Test Ch. 9-12 Flashcards
Connection-oriented Communication
A protocol that does not establishes a connection between two hosts before transmitting data and verifies receipt before closing the connection between the hosts. TCP is an example of a connection-oriented protocol.
Connectionless Communication
A protocol that does not establish and verify a connection between the hosts before sending data; it just sends the data and hopes for the best. This is faster than connection-oriented protocols. UDP is an example of a connectionless protocol.
Session
Any single communication between a computer and a another computer.
TCP
Transmission Control Protocol - enables connection-oriented communication in networks that use the TCP/IP protocol suite.
TCP Three-way handshake
.
If the network is not visible on the Internet, the DNS naming convention does not require top-level domain names such as .com or .org
True
As the Internet grew, HOSTS replaced DNS
False
Which is the correct sequence according to the DNS naming convention?
Host.Domain.Root
Symmetric-key encryption is what we call any encryption that uses the same key for both encryption and decryption.
True
This is a mathematical function that creates a checksum, and which is used by most forms of nonrepudiation.
Hash
This protocol offers a method for querying the state of certain network devices
SNMP
Hubs, switches and routers all work at layer 1 of the OSI seven-layer model.
False
Microsoft Exchange is an example of a dedicated e-mail client.
False
This is one example of the many programs that use the BitTorrent file-sharing protocol in modern peer-to-peer implementations.
µTorrent
VPNs use encryption.
True
UDP
User Datagram Protocol - Part of the TCP/IP protocol suite, a connectionless protocol that is an alternative to TCP.
DHCP
Dynamic Host Configuration Protocol - uses UDP - DHCP clients uses port 67 for sending data, DHCP servers use port 68 for sending data.
NTP/SNTP
Network Time Protocol. Simple Network Time Protocol.
TFTP
Trivial File Transfer Protocol enables you to transfer from one machine to another. Doesn’t have any protection. Uses port 69.
ICMP
Internet Control Message Protocol
IGMP
Internet Group Managment Protocol
Well-known Port Numbers
Port numbers between 0 and 1023
Ephemeral Port Numbers
1024-5000
Dynamic or Private Port Numbers
49152-65535
IANA
Internet Assigned Numbers Authority
Registered Ports
1024-49151
Socket or Endpoint
Terms for the connection data stored on a single computer
Netstat
Show me the endpoint command utility
FTP
File Transfer Protocol - used for large files.
SMTP
Simple Mail Transfer Protocol - port 25, used by clients to send messages.
POP3
Post Office Protocol version 3 - receive e-mail from SMTP servers. POP3 uses TCP port 110.
IMAP4
Internet Message Access Protocol version 4. Retrieves e-mail from an e-mail server. IMAP4 enables you to search through messages on the mail server to find specific keywords and select the messages you to download onto your machine.
Remote Login
rlogin - works over TCP port 513
Remote Shell
RSH - runs over TCP port 514
Remote Copy Protocol
RCP - TCP port 524
Telnet
A program that enables users on the internet to log onto remote systems from their own host systems.
Secure Socket Layer
SSL - A protocol developed by Netscape for transmitting private documents over the Internet
What 3 things make a secure website?
- Authentication
- Encryption
- Nonrepudiation
HTTPS
Hypertext Transfer Protocol over SSL - uses port 443.
DNS
Domain Name System - name resolution protocol
WINS
Windows Internet Name Service
HOSTS File
The predecessor to DNS, a static text file that resides on a computer and is used to resolve DNS host names to IP addresses. The HOSTS file is checked before the machine sends a name resolution request to a DNS name server. The HOSTS file has no extension.
TLD
Top-level Domain
FQDN
Fully Qualified Domain Name - A complete DNS name, including the host name and all of its domains (in order).
Name Servers
A computer whose job is to know the name of every other computer.
- DNS server
- Zone
- Record
CNAME
Canonical name - Less common type of DNS record that acts as a computer’s alias.
PKI
Public-key Infrastructure - The system for creating and distributing digital certificates using sites like Verisign, Thawte or GoDaddy.
Authentication
A process that proves good data traffic truly came from where it says it originated by verifying the sending and receiving users and computers.
Authorization
A step in the AAA philosophy during which a client’s permissions are decided upon.
Nonrepudiation
The process that guarantees the data is as originally sent and that it came from the source you think it should have come from.
Hash
A mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length (often called a checksum or a digest.)
SHA
Secure Hash Algorithm
MD5
Message-Digest Algorithm version 5, hashing function.
Encryption
A method of securing messages by scrambling and encoding each packet as it is sent across an unsecured medium, such as the Internet. Each encryption level provides multiple standards and options.
DNS Server
A DNS server is a computer running DNS server software.
Zone
A zone is a container for a single domain that gets filled with records.
Record
A record is a line in the zone data that maps an FQDN to an IP address.
Authoritative DNS server
Also called Start of Authority or SOA, A DNS server that has a single zone that lists all the host names on the domain and their corresponding IP addresses.
Cached lookups
The list kept by a DNS server of IP addresses it has already resolved, so it won’t have to re-resolve it an FQDN it has already checked.
Forward lookup zones
The storage area in a DNS server to store the IP addresses and names of systems for a particular domain or domains.
NS Records
Records that list the DNS servers for a Web site.
A Records
A list of the IP addresses and names of all the systems on a DNS server domain.
MX Records
Mail Exchange
Reverse Lookup Zones
A DNS setting that resolves IP addresses to FQDNs. In other words, it does exactly the reverse of what DNS normally accomplishes using forward lookup zones.
PTR
Pointer Record - points to canonical names.
NetBIOS/NetBEUI
NetBIOS-A protocol that operates at the Session layer of the OSI model. Creates and manages connections based on the names of the computers involved.
NetBEUI-Microsoft’s first networking protocol, designed to work with NetBIOS. Did not support routing.
CIFS
Common Internet System
Windows Domain
A group of computers controlled by a computer running Windows Server, which is configured as a domain controller.
Workgroup
A convenient method of organizing computers under Network/My Network Places in Windows operating systems.
Active Directory
An organization of related computers that shares one or more Windows domains.
DDNS
Dynamic DNS - updates of IP addresses
DNSSEC
DNS Security Extensions - a set of authentication and authorization specifications designed to prevent bad guys from impersonating legitimate DNS servers.
EDNS
Extension Mechanisms for DNS - A specification that expands several parameter sizes, but maintains backward compatibility with DNS servers that don’t use it.
nslookup
name server lookup - command enables DNS server queries.
Dig
Domain information groper -
LMHOSTS
A static text file that resides on a computer and is used to resolve NetBIOS names to IP addresses. The LMHOSTS file is checked before the machine sends a name resolution request to a WINS name server. The LMHOSTS file has no extension.
WINS Proxy Agent
A WINS relay agent that forwards WINS broadcasts to a WINS server on the other side of a router to keep older systems from broadcasting in place of registering with the server.
nbstat
A command-line utility used to check the current NetBios name cache on a particular machine. The utility compares NetBIos names to their corresponding IP addresses.
Plaintext
Data is in an easily read or viewed idustry-wide standard format. Cleartext.
Cipher
A series of complex and hard-to-reverse mathematics-called an algorithm-you run on a string of ones and zeroes to make a new set of seemingly meaningless ones and zeroes.
Complete Algorithm
Is both the cipher and the implementation of that cipher.
Ciphertext
The output when cleartext is run through a cipher algorithm using a key.
Symmetric-Key Algorithm
Any encryption that uses the same key for both encryption and decryption.
Asymmetric-Key Algorithm
Any encryption that uses different keys for encryption and decryption.
Block Ciphers
They encrypt data in single chunks of a certain length at a time.
Stream Cipher
Takes a single bit at a time and encrypts on-the-fly.
DES
Data Encryption Standard - Granddaddy of TCP/IP symmetric-key algorithm. Used a 64-bit block and 56-bit key.
Rivest Cipher 4
Stream Cipher
AES
Advanced Encryption Standard - a block cipher, uses 128-bit block size and 128-, 192-, or 256- bit key size.
Public Key Cryptography
A method for exchanging digital keys securely.
RSA
Rivest Shamir Adelman - Enabled secure digital signatures
SHA
Secure Hash Algorithm
Digital Signature
A string of ones and zeroes that can only be generated by the sender.
Certificate
A standardized type of digital signature that includes the digital signature of a third party, a person or a company that guarantees that who is passing out this certificate is truly who they say they are.
ACL
Access Control List - A clearly defined list of permissions that specify what an authenticated user may perform on a shared resource.
MAC
Mandatory Access Control - Every resource is assigned a label that defines its security level.
DAC
Discretionary Access Control - The idea that a resource has an owner who may at his discretion assign access to that resource. More flexible.
RBAC
Role-based Access Control - Defines a user’s access to a resource based on the roles the user plays in the network environment.
PPP
Point-to-point - enables two point-to-point devices to connect, authenticate with a user name and password, and negotiate the network protocol the two devices will use.
Link Dead
There isn’t a link yet. This phase is when all PPP conversations begin. The main player at this is the Link Control Protocol (LCP). The LCP’s job is to get the connection going.
Link Establishment
The LCP communicates with the LCP on the other side of the PPP link, determining a good link.
Termination
When done nicely, the two ends of the PPP connection send each other a few termination packets and the link is closed.
PAP
Password Authentication Protocol - Transmits the user name and password over the connection in plaintext.
CHAP
Challenge Handshake Authentication Protocol - Relies on hashes based on a shared secret.
AAA
Authentication, Authorization, and Accounting - designed for the idea of port authentication -the concept of allowing remote users authentication to a particular point-of-entry (a port) to another network.
RADIUS
Remote Authentication Dial-In User Service - AAA Standard,
NASs
Network Access Servers - control the modems, and a group of systems that dial into the network.
IAS
Internet Authentication Service - Microsoft
FreeRadius
UNIX/Linux
TACACS+
Terminal Access Controller Access Control Sustem Plus - A proprietary protocol developed by Cisco to support AAA in a network with many routers and switches. Similar to RADIUS but uses TCP port 49.
Kerberos
An authentication protocol that has no connection to PPP. Authentication protocol for TCP/IP networks with many clients all connected to a single authenticating server.
KDC
Key Distribution Center - has two processes, AS and TGS.
AS
Authentication Server
TGS
Ticket-Granting Service
TGT
Ticket-Granting Ticket or token or access token
EAP
Extensible Authentication Protocol - used in wireless networks
EAP-PSK
Personal shared key
EAP-TLS
Transport Layer Security
EAP-TTLS
Tunneled TLS
EAP-MS-CHAPv2 or PEAP
Protected Extensible Authentication Protocol - password function based on MS-CHAPv2 with the addition on an encrypted TLS tunnel.
EAP-MD5
Uses MD5 hases for transfer of authentication credentials. Weak.
LEAP
Lightweight Extensible Authentication Protocol -
802.1
Port-authentication network access control mechanism for networks.
SSH
Secure Shell
Tunnel
An encrypted link between two programs on two separate computers.
SSL
Secure Socket Layer - requires a server with a certificate. Limited to HTML, FTP, SMTP,
TLS
Transport Layer Security - Designed as an upgrade to SSL. No restrictions.
IPsec
Internet Protocol Security - Authentication and encryption protocol suite that works at the Internet/Network layer. Transport mode and Tunnel mode.
AH
Authentication Header - for authentication
ESP
Encapsulating Security Payload - for implementing authentication and encryption.
ISAKMP
Internet Security Association and key Management Protocol - for establishing security associations (SAs) that define things like the protocol used for exchanging keys.
IKE and IKEv2
Internet Key Exchange and Kerberized Internet Negotiation of Keys (KINK), two widely used key exchanging protocols.
SCP
Secure Copy Protocol
SFTP
Secure FTP
OpenSSH
A series of secure programs developed by the OpenBSD organization to fix SSH’s limitation of only being able to handle one session per tunnel.
SNMP
Simple Network Management Protocol - method for querying the state of SNMP-capable devices.
MIB
Management Information Base
LDAP
Lightweight Directory Access Protocol - tool that programs use to query and change a database used by the network.
NTP
Network Time Protocol - uses port 123
P2P
Peer-to-peer - any system can act as a server, client, or both.
VPN
Virtual Private Network
PPTP
Point-to-point tunneling protocol
RRAS
Routing and Remote Access Service
L2TP
Layer 2 Tunneling Protocol
VPN Concentrator
A VPN-capable router
SSL VPNs
Work at the application layer.
Trunking
The process of transferring VLAN between two or more switches.
Trunk Port
A port on a switch configured to carry all traffic, regardless of VLAN number, between all switches in a LAN.
VLAN
Virtual Local Area Network - A single physical broadcast domain and chop it up into multiple virtual broadcast domains.
