2.4 Network Services

Question 1

Define a print server.

Answer 1

A server that could be either a physical workstation or network infrastructure that provides printing functionality

Question 2

What protocol do Windows-based file and print servers rely on?

Answer 2

NetBIOS protocol or SMB

Question 3

What does Samba software do?

Answer 3

Provides the ability for a Linux or Unix server to be able to host files or printers that can then be used by Windows clients running the SMB protocol

Question 4

What sort of server allows for printing anywhere in the world?

Answer 4

IP-based file and printer sever/Cloud printing

Question 5

Define a web server.

Answer 5

Any server that provides access to a website

Question 6

What is Internet Information Services (IIS)?

Answer 6

Extensible web server software, created by Microsoft (HTTP, HTTP/2 and HTTPS)

Question 7

What is the current most popular way to run a web server?

Answer 7

The Apache open-source cross-platform web server

Question 8

What is the NGINX web server generally used for?

Answer 8

Reverse proxy, load balancer, mail proxy and HTTP cache

Question 9

What does a web browser see when it connects to a server?

Answer 9

A digital certificate to create a random code

Question 10

What does URL do?

Answer 10

Combines the fully qualified domain name with a protocol at the beginning

Question 11

What mail protocol is specifically for retrieval?

Answer 11

IMAP

Question 12

Which email protocol specifies how emails should be delivered from one mail domain to another?

Answer 12

SMTP

Question 13

Give some options for authentication to an AAA server.

Answer 13

• Something you know
• Something you are
• Something you have
• Something you do
• Somewhere you are

Question 14

What is 802.1x?

Answer 14

A standardised framework used for port-based authentication on wired and wireless networks

Question 15

What is Lightweight Directory Access Protocol (LDAP)?

Answer 15

A database used to centralise information about clients and objects on the network.

Question 16

Why would you use Active Directory (AD)?

Answer 16

To organise and manage the network, including clients, servers, devices, users and groups

Question 17

What does RADIUS do?

Answer 17

Provides centralised administration of dial-up, VPN and wireless authentication services for 802.1x and the EAP

Question 18

What layer does RADIUS operate at, and how does it utilise UDP?

Answer 18

It operates at the application layer and utilises UDP for making connections

Question 19

What is TACACS+?

Answer 19

A proprietary version of RADIUS that can perform the role of an authenticator in 802.1x networks.

Question 20

Contrast RADIUS and TACACS+.

Answer 20

RADIUS: Relies on UDP, combines authentication and authorisation, does not support all network protocols, has cross-platform capability
TACACS+: Relies on TCP, separates the three As, supports all network protocols, exclusive to Cisco devices

Question 21

Define authorisation.

Answer 21

Giving a user access to a certain piece of data or certain areas of a building.

Question 22

What is Kerberos?

Answer 22

An authentication protocol used by Windows to provide for two-way (mutual) authentication using a system of tickets

Question 23

What can be a single point of failure for Kerberos?

Answer 23

A domain controller.

Question 24

What is accounting?

Answer 24

Tracking data, computer usage and network resources

Question 25

What is the term for when you have proof that someone has taken an action?

Answer 25

Non-repudiation.

Question 26

Name the five types of remote access servers.

Answer 26

- Telnet Port 23 - Secure Shell (SSH) Port 22 - Remote Desktop Protocol (RDP) Port 3389 - Virtual Network Computing (VNC) Port 5900 - Terminal Emulator (TTY)

Question 27

Which remote access server sends text-based commands to remote devices and should never be used to connect to secure devices?

Answer 27

Telnet Port 23

Question 28

What does Secure Shell (SSH) Port 22 do?

Answer 28

Encrypts everything that is being sent and received between the client and the server.

Question 29

Which remote access server is designed for thin client architectures?

Answer 29

Virtual Network Computing (VNC) Port 5900

Question 30

Define a Terminal Emulator (TTY).

Answer 30

Any kind of software that replicates the TTY I/O to remotely connect to a device

Question 31

What does RDP port 3389 do?

Answer 31

Provides graphical interface to connect to another computer over a network connection.

Question 32

What does remote desktop gateway (RDG) do?

Answer 32

Creates a secure connection to tunnel into the RDP

Question 33

What does syslog enable?

Answer 33

Different appliances and software applications to transmit logs to a centralised server

Question 34

What parts does a syslog log include?

Answer 34

PRI code (priority code), header and message

Question 35

Give the name for the TCP/IP protocol that aids in monitoring network-attached devices and computers

Answer 35

Simple Network Management Protocol (SNMP)

Question 36

Define a 'managed device'.

Answer 36

A computer or other network-attached device monitored through the use of agents by a network management system

Question 37

Define an agent.

Answer 37

Software that is loaded on a managed device to redirect information to the network management system

Question 38

Define 'Network Management System' (NMS)

Answer 38

Software running on one or more servers to control the monitoring of network-attached devices and computers

Question 39

How should management of devices be conducted?

Answer 39

On an out-of-band network to increase security

Question 40

Define a proxy server

Answer 40

A device that creates a network connection between an end user's client machine and a remote resource (web server)

Question 41

List three benefits of a proxy server

Answer 41

- Increased network speed and efficiency - Increased security - Additional auditing capabilities

Question 42

What does a load balancer/content switch do?

Answer 42

Distributes incoming requests across a number of servers inside a server farm or cloud infrastructure.

Question 43

What is one of the key defenses against a DoS or DDoS attack?

Answer 43

A load balancer

Question 44

How does a DoS attack work?

Answer 44

Victim systems are continually flooded with requests for services, causing the system to crash. There is a single attacker.

Question 45

How does a DDoS attack work?

Answer 45

Multiple machines simultaneously launch attacks on the server to force it offline.

Question 46

What is blackholing/sinkholing?

Answer 46

Identifying any attacking IP addresses and routing their traffic through a Knoll interface

Question 47

What would an Intrusion Prevention System (IPS) protect against?

Answer 47

Small-scale DoS attacks, by fighting back.

Question 48

Why is unified threat management (UTM) so beneficial?

Answer 48

Because it provides the ability to conduct security functions within a single device or network appliance.

Question 49

What is an access control list (ACL) and how is it implemented?

Answer 49

Rule sets placed on the firewalls, routers and other network devices in charge of controlling traffic; the actions are performed top-down (from specific to generic rules)

Question 50

What does a firewall do?

Answer 50

Inspects and controls the traffic that is trying to enter or leave a network's boundary.

Question 51

List some ways a firewall filters traffic.

Answer 51

- Packet-filtering - Stateful - Proxy - Dynamic packet-filtering - Kernel proxy

Question 52

List three disadvantages of a UTM.

Answer 52

- Single point of failure - Lacks detail provided by a specialised tool - Performance is not as efficient as single function devices

Question 53

List three advantages of a UTM.

Answer 53

- Reduced number of devices to learn, operate, and maintain - Lower upfront costs, maintenance, and power consumption - Easier to install and configure

Question 54

What is operational technology (OT)?

Answer 54

- Communications network designed to implement an ICS - Technology that interacts with the real world

Question 55

What does an industrial control system (ICS) do?

Answer 55

Provides the mechanisms for workflow and process automation by using embedded devices to control machinery

Question 56

How is a distributed control system (DCS) created?

Answer 56

By joining together multiple ICSs

Question 57

Define a fieldbus

Answer 57

Digital serial data communication protocol used in OT networks to link different PLCs

Question 58

What is a programmable logic controller (PLC)?

Answer 58

A type of digital computer used in industrial settings that enables automation and assembly lines, autonomous field operations, robotics, and other applications

Question 59

What is a human-machine interface (HMI)?

Answer 59

A local control panel or software that runs on a computer

Question 60

What is supervisory control and data acquisition (SCADA)?

Answer 60

A type of ICS used to manage large scale multi-site devices and equipment in a geographic region from a host computer

Question 61

List five different types of SCADA.

Answer 61

- Cellular - Microwave - Satellite - Fiber - VPN-based LAN

Question 62

What is an embedded system?

Answer 62

A computer system that is designed to perform specific and dedicated functions; considered a static environment

Question 63

Give the name for the type of digital computer used in industrial or outdoor settings, and how often it needs a patch.

Answer 63

Programmable Logic Computer (PLC) The PLC patch is every six months or two years

Question 64

What is a real-time operating system (RTOS)? Where can you always find this?

Answer 64

A type of OS that prioritises deterministic execution of operations that ensure consistent response for time-critical tasks. They are embedded in critical applications.

Question 65

How does system-on-a-chip work?

Answer 65

The processor integrates the platform functionality of multiple logical controllers onto a single chip.

Question 66

List the five elements included in system-on-a-chip.

Answer 66

- Processor - Memory - Storage - Graphics processor - Peripherals

Question 67

Define a legacy system.

Answer 67

A computer system that is no longer supported by its vendor and no longer provided with security updates and patches.