Advanced Networks Flashcards

Question

DFS

Answer 1

Dynamic Frequency Selection Avoids interference with radar by checking if it is detected on a channel and avoiding it if necessary In-use channels are monitored and channel is changed if radar detected Adds cost and complexity and is susceptible to false triggers

Answer 2

Wi-Fi 6 Designed for efficiency in dense environments Uses 1024-QAM Uses 2.4GHz, 5GHz and provisionally 6GHz

Answer 3

Target Wake Time Allows clients to schedule times with Wi-Fi access points for waking up and sending data Ideal for IoT and Sensor Networks

Answer 4

A category of wireless communication that covers low-power long-range connection.

Answer 5

LPWAN Technology Low Power Long Range Wide Area Network

Answer 6

Expensive Proprietary Physical Layer Pricey Gateways

Answer 7

50 kbit/s Slow

Answer 8

Data Link & Physical

Answer 9

Star-of-Stars

Answer 10

Uses Chirp Modulation - Doppler Resistant: Ideal for moving objects - Interference Resistant - Multipath Resistant - Highly Scalable Uses IP for communication between Gateways and Cloud Services Uses sub-GHz frequencies that penetrate obstacles and don’t collide with other communication protocols Up to 10km range in rural areas

Answer 11

Proprietary PHY Layer Relatively Low Data Rate

Answer 12

LPWAN Technology Uses Ultra Narrow Band modulation for very slow data transmission

Answer 13

LPWAN Technology Uses a low-cost sim-card within a narrowband of 4G LTE and 2G GSM for 4x faster speeds than LoRaWAN. Used in Asset Tracking

Answer 14

LPWAN Technology Low Earth Orbit satellites that forward data from devices onto ground stations. Requires subscription

Answer 15

LPWAN Technology Uses 4G LTE for 1Mbit/s speeds at relatively high-power consumption

Answer 16

Short range, personal area network wireless communication technology 2.4GHz band is divided into 79 Bluetooth channels, communication is divided into 1600 time slots per second

Answer 17

Data Link & Physical

Answer 18

Low if BLE

Answer 19

Inexpensive

Answer 20

One controller forms up to seven active connections with responders creating a Piconet Up to 255 responders can be parked, maintain a connection but not communicating

Answer 21

Reduces interference by having transmission hop between channels. Adaptive Frequency Hopping avoids channels in use such as those used by Wi-Fi

Answer 22

GATT Profiles standardise exchange of data for specific device types e.g. Heart Rate Sensor

Answer 23

Frequency hopping improves security as all channels must be sniffed Interleaving allows communication with multiple responders TDMA allows contention-free networking Ubiquitous integration among devices

Answer 24

Operates in unlicensed 2.4GHz ISM band, interference prone Relatively low data rate

Answer 25

A standard covering specification of the Physical and Data Link layers for low-rate wireless PANs

Answer 26

Data Link & Physical

Answer 27

250 kbit/s

Answer 28

Star & Peer-to-Peer

Answer 29

Inexpensive

Answer 30

Acts as a central network controller

Answer 31

Provide synchronisation services to devices

Answer 32

Full Function Device Capable of acting as a PAN Coordinator and can associate with multiple devices simultaneously

Answer 33

Reduced Function Device Capable of associating with only **one** FFD at a time Suitable for simple sensors or actuators

Answer 34

Routing between devices not in range of each other is not handled by 802.15.4 and instead is handled by higher-layer protocols e.g. RPL

Answer 35

Uses 64-bit MAC addresses and (sometimes) a 16-bit address valid only within the PAN

Answer 36

Low cost, Low power: Ideal for IoT and Sensor Networks Peer-to-Peer topology acts as a basis of mesh networking allowing for self-healing, self-organising networks

Answer 37

Relatively low data rate Operates in 2.4GHz, prone to interference

Answer 38

Alternates radio between active/idle to save power

Answer 39

An *asynchronous* duty cycling protocol has retransmissions until the receiver periodically wakes up and responds with an acknowledgement

Answer 40

Time-slotted Channel Hopping A *synchronous* duty cycling protocol (defined in the 802.15.4 standard ) that divides time into slots assigned for communication between two specific devices. Devices synchronise their schedule and use different channels to avoid interference

Answer 41

A specification of the application and network layer to facilitate mesh and multi-hop networking Builds on 802.15.4

Answer 42

Application & Network

Answer 43

Zigbee-certified devices have a battery life of at least 2 years Enables mesh networking

Answer 44

Non-IP Certification required to add Zigbee logo to device

Answer 45

A specification of the network layer to allow IPv6 over 802.15.4 addresses Builds on 802.15.4

Answer 46

IPv6 Compatible allowing for Interoperability Small headers

Answer 47

A standard that provides encrypted, self-healing, resilient mesh networking Uses 6LoWPAN

Answer 48

IPv6 Routing Protocol for Low-Power and Lossy Networks An IPv6 Routing Protocol suitable for routing over mesh networks, allowing for multi-hop networking Builds on 802.15.4

Answer 49

Uses network traffic to build a picture of network (traffic decreases as network stabalises) Creates a tree-like DODAG topology and assigns a distance-dependent rank to nodes further from the root to prevent routing to closer nodes via farther nodes

Answer 50

A lightweight publish-subscribe messaging protocol

Answer 51

Application

Answer 52

Brokers forward messages from publishers onto appropriate subscribers Clients connect to the broker using Wi-Fi typically and transfer JSON

Answer 53

Topics are hierarchical - # acts as a multi-level wildcard - + acts as a single level wildcard

Answer 54

A lightweight RESTful messaging protocol designed for resource-constrained devices Follows REST principles, providing interoperability with HTTP (and the Web) Border gateways/proxies translate between HTTP and CoAP

Answer 55

Application

Answer 56

- Confirmable (requiring acknowledgement) requests - Non-confirmable requests - Timeouts - Delayed payload responses with tokens - Resource observation - Block transfers for large payloads

Answer 57

Request to **GET .well-known/core** returns descriptions of resources available on nodes allowing for automatic configuration

Answer 58

Small packet size; header is fixed-size at 4 bytes Highly suited for use with 802.15.4, a basic packet will fit into a single radio frame Uses UDP, ideal for prolonging battery life CoAP proxies cache data allowing nodes to sleep Supports multicast allowing interactions with multiple nodes at once

Answer 59

A unifying application layer that leverages existing communication standards. It specifies - Device Onboarding - Device Messaging - Security Sits on-top of Thread, Ethernet, Wi-Fi, Bluetooth and unifies interactions

Answer 60

Application

Answer 61

Non-matter devices can be bridged into a Matter network Big-players in home automation are onboard

Answer 62

Modulation Techniques Spatial Performance Improvements Multiple Access Wi-Fi 6

Answer 63

DSSS FDM OFDM OFDMA

Answer 64

Beamforming MIMO MU-MIMO

Answer 65

CSMA/CD (Ethernet) CSMA/CA (Wi-Fi)

Answer 66

- Address Conservation: RIRs avoid giving out large blocks of address space - Network Address Translation (NAT): Multiple private IPs, one public IP - Release of Reserved Address Space: Challenging as client configurations need updating - Address Recovery: Challenging as reputation of IP must be recovered - CGNAT: ISP shares single IP address among multiple homes

Answer 67

Breaks end-to-end connectivity Public IP abuse causes multiple homes to be punished Security and privacy implications Scalability issues Does not solve IPv4 exhaustion

Answer 68

Hardware Infrastructure Training Lack of Urgency Implementation Challenges Money HInT LimM

Answer 69

Resolves IPv4 Exhaustion Direct end-to-end global addressability Simplified networks with reduced latency

Answer 70

IPv4 DNS servers can serve AAAA (IPv6) records and vice-versa

Answer 71

Supporting of both IPv4 and IPv6 protocols with devices having addresses in both forms

Answer 72

Essentially two networks running in parallel: - Each protocol needs its own firewall - More issues to troubleshoot - Double the IP config - More hardware usage e.g. routing table

Answer 73

1. Plan Ahead 2. Comprehensive Planning 3. Initial IPv6 Deployment During a Network Upgrade (Reduces cost) 4. Aim to keep parity of service no matter the strategy (No not damage IPv4 performance)

Answer 74

Deployed a dual-stack system Used SLAAC as DHCPv6 was not well supported and still is not supported on Android Has both IPv6 and IPv4 used on the same network Switched early for to lower cost Motivation was from CERN requiring IPv6 and they were running out of IPv4

Answer 75

RFC1918 (Private Network) Address space is running out due to overlapping from acquired companies and their networks Dual-stack is operationally complex and hence Microsoft's desire to switch to IPv6 solely

Answer 76

Tunnelling NAT64 VPN

Answer 77

Encapsulates IPv6 packets in IPv4 packets between two destinations - Reduces MTU - Increases Latency - Causes issues with GeoIP-restricted services

Answer 78

Adds IPv4 header in front of IPv6 packet - Protocol 41 is not supported by many consumer routers and so they cannot provide options to support it

Answer 79

Embeds IPv4 DNS web addresses within an IPv6 address with a specific prefix - DNS64 Servers synthesise AAAA records for a web domain that only has A records - NAT64 Gateway translates packets with the specified prefix to IPv4

Answer 80

1. User requests IP of URL from DNS64 server 2. The DNS64 server does not know the IP and contacts a DNS server which returns an A record IPv4 address 3. The DNS64 server prefixes the IPv4 address to create a AAAA record 4. The user contacts the IP address via a NAT64 gateway which strips the prefix and contacts the IPv4 web server

Answer 81

Allows IPv4 Connectivity over an IPv6 Network with two translators - Stateless Customer Translator (CLAT): Converts IPv4 to IPv6 - Stateful Provider Translator (PLAT): Converts back to IPv4. Must track connections, ports, addresses etc.

Answer 82

Uses 464XLAT with DHCPv4 Option 108

Answer 83

Devices are either - In need of IPv4 - Capable of operating IPv6 only Devices capable of IPv6 only send DHCP requests with Option 108 which indicates IPv4 is not necessary if IPv6 is available - DHCPv4 servers will not provide IPv4 address if Option 108 is specified and supported. Forcing a device to use IPv6

Answer 84

1. Initial Recon 2. Initial Compromise 3. Establish Foothold 4. Escalate Privileges 5. Internal Recon 6. Move Laterally 7. Maintain Presence (Loop back to 4.) 8. Complete Mission

Answer 85

Scope out a target through methods such as - *Port & Network Scanning*: Identify open ports - *Banner Grabbing*: Extract information on system software versions and configurations - *Signature Recognition*: Different versions of software respond in different ways - *DNS Brute Forcing*: Look for common subdomains i.e. `vpn.xyz` or `login.xyz` and reverse DNS - *Dumpster Diving*: Physical rummaging through discarded documents or hardware (network switches, hard drive etc. need to be wiped) - *Social Engineering*: Psychological manipulation to deceive individuals - *Man-in-the-Middle*: Intercept communication - *Google & Shodan*: Identify publicly available information

Answer 86

Difficult to defend as malicious recon blends in with normal network traffic Security through obscurity can impede an attacker

Answer 87

Execute malicious code on the target's system using - Social Engineering - Remote Execution: SQL Injection - Brute Force - Password Reuse

Answer 88

User Education Appropriate technical methods

Answer 89

Gain some level of control over a target system using - Rootkits - Backdoors - Introduction of further vulnerabilities

Answer 90

Block vulnerabilities Update Systems

Answer 91

Gain more control by increasing privileges and eventually gaining root access using - Exploitation of privilege escalation vulnerabilities - Dumping and cracking hashed passwords/access password managers

Answer 92

Implement Least Privilege Principle, Minimum level of access to perform necessary tasks MFA

Answer 93

Gain a more thorough understanding of the target's network and systems - Where are key files stored - What is known about key individuals (for social engineering) - What internal systems are used?

Answer 94

Network segmentation

Answer 95

Gain more access to more systems

Answer 96

Establish persistent access - Additional rootkits - Multiple backdoors - Deploy more malware - Gain access via existing legitimate remote access services/VPN

Answer 97

Network monitoring and audits

Answer 98

Identify the rules and procedures for people and systems accessing networks and sets out responsibilities of those managing networks

Answer 99

- Ensure confidentiality, integrity and availability of systems - It should be organisation specific, practical, enforceable and regularly updated - It should include processes for users to report security issues and detail how issues will be responded to and who is responsible - It should define a password policy - It should cover incident responses, who's is responsible

Answer 100

- Encourage users to be less secure - Users who dont understand the goal of the policy are less likely to apply it - Users who feel it hinders their work are more likely to bypass it - Users who feel security is driven from top-down are less likely to report incidents

Answer 101

Employees should be educated on - Why you shouldn't bypass security policies - Phishing - Fake websites - Malicious Downloads

Answer 102

Updated devices often have less vulnerabilities - OS Patches - Drivers, Firmware, BIOS updates - Mobile device firmware - Routers - IoT firmware

Answer 103

Block or alert on access from IP known for malware/botnets, or dodgy URLs Geographic IP restricts e.g. restrict incoming Russian traffic

Advanced Networks Flashcards

(141 cards)