Communication & Network Security

Question 1

Decimal

Answer 1

10

Question 2

Binary

Answer 2

2

Question 3

Hex

Answer 3

16

Question 4

Protocol

Answer 4

Agreed upon set of rules

Defines the format and order of messages and actions taken upon receipt of the message

Question 5

Encapsulation

Answer 5

Layered model (OSI)

Question 6

OSI Layer

Answer 6

Please Do No Throw Sausage Pizza Away (Bottom to Top)
Application
Presentation
Session
Transport
Network
Data link
Physical

Question 7

Application Layer

Answer 7

interacts with applications to determine which network service will be required.

Layer 5-7 - considered Data Layers

Question 8

Presentation Layer

Answer 8

data sent from one side of the connection is received Presenting data to application (Characters set/ graphics) in a way that makes sense

Layer 5-7 - considered Data Layers

Question 9

Session Layer

Answer 9

establish and maintains connection between systems

Layer 5-7 - considered Data Layers

Question 10

Transport Layer

Answer 10

ensure transmission end to end
handles sequencing of packets in transmission
Port/TCP & UDP headers

Question 11

Network Layer

Answer 11

interaction network address schemes
How different network segment interact with each
other
IP Address/Routing

Question 12

Data Link Layer

Answer 12

connects physical layer to network 
Ethernet address (MAC)/switches

Question 13

Physical Layer

Answer 13

transmission across physical media

Bits 0/1

Question 14

TCP/IP Model

Answer 14

Layer 5-7 (Application)
Layer 4 - Host to Host transport
Layer 3 - Internet
Layer 1-2 Network Access

Question 15

TCP/IP Protocol Stack

Answer 15

Developed 1970, Darpa, DOD

OSI still referenced when talking about layers

Question 16

IP4 Packets Diagram

Answer 16

32 bits across. Every 32 bit is 4 bytes. 
5 rows so total of 20 bytes
Starts at 0
Bits 0-31
Bytes 0-19

Question 17

IP4 Class Address

Answer 17

Classless Inter-Domain Router (CIDR) (/8 notation)
Class A: /8 - 1.0.0.0 to 127.255.255.255
Class B: /16 - 128.0.0.0 to 191.255.255.255
Class C: /24 - 192.0.0.0 to 223.255.255.255
Class D: Multicast
Class E: Reserved

Question 18

IP Broadcast

Answer 18

Limited broadcast (no router will block ) 255.255.255.255
Direct broadcast - 192.168.1.255 - Broadcast from 192.1.168.0 network

Question 19

RFC-1918 (think of NAT)

Answer 19

Private addresses

10. 0.0.0/8
11. 16.0.0/16 - 172.31.0.0/16
12. 168.0.0/16

Question 20

Network Address Translation (NAT)

Answer 20

one to one -
Pool NAT - maps to a set of public addresses
Many to one - multiple mapped to one
NAT limitation 64k

Question 21

gethostbyname

Answer 21

have fully qualified domain name (eric.sans.org) and need the address

Question 22

gethostbyaddr

Answer 22

when you have address and the need the fully qualified domain name

Question 23

DNS request & response

Answer 23

UDP if under 512 bytes

Question 24

DNS Security issues

Answer 24

Not reliable

DNS Poisoning Attack

Question 25

DNSSEC

Answer 25

does not provide confidentiality | digital signature for packet

Question 26

Authenticated Denial of Existence (DNS)

Answer 26

Proving DNS record does not exist

Question 27

IPv6

Answer 27

IPv4 - 32 bit 4.2 billion unique addresses IPv6 - 128bit 340 undecillion addresses Faster, no checksum like IPv4

Question 28

IPv6 Features

Answer 28

route aggregation - method used to minimize the number of routing tables required in an IP network. Support IPv6 tunneling over IPv4 Fixed header bytes - next header Auto-configuration - don't need to assign IP address

Question 29

User Datagram Protocol (UDP)

Answer 29

``` Layer 4 connection less communication don't care if the packet gets there less overhead Good if small amount of packet loss is acceptable ```

Question 30

UDP Ports

Answer 30

DNS 53 NTP - 123 BootP - 67 & 68 SNMP - 161

Question 31

Transmission Control Protocol

Answer 31

3 way handshake SYN SYN-ACK ACK

Question 32

TCP Header (Key fields)

Answer 32

``` Source Port Destination Port Sequence number Acknowledgement number SYN bit ACK bit ```

Question 33

TCP Ports

Answer 33

``` 20 - FTP Data (receive) 21 - FTP - (send) 22 - SSH 23 - Telnet 25 - SNMP 53- DNS 79- Finger 80 - http 443 - https source port >= 1024 (ephemeral) ```

Question 34

TCP Code Bit (Flags)

Answer 34

``` Urg (Urgent) Ack (Acknowledgement) PSH (Push) - think of data stream RST (Reset) - terminate connection SYN(Synchronize) FIN(Finish) ```

Question 35

TCP Port Scanning (response types)

Answer 35

SYN/ACK - port is open and unfiltered RST/ACT - port is closed and unfiltered No response: Unknown

Question 36

Socket Pair

Answer 36

Source IP Address Source Port number Destination IP Address Destination Port Number

Question 37

Internet Control Message Protocol (ICMP)

Answer 37

``` report error (troubleshoot) rather than transfer info Ping & Traceroute are ICMP ```

Question 38

TraceRoute

Answer 38

Set TTL to 1 and when router receives it, it will drop it. Next iteration - TTL decreases for the one below it Incrementing TTL for each hop

Question 39

Secure Shell (SSH)

Answer 39

Port 22 Supports Authentication, compression, confidentiality, and integrity Supports wide range of ciphers, 3DES, AES, Blowfish SSH1 - Man In the middle attack

Question 40

Secure Multipurpose Internet Mail Extension (S/MIME)

Answer 40

Secure MIME | Email

Question 41

Simple Network Management Protocol (SNMP)

Answer 41

``` Monitoring of network devices SNMPv1 and SNMPv2 - clear text community string (NO CONFIDENTIALITY) Public - read Private - read & write Should use SNMPv3 - port 161 ```

Question 42

Multilayer Protocols

Answer 42

TCP/IP - span multiple layers (OSI) | DNP3 (Distributed Network Protocol)

Question 43

DNP3 (Distributed Network Protocol)

Answer 43

``` Open protocol smarts Smart Grid SCADA IEEE 1815- 2010 allowed pre-share key only IEEE 1815 - 2012 current standard Supports PK ```

Question 44

Network Attached Storage (NAS)

Answer 44

Read/Write entire files

Question 45

Storage Area Network (SAN)

Answer 45

block/clusters to files (not entire files like NAS)

Question 46

Internet Small Computer System Interface (ISCSI)

Answer 46

network cables/routed via IP (NAS) think of SCSI drives that are connected to network Lun - logical grouping of drives

Question 47

Fibre Channel

Answer 47

Sans Protocol | Does not use Ethernet/does not easily scale across WAN

Question 48

Fibre Channel (FCoE)

Answer 48

Local subnet only | TCP/IP is not used - layer 2

Question 49

Fibre Channel over IP (FCIP)

Answer 49

can route (layer 3)

Question 50

Voice of IP (VOIP)

Answer 50

``` Digitized before sending across wire Combining data Cost-effective Redundancy Security issue (PBX) Expsoures ```

Question 51

PSTN PBX/VOIP

Answer 51

Common and phased approach | PBX and VOIP network

Question 52

UP PBX/PSTN

Answer 52

must use VOIP phones | IP PBX - soft switch route calls

Question 53

VOIP Components

Answer 53

``` Media Gateways Registration & Location servers Proxy Servers Messaging Servers End-User devices (VOIP Phones) ```

Question 54

VOIP Protocols

Answer 54

Signaling (H.323 SIP) - setup and tear down call, locate users, negotiate protocols Media (RTP) - transport of package Supporting (IP, TCP, UDP, etc..)

Question 55

SIP (H.323)

Answer 55

Setup and tear down of calls

Question 56

SIP

Answer 56

Plaintext TCP/UPD Looks like HTTP

Question 57

RTP

Answer 57

Transmit voice content between VOIP devices Over plaintext Commonly over UDP, can use TCP

Question 58

Virtual Network Computing (VNC)

Answer 58

TCP Port 5900

Question 59

Remote Desktop Sharing (RDP)

Answer 59

TCP Port 3389

Question 60

802.11 Standard

Answer 60

****Fundamental risk - no physical control of network Supports two physical layers Infrared Radio Frequency

Question 61

802.11 Types

Answer 61

802. 11b - 11 Mbps at 2.4 ghz 802. 11a - 54 Mbps at 5 ghz 802. 11g - 54 Mbps at 5 ghz 802. 11n - 300 Mbps using both 2.4 & 5 ghz 802. 11ac - 1.3 Gbps at 5 ghz

Question 62

802.11 Network modes

Answer 62

Managed - client connect to WAP Master - Wireless Access point Ad-hoc - peer to peer Monitor Mode - ready only/sniffing

Question 63

Wire Equivalent Privacy (WEP)

Answer 63

Inability to rotate WEP keys | Permit recovery of WEP keys in minutes

Question 64

Types of Network

Answer 64

``` PAN - Personal area network (bluetooth) LAN - Local Area Netwrk CAN - Campus Area Network MAN - Metropolitan Area nework WAN- Wide Area Network GAN - Global Area Network ```

Question 65

LAN transmission method

Answer 65

unicast - from source to single network destination multicast - from source to multiple network destination Broadcast - source to all network address

Question 66

Physical Topology

Answer 66

How systems are connected - bus, ring, star

Question 67

Logical Topology

Answer 67

rules of communication | Ethernet/ATM

Question 68

Persistent Carrier Sense

Answer 68

No ack from destination, assumes collision and re-sends immediately

Question 69

Non-Persistent Carrier Sense

Answer 69

no ack from destination, assume collision, waits a random amount of time before resending

Question 70

Carrier Sense Multiple Access with Collision Dectection (CSMA/CD)

Answer 70

Ethernet | Send/transmit simultaneously

Question 71

Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)

Answer 71

Wireless

Question 72

Polling

Answer 72

Only allowed to send when given permission

Question 73

T1

Answer 73

DS1 - 1.544 mbps

Question 74

T3

Answer 74

DS3 - 44.376 mbps

Question 75

E1

Answer 75

Wide Area Digital Transmission- 2.048 mbps (Europe)

Question 76

E3

Answer 76

Wire Are Digital Transmission - 34.368 mbps

Question 77

SDLC

Answer 77

Normal Response Mode - polling speak when given to speak Asynchronous Response mode (ARM) - cannot transmit without permission from primary *Error recovery Asynchronous Balance Mode (ABM)- equally responsibility

Question 78

ISDN

Answer 78

reuse analog line infrastructure for data High cost/Low speed 2 64K channel - 128k

Question 79

Digital Subscriber Line (DSL)

Answer 79

Point to point use existing phone lines | Symmetrical & Asymmetrical (download faster than upload)

Question 80

Symmetric Digital Subscriber Line (SDSL)

Answer 80

Symmetrical up/download | 1.544 (T1 equal)

Question 81

High bit rate Digital Subscriber Line (HDSL)

Answer 81

Symmetrical up/download | 1.544 (T1 equal)

Question 82

Single Pair High Speed Digital Subscriber Line (SHDSL)

Answer 82

standardized version of symmetric DSL replace SDSL & HDSL Up to 5.696 Mbit/s

Question 83

Asymmetric Digital Digital Subscriber Line (ADSL)

Answer 83

ADSL 2 - 12 mbps/3.5 | ADSL 2+ - 24 mbps/3.5

Question 84

Very High Speed Digital Subscriber Line (VDSL)

Answer 84

VSDL 3 - 52 mbps/16 mbps VDSL 4+ - interoperable with ADSL 2+ 1600ft max

Question 85

Cable Modem

Answer 85

date rate - number of concurrent uesrs | 1,000-4,500 ft

Question 86

X.25

Answer 86

built in error correction | Precursor to frame relay

Question 87

Asynchronous Transfer Mode (ATM)

Answer 87

Fixed cell size 48 bytes Fixed header size 5 bytes Total 53 bytes regardless of the size of the information each time.

Question 88

Multiprotocol Label Switching (MPLS)

Answer 88

First router - apply label | later router - only inspect label

Question 89

Modem

Answer 89

modulate binary data to be sent over analog network | demodulate analog data to digital binary

Question 90

CSU/DSU

Answer 90

``` converts LAN protocol to transfer over WAN Circuit Closet (DMARC) ```

Question 91

DTE/DCE

Answer 91

Data Terminal Equipment (DTE) customer end of WAN - your router before ISP Data Communications Equipment (DCE) ISP Network - ISP Router

Question 92

Repeaters

Answer 92

Layer 1 Signal deteriorate with distance recreate signal before retransmitting

Question 93

Hubs

Answer 93

Layer 1 Operate as multiport repeater No Security

Question 94

Bridges

Answer 94

Layer 2 Multiple devices to connect to one bridge port Learn MAC of each systems Does not forward traffic unless necessary

Question 95

Switch

Answer 95

Layer 2 Learns MAC address Provides physical and logical separation

Question 96

VLANS

Answer 96

different VLAN will not see each other broadcast

Question 97

Routers

Answer 97

Routing Tables - routing information that points to all reachable network

Question 98

Firewall Types

Answer 98

Packet Filtering Stateful - remember state information - matching request allowed in Proxy - Next Generation Firewalls (NGFW) - payload

Question 99

Coaxial

Answer 99

50 ohm - digital signaling 75 ohm cable for high speed data & analog signal Baseband - Single channel Broadband - multiple channel

Question 100

Fiber Optic Cable

Answer 100

resistance to electromagnetic interference

Question 101

Crossover Cable

Answer 101

+Tx to + Rx | -Tx to -Rx

Question 102

Category for twisted Pair

Answer 102

``` Cat 1 - telephone Cat 2 - < 4 mbps Cat 3 - 10 mbps Cat 4 - 16 mbps Cat 5 - 100 mbps Cat 6 - 1000 mbps ```

Question 103

Analog Signal

Answer 103

continuous signal

Question 104

Digital Signal

Answer 104

pulses signal

Question 105

Asynchronous Communications

Answer 105

Not tied to a clock Send start bit Send stop bit

Question 106

Synchronous Communications

Answer 106

Tied to clock | Don't need to send start & stop bit

Question 107

MAC address

Answer 107

48 bit, 12 hexadecimal | First 24 bit are organizationally unique identifier

Question 108

Routing Information Protocol (RIP)

Answer 108

Legacy Based on hop count - shortest Maximum 15 hops Routing updates every 30 seconds

Question 109

Distance Vector

Answer 109

identify neighbors and figures out distances metrics to each.

Question 110

Open Shortest Path First

Answer 110

routers knows all the paths | factoring in # of hops and bandwidth

Question 111

Border Gateway Protocol (BGP)

Answer 111

Used by the Internet

Question 112

Interautonomous system routing

Answer 112

two or more BGP in different systems

Question 113

Intra-autonomous system routing

Answer 113

two or more BGP in same systems

Question 114

Pass-Through autonomous system routing

Answer 114

two or more BGP across autonomous systems without question | Extranet routing

Question 115

Autonomous System

Answer 115

route to the organization, not network. | Multiple routes - send to the closest/fastest one

Question 116

Software Defined Network (SDN)

Answer 116

Takes routing decision and gives it to server | Router just route, no decision to be made

Question 117

VPN Security Issue

Answer 117

Bypass firewall, IDES's, virus scanner, web filter | Trusting the "other end "

Question 118

IPSEC

Answer 118

IETF - RFC 2401

Question 119

IPSEC Modes

Answer 119

Tunnel - sender to receiver (1 set of system) - don't know the sender or receiver Transport - sender encrypt, received decrypts

Question 120

TACAS Authentication

Answer 120

Start - continue - reply | Single Factor Authentication

Question 121

Extensible Authentication Protocol (EAP)

Answer 121

RFC-2284 | AuthN Mechanism

Question 122

EAP-MD5

Answer 122

Client to Server Weakest Only one way authentication

Question 123

EAP-TLS

Answer 123

PKI (Client cert) on both server and client | Secure TSL tunnel for authN

Question 124

EAP-TTLS

Answer 124

Can pre-shared key or password

Question 125

PEAP

Answer 125

Cisco, Microsoft, RSA Similar to EAP-TTLS Not requiring 3rd party cert

Question 126

802.1X

Answer 126

No IP until you authenticate

Question 127

Supplicant

Answer 127

Software to authenticate 802.1x via Layer 2

Question 128

Authenticator

Answer 128

WAP - open/close port based on authentication

Question 129

Authentication Server

Answer 129

Diameter or Radius to user DB

Question 130

NAC

Answer 130

Health Check Patches/AntiVirus up to date Client pass - access is granted Client failed - place in isolated vlan