CISSP (Domain 2 - Telecommunications and Network Security) Flashcards Preview

CISSP - Infosec > CISSP (Domain 2 - Telecommunications and Network Security) > Flashcards

Flashcards in CISSP (Domain 2 - Telecommunications and Network Security) Deck (78)
Loading flashcards...
1

Physical Layer (OSI)

- Bits converted to electrical signal

2

Data Link Layer (OSI)

- Switching
- MAC Address
- Breaks data into frames for correct technology
- Error detection
- ARP, RARP

3

802.5

Token Ring, FDDI

4

802.11

Wireless CSMA/CD

5

802.3

Ethernet

6

Carrier Sense Multiple Access with Collision Detection (CSMA/CD)

Sends message, if collision detected, wait random time and resubmit (Ethernet)

7

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Sends message out to wire to see if its open, if open, send message (Wireless)

8

Network Layer (OSI)

- Routing
- IP, ICMP, RIP, OSPF, BGP, IGMP
- Inserts information into the packet header for routing
- Only layer to provide confidentiality, authentication, and integrity with IPsec

9

Transport Layer (OSI)

- End to End transfer
- Error control and recovery
- Assembled into a stream
- SSL, TCP, UDP, and SPX

10

Session Layer (OSI)

- E2E communication between applications
- Session setup and tear down
- DNS, NFS, SQL, and RPC

11

Presentation Layer (OSI)

- Translate message into a standard format
- GIF, TIFF, JPG
- Encoding: ASCII and EBCDIC
- E2E encryption

12

Application Layer (OSI)

- Closest to users
- Provides message exchange, terminal sessions, ...
- Only layer to provide non-repudiation (if encryption is enabled)
- HTTP, FTP, SMTP, POP, IMAP, Telnet, SNMP, TFTP

13

OSI to DoD TCP/IP

- Application, Presentation, Session: Application
- Transport: Host to Host
- Network: Internet
- Data Link, Physical: Network Interface

14

TCP Encapsulation
(D/SD/PSD/FPSD-FCS)

- Data
- Segment, Data
- Packet, Segment, Data
- Frame, Packet, Segment, Data, FCS

15

How to attack TCP/IP

- SYN flood (fill up buffer) during 3 way handshake
- Guessing TCP sequence number

16

How to attack UDP

DoS with floods

17

IPv6 IP Format Rules (3)

- First half is network address, second part is host address
- Can be shortend by eliminating leading zero's
- Adjacent blocks of zero's can be replace with ::; but only once

18

Synchronous Transmission

- Stream of data, no start and stop bits
- Used to transfer large amounts of data

19

Asynchronous Transmission

- Bits are sent sequentially
- Used to transfer small amounts of data
- Start and stop bits used
- Modems and dial-up connections

20

Baseband Signal

Cable only uses one channel
- Ethernet

21

Broadband Signal

Cable uses several channels at once
- T1, T3, DSL, ISDN

22

Bus Topology

- Single cable where computers are connected to drops
- Each computer sees each packet
- Line is the single point of failure
- If one pc has problem, all other computers impacted

23

Ring Topology

- Series of computers and devices connected by unidirectional transmission links
- Each computer is dependent on the preceding computer
- If one goes down, it can take down all systems

24

Star Topology

- All computers connected to a central hub or switch
- Hub is the single point of failure

25

Mesh Topology (2 types)

- Full Mesh: Every device is connected to every other device, expensive
- Partial Mesh: Enough interconnections to eliminate single points of failure

26

3 Transmission Methods
(UMB)

- Unicast: One to one relationship
- Multicast: One to many relationship
- Broadcast: One to all relationship

27

Address Resolution Protocol (ARP)

- Maps IP address to MAC address
- MAC is only used to forward frames on same network segment

28

Reverse Address Resolution Protocol (RARP)

- Maps MAC address to IP Address

29

Hub

- Used to connect multiple LAN devices
- Layer 1

30

Switch

- Similar to a Bridge but when it receives a frame, it forwards to the correct segment instead of all.
- Layer 2
- 10 ports = 10 CDs and 1 BD