Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISSP David > Telecommunications & Network Security > Flashcards

Telecommunications & Network Security Flashcards

1
Q

What are the layers in the OSI Model?

A 
(A)ll (P)eople (S)eem (T)o (N)eed (D)ata (P)rocessing
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical Link
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the OSI Layers Protocol Data Units

A 
(D)on't forget your (S)(P)(F) at the (B)each
Data = Layers 7 - 5
Segments = Layer 4
Packets = Layer 3
Frame = Layer 2
Bits = Layer 1
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the components of Layer 1

A 
Wiring,
Wireless
Modem
Hubs
Repeaters
Access Points
etc.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the wire types of layer 1

A

Twisted Pair
Coaxial Cable
Fiber Optics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the Attack vectors of Layer 1 (Using CIA as categories)

A

Integrity
- Injection/modification (noise)

Confidentiality

  • Tapping (Grabbing hold of wire)
  • Splicing (Breaking wire and pulling off a piece)
  • Emanations ( Picking up info on the outside of wire)

Availability
- Cutting wire

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the Controls to protect Layer 1?

A

Physical control of perimeter

  • Security Domains
  • DMZ
  • Dual-homed host

Conduit
- Pressurized

Radio Frequency Management
- Directional antenna

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the Topologies of Layer 1 (Physical Layout)

A
  • Bus
  • Tree
  • Ring
  • Mesh
  • Star
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the components of Layer 2

A

Switches

Bridges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Switches

A
  • Separates collision domains based on physical wire
  • Hardware
  • Learns MAC addresses on segments and makes connections quickly and efficiently with no collisions
  • Has more than 2 points (multi port bridge)
  • full duplex
  • Can filter on MAC addresses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are Bridges

A
  • Separates collision domains based on physical wire
  • Software
  • 2 Points
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What does Layer 2 Provide?

A

1) Only Layer with 2 sub layers
- LLC (Logical Link Control - error detection)
- MAC (Media Access Control - Physical)
2) Responsible for error free, reliable transmission of data
3) Frames sized for compatibility with the MAC Protocol
4) Flow control, error detection and correction, retransmission
5) Uses MAC Addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What Does MAC Provide in Layer 2

A

1) MAC is the real address of a computer

2) NIC Card is identified by MAC address (NIC is unique for every hardware card) by

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How is Addressing/Resolution and Media access determined in Layer 2?

A

1) ARP (Address Resolution Protocol)
- Takes IP and maps to MAC
- Stores MAC in cache
(Vulnerable if false MAC address is inserted in cache; called ARP Poisoning and is caused by unsolicited replies)
2) RARP (Reverse Address Resolution Protocol)
- Takes MAC and says give me an IP (DHCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How is traffic controlled with MAC in Layer 2?

A

1) Contention
- fight for the wire
- (CSMA/CA) Carrier Sense Multiple Access with Collision Avoidance ; used in wireless.
- (CSMA/CD)”…” with Collision Detection; waits for clear then starts talking; used in Wired
- Collision Domain; where collisions occur and cause DoS or sniffing attacks
2) Token
- Who ever has the token is first
3) Polling
- A mediator decides who communicates first (mainframes)
* *** Contention is the most popular

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Ethernet

A

1) Most common form of LAN networking
2) Uses CSMA/CD
3) Supports full duplex

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the Communication Protocols of Layer 2

A

Communication

  • x.25; Robust
  • Frame Relay ; Purchase only the needed bandwidth
  • ATM (Asynchronous Transfer Mode) 100 MB or better (ie Voice/Video/Data or same channel)
  • MPLS (Multi Protocol Labeling Switching) sits above layer 2 but below layer 3; allows user to specify their needs and the telephone company uses whatever they need to satisfy.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the Resolution Protocols of Layer 2

A

ARP - Address Resolution Protocol (Used Most Often)
RARP - Reverse Address Resolution Protocol
IARP - Used for Frame Relay

18
Q

What are the transmission technologies of Layer 2

A

1) Synchronous - timing mech. with millisecs between 2 parties
* *2) Asynchronous - Uses stop and start bits. High overhead (25%)
3) Unicast - From me to you directly
4) Multicast - From me to a bunch of parties (Pay-Per-View)
5) Circuit Switched - Predictable amount of delay
* *6) Packet Switched - Takes various ways to get from me to you (Torrent)
* *7) Switched Virtual Circuits - Support packet switching
8) Permanent Virtual Circuits - To a private cloud

** Main ones

19
Q

What are layer 3 devices

A

Router
Firewall
End Stations

20
Q

What are the firewall types of Layer 3

A

1) Screening Router - ACLS
2) Secure Gateway (smarter than router)
- Static packet filtering
- Stateful inspection
- Dynamic Packet Filtering
3) Proxies
- Circuit Level (Physical)
- App Level (Virtual)
4) Adaptive Proxy
5) Personal Firewall

21
Q

What protocols are on Layer 3

A

ICMP - ie Ping
IGMP - Internet Group Message Protocol; Conservation of bandwidth; requires all routers in path to pass traffic
IP
Routers
All protocols that start with “I” except IMAP

22
Q

What are the firewall types of Layer 3

A

1) Screening Router - ACLS
2) Secure Gateway (smarter than router)
- Static packet filtering
- Stateful inspection
- Dynamic Packet Filtering
3) Proxies
- Circuit Level (Physical)
- App Level (Virtual)
4) Adaptive Proxy
5) Personal Firewall

23
Q

What is Layer 3 Quality of Service Traffic Shaping

A

1) Help prioritize traffic so no latency
2) Does not speed traffic up but prioritizes so that you get the max speed possible
3) Stops congestion
(i. e. Video Call)

24
Q

What are the network types of layer 3

A 
LAN (Local Area Network)
VLAN (Virtual Local Area Network)
WAN (Wide Area Network)
MAN ( Metropolitan Area Network / Campus)
SAN (Storage area network)
25
Q

What are Layer 3 Operating Systems

A

Servers
Work Stations
PDA
Smart Phones

26
Q

What is Layer 3 responsible for

A

Transport of information
Abstraction of routing information
Not needed on direct links

27
Q

What is NAT

A

Network Address Translation

1 to 1 internal to external mapping

28
Q

What is PAT

A

Port Address Translation

Allows for 1 to many mapping using ports

29
Q

What are the Private network IP ranges

A
  1. 16-31.255
  2. 168.x.x
  3. x.x.x
30
Q

What are the encryption protocols for Layer 3

A

VPN

  • IPSEC
  • SSL
  • SSH
  • SOCKS
31
Q

What are the firewall filters on Layer 3

A 
Protocol ID
Address
- Both are done on perimeter
Port
Content
- Both are done closer to content
32
Q

What are the controls for Layer 3 (CIA)

A

Integrity = Authentication Header (AH)
Confidentiality = Encapsulating Security Payload (ESP)
No Availability

33
Q

IPsec Authn & Confidentiality Layer 3 Protocol

A
  • Encapsulating Security Payload (ESP); Protocol ID 50
  • AuthN Header (AH); Protocol ID 51
  • Security Association (SA); Unidirectional : Security Choice; Key Exchange
  • Security Parameter Index (SPI); Random number to identify the traffic so they don’t have to decrypt traffic
34
Q

What is Tunneling Protocol in Layer 3

A

1) Point to Point Tunneling Protocol (replaced by IPsec)
2) Layer 2 Tunneling Protocol (L2TP)
- Supports VPN
- Neither Encryption or Confidentiality

35
Q

IPsec Encryption Options?

A 
Its choice driven:
IPsec: ESP (Encryption) or AH (AuthN) or Both
Encryption: DES or 3DES, or AES
AuthN: MD5 or SHA
Key Exchange: DH1 or DH2 or DH5
36
Q

What is SSH Encryption Layer 3

A 
Secure Shell (SSH)
If no encryption then will wrap in a shell.  Examples are:  Telnet, ftp, rcp, rsh, rsh, rexec, rlogin
SSHv1 = Bad
SSHv2 = Good
37
Q

What is SSL Layer 3

A

SSL - Wrapped up in HTTPS

Uses asynchronous Encryption

38
Q

What are the IPsec Configurations

A

1) Internet Key Exchange (IKE)
- UDP 500
- ISA KMP
2) Tunnel Mode
- Network to Network
3) Transport Mode
- Host to VPN Concentrator
- Host to Host
* * to remember Tunnel, think that network to network has 2 “N”s in it like Tunnel and Transport has an S in it for Host to Host

39
Q

What is the Bogon List

A

It is a List of known bogus IP addresses that should never be accepted.

40
Q

What is BSD Firewall in Layer 3

A

IP firewall with NATD (NAT Deny)

  • Does not support NAT
  • Limited Logging
  • Rules are indexed
  • Packet is handled based upon rule results
  • Permit
  • Deny
  • Divert = natd
41
Q

What are the IP Versions Layer 3

A

IPv4

  • 32 bits = 4 decimal sets
  • Subnetting; break up broadcast domains
  • Subnet mask if for readability
  • Valid subnet mask 255.x.y.0

IPv6

  • 128 bits
  • No need to subnet
  • has next header flag
42
Q

Linux with netfilters/iptables firewall in Layer 3

A 
Based on BSD but better
Rules are grouped in chains
Chains are grouped into tables
- Filter , NAT, Mangle
Define rules matching packet content
Define a target action
* Accept, Drop, Queue, Return, Reject, Log, DNAT, SNAT, Masquerade

CISSP David (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions