π€ Course 3 : Connect and Protect Flashcards
(112 cards)
1
Q
Network Types
What is a network?
A
Any system of devices that are connected and exchanging data.
2
Q
Network Types
What is a local area network (LAN)?
A
A network that covers a small space like a home or office.
The post office building.
3
Q
Network Types
What is a wide area network (WAN)?
A
A network that spans cities or countries.
The national mail delivery system.
4
Q
Network Architecture
What is a host?
A
Any device with an IP address on the network.
PCs, printers, phones, etc.
5
Q
Network Architecture
What is a client?
A
A device that requests services.
- A browser, a laptop, etc.
- The people sending letters.
6
Q
Network Architecture
What is a server?
A
A device that responds to the client requests.
The receiving mailboxes.
7
Q
Devices Inside a LAN
What is a repeater?
A
It boosts signals to extend cable runs.
Rare, but still used in larger offices or warehouses.
8
Q
Devices Inside a LAN
What is a hub?
A
It broadcasts traffic to all ports.
Outdated.
9
Q
Devices Inside a LAN
What is a bridge?
A
It connects two LAN segments.
Rare now and has mostly been replaced by switches and routers.
10
Q
Devices Inside a LAN
What is a switch?
A
It directs traffic only to the right MAC address.
11
Q
Devices Inside a LAN
What is a router?
A
It routes traffic between networks using** IP addresses**.
12
Q
Devices Inside a LAN
What is a modem?
A
It connects a network to the internet service provider (ISP).
13
Q
Devices Inside a LAN
What is a firewall?
A
It monitors traffic in and out of a network.
14
Q
Why is a router important in a home or office network?
A
A router provides a default gateway between the LAN and the WAN for devices.
15
Q
The Cloud
What is cloud computing?
A
Using remote servers and services over the internet instead of using local devices.
16
Q
The Cloud
What is a cloud network?
A
A group of cloud-based servers and storage accessed through the internet.
17
Q
The Cloud
What is a cloud service provider (CSP)?
A
A company that offers cloud resources.
Amazon Web Services (AWS), Azure, Google Cloud
18
Q
The Cloud
What is software as a service (SaaS)?
A
Apps accessed via a browser.
Gmail, Salesforce
19
Q
The Cloud
What is infrastructure as a service (IaaS)?
A
20
Q
The Cloud
What is platform as a service (PaaS)?
A
Tools for developers to build and deploy apps.
21
Q
The Cloud
What is a software-defined network (SDN)?
A
Often used for testing and segmentation on cybersecurity teams.
22
Q
What is nslookup used for?
A
Used to check if a domain is resolved.
23
Q
What is tacert used for?
A
Used to see where packets slow down, requests stop.
24
Q
What does ping do?
A
Tests if the host is reachable.
25
What is a **data packet**?
* A chunk of information sent from one device to another on a network.
* Contains a **destination**, **instructions**, and a **message**.
## Footnote
**This is the sealed envelope from the post office.**
26
What is **bandwidth**?
The amout of data sent per second.
## Footnote
Slow wi-fi? Check the bandwidth!
27
What is **packet sniffing**?
Capturing packets to inspect them.
28
What is the **Transmission Control Protocol (TCP)**?
* A reliable connection-oriented protocal that requires a handshake.
* Used for websites, email, and file transfers.
## Footnote
Garuntees the sealed envelope gets to it's specified location, like a stamp!
29
What is the **internet protocol address (IP)**?
* A protocol for addressing and routing data.
* Located in the header of a packet.
## Footnote
The to/from address on the sealed envelope.
30
What is the **user datagram protocol (UDP)**?
The fire-and-forget protocol and mainly used for **quick services** like steaming, gaming, VOIP.
## Footnote
The part where you just toss the sealed envelopes into the maiboxes.
31
# IP Addresses
What is **IPv4**?
* **32-bit**
* 4 decimal octets
* The most commonly used.
## Footnote
EX : 192.168.0.1
32
# IP Addresses
What is **IPv6**?
* **128-bit**
* Uses hex blocks
* Used in more modern networks, especially a cloud.
33
# IP Addresses
What is an **IP header**?
* Lives inside each data packet and tells routers how to handle it.
* Contains the **header and payload (the actual data)**.
## Footnote
Each IPv4 packet starts with a 20-60 byte header.
34
# IP Adresses
What is the **time to live (TTL) field** in an IPv4 header?
TTL limits how long a packet stays on the network.
35
What does the **Protocol field** in an IPv4 header do?
It identifies the transport protocol.
* TCP = 6
* UDP = 17
* ICMP = 1
36
What is the **internet header length (IHL) field** in an IPv4 header?
* Tells where the payload starts
* Usually 5 (20 bytes)
* Length in 32-bit words
37
Whatβs the difference between **IPv4 and IPv6 headers**?
* IPv4 is variable-length
* IPv6 is fixed at 40 bytes.
* IPv4 includes fragmentation, checksum
* IPv6 uses larger addresses, no checksum
38
What is the** Header Checksum** in an IPv4 packet?
A 16-bit value used to detect errors in the IPv4 header.
* If the checksum is invalid, the packet is discarded
* Ensures header integrity in transit
39
What is the **Fragment Offset** in an IPv4 header?
Specifies the position of a fragment in the original data packet.
* Used to reassemble large packets
* Expressed in 8-byte blocks
40
What is the **Options field** in IPv4?
An optional field used for extra routing or security instructions.
* Rarely used in practice
* Present only if header length > 20 bytes
41
What is a media access control (MAC) address?
* A unique hardware identifier assigned to a device's network interface card (NIC).
* 12-character hexadecimal
* Switches use MAC addresses to send data to the correct device.
## Footnote
EX : 00-14-22-01-23-45
42
What is a **port**?
* A logical access point for services on a device.
* Numbers from 0-65,535
43
# Ports
What is port **20**?
File transferring (FTP)
44
What is port **25**?
Simple Mail Transfer Protocol (SMTP)
45
What is port **53**?
Domain Name Server (DNS)
46
What is port **80**?
Hypertext Transfer Protocol (HTTP)
47
What is port **443**?
Hypertext Transfer Protocol Secure (HTTPs)
48
# TCP/IP & OSI Model
What is the **application layer**?
## Footnote
***All people seem to need data processing.***
* Function : User Interaction
* Protocols : HTTP, DNS, FTP, SSH
## Footnote
The post office workers.
49
# OSI Model
What is the **presentation layer**?
* Translates and encodes data
50
# OSI Model
What is the **session layer**?
* Starts and stops conversations (connections, streaming sessions)
51
# TCP/IP Model
What is the **transport layer**?
* Function : Data transmission between hosts.
* Protocols : TCP, UDP
## Footnote
The part where the post office workers sort the mail for delivery.
52
# TCP/IP and OSI Model
What is the **internet layer**?
* Function : Addressing and routing.
* Protocols : IP, ICMP
## Footnote
The address book.
53
# TCP/IP and OSI Model
What is the **network access layer**?
* Function : Physical delivery of bits.
* Devices : Ethenet, Wi-Fi, ARP
## Footnote
The delivery truck.
54
# OSI Model
What is the **physical layer**?
* Cables, Wi-Fi, signals etc.
55
# TCP/IP
What layer of the TCP/IP model do switches operate at?
* **Layer 1 and Layer 2**
* Uses MAC addresses to forward frames.
* Maintains MAC address tables.
56
HTTP is Port __?
80 in the Application layer used for browsing unencrypted websites.
57
HTTPS is Port __?
443 in the Application layer used for secure web browsing.
58
FTP is Port __?
20 and 21 in the Application layer for file transfers.
59
SMTP is Port __?
25 in the Application layer for sending mail.
60
DNS is Port __?
53 in the Application layer for resolving domain names to IPs.
61
DCHP is Port __?
* 67 and 68 in the Application layer for assigning IP addresses.
* Subnet mask and gateway...?
62
What is the three-step process to the transmission control protocol (TCP)?
1. Client send SYN.
2. Server responds with SYN-ACK.
3. Client sends ACK -- connected now!
63
What does a computer ask the DNS protocol?
"What's the IP address for this domain?"
64
What does this `ipconfig` response mean in the CLI?
`169.254.x.x`
It means the Dynamic Host Configuration Protocol (DCHP) has failed.
65
What is the Address Resolution protocol (ARP)?
Used to map IP addresses to MAC addresses inside a LAN.
Routers and switches need this to deliver packets.
66
What protocol answers the question, "Who has IP 123.456.7.8? Tell me your MAC?"
Address Resolution Protocol (ARP)
67
Routers use which protocol to report unreachable destinations?
Internet Control Message Protocol (ICMP)
68
What does `ipconfig/all` do in the CLI?
Shows the DHCP, IPs, and the DNS
69
What does `arp -a ` do in the CLI?
To be able to view a MAC/IP mapping table.
70
What does `nslookup example.com` do in the CLI?
Checks the DNS resolution.
71
What is a firewall?
A security device or software that filters network traffic in and out of a network based on rules.
72
What is a stateless firewall?
It follows basic rules and does not track ongoing connections.
73
What is a stateful firewall?
Tracks the state of active connections and only allows expected traffic through.
74
What is a Next-Gen firewall (NGFW)?
Includes deep inspection, intrusion prevention, app awareness, etc.
75
What is a Virtual Private Network (VPN)?
Encrypts your data and hides your IP as it travels across the internet.
76
What is a Remote Access VPN?
Used by employees working from home.
77
What is a Site-to-Site VPN?
Connects entire offices or networks.
78
What is a WireGuard VPN?
A fast, modern, open-source VPN protocol.
79
What is IPSec?
A trusted, secure tunneling protocol? (site-to-site often)
80
What is a proxy server?
Forwards traffic on behalf of a client. It hides your IP and can apply rules.
81
What is a forward proxy?
Regulates outgoing traffic from internal user. (A school blocking Reddit.)
82
What is a reverse proxy?
Protects internal servers from the outside world.
83
What is a security zone?
A network segment with specific trust levels.
84
What is an uncontrolled zone?
Public internet
85
What is a controlled zone?
Limited access to internal network
86
What is a demilitarized zone (DMZ)?
Buffer zone between internet and internal network.
Houses public servers.
87
What is an internal zone?
A trusted company network.
88
What is a restricted zone?
The highest-security area.
89
What is a network interception attack?
Tampering with or spying on data in motion.
90
What is a backdoor attack?
A secret entrance bypassing security.
91
What is a denial of service (DoS) attack?
The attack floods a service until it crashes.
92
What is a SYN flood attack?
Repeated TCP handshake starts to freeze a server.
93
What is a ICMP flood attack?
Overwhelms a server with ping requests.
94
What is a DDoS attack?
Same idea as DoS - but with a botnet army.
95
What is passive sniffing?
Reading packets in transit.
96
What is active sniffing?
Interfering packets in transit.
97
What does Wireshark do?
Captures and shows packet data for analysis.
98
What is IP spoofing?
Pretending to be someone else on the network with their IP.
99
What is a man-in-the-middle (MITM) attack?
Sneaking into the middle of a conversation.
100
What is replay attack?
Reusing a valid packet to trick a system.
101
What is a smurf attack?
Flooding a target using ICMP pings via other hosts.
102
What is security hardening?
The process of strengthening systems to make them less vulnerable to attacks.
103
What is a patch update?
A fix for software vulnerabilities.
104
What is a baseline configuration?
A known-good system for future comparison.
105
How do you defend against brute force attacks?
MFA, CAPTCHA, password policies, and hashing.
106
What is a virtual machine?
A software-based isolated computer.
107
What is identity and access management (IAM)?
Managing who can access what in a cloud or network.
108
What are flow logs?
Summaries of network activity.
109
What is packet mirroring?
Copying traffic for analysis.
110
What is the Shared Responsibility Model?
Defines what security is handled by the cloud provider vs. the customer.
111
What is a Trusted Platform Module (TPM)?
A physical chip used to securely store cryptographic keys.
112
What is CloudHSM?
A cloud service that protects and manages encryption keys.
