropolitan Area Network - A network that spans over a City.

Question 12

Q

What is a VAN ?

Answer

A

A type of extranet that allows businesses within an industry to share information or integrate shared processes. For example, Electronic Data Interchange (EDI) allows organizations to exchange structured documents — such as order forms, purchase orders, bills of lading, and invoices — over a secure network.

Question 13

Q

OSI Layer 1 ?

Answer

A

Physical Layer:
Sends and receives bits across the network. It specifies the electrical, mechanical, and functional requirements of the network, including network topology, cabling and connectors, and interface types, as well as the process for converting bits to electrical (or light) signals that can be transmitted across the physical medium.

Question 14

Q

What is a Star Topology ?

Answer

A

All data communications must pass through the switch (or hub), which can become a bottleneck or single point of failure. A star topology is ideal for practically any size environment and is the most common basic topology in use today. A star topology is also easy to install and maintain, and network faults are easily isolated without affecting the rest of the network.

Question 15

Q

What is a Mesh Topology ?

Answer

A

In a mesh topology, all systems are interconnected to provide multiple paths to all other resources.In most networks, a partial mesh is implemented for only the most critical network components, such as routers, switches, and servers (by using multiple network interface cards [NICs] or server clustering) to eliminate single points of failure.

Question 16

Q

What is a Ring Topology ?

Answer

A

A ring topology is a closed loop that connects end devices in a continuous ring, this is achieved by connecting individual devices to a Multistation Access Unit (MSAU or MAU). Physically, this setup gives the ring topology the appearance of a star topology.

Ring topologies are common in token-ring and FDDI networks. In a ring topology, all communication travels in a single direction around the ring.

Question 17

Q

What is a Bus (Linear) Topology ?

Answer

A

In a bus (or linear bus) topology, all devices are connected to a single cable (the backbone) that’s terminated on both ends.

Small Networks
Backbone is a single point of failure
Problems tracing the fault.
Originally cheap (this is no longer the case)

Question 18

Q

What is BaseBand signaling ?

Answer

A

Baseband signaling uses a single channel for transmission of digital signals and is common in LANs that use twisted-pair cabling.

Question 19

Q

What is BroadBand Signaling ?

Answer

A

Broadband signaling uses many channels over a range of frequencies for transmission of analog signals, including voice, video, and data. The four basic cable types used in networks are coaxial, twinaxial, twisted-pair, and fiber-optic.

Question 20

Q

What is Co-Axial Cabling ?

Answer

A

Co-Ax, comes in two flavours - thinnet thicknet.

Coax cable consists of a single, solid-copper-wire core, surrounded by a plastic or Teflon insulator, braided-metal shielding, and (sometimes) a metal foil wrap, all covered with a plastic sheath. This construction makes the cable very durable and resistant to Electromagnetic Interference (EMI) and Radio Frequency Interference (RFI) signals.

Question 21

Q

ThinNet vs ThickNet:

Answer

A

Thick: Also known as RG8 or RG11 or thicknet. Thicknet cable uses a screw-type connector, known as an Attachment Unit Interface (AUI). Thin: Also known as RG58 or thinnet. Thinnet cable is typically connected to network devices by using a bayonet-type connector, known as a BNC (Bayonet Neill-Concelman) connector.

Question 22

Q

What is TwinAx Cabling ?

Answer

A

Twinaxial (also known as twinax) cable is very similar to coax cable, but it consists of two solid copper-wire cores, rather than a single core.

high Speed Data Transfer
High Speed, short distance, low cost.

Typical applications for twinax cabling include SANs and top-of-rack network switches that connect critical servers to a high-speed core.

Question 23

Q

What is BER ?

Answer

A

Bit error ratio (BER) is the ratio of incorrectly received bits to total received bits over a specified period of time.

Question 24

Q

What is Twisted Pair ?

Answer

A

Popular, Light Weight, Flexible, Cheap and easy to install.

Twisted-pair cable consists of four copper-wire pairs that are twisted together to improve the transmission quality of the cable by reducing crosstalk and attenuation. The tighter the twisted pairs, the better the transmission speed and quality.

Question 25

Q

What is CrossTalk ?

Answer

A

Crosstalk occurs when a signal transmitted over one channel or circuit negatively affects the signal transmitted over another channel or circuit.

Question 26

Q

What is Attenuation ?

Answer

A

Attenuation is the gradual loss of intensity of a wave (for example, electrical or light) while it travels over (or through) a medium.

Currently, ten categories of twisted-pair cabling exist, although only four (Cat 3, Cat 5e, Cat 6, and Cat 6a) are currently defined as standards by the TIA/ EIA. Cat 5, Cat 5e, and Cat 6 cable are typically used for networking today.

Question 27

Q

What is Tempest ?

Answer

A

TEMPEST is a (previously classified) U.S. military term that refers to the study of electromagnetic emissions from computers and related equipment.

Cat 7 and Cat 7a cable is available as STP only. In addition to the entire Cat 7 or Cat 7a cable, the individual wire pairs are also shielded.

Question 28

Q

What is Fibre Optic Cable ?

Answer

A

Fiber-optic cable, the most expensive type of network cabling — but also the most reliable — is typically used in backbone networks and high-availability networks (such as FDDI). Fiber-optic cable carries data as lightsignals, rather than as electrical signals.

Question 29

Q

What is a Repeater ?

Answer

A

A repeater is a non-intelligent device that simply amplifies a signal to compensate for attenuation (signal loss) so that one can extend the length of the cable segment.

Question 30

Q

What is a Hub ?

Answer

A

A hub (or concentrator) is used to connect multiple LAN devices together, such as servers and workstations. The two basic types of hubs are:
Passive - All data is sent to all ports.
Active - All data is sent to all ports and is amplified (repeater)

Question 31

Q

What is a Switch ?

Answer

A

A switch is used to connect multiple LAN devices together. Unlike a hub, a switch doesn’t send outgoing packets to all devices on the network, but instead sends packets only to actual destination devices.

A switch typically operates at the Data Link Layer but the physical interfaces (the RJ-45 input connections) are defined at the Physical Layer.

Question 32

Q

What is the Data Link Layer (Layer 2)

Answer

A

The Data Link Layer ensures that messages are delivered to the proper device across a physical network link.

This layer also defines the networking protocol (for example, Ethernet and token-ring) used to send and receive data between individual devices.
The Data Link Layer formats messages from layers above into frames for transmission, handles point-to-point synchronization and error control, and can perform link encryption.
The Data Link Layer consists of two sub-layers: the Logical Link Control (LLC) and Media Access Control (MAC) sub-layers.

Question 33

Q

What is the Role of the Logical Link Sub Layer

Answer

A

The LLC sub-layer operates between the Network Layer above and the MAC sub-layer below.

Provides an interface for the MAC sub-layer by using Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs).
Manages the control, sequencing, and acknowledgement of frames being passed up to the Network Layer or down to the Physical Layer.
Responsible for timing and flow control.

Question 34

Q

What are the role of the MAC Sub Layer ?

Answer

A

The MAC sub-layer operates between the LLC sub-layer above and the Physical Layer below. It’s primarily responsible for framing

performs Error Control (CRC Checks)
Identifies Hardware / MAC Addresses
Controls Media Access Control

Question 35

Q

What is a MAC Address ?

Answer

A

The MAC address is a 48-bit address that’s encoded on each device by its manufacturer. The first 24 bits identify the manufacturer or vendor. The second 24 bits uniquely identify the device.

Question 36

Q

What are LAN Controls & Transmission Methods ?

Answer

A

These are LAN Access Protocols:

ArcNet (Token Passing)
Ethernet (CSMA/CD)
Token Ring
FDDI (redundent Token Ring)
ARP
RARP

Question 37

Q

What is ARP ?

Answer

A

ARP (Layer2) maps Network Layer IP addresses to MAC addresses.
ARP discovers physical addresses of attached devices by broadcasting ARP query messages on the network segment.
IP-address-to-MAC-address translations are then maintained in a dynamic table that’s cached on the system.

Question 38

Q

What is RARP ?

Answer

A

RARP (layer 2) maps MAC addresses to IP addresses.

This process is necessary when a system, such as a diskless machine, needs to discover its IP address.

The system broadcasts a RARP message that provides the system’s MAC address and requests to be informed of its IP address. A RARP server replies with the requested information.

Question 39

Q

What are the three types of LAN Data Transmission ?

Answer

A

Unicast - Single Source to a Single Destination
Multicast - Single Source to Multiple destinations that are masked with a multi-cast IP Address.
broadcast - Single Source to Every IP Address.

Question 40

Q

Wireless LAN Protocols, name them and their specs ?

Answer

A

11a 54 Mbps Operates at 5 GHz (less interference than at 2.4 GHz)
11b 11 Mbps Operates at 2.4 GHz (first widely used protocol)
11g 54 Mbps Operates at 2.4 GHz (backward-compatible with 802.11b)
11n 600 Mbps Operates at 5 GHz or 2.4 GHz

Question 41

Q

WAN Protocol - P to P ?

Answer

A

This is a point to point link. These links provide a single, pre-established WAN communications path from the customer’s network, across a carrier network (such as a Public Switched Telephone Network [PSTN]), to a remote network.

Question 42

Q

What is the Point to Point Protocol ?

Answer

A

The successor to SLIP. PPP provides router-to-router and host-to-network connections over synchronous and asynchronous circuits. It’s a more robust protocol than SLIP and provides additional built-in security mechanisms. PPP is far more common than SLIP in modern networking environments.

Question 43

Q

What PPTP ?

Answer

A

Point-to-Point Tunneling Protocol (PPTP): A tunneling protocol developed by Microsoft and commonly used to implement VPNs, specifically PPP traffic. PPTP doesn’t provide encryption or confidentiality, instead relying on other protocols, such as PAP, CHAP, and EAP, for security.

Question 44

Q

What is SLIP ?

Answer

A

Serial Line IP (SLIP): The predecessor of Point-to-Point Protocol (PPP), SLIP was originally developed to support TCP/ IP networking over low-speed asynchronous serial lines (such as dial-up modems) for Berkeley UNIX computers.

Question 45

Q

What is xDSL ?

Answer

A

Digital Subscriber Line (xDSL): xDSL uses existing analog phone lines to deliver high-bandwidth connectivity to remote customers. Table 5-4 describes several types of xDSL lines that are currently available.

Question 46

Q

What is ISDN ?

Answer

A

Integrated Services Digital Network (ISDN): ISDN is a communications protocol that operates over analog phone lines that have been converted to use digital signaling. ISDN lines are capable of transmitting both voice and data traffic. ISDN defines a B-channel for data, voice, and other services, and a D-channel for control and signaling information.

Question 47

Q

What are the two ISDN Service Levels ?

Answer

A

Basic Rate Interface (BRI) One 16-Kbps D-channel and two 64-Kbps B-channels (maximum data rate of 128 Kbps)
Primary Rate Interface (PRI) One 64-Kbps D-channel and either 23 64-Kbps B-channels (U.S.) or 30 64-Kbps B-channels (EU), with a maximum data rate of 1.544 Mbps (U.S.) or 2.048 Mbps (EU)

Question 48

Q

What is Frame Relay ?

Answer

A

A packet Switched Network.

* High speed, No Error Correction.

Question 49

Q

What is MPLS ?

Answer

A

Multi-Protocol Label Switching (MPLS): A packet-switched, high-speed, highly scalable and highly versatile technology used to create fully meshed Virtual Private Networks (VPNs). It can carry IP packets, as well as ATM, SONET (Synchronous Optical Networking), or Ethernet frames. MPLS is specified at both Layer 2 and Layer 3.

Disadvantaages: * Loss of visability into the cloud, so does an attacker.

Question 50

Q

What is a LER Router ?

Answer

A

Lable Edge Router - used in MPLS, they label and remove labels, capsulate and unencapsulate data packets as they leave the clouds.

Question 51

Q

What is SONET ?

Answer

A

Synchronous Optical Network - used in the USA by telco and energy companies. high speed multiplexed,low latency based on Fibre Optics.

Question 52

Q

What is SDH ?

Answer

A

Synchronous Digital Hierarichy - Successor to SONET, used throughout the world, save the USA. high speed multiplexed,low latency based on Fibre Optics.

Question 53

Q

What is a Datagram ?

Answer

A

A Datagram is a self contained unit that is capable of being routed between a source and a destination, commonly used in UDP and AppleTalk. Similar to an IP Packet.

Question 54

Q

What is X.25 ?

Answer

A

X.25 was the first packet switching network.

Question 55

Q

What is a Packet Switched Network ?

Answer

A

Packet Switched Networks are:

ideal for on demand connections that occasionally ‘burst’ due to high traffic volumes.
They are connectionless orientated
Variable Delays

Question 56

Q

Characteristics of Asynchronous Communication

Answer

A

data is transmitted serially
it has start and stop bits
communicate at the same speed
parity bits reduce error

Question 57

Q

What is a Bridge ?

Answer

A

Semi Inteligent Repeater
connects two or more network segments
maintains an ARP Cache
Responsible for broadcast storms - can flood a network with ARP requests.

Question 58

Q

What is a Switch ?

Answer

A

intelligent Hub that uses MAC addresses to route traffic.
Can be used to implement VLANS
traditionally layer 2, new switches function at layers 3 and 7.

Question 59

Q

What is DTE ?

Answer

A

Data Terminal Equipment, a general term used to classify end devices like workstation.

Question 60

Q

What is the DCE ?

Answer

A

Data Communications Equipement - It is the physical connection to the network from the DTE devices.

Question 61

Q

What is Layer 3 ?

Answer

A

The Network Layer

Question 62

Q

Network Layer (3) Functions ?

Answer

A

Routing between systems on the same or interconnected networks.
RIP, OSPF, BGP, IP, IPX are all defined at this layer.

Question 63

Q

What are Static Routing Protocols ?

Answer

A

Static manual routes placed on routers to direct traffic from A to B. If the router is down the network is down.

If two paths are listed for a route there is no congestion control.
only practical in small networks
It does have low bandwidth requirements and built in security.

Question 64

Q

What are Dynamic Routing Protocols ?

Answer

A

Dynamic Routing Protocols discover routes to get to another location.

Congestion Aware.
link state aware

Answer 64

A

It makes routing decisions based on 2 factors distance (hops) and vector (egress router interface).

Answer 65

A

The time it takes for all routers in a network to update their routing tables.
* During Convergence routing information is exchanged and networks slow down considerably.

Answer 66

A

Routing Information Protocol.

* It uses Distance - Vector routing protocol that uses hop counting as a routing metric with a hop limit of 15.

Answer 67

A

Demands that all routers maintain a complete map / routing table of the entire network.
processor intensive to produce.
calculates the most efficient way to data across a networkm calculating factors like: Speed, Delay, Load, relability and cost.
Convergence with link state protocols occurs much more quickly than with vector - distance Protocols.

Answer 68

A

Is similar in concept to a distance vector protocol but without the scalability issues associated with limited hop counts. BGP is an example of this.

Answer 69

A

Routing loops are when packets get stuck bouncing between various hops. to prevent this RIP implements the following:

Hop limit of 15.
Split Horizon - prevents a router from advertising a route back out through the same interface.
Route Poisoning - Sets the hop count on a bad route to 16.
Holddown Timers - starts a timer when a router receives a router to a destination that is unreachable, untill the timer ends any router updates to that destination are dropped. this prevents flapping.
RIP uses UDP port 520
Slow Convergance
Poor Security

Answer 70

A

Open Shortest Path First:

A link state routing protocol
It is considered an Interior Gateway Protocol (IGP)
Encapsulated as IP Datagrams, as oppose to TCP,UDP.

Answer 71

A

A group of contiguous IP address ranges under the control of a single internet entity.

Answer 72

A

Autonomous System Number - individual autonomous systems are assigned a 16 ro 32 AS Number that uniquely identifies them on the Internet, these are assigned by IANA.

Answer 73

A

Internet Assigned Numbers Authourity.

* Assigns 16 or 32 bit unique numbers to autonomous systems on the internet.

Answer 74

A

Intermediate Systems to Intermediate Systems - A link state routing protocol used to route datagrams through a packet switched network.

It is an Interior Gateway Protocol (IGP)
used in large service provider backbone networks.

Answer 75

A

Border Gateway Protocol - a Path vector routing protocol used between seperate authonomous systems (AS).

Exterior Gateway Protocol (EGP).
Core Protocol used by ISPs and on large enterprise networks.

Answer 76

A

External Border Gateway Protocol - when BGP is used between autonomous systems (AS).

Answer 77

A

Internal Border Gateway Protocol - When BGP runs within an Autonomous System (AS).

Answer 78

A

Network Layer Protocols that address packets with routing information.
* IP, IPX.

Answer 79

A

Contains Addressing information that enables it to be routed.
Connectionless, best effort, delivery of datagrams.
Fragmentation and reassembly of datagrams.
IPv4 used 32bit logical IP addresses divided into 4 x 8 bit octets.

Answer 80

A

A - 1 top 126 (large, 16,777,214)
B - 128 to 191 (medium, 65,534)
C - 192 to 223 (small, 254)
MultiCast - 224 to 239
Experimental - 240 - 254

Answer 81

A

127.0.0.1 - 127.255.255.255 - loopback network used for testing and troubleshooting.

Answer 82

A

10.0.0.0 - 10.255.255.255

Answer 83

A

172.16.0.0 - 172.31.0.0

Answer 84

A

192.168.0.0 - 192.168.255.255

Answer 85

A

128bit logical IP Address Scheme

* backward compatable with IPv4

Answer 86

A

Internetwork Packet Exchange.

COnnectionless Protocol associated with Netware
part of the IPX / SPX package Suite.

Answer 87

A

Internet Control Message Protocol. Layer 3.

reports errors and other information back to the source.
Common Terms: Destination Unreachable, Echo Request, Echo Reply, Redirect, Time Exceeded. PING

Answer 88

A

Simple Key Management for Internet Protocols - A Network layer key management protocol used to share encryption keys.

Bandwidth intensive (size of packet header information due to encrypted packets).
No pre-required session is required.

Answer 89

A

Router - hardware and software equipment (BGP,OSPF,RIP)

Gateway - Hardware and software appliance that links disparate networks, this can include protocols (IPX <> IP)

Answer 90

A

The Transport Layer - It provides end to end reliable data transport and and transmission control.

Answer 91

A

A transport layer function that manages data transmission between devices. Makes sure 1 device does not overload another.

Answer 92

A

A transport layer function that enables data from multiple applications to be transmitted over a single physical link.

Answer 93

A

A transport layer function that establishes, maintains and terminates virtual circuits.

Answer 94

A

A transport layer function that detects for transmission eorrs and takes actions to resolve the errors.

Answer 95

A

Transmission Control Protocol (Layer 4):

A full duplex connection orientated protcol.
Connection established through a 3-way handshake
Reliable - guarantees delivery by acknowledging packets and re-transmitting / requesting if there is an error.
Slow - due to the overhead (3-way,error checking)

Answer 96

A

A PC attempting to communicate with another initiates the communication with a SYN (syncronise) Packet. Part 1 of the 3 way TCP Hand Shake.

Answer 97

A

The PC that has received a SYN packet responds to the original Request with a SYN-ACK (syncronise - acknowledgement) Part 2 of the 3 Way TCP HandShake.

Answer 98

A

A response to a SYN-ACK packet, this is third part of the TCP 3 Way Hand shake.

Answer 99

A

User Datagram Protocol:

Connectionless protocol, uses Best effort for delivery.
no delivery guarantee
no packet re-sequencing or error checking.

Answer 100

A

suited for data that requires fast delivery that is not sensitive to packet loss or fragmentation.
DNS
SNMP
video and audio streaming.

Answer 101

A

Sequenced Packet Exchange.

Used to guarantee data delivery on Netware Networks.
Similar to TCP
reliable.
provides for packet re-assembly.

Answer 102

A

Secure Socket Layer / Transport Layer Security.

* provides session based encryption & authentication.

Answer 103

A

The Session Layer . This establishes co-ordinates and terminates communication sessions between networked systems.

Answer 104

A

1) Connection Establishment: Initial Contact between communicating systems is made and the end devices agree on communication parameters.
2) Data Transfer - data is exchanged between end devices.
3) Connection Release - After the data has been communicated end devices end the session.

Answer 105

A

Simplex Mode - 1 way communication path, 1 transmits the other receives. Like a Radio.
Half Duplex Mode - Both devices can transmit and receive but not at the same time. Like a 2 way radio.
Full Duplex - Both devices can communicate at the same time (transmit and receive) simultaneously. Life a telephone.

Answer 106

A

Network Basic Input / Output System.

Layer 5
microsoft protocol, designed for communication across a LAN.
None routable.

Answer 107

A

Network File System.

Layer 5.
designed to faciliate remote access to resources for users on a UNIX based system.

Answer 108

A

Remote Procedure Call

Layer 5 protocol
This is a client | Server network redirection tool.

Answer 109

A

SecureShell. - An alternative to tellnet.

Layer 5 Protocol.
provides remote access on unix systems.

Answer 110

A

Session Initiation Protocol:

Layer 5 Protocol
used for managing and terminative real time communications (Video, Audio and Text)

Answer 111

A

Presentation Layer: Provides coding and conversion functions for data being presented the Application Layer.

Answer 112

A

Data Representation
Character Conversion
Data Compression
Data Encryption

Answer 113

A

American Standard Code for Information Interchange.

Layer 6
Character encoding system

Answer 114

A

Application Layer - responsible for identifying and establishing availability of communication partners, determining resource availability and syncronising communications.

Answer 115

A

File Transfer Protocol.

Layer 7
copy files from A to B

Answer 116

A

HyperText Transfer Protocol.

Language of the WWW
Layer 7

Answer 117

A

HyperText Transfer Protocol Secure.

Language of commerical applications on the WWW
Layer 7
HTTP + SSL / TLS

Answer 118

A

Internet Message Access Protocol - Stores and forwards electronic emails.

Layer 7
User port 143

Answer 119

A

Post Office Protocol version 3 (POP3)

Layer 7
An Email retrieval protocol
uses port 110
Insecure auth over plain text.

Answer 120

A

Secure Multi Purpose Internet Mail Extension

layer 7
allowed users to send email with a web browser.

Answer 121

A

Simple Mail Transfer Protocol

Layer 7
used to send and receive email across the internet.
Runs on Port 25.

Answer 122

A

A communication model based on TCP/IP that predates the OSI Model. 4 layers:
Application (App, Presentation,Session: OSI)
Transport (Transport : OSI)
Internet (Network: OSI)
Network (Link) Layer: (Data Link, Physical: OSI)

Answer 123

A

A hardware and Software appliance that controls traffic flow.

Answer 124

A

denies / permits traffic based on TCP, UDP, ICMP and IP headers of individual packets.
Cheap
Uses pre-defined access rules (ACLs)
Fast, Efficient.
Transparent.
No protection from IP or DNS spoofing
Doesn’t strong user encryption
limited logging

Answer 125

A

A FireWall that controls access by maintaining state information about established connections. When the session is created (layer 5) between 2 hosts packets flow freely between them.

Speed (after a connection is made individual packets aren’t analysed)
support for many protocols
easy maintenance
dependence on trustworthy connections
limited logging.

Answer 126

A

A circuit level gateway that captures network layer packets and then queues and analyses them.

Answer 127

A

operates at the Application (Layer 7) of the OSI model.
Proxy Server
Processes and inspects data packets for specific IP Applications.
No data is directly sent between the two hosts, the proxy server accepts the packets, inspects the packets and sends on a copy.
masks network internals and designs
Can implement strong user authentication
reduced network performance
Must be tailored to specific applications.

Answer 128

A

A Basic type of firewall architecture
A router that is placed between a trusted and untrusted network that uses an ACL secruity policy.
Device is transparent
Simple and inexpensive
has issues with certain types of traffic
limited / no logging
no user authentication
Single point of failure
Is not really a firewall (no choke point strategy)

Answer 129

A

A common FireWall Architecture
Called a Bastion Host. (sacrifical lamb)
Systems with 2x NICS that sits between 2 networks
A hardened system that employs robust security mechanisms.
Proxys connections between NICS
Can have a fail safe option.
internal network structure is masked.
Inconvenient to Users
can cause slower network performance (bottleneck)

Answer 130

A

A type of firewall architecture that employs both a bastion host as well as a screening router.
The screening router makes the bastion the single point of ingress / egress between the two networks.
provides distributed secruity between 2 devices
transparent outbound
restricted inbound
bastion host could be bypassed by the screened router
Masking the internal network structure is difficult
multiple single points of failure.

Answer 131

A

A secure Firewall Architecture
uses an exterrnal screening router
dual homed host with a second screening router (DMZ)
Transparent to end users
Flexible
provides defense in depth
internal network structure can be masked.
expensive, difficult to maintain and configure
tough to troubleshoot.

Answer 132

A

Provides realtime monitoring and analysis of network traffic.

Answer 133

A

This is an IPS, it can block suspected attacks.
Must be placed inline
single point of failure
could be used to DoS a company

Answer 134

A

Or just a plain old IDS
monitors and alerts.
Not neccesarily inline.

Answer 135

A

Is an a network device / appliance with an NIC card configured in promiscious mode, can sniff all traffic.

Answer 136

A

Is a system with host applications or agents that are installed on hosts and alert the IDS when triggers occur.

Answer 137

A

This type of IDS references a database of previous attack profiles.

Low false positive rate
alerts are more standardised.
signature based must be continually maintained
new attacks may have not been classified and thus not be detected.

Answer 138

A

this references a baseline or learned pattern
deviations from the baseline or pattern trigger an alarm.
less dependent on identifying specific OS vulns.
dynamically adapt to new, unique, original attacks.
High false positive rate
cannot adapt to legitimate usage patterns.

Answer 139

A

Access is granted or restricted based on the user’s IP Address.

Answer 140

A

Access is granted or restricted based on the user’s phone number.

Answer 141

A

This requires a remote access user to authenticate to a RAS Server, the RAS then disconnects and calls the user back at a preconfigured phone number.
* Easily defeated with call forwarding.

Answer 142

A

Remote Access Service - they utilise PPP to encapsulate IP packets and establish a dial-in connection.

Answer 143

A

VIrtual Private Network. - A secure tunnel over a public network such as the Internet.

Answer 144

A

Client to VPN Concentrator
Client to Client
Firewall to firewall
router to router

Answer 145

A

Point-to-Point Tunneling Protocol:

Developed by Microsoft.
tunnels the Point to Point Protocol through a public network.
uses native PPP authentication & encryption services.

Answer 146

A

Layer 2 forwarding protocol:
* designed by Cisco 
* similar to PPTP 
* Data link layer (Layer 2)
permits tunneling of WAN Protcols (HDLC,SLIP)

Answer 147

A

Layer 2 Tunneling Protocol

combination of L2F and PPTP
Transparent (requires no additional software)
Robust Authentication (PPP,RADIUS,TACACS)
Local addressing (assigned by VPN not ISP)
Authorisation - managed server side
Accounting - Both the ISP and USER perform AAA accounting

Answer 148

A

Internet Protocol Security.

Layer 3 IETF open standard.
Ensures confidentiality, integrity and authenticity

Answer 149

A

Only data is encrypted.

Answer 150

A

The entire packet is encrypted.

Answer 151

A

IP-SEC protocol - Authentication Header, provides integrity, authentication, and non-repudiation.

Answer 152

A

IP-SEC Protocol - Encapsulated Security Payload. 
Provides confidentiality (encryption) and limited authentication.

Answer 153

A

A component of IPSEC.

A 1 way connection between 2 communicating parties.
Thus you need two SAs between 2 parties
Each SA only supports ESP or AH.

Answer 154

A

Security Parameter Index (SPI) - 32bit string used by receiving stations to differentiate between SAs.
Destination IP Address - (Unicast address)
Security Protocol ID - The Security Protocol ID must be either an AH or ESP association.

Answer 155

A

Internet key Exchange .

Key Management in IP Sec.
a combination of 3 other protocols: ISAKMP, SKEME and OKE protocol.

Answer 156

A

Secure Socket Layer - Layer 4 Transport Protocol.

Low Cost , Easy to use.
Transparent - no special software is required to use it.
Provides granular access control.
Not all applications are SSL aware.

Answer 157

A

Omni-Directional: send and receive signals equally in all directions.
Parabolic: Also known as dish antenna, extend wireless ranges.
Sectorized: direct signals in a 60 to 120 degree pattern provides additional range and decreases interference.
Yagi: Used for long distances in P2P or P2MP wireless apps.

Answer 158

A

default access point setup.

* The AP is directly connected to the wired Network and bridges the two networks.

Answer 159

A

The access point provides an upstream link to another AP effectively extending the range.

Answer 160

A

The Wireless Access Point functions as a bridge between two seperate wireless networks.

Answer 161

A

A WLAN architecture that has no Access Points. Device communicate directly with each other in a peer to peer network.

Answer 162

A

32 Character name that identifies a wireless network.

Answer 163

A

Wired Equivalent Privacy (WEP). Gen 1 wireless security protocol.

RC4 stream cipher
CRC-32 checksum for integrity
uses a 40 or 104 bit key with a 24-bit initialisation vector (IV) to form a 64 or 128 bit key.

Answer 164

A

Open System Authentication - no wireless client required.

Shared Key Authentication - uses a 4 way handshake to auth and associate the wireless client with the access point.

Answer 165

A

You can tunnel IPSec and SSH over WEP to increase Security.

Answer 166

A

WiFi Protected Access (WPA/WPA2)

WPA uses the Temporal Key Integrity Protocol (TKIP) to address some encryption issues. TKEP = secret root key + initialisation vector.
Support for EAP Extensions (EAP-TLS, EAP-TTLS, Protected EAP).

Answer 167

A

Wifi Protected |Access (WPA2)
WPA 1 + security enhancements
* WPA2 uses AES-based algorithm counter mode /w Cipher block chaining message authenitication Code.

Answer 168

A

Open Relay be default (bad)

Answer 169

A

A realtime blackhole list

* A frequently updated list of IP addresses with open relay.

Answer 170

A

Victims are lured to an online site and asked to validate personal data. (Mostly banking type sites)

Answer 171

A

Spam Over Instant Messaging

Answer 172

A

Spam Over Internet Telephony

Answer 173

A

HTTP - Hypertext Transport Protocol

* HTML - Hypertext Markup Language

Answer 174

A

An attempt to inject scripting language commands into a web form.
* This is an attempt to fool the web server into sending the contents of the back-end databases to the hacker.

Answer 175

A

An attempt to send machine language instructions as part of a query to a web server in an attempt to get the server to run the commands.

Answer 176

A

Sending huge numbers of queries to a web server in an attempt to clog inputs and make it unavailable.

Answer 177

A

Use Cover pages
Place fax machines in secure areas.
Using secure phone lines.
Encrypting fax data.

Answer 178

A

Audit call logs

* publish and enforce corporate telephone use policies.

Answer 179

A

Use a calling card
Use a caller id service
blocking caller id
reconfigure your telephoen switch
VoIP

Answer 180

A

sending anonymous unsolicted messages to bluetooth enabled devices.

Answer 181

A

stealing personal data from a bluetooth enabled device.

Answer 182

A

a UDP echo (port 7) flood attack

Answer 183

A

A large number of ICMP (echo requests) are sent to the target network in an attempt to consume resources (bandwidth)

Answer 184

A

IP Spoofing involves altering a TCP packet so that it appears to be coming from a known good / trusted source.

Answer 185

A

A large number of ICMP (echo requests) are sent to the target network in an attempt to consume resources (bandwidth).
However in this attack the packets are sent to the broadcast address of the target network from a spoofed ip address on the target network.
* To counter you could drop ICMP at the router.

Answer 186

A

TCP packets with a spoofed source address request a connection (syn bit set) to the target network.
target network responds with a syn-ack packet, but the spoofed source never responds.
broken three way packets over whealm the system and it crashes.

Answer 187

A

Enable tcp intercept on the router
Enable committed access rate (CAR) which would rate limit the bandwidth.
Checkpoint has a syn defender function
reduce the time out period on networked systems
change the default max. number of half open TCP connections.

Answer 188

A

A tear drop attack occurs when a change has been made to the length and fragmentation offset fields of sequential IP packets, which causes the target system to to become confused and crashed.

Answer 189

A

In a UDP Flood large numbers of UDP packets are sent to the target network to consume available bandwdith and shut the network down due to congestion.
A counter for this would be to drop unneccessary UDP packets at the router.

Brainscape's Knowledge GenomeTM

Telecommunications & Network Security Flashcards

Brainscape's Knowledge Genome^TM