Udemy-Domain 4 Flashcards
the 3 types of network communication are:
- Simplex (one way)
- Half-Duplex (one way at a time, reciprocating)
- Full-Duplex (simultaneous two-way)
___ networks have one channel, whereas ___ networks have multiple channels that can be used simultaneously
Baseband; Broadband
the ___ is a global collection of peered WAN networks,
the ___ is an organizations private network,
the ___ is a connection between private networks
Internet;
Intranet;
Extranet
data is normally sent over the internet using ___ switching, but ___ switching is a way to guarantee full bandwidth and no delays due to routing
packet; circuit
___ gives specific internet traffic priority so that it will be close to real-time (like VOIP)
QoS (Quality of Service)
a ___ is used for supporting mobile customers across a number of wireless LAN’s, satellite coverage areas, etc.
GAN (Global Area Network)
wire and cable types belong to OSI layer ___
1 (Physical)
network topologies belong to OSI layer ___
1 (Physical)
threats related to EMI, sniffing, interference, etc. belong to OSI layer ___
1 (Physical)
the ___ OSI layer connects nodes in the same network
2 (Data Link)
LLC (Logic Link Detection) error detection belongs to OSI layer ___
2 (Data Link)
the first ___ bits of a MAC address identify the manufacturer (UOI - Unique Organization Identifier)
24 (6 hexadecimal characters)
a devices MAC address is also called its ___
BIA (Burned In Address)
the last ___ bits of a MAC address identify the unique device (UAA - Universally Administered Address)
24 or 40
ARP (Address Resolution Protocol) belongs to OSI layer ___
2 (Data Link) and 3 (Network)
CSMA (Carrier Sense Multiple Access) belongs to OSI layer ___ (CD for ethernet and CA for wireless)
2 (Data Link)
Token Passing belongs to OSI layer ___
2 (Data Link)
most protocols that start with “I” (except IMAP) like IP, ICMP, IPSEC… belong to OSI layer ___
3 (Network)
a large number of protocol attacks (ping floods, smurf, spoofs, etc.) occur on OSI layer ___
3 (Network)
SSL/TLS operate from OSI layer ___ through layer ___
4 (Transport); 7 (Application)
UDP (User Datagram Protocol) flood attacks are called ___ and occur on OSI layer ___
Fraggle; 4 (Transport)
TCP SYN attacks, or SYN floods occur on OSI layer ___
4 (Transport)
Fraggle attacks are often more successful than Smurf attacks because
many networks block ICMP but not UDP
VIOP and other real-time applications use UDP because ___
they cannot afford the overhead of delivery confirmation
the 9 control bit flags in TCP function on OSI layer ___
4 (Transport)
establishing (as well as maintaining and terminating) connections between applications is done in OSI layer ___
5 (Session);
the only OSI layer with no protocols is layer ___
6 (Presentation)
formatting, compressing and file encryption are done on OSI layer ___
6 (Presentation)
data is actually presented to the user on OSI layer ___
7 (Application)
protocols such at HTTP, HTTPS, FTP, SNMP, IMAP and POP all function on OSI layer ___
7 (Application)
non-repudiation, certificates, application proxies, deep packet inspection, content inspection and AD (Active Directory) integration all happen on OSI layer ___
7 (Application)
Viruses, worms, trojans, buffer overflow and application/OS vulnerability attacks all happen on OSI layers ___ through ___
5 (Session); 7 (Application)
in the TCP/IP model, the ___ layer includes all the communication within a single network segment, which corresponds to OSI layer(s): ___
Link; 1 (Physical) and 2 (Data Link)
in the TCP/IP model, the ___ layer includes all the communication between independent networks, which corresponds to OSI layer(s): ___
Internet; 3 (Network)
in the TCP/IP model, the ___ layer includes all host-to-host communication, which corresponds to OSI layer(s): ___
Transport; 4 (Transport)
in the TCP/IP model, the ___ layer includes all processing of data exchanges for applications, which corresponds to OSI layer(s): ___
Application; 5 (Session), 6 (Presentation) and 7 (Application)
the process of sending and receiving packets of data, adding headers to packets, etc. are in the ___ layer of the TCP/IP model
Link and Physical
the process of routing packets to their final destination and resolving addresses is on the ___ layer of the TCP/IP model
Internetwork
the process of establishing data channels and port addressing for applications is on the ___ layer of the TCP/IP model
Transport
the protocols used by applications (user protocols like HTTP, IMAP, etc.) as well as firewalls operate on the ___ layer of the TCP/IP model
Application
an IP address and a Port taken together are called a ___, and one difference between TCP and UDP is that ___
socket; TCP uses a pair of sockets (source and destination)
since IPv6 requires a 64 bit MAC address, when a device has only 48 bits the characters ___ are added to the end
FF:FE
IPv4 only allowed for ___ individual addresses
4 billion
to capture all unicast (client/server) traffic, configure a NIC in ___ mode and configure the switch port being used as a ___
promiscuous; span port
in ___ traffic, data is being sent to a pre-defined list of clients
multicast
Broadcast traffic is sent to ___, if it is layer 3 (IP address) or layer 2 (MAC address) broadcast then ___, and a ___ broadcast sends to everyone logically connected (i.e. VLAN) in a network (the broadcast ID)
everybody in the network;
routers will not pass it on so it won’t go past the Node;
directed
each number in an IPv4 address (separated by dots) represents ___
a 32 bit binary octet
Private IP addresses include the entire range of ___, ___ and ___ through ___
10.x.x.x (Class A); 192.168.x.x (Class C); 172.16.x.x - 172.31.x.x (Class B)
the IP address ___ is reserved for loopback IP’s, on your PC only
127.0.0.0/8 (127.x.x.x)
the IP address ___ is reserved for Link-Local, if there is a problem connecting with a router/switch
169.254.0.0/16 (169.254.x.x)
the IP address ___ is reserved for Broadcast traffic
255.255.255.255
NAT can be ___ (unchanging one-to-one), ___ (one-to-one from a pool of available public addresses) or ___ (One-to-many using ports)
Static NAT; Dynamic NAT; PAT/NAT Overload
the ___ in an IPv4 header is designed to prevent routing loops
TTL (Time To Live)
the ___ in an IPv4 header identifies the maximum size a packet can be, normally ___ bytes in Ethernet usage
MTU (Maximum Transmission Unit); 1500
what was called “Quality of Service” in IPv4 has been renamed and split between ___ and ___ in IPv6
Traffic Class; Flow Label (QoS management)
the Time To Live (TTL) in IPv4 has been renamed in IPv6 to ___
Hop Limit
ARP poisoning can occur because the ARP request goes out ___ and any device on the network can reply. to avoid this, ARP entries can be hard-coded, or ___ is used by diskless workstations
Multicast; RARP (Reverse Address Resolution Protocol) - (the workstation sends it’s MAC address, asking for an IP address)
downloading the OS for diskless workstations, called ___, uses the ___ protocol and port ___
Bootstrapping; TFTP; 69
the ___ protocol is used for saving router configuration
TFTP
the Mail ___ formats a message using SMTP and sends it to the Mail ___
User Agent; Submission Agent
The ___ determines where an email needs to be delivered, resolving the FQDN (Domain Name) of the mail server. The DNS server then replies with any ___ records for that domain
Mail Submission Agent; MX (Mail EXchange)
email is delivered to an inbox by an ___, after passing through one or more ___
MDA; MTA (Mail Transfer Agent)
DNS servers use ___ port 53
both TCP and UDP
DNS servers use the commands ___ and ___
GetHostByName(); GetHostByAddress()
___ name servers are the authority for a given namespace
authoritative
___ name servers try to resolve names it doesn’t already know
recursive
___ name servers keep previously resolved names in a temporary cache
cache
the only SNMP version with encryption is ___
v3
SNMPv2 is particularly dangerous because ___
it can control devices but has no encryption
HTTP can use 3 ports: ___
80; 8008 or 8080
HTTPS can use port ___ or ___
443; 8443
both DHCP and BOOTP (Bootstrap for diskless workstations) use ports ___
UDP 67 for the Server and 68 for the Client
the signal for a wired network flows from the ___, and too much distance from it might require an amplifier to avoid ___
DSLAM (Digital Subscriber Line Access Multiplexer); attenuation
the difference between CAT3 and CAT6 UTP (Unshielded Twisted Pair) is ___
it is twisted, because more twisting makes it less susceptible to EMI
a copper cable connector for a PC is an ___, but a connector for a phone is an ___
RJ45; RJ11
ethernet CSMA uses CD, or ___, which works by ___
Collision Detection; listen to see if the line is idle, then wait a random number of milliseconds to start transmitting
wireless CSMA uses CA, or ___, which works by ___, because devices on a wireless network may not ___
Collision Avoidance; sending a RTS (Request To Send) and waiting to a CTS (Clear To Send) if there is congestion; be aware of each other
___ is a legacy L2 protocol with no error recovery, focused on speed
Frame-Relay
Frame-Relay systems can use either ___ or ___ circuits to transmit data, and uses ___ to identify the virtual connection
PVC (Permanent Virtual Circuit); SVC (Switched Virtual Circuit); DLCI (Data Link Connection Identifiers)
___ is a legacy protocol suite for WAN communication which used PSE (Packet-Switching Exchange) nodes and leased lines with error correction which added latency
X.25
___ is a legacy WAN technology which carried multiple T circuits over fiber optics using a physical ring topology
SONET (Synchronous Optical Networking)
___ is a widely used WAN technology that encapsulates packets with other protocols and labels them for delivery to their next node only. It operated between OSI layers ___
MPLS (Multiprotocol Label Switching). 2 and 3
___ is a synchronous L2 WAN protocol that uses polling to transmit data (NRM only). It was replaced by ___, which added error correction and flow control and two modes
SDLC (Synchronized Data Link Control); HDLC (High-level Data Link Control)
the 3 modes of SDLC and HDLC are:
NRM (Normal Response Mode) nodes only transmit with permission of the primary
ARM (Asynchronous Response Mode) nodes may initiate communication with the primary
ABM (Asynchronous Balanced Mode) nodes act as primary or secondary
most protocols containing the words ___ or ___ are used by VOIP
Transport Protocol; Control Protocol
wireless NIC’s can operate in 4 modes:
- Managed/client (can connect only to a WAP - most common)
- Master/Infrastructure (act like a hotspot)
- Ad-Hoc (connect directly to other clients
- Monitor/RFMIN (captures whatever traffic moves)
a ___ is all the devices associated with an organizations WLAN
Service Set
WPA2 is also called ___
RSN (Robust Security Network)
Bluetooth class 1 has a range of \_\_\_ class 2 has a range of \_\_\_
300 feet
30 feet
Bluetooth is secured through ___ based algorithms
SAFER+ block cipher
___ is taking complete control over a device via Bluetooth, but rarely done because patches have resolved it
bluebugging
___ are Layer 1 devices used to extend the range of copper wired transmission by receiving a signal and retransmitting it
Repeaters
network ___ are basically just Repeaters with a few extra ports
Hubs
___ are Layer 2 devices that separate collision domains on a network
Bridges
___ are Layer 2 devices that prevent collisions (like Bridges) with more than 2 ports. Each port is its own collision domain, and it directs traffic via MAC addresses
Switches
the ___ command prevents different devices from using the same port on a switch
MAC sticky
it is good policy to put each port on a switch on a particular ___ for logical grouping
VLAN
use ___ to keep switch traffic only going to other switches that are logically grouped
VLAN pruning
___ ports are used to connect two different switches on a network, and often have a larger capacity than other ports
trunk
routers have two operational planes:
Control plane and Forwarding plane
___ routing only looks at the number of hops to get to a destination, regardless of bandwidth
distance vector
when 2 routers have the same information about a network they are in ___
convergence
___ is an example of distance vector routing which uses split horizon, route poisoning and hold-down timers to prevent incorrect information from propagating
RIP (Routing Information Protocol)
in ___ routing, each node independently runs an algorithm over the map to determine the shortest path from itself to every other node in the network
link-state
___ is used within a single routing domain to identify the most efficient routes, and update routes when changes to the topology are detected. It supports IPv4, IPv6 and CIDR addressing
OSPF (Open Shortest Path First)
___ is a link-state routing protocol used to connect over the internet
BGP (Border Gateway Protocol)
First-Generation firewalls are also called ___ and work on OSI Layer 1-3 using rules
packet-filtering
Second-Generation firewalls are also called ___ and work on OSI Layer 1-4, which is better defense against ___
stateful filtering; DOS attacks
Third-Generation firewalls are ___ firewalls, which are aware of applications and protocols
Application Layer
___ filter traffic between two or more networks, and can be either software or hardware based
Network Firewalls
___ provide a layer of software security on one host that controls network traffic in and out of a single machine
Host-Based firewalls
a ___ host is a special purpose host designed and configured to withstand attacks
bastion
a ___ host has two network interfaces, one trusted and one not (i.e. internet)
dual-homed
___ architecture can be used to separate components of a firewall onto separate systems, and is often used to establish a DMZ
screened subnet
firewalls are designed to ___ when they fail
close
previously, at the demarc where a network meets the internet, the ___ is often a desktop or server, and the ___ is often a modem
DTE (Data Terminal Equipment); DCE (Data Circuit-terminating Equipment)
