Ch3: Exploring Network Technologies and Tools

Question 1

SSH

Answer 1

(Secure shell) Encrypts traffic over TCP port 22

Question 2

Replacement for SSL

Answer 2

TLS (Transport Layer Security)

Question 3

SFTP

Answer 3

Secure FTP uses SSH to encrypt traffic

Question 4

FTPS

Answer 4

FTP Secure uses TLS to encrypt traffic

Question 5

Vulnerability compromising SSL

Answer 5

POODLE (padding oracle on downgraded legacy encryption)

Question 6

SMTP

Answer 6

Simple mail transfer protocol transfers email between clients and SMTP servers (TCP port 25)

Question 7

POP3

Answer 7

Post Office Protocol v3 tranfers email from servers down to clients (TCP port 110)

Question 8

Secure POP3

Answer 8

Secure POP3 encrypts POP3 with SSL or TLS

Question 9

IMAP4

Answer 9

Internet Message Access Protocol v4 stores email on an email server, allowing a user to organize and manage email in folders on the server (TCP port 143)

Question 10

HTTP

Answer 10

Hypertext Transfer Protocol transmits web traffic on the Internet (TCP port 80)

Question 11

HTTPS

Answer 11

Encrypted web traffic via SSL or TLS (TCP port 443)

Question 12

STARTTLS

Answer 12

allows an encrypted version of the protocol to use the same port as the unencrypted version

Question 13

Admins connect to servers remotely using…

Answer 13

Protocols such as SSH and RDP, or VPNs in some cases

Question 14

Private/unroutable IP addresses are specified in

Answer 14

RFC 1918

Question 15

Private/unrouteable IP addresses

Answer 15

10.x.x.x, 172.16.x.x - 172.31.x.x, 192.168.x.x

Question 16

IPv4 and IPv6 address widths (in bits)

Answer 16

32-bit addresses (4 groups of decimal digits 0-255) and 128-bit addresses (8 groups of 4 hex digits)

Question 17

DNS A record

Answer 17

Host record, which holds the host name and IPv4 address. (most commonly used record in a DNS server)

Question 18

DNS AAAA record

Answer 18

Host record for IPv6, which holds the host name and IPv6 address

Question 19

DNS zones

Answer 19

Zones are like databases that contain the DNS data in multiple records, like A and AAAA records.

Question 20

DNS ports

Answer 20

TCP 53 for zone transfers, UDP 53 for client queries

Question 21

DNS Zone Transfer

Answer 21

The process of DNS servers sharing information with each other

Question 22

Most DNS servers run…

Answer 22

BIND software on Unix/Linux

Question 23

Most DNS servers are configured to…

Answer 23

only use secure zone transfers

Question 24

DNS (cache) poisoning is

Answer 24

when attackers modify the DNS cache with a bogus IP address

Question 25

To prevent DNS poisoning, use...

Answer 25

DNSSEC (DNS Security Extensions), which uses digital signatures to validate responses

Question 26

Cmd-line tools to test DNS

Answer 26

Nslookup (Microsoft) and dig (Linux)

Question 27

IANA

Answer 27

Internet Assigned Numbers Authority maintains a list of official port assignments

Question 28

IANA 3 Port Ranges

Answer 28

0-1023: well-known ports 1024-49,151: registered ports (companies, i.e. SQL server) 49,152-65,535: dynamic and private

Question 29

Port vs. protocol number

Answer 29

Port is the logical OS-defined connection endpoint associated with a service. Protocol number identifies the specific protocol as defined by IP (e.g. IPv4 header)

Question 30

Switch vs. router

Answer 30

Switch connects hosts together within a network. Router connects networks together to create a larger network

Question 31

(Switch) Port security includes

Answer 31

disabling unused ports, limiting the number of MAC addresses per port. Advanced implementations restrict each physical port to a single specific MAC

Question 32

Loop protection protects against...

Answer 32

switching loop problems, like when 2 ports of a switch are connected together

Question 33

STP, RSTP are

Answer 33

loop protection protocols (spanning tree protocol, rapid STP)

Question 34

Routers and stateless firewalls perform basic filtering with...

Answer 34

ACLs to identify what traffic is allowed and what is blocked

Question 35

An ACL can control traffic based on...

Answer 35

networks, subnets, IP addresses, ports, and some protocols

Question 36

Implicit deny

Answer 36

Blocks all accesses that have not been explicitly granted

Question 37

Antispoofing methods...

Answer 37

Block traffic based on ACL rules

Question 38

xtables

Answer 38

Tables for firewalls (like ACLs) including iptables, ipv6tables, arptables, etc.

Question 39

Host-based firewall

Answer 39

Provides protection for individual hosts, like servers or workstations

Question 40

Network-based firewall

Answer 40

Dedicated servers or appliances that provide protection for the network

Question 41

To enforce an implicit deny strategy, firewalls use a...

Answer 41

Deny any any, deny any, or drop all statement at the end of the ACL

Question 42

WAF

Answer 42

Web application firewall provides strong protection for a web server

Question 43

Stateless firewall

Answer 43

Blocks traffic using an ACL

Question 44

Stateful firewall

Answer 44

Blocks traffic based on the state of the packet within a session

Question 45

DMZ

Answer 45

Demilitarized zone is a buffer zone between the Internet and an internal network (e.g. between two firewalls...one protecting DMZ from Internet and the other protecting intranet from DMZ)

Question 46

NAT

Answer 46

Network Address Translation translates public IP addresses to private IP addresses, and vice versa

Question 47

Common form of NAT

Answer 47

Port address translation (PAT)

Question 48

Static NAT

Answer 48

Uses a single public IP address in a one-to-one mapping

Question 49

Dynamic NAT

Answer 49

Uses multiple public IPs in a one-to-many mapping, based on load

Question 50

VLANs

Answer 50

Virtual LANs separate or segment traffic on physical networks. You can create multiple VLANs with a single Layer 3 switch. VLANs can logically group several different computers together

Question 51

Proxy server

Answer 51

Forwards requests for services from a client, providing caching to improve performance and reduce Internet bandwidth usage (outgoing, for clients)

Question 52

Transparent proxy servers

Answer 52

Use URL filters to restrict access to certain sites and can log user activity

Question 53

Reverse proxy

Answer 53

Accepts requests from the Internet on behalf of a web server (incoming, for web servers). Can sit in a DMZ for increased security and load balancing

Question 54

UTM appliance

Answer 54

A Unified Threat Management appliance combines multiple security controls into a single appliance. They can inspect data streams, filter URLs, inspect malware, and content. Many include DDoS mitigators

Question 55

SNMPv3

Answer 55

Simple Network Management Protocol v3 manages and monitors network devices using UDP ports 161 and 162. Includes strong authentication mechanisms, and more secure than previous versions