Domain 4 Flashcards

Question

Port TCP/UDP 636

Answer 1

LDAP over TLS/SSL

Answer 2

FTP over TLS/SSL

Answer 3

ATINA Application Transport Internet Network Access (Link)

Answer 4

DSPFB ``` Data Segments Packets Frames Bytes ```

Answer 5

1 Connection oriented 2 Byte stream 3 No support for multicasting/broadcasting 4 Supports full duplex transmission 5 Reliable service of data transmission 6 TCP packet is called a segment 7 Provides error detection and flow control

Answer 6

1 Connection less protocol 2 Message stream 3 Supports multicasting/broadcasting 4 No support for full duplex transmission 5 Unreliable service of data transmission 6 UDP packet is called a datagram 7 No support for error detection and flow control

Answer 7

Unshielded Twisted Pair

Answer 8

``` 100BaseT, 100 Mbps, 100m max length 1000BaseT, 1 Gbps, 100m max length 10 Gbps, 100m max length 10 Gbps, 100m max length up to 2+ Gbps, 2+ kilometers max length ```

Answer 9

Employs a centralized connection device. Can be a simple hub or switch. Each system is connected to the central hub by a dedicated segment

Answer 10

Connects systems to all other systems using numerous paths. A partial mesh topology connects many systems to many other systems. Provides redundant connections to systems, allowing multiple segment failures without seriously affecting connectivity.

Answer 11

Connects each system as points on a circle. The connection medium acts as a unidirectional transmission loop. Only one system can transmit data at a time. Traffic management is performed by a token.

Answer 12

Connects each system to a trunk or backbone cable. All systems on the bus can transmit data simultaneously, which can result in collisions. A collision occurs when two systems transmit data at the same time; the signals interfere with each other.

Answer 13

Example: networking Communications rely on a timing or clocking mechanism based on either an independent clock or a time stamp embedded in the data stream. Are typically able to support very high rates of data transfer.

Answer 14

Example: example: public switched telephone network (PSTN) modems Communications rely on a stop and start delimiter bit to manage the transmission of data. Best suited for smaller amounts of data.

Answer 15

Example: ethernet can support only a single communication channel. it uses a direct current applied to the cable. A current that is at a higher level represents the binary signal of 1, and a lower level is binary signal of 0 is a form of digital signal.

Answer 16

can support multiple simultaneous signals. uses frequency modulation to support numerous channels. each supporting a distinct communication session. suitable for high throughput rates, especially when several channels are multiplexed. is a form of analog signal. TV, cable modem, ISDN, DSL, T1, T3

Answer 17

technology supports communications to all | possible recipients.

Answer 18

technology supports communications to | multiple specific recipients.

Answer 19

technology supports only a single communication to a specific recipient.

Answer 20

attempts to avoid collisions by granting only a single permission to communicate at any given time. 802.11 WIFI effective before a collision

Answer 21

responds to collisions by having each member of the collision domain wait for a short but random period of time before starting the process over. 802.3 Ethernet (token ring) effective after a collision

Answer 22

Performs communications using a digital token. Once its transmission is complete, it releases the token to the next system. prevents collisions in ring networks

Answer 23

Performs communications using a master slave configuration . The primary system polls each secondary system in turn whether they have a need to transmit data.

Answer 24

a private network that is designed to host the same information services found on the Internet

Answer 25

a section of an organization’s network that has been sectioned off to act as an intranet for the private network but also serves information to the public Internet

Answer 26

demilitarized zone an extranet for public consumption is typically labeled a demilitarized zone ( or perimeter network

Answer 27

Bluetooth, or IEEE 802.15, personal area networks (PANs) are another area of wireless security concern. Connects headsets for cell phones, mice, keyboards, GPS, and other devices Connections are set up using pairing, where primary device scans the 2.4 GHz radio frequencies for available devices Pairing uses a 4 digit code (often 0000) to reduce accidental pairings but is not actually secure.

Answer 28

annoyance Think of it as a high tech version of ding dong ditch, where savvy pranksters push unsolicited messages to engage or annoy other nearby Bluetooth users by taking advantage of a loophole in the technology’s messaging options.

Answer 29

data theft With bluesnarfing , thieves wirelessly connect to some early Bluetooth enabled mobile devices without the owner’s knowledge to download and/or alter phonebooks, calendars or worse.

Answer 30

remote control An attack that grants hackers remote control over the feature and functions of a Bluetooth device. This could include the ability to turn on the microphone to use the phone as an audio bug.

Answer 31

WIFI Defines WEP

Answer 32

802. 11 - 2 Mbps - 2.4 GHz 802. 11a - 54 Mbps - 5 GHz 802. 11b - 11 Mbps - 2.4 GHz 802. 11g - 54 Mbps - 2.4 GHz 802. 11n - 200+ Mbps - 2.4 GHz 802. 11ac - 1 Gbps - 5 GHz

Answer 33

Temporal Key Integrity Protocol was designed as the replacement for WEP without the need to replace legacy hardware implemented into 802.11 wireless networking under the name WPA (Wi Fi Protected Access).

Answer 34

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol created to replace WEP and TKIP/WPA ``` uses AES (Advanced Encryption Standard) with a 128 bit key ``` used with WPA2, which replaced WEP and WPA

Answer 35

a new encryption scheme known as the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) CCMP is based on the AES encryption scheme

Answer 36

a form of network data storage solution (i.e., SAN (storage area network) or NAS (network attached storage)) that allows for high speed file transfers.

Answer 37

Fibre Channel over Ethernet is used to encapsulate Fibre Channel communications over Ethernet networks.

Answer 38

iSCSI (Internet Small Computer System Interface) is a networking storage standard based on IP.

Answer 39

The process of investigating the presence, strength, and reach of wireless access points deployed in an environment.

Answer 40

to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard.

Answer 41

Protected Extensible Authentication Protocol encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption.

Answer 42

Extensible Authentication Protocol technologies to be compatible with existing wireless or point to point connection technologies

Answer 43

a list of authorized wireless client interface MAC addresses used by a wireless access point to block access to all nonauthorized devices.

Answer 44

an authentication technique that redirects a newly connected wireless web client to a portal access control page. Like hotel WIFI

Answer 45

``` monopole panel dipole loop cantenna yagi parabolic ```

Answer 46

Firewalls are essential tools in managing and controlling network traffic. A firewall is a network device used to filter traffic.

Answer 47

Layer 2 device repeats traffic only out of the port on which the destination is known to exist. Switches offer greater efficiency for traffic delivery, create separate collision domains, and improve the overall throughput of data.

Answer 48

Layer 3 device used to control traffic flow on networks and are often used to connect similar networks and control traffic flow between the two. They can function using statically defined routing tables, or they can employ a dynamic routing system.

Answer 49

Layer 3 device a gateway connects networks that are using different network protocols. also known as protocol translators, can be stand alone hardware devices or a software service.

Answer 50

Layer 1 device used to strengthen the communication signal over a cable segment as well as connect network segments that use the same protocol.

Answer 51

Layer 2 device used to connect two networks (even networks of different topologies, cabling types, and speeds) in order to connect network segments that use the same protocol.

Answer 52

Layer 1 device Hubs were used to connect multiple systems and connect network segments that use the same protocol. A hub is a multiport repeater. Hubs operate at OSI layer 1.

Answer 53

a remote access, multilayer switch used to connect distant networks over WAN links.

Answer 54

use dedicated physical circuits ``` — dedicated or leased lines — PPP (point to point protocol — SLIP (serial line internet protocol) — ISDN (integrated services digital network) — DSL (digital subscriber line) ```

Answer 55

use virtual circuits (efficient and cost effective) — X.25, Frame Relay — Asynchronous transfer mode (ATM), — Synchronous Data Link Control (SDLC) — High Level Data Link Control (HDLC)

Answer 56

filters traffic by examining data from a message header.

Answer 57

a mechanism that copies packets from one network into another; and changes the source and destination addresses to protect identity of internal or private network.

Answer 58

used to establish communication sessions between trusted partners. They operate at the Session layer (layer 5) of the OSI model.

Answer 59

evaluate the state or the context of network traffic.

Answer 60

a filtering mechanism that operates typically at the application layer in order to filter the payload contents of a communication rather than only on the header values.

Answer 61

a multifunction device (MFD) composed of several security features in addition to a firewall; such as an IDS, IPS, a TLS/SSL proxy, web filtering, QoS mgmt , bandwidth throttling, NAT, VPN anchoring, and antivirus

Answer 62

Watch network traffic and restrict or block packets based on source and destination addresses or other static values. Not 'aware' of traffic patterns or data flows. Typically, faster and perform better under heavier traffic loads.

Answer 63

Can watch traffic streams from end to end. Are aware of communication paths and can implement various IP security functions such as tunnels and encryption. Better at identifying unauthorized and forged communications.

Answer 64

Intrusion Detection System analyzes whole packets, both header and payload, looking for known events. When a known event is detected, a log message is generated.

Answer 65

Intrusion Prevention System analyzes whole packets, both header and payload, looking for known events. When a known event is detected, packet is rejected

Answer 66

can detect previously unknown attack methods creates a baseline of activity to identify normal behavior and then measures system performance against the baseline to detect abnormal behavior.

Answer 67

only effective against known attack methods uses signatures similar to the signature definitions used by anti-malware software.

Answer 68

computer or appliance that is exposed on the Internet and has been hardened by removing all unnecessary elements, such as services, programs, protocols, and ports.

Answer 69

is a firewall protected system logically positioned just inside a private network. Most secure

Answer 70

similar to the screened host in concept, except a subnet is placed between two routers or firewalls and the bastion host(s) is located within that subnet.

Answer 71

A proxy server functions on behalf of the client requesting service, masking the true origin of the request to the resource.

Answer 72

Lure bad people into doing bad things. Lets you watch them. Only ENTICE, not ENTRAP. you are not allowed to let them download items with “Enticement”. For example, allowing download of a fake payroll file would be entrapment. Goal is to distract from real assets and isolate in a padded cell until you can track them down.

Answer 73

is a denial of service (DoS) attack that involves sending fragmented packets to a target machine. Since the machine receiving such packets cannot reassemble them due to a bug in TCP/IP fragmentation reassembly, the packets overlap one another, crashing the target network device.

Answer 74

is a denial of service (DoS) attack that involves sending a large amount of spoofed UDP traffic to a router's broadcast address within a network. It is very similar to a Smurf Attack, which uses spoofed ICMP traffic using a 3rd party network rather than UDP traffic to achieve the same goal.

Answer 75

is a Layer 4 Denial of Service (DoS) attack in which, the attacker sets the source and destination information of a TCP segment to be the same. A vulnerable machine will crash or freeze due to the packet being repeatedly processed by the TCP stack

Answer 76

is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.

Answer 77

Employs an oversized ping packet. Max allowed ping packet size is 65,536 bytes. Ping of death sends package 65,537 bytes or larger.

Answer 78

1. SYN 2. SYN-ACK 3. ACK a process used in a TCP/IP network to make a connection between the server and client