Domain 4 - Communication and Network Security Flashcards Preview

CISSP > Domain 4 - Communication and Network Security > Flashcards

Flashcards in Domain 4 - Communication and Network Security Deck (189):

OSI Layer 7

Application Layer


OSI Layer 6

Presentation Layer


OSI Layer 5

Session Layer


OSI Layer 4

Transport Layer


OSI Layer 3

Network Layer


OSI Layer 2

Data Link Layer


OSI Layer 1

Physical Layer


HTTP, FTP, LPD, SMTP, Telnet, TFTP, EDI, POP3, IMAP, SNMP, NNTP, S-RPC, and SET. Which OSI Layer are these protocols found?

Application - Layer 7


Encryption protocols and format types, such as ASCII, EBCDICM, TIFF, JPEG, MPEG, and MIDI. Which OSI Layer are these protocols found?

Presentation - Layer 6


NFS, SQL, and RPC. Which OSI Layer are these protocols found?

Session - Layer 5


SPX, SSL, TLS, TCP, and UDP. Which OSI Layer are these protocols found?

Transport - Layer 4


ICMP, RIP, OSPF, BGP, IGMP, IP, IPSec, IPX, NAT, and SKIP. Which OSI Layer are these protocols found?

Network - Layer 3


SLIP, PPP, ARP, RARP, L2F, L2TP, PPTP, FDDI, ISDN. Which OSI Layer are these protocols found?

Data Link - Layer 2


EIA/TIA-232, EIA/TIA-449, X.21, HSSI, SONET, V.24, and V.35. Which OSI Layer are these protocols found?

Physical - Layer 1


Which layer of the OSI Model is ARP and RARP found?

Data Link - Layer 2


Which layer of the OSI Model is ICMP and NAT found?

Network Layer - Layer 3


Which layer of the OSI Model is RPC found?

Session Layer - Layer 5


Which layer of the OSI Model is HTTP and TFTP found?

Application Layer - Layer 7


Which layer of the OSI Model is Encryption protocols and JPEG found?

Presentation Layer - Layer 6


Which layer of the OSI Model is SSL and TLS found?

Transport Layer - Layer 4


What are the four TCP/IP layers?

Application, Transport, Internet and Link


Application model in TCP/IP is equivalent to what layers in OSI?

Application, Presentation and Session (layers 7-5)


Transport layer in TCP/IP is equivalent to what layers in OSI?

Transport - Layer 4


Internet layer in TCP/IP is equivalent to what layers in OSI?

Network - Layer 3


Link layer in TCP/IP is equivalent to what layers in OSI?

Data Link and Physical - Layers 2 and 1


An open network architecture guide for network product vendors. This standard, or guide, provides a common foundation for the development of new protocols, networking services, and even hardware devices.

The OSI Model


Data name at Application, Presentation and Session layers

Data stream (or just data)


Data name at Transport layer



Data name at Network layer



Data name at Data Link layer



Data name at Physical layer



What are the OSI model data names in order (top to bottom)?

Data, Segment, Packet, Frame, Bits


Which TCP/IP layer would the protocols FTP and Telnet be found?

Application layer


Which TCP/IP layer would the protocols TCP and UDP be found?

Transport Layer


Which TCP/IP layer would the protocols ICMP and IP be found?

Internet Layer


Which TCP/IP layer would the protocol Ethernet be found?

Link layer


Transport layer protocol of TCP/IP that is a full duplex connection-oriented protocol?



Transport layer protocol of TCP/IP that is a simplex connectionless protocol?



This can be used to manage traffic, improve performance, and enforce security. Examples include intranet, extranet, and DMZ.

Network segmentation


A form of network data storage solution (i.e.,
SAN (storage area network) or NAS (network-attached storage)) that allows for high-speed file transfers.

Fibre Channel


This is used to encapsulate Fibre Channel communications over Ethernet networks.

FCoE (Fibre Channel over Ethernet)


A networking storage standard based on IP.

iSCSI (Internet Small Computer System Interface)


The IEEE standard for wireless network communications.



The process of investigating the presence, strength, and reach of wireless access points deployed in an environment. This task usually involves walking around with a portable wireless device, taking note of the wireless signal strength, and mapping this on a plot or schematic of the building.

Site survey


An early alternative to WEP. This technique was an improvement but was itself not fully secure. It is based on the LEAP and TKIP cryptosystem and employs a secret passphrase.

Wi-Fi Protected Access (WPA)


a new encryption scheme known as the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on the AES encryption scheme.



is defined by the IEEE 802.11 standard. It was designed to provide the same level of security and encryption on wireless networks as is found on wired or cabled networks. It provides protection from packet sniffing and eavesdropping against wireless transmissions. A secondary benefit is that it can be configured to prevent unauthorized access to the wireless network. It uses a predefined shared secret key.

Wired Equivalent Privacy (WEP)


An authentication framework that allows for new
authentication technologies to be compatible with existing wireless or point-to-point connection technologies.

EAP (Extensible Authentication Protocol)


encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption.

PEAP (Protected Extensible Authentication Protocol)


a Cisco proprietary alternative to TKIP for WPA. This was developed to address defi ciencies in TKIP before the 802.11i/WPA2 system was ratified as a standard.

LEAP (Lightweight Extensible Authentication Protocol)


A list of authorized wireless client interface
MAC addresses that is used by a wireless access point to block access to all non-authorized devices.

MAC filtering


This was designed as the replacement for WEP without requiring replacement of legacy wireless hardware. It was implemented into 802.11 wireless networking under the name WPA (Wi-Fi Protected Access).

TKIP (Temporal Key Integrity Protocol)


This was created to replace WEP and TKIP/WPA. It uses AES (Advanced Encryption Standard) with a 128-bit key.

CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)


An authentication technique that redirects
a newly connected wireless web client to a portal access control page.

captive portal


What the are the standard network topologies

Ring, bus, star and mesh


Name the four basic types of firewalls

static packet filtering, application-level gateway, circuit-level gateway, and stateful inspection


Examples of protocol services used to connect LAN and WAN communication technologies

Frame Relay, SMDS, X.25, ATM, HSSI, SDLC, HDLC, and ISDN.


The addition of a header, and possibly a footer, to the data received by each layer from the layer above before it’s handed off to the layer below.



What is the range of well-known or the service ports?

0-1023 (first 1,024)


Name the steps of the TCP handshake process.

Client sends a SYN (synchronize) flagged packet to the server. The server responds with a SYN/ACK (synchronize and acknowledge) flagged packet
back to the client. The client responds with an ACK (acknowledge) flagged packet back to the server.


Name the two methods to disconnect a TCP session

FIN (finish) flagged packets and RST (reset) flagged packets


Is used to to resolve IP addresses (32-bit binary number for logical addressing) into Media Access Control (MAC) addresses.

Address Resolution Protocol (ARP)


Is used to resolve MAC addresses into IP addresses.

Reverse Address Resolution Protocol (RARP)


TCP port 23



TCP Ports 20 and 21

File Transfer Protocol (FTP)


UDP Port 69

Trivial File Transfer Protocol (TFTP)


TCP Port 25

Simple Mail Transfer Protocol (SMTP)


TCP Port 110

Post Office Protocol (POP3)


TCP Port 143

Internet Message Access Protocol (IMAP)


This is a terminal emulation network application that supports remote connectivity for executing commands and running applications but does not support transfer of files.



This is a network application that supports an exchange of files that requires anonymous or specific authentication.

File Transfer Protocol (FTP)


This is a network application that supports an exchange of files that does not require authentication.

Trivial File Transfer Protocol (TFTP)


This is a protocol used to transmit email messages from a client to an email server and from one email server to another.

Simple Mail Transfer Protocol (SMTP)


This is a protocol used to pull email messages from an inbox on an email server down to an email client.

Post Office Protocol (POP3)


This is a protocol used to pull email messages from an inbox on an email server down to an email client. It is more secure than POP3 and offers the ability to pull headers down from the email server as well as to delete messages directly off the email server without having to download to the local client first.

Internet Message Access Protocol (IMAP)


UDP Ports 67 and 68

Dynamic Host Configuration Protocol (DHCP)


This uses port 67 for server point-to-point response and port 68 for client request broadcasts. It is used to
assign TCP/IP confi guration settings to systems upon bootup. It enables centralized control of network addressing.

Dynamic Host Configuration Protocol (DHCP)


TCP Port 80

Hypertext Transport Protocol (HTTP)


This is the protocol used to transmit web page elements from a web server to web browsers.

Hypertext Transport Protocol (HTTP)


TCP Port 443 (for HTTP Encryption)

Secure Sockets Layer (SSL)


This is a VPN-like security protocol that operates at the Transport layer. SSL was originally designed to support
secured web communications (HTTPS) but is capable of securing any Application layer protocol communications.

Secure Sockets Layer (SSL)


This is a network service that is used to spool print jobs and to send print jobs to printers.

Line Print Daemon (LPD)


This is a network service used to support file sharing between dissimilar systems.

Network File System (NFS)


This is a network service used to collect network health and status information by polling monitoring devices from a central monitoring station.

Simple Network Management Protocol (SNMP)


The act of capturing packets from the network in hopes
of extracting useful information from the packet contents.

Packet sniffing


The merging of specialty or proprietary protocols with standard protocols, such as those from the TCP/IP suite.

Converged protocols


What is the primary benefit of converged protocols?

the ability to use existing TCP/IP supporting network infrastructure to host special or proprietary services without the need for unique deployments of alternate networking hardware.


This can be used to support Fiber Channel over
the existing network infrastructure. It typically requires 10 Gbps Ethernet in order to support the Fibre Channel protocol.

Fibre Channel over Ethernet (FCoE)


A high-throughput high-performance network technology that directs data across a network based on short path labels rather than longer network addresses.

MPLS (Multiprotocol Label Switching)


a networking storage standard based on IP. This technology can be used to enable location-independent file storage, transmission, and retrieval over LAN, WAN, or public Internet connections. It is often viewed as a low-cost alternative to Fibre Channel.

Internet Small Computer System Interface (iSCSI)


a tunneling mechanism used to transport
voice and/or data over a TCP/IP network.

Voice over IP (VoIP)


a unique approach to network operation, design, and management. The concept is based on the theory that the complexities of a traditional network with on-device configuration (i.e., routers and switches) often force an organization to stick with a single device vendor, such as Cisco, and limit the flexibility of the network to respond to changing physical and business conditions.

Software-Defined Networking (SDN)


a collection of resource services deployed in numerous data centers across the Internet in order to provide low latency, high performance, and high availability of the hosted content.

content distribution network (CDN)


the transmission of data across electromagnetic signals.

Data emanation


the IEEE standard for wireless network communications.



Mode that allows any two wireless networking devices, including two wireless network interface cards (NICs), to communicate without a centralized control authority.

Ad hoc mode


Wireless mode that requires an access point and wireless NICs on systems can’t interact directly. The restrictions of the wireless access point for wireless network access are enforced.

infrastructure mode


A standard port-based network access control that ensures clients cannot communicate with a resource until proper authentication has taken place. Effectively, it is a hand-off system that allows the wireless network to leverage the existing network infrastructure’s authentication services.



This is not a specific mechanism of authentication; rather it is an authentication framework.

EAP (Extensible Authentication Protocol)


encapsulates EAP methods within a
TLS tunnel that provides authentication and potentially encryption.

PEAP (Protected Extensible Authentication Protocol)


a Cisco proprietary alternative to TKIP for WPA. This was developed to address deficiencies in TKIP before the 802.11i/WPA2 system was ratified as a standard.

LEAP (Lightweight Extensible Authentication Protocol)


A concept of controlling access to a network environment through strict adherence to and implementation of security policy.

Network Access Control (NAC)


A type of firewall that filters traffic by examining data from a message header. Usually, the rules are concerned with source, destination, and port addresses.

Static Packet-Filtering Firewalls


A type of firewall that are used to establish communication sessions between trusted partners. They operate at the Session layer (layer 5) of the OSI model. They permit or deny forwarding decisions based solely on the endpoint designations of the communication circuit (in other words, the source and destination addresses and service port numbers).

Circuit-Level Gateway Firewalls


A type of firewall that evaluate the state or the context of network traffic. By examining source and destination addresses, application usage, source of origin, and relationship between current packets and the previous packets of the same session, they are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities. They are known as third-generation firewalls, and they operate at the Network and Transport layers (layers 3 and 4) of the OSI model.

Stateful Inspection Firewalls


Also called a proxy firewall. This type of firewall filters traffic based on the Internet service (in other words, the application) used to transmit or receive the data.
Each type of application must have its own unique proxy server. Thus, these firewalls comprises numerous individual proxy servers. This type of firewall negatively
affects network performance because each packet must be examined and processed as it passes through the firewall. They are known as second-generation
firewalls, and they operate at the Application layer (layer 7) of the OSI model.

Application-Level Gateway Firewalls


This occurs when two systems transmit data at the same time onto a connection medium that supports only a single transmission path.



This occurs when a single system transmits data to all possible recipients.



a group of networked systems that could cause a collision if any two (or more) of the systems in that group transmitted simultaneously.

collision domain


a group of networked systems in which all other members receive a broadcast signal when one of the members of the group transmits it.

broadcast domain


These are used to strengthen the communication signal over a cable segment as well as connect network segments that use the same protocol.

Repeaters, Concentrators, and Amplifiers


Are used to connect multiple systems and connect network segments that use the same protocol. They repeat inbound traffic over all outbound ports. This ensures that the traffic will reach its intended host. It is a multiport repeater. They operate at OSI layer 1.



a communications device that covers or modulates between an analog carrier signal and digital information in order to support computer communications of public switched telephone network (PSTN) lines.



is used to connect two networks together—even networks of different topologies, cabling types, and speeds—in order to connect network segments that use the same protocol. It forwards traffic from one network to another.



connects networks that are using different network protocols.



What are the two main types of coaxial cable?

thinnet and thicknet


Also known as 10Base2, this commonly used to connect systems to backbone trunks of thicknet cabling. It can span distances of 185 meters and provide throughput up to 10 Mbps.



Also known as 10Base5, this can span 500 meters and provide throughput up to 10 Mbps (megabits per second).



The physical layout and organization of computers and networking devices

Network topology


What are four basic topologies of the physical layout of a network

ring, bus, star, and mesh


Wireless communication occurs over multiples frequencies at the same time.

spread spectrum


An early implementation of the spread spectrum concept. However, instead of sending data in a parallel fashion, it transmits data in a series while constantly changing the frequency in use.

Frequency Hopping Spread Spectrum (FHSS)


This employs all the available frequencies simultaneously in parallel. This provides a higher rate of data throughput

Direct Sequence Spread Spectrum (DSSS)


What is the protocol used when portable devices use a cell phone carrier’s network to establish communication links with the Internet.

Wireless Application Protocol (WAP)


Provides security connectivity services similar to those of SSL or TLS for cell phones.

Wireless Transport Layer Security (WTLS)


a system for connecting a number of computer systems to form a local area network, with protocols to control the passing of information and to avoid simultaneous transmission by two or more systems.



Employs a token-passing mechanism to control which systems can transmit data over the network medium. The token travels in a logical loop among all members
of the LAN.

Toke Ring


A high-speed token-passing technology that employs two rings with traffic flowing in opposite directions. It is often used as a backbone for large enterprise networks.

Fiber Distributed Data Interface


communications occur with a continuous signal that varies in frequency, amplitude, phase, voltage, and so on. The variances in the continuous signal produce a
wave shape (as opposed to the square shape of a digital signal). The actual communication occurs by variances in the constant signal.



communications occur through the use of a discontinuous electrical signal and a state change or on-off pulses.



This technology can support only a single communication channel. It uses a direct current applied to the cable. A current that is at a higher level represents the binary signal of 1, and a current that is at a lower level represents the binary signal of 0. Ethernet is an example of this technology.



This technology can support multiple simultaneous signals. It uses frequency modulation to support numerous channels, each supporting a distinct communication session. It is suitable for high throughput rates, especially when several channels are multiplexed. It is a form of analog signal. Cable television and cable modems, ISDN, DSL, T1, and T3 are examples of this technology.



This is the LAN media access technology that
performs communications using the following steps:
1. The host listens to the LAN media to determine whether it is in use.
2. If the LAN media is not being used, the host transmits its communication.
3. The host waits for an acknowledgment.
4. If no acknowledgment is received after a time-out period, the host starts over at step 1.
It does not directly address collisions.

Carrier-Sense Multiple Access (CSMA)


This is the LAN media access technology that performs communications using the following steps:
1. The host has two connections to the LAN media: inbound and outbound. The host
listens on the inbound connection to determine whether the LAN media is in use.
2. If the LAN media is not being used, the host requests permission to transmit.
3. If permission is not granted after a time-out period, the host starts over at step 1.
4. If permission is granted, the host transmits its communication over the outbound connection.
5. The host waits for an acknowledgment.
6. If no acknowledgment is received after a time-out period, the host starts over at step 1.

AppleTalk and 802.11 wireless networking are examples of networks that employ this technology.

Carrier-Sense Multiple Access with Collision Avoidance (CSMA/CA)


This is the LAN media access technology that performs communications using the following steps:
1. The host listens to the LAN media to determine whether it is in use.
2. If the LAN media is not being used, the host transmits its communication.
3. While transmitting, the host listens for collisions (in other words, two or more hosts
transmitting simultaneously).
4. If a collision is detected, the host transmits a jam signal.
5. If a jam signal is received, all hosts stop transmitting. Each host waits a random period
of time and then starts over at step 1.

Ethernet networks employ this technology.

Carrier-Sense Multiple Access with Collision Detection (CSMA/CD)


the encapsulation of a protocol-deliverable message
within a second protocol. The second protocol often performs encryption to protect the message contents.



This technology is based on encrypted tunneling. They can offer authentication and data protection as a point-to-point solution. Common examples are PPTP, SSL, L2TP, and IPSec. They can be site to site or client to site.



This protects the addressing scheme of a private network, allows the use of the private IP addresses, and enables multiple internal clients to obtain Internet
access through a few public IP addresses. It is supported by many security border devices, such as firewalls, routers, gateways, and proxies.



This type of line is always on and is reserved for a specific customer. Examples include T1, T3, E1, E3, and cable modems.

dedicated lines


This type of line requires a connection to be established before data transmission can occur. It can be used to connect with any remote system that uses the same type of nondedicated line. Standard modems, DSL, and ISDN are examples.

nondedicated lines


This is a full-duplex encapsulation protocol used for transmitting TCP/IP packets over various non-LAN connections, such as modems, ISDN, VPNs, Frame Relay, and so on. It is widely supported and is the transport protocol of choice for dial-up Internet connections. Its authentication is protected through the use of various protocols, such as CHAP and PAP. It is a replacement for SLIP and can support any LAN protocol, not just TCP/IP.

Point-to-Point Protocol (PPP)


Protocols that provide security services for application-specific communication channels

secure communication protocols


This is an encryption tool used to protect sessionless datagram protocols. It was designed to integrate with IPSec; it functions at layer 3. It is able to encrypt any subprotocol of the TCP/IP suite. It was replaced
by Internet Key Exchange (IKE) in 1998.

Simple Key Management for Internet Protocol (SKIP)


This is an authentication service and is simply a
means to prevent unauthorized execution of code on remote systems.

Secure Remote Procedure Call (S-RPC)


This is an encryption protocol developed by Netscape to protect the communications between a web server and a web browser. It can be used to secure web, email, FTP, or even Telnet traffic. It is a session-oriented protocol that provides confidentiality and integrity. It is deployed using a 40-bit key or a 128-bit key. It is
superseded by Transport Layer Security (TLS).

Secure Sockets Layer (SSL)


This functions in the same general manner as SSL, but it uses stronger authentication and encryption protocols.

Transport Layer Security (TLS)


What two protocols both have the following features:
■ Support secure client-server communications across an insecure network while preventing
tampering, spoofing, and eavesdropping.
■ Support one-way authentication.
■ Support two-way authentication using digital certificates.
■ Often implemented as the initial payload of a TCP package, allowing it to encapsulate
all higher-layer protocol payloads.
■ Can be implemented at lower layers, such as layer 3 (the Network layer) to operate as a
VPN. This implementation is known as OpenVPN.



This is a security protocol for the transmission of
transactions over the Internet. SET is based on Rivest, Shamir, and Adelman (RSA) encryption and Data Encryption Standard (DES). It has the support of major credit card companies, such as Visa and MasterCard. However, it has not been widely accepted by the Internet in general; instead, SSL/TLS encrypted sessions are the preferred mechanism for secure e-commerce.

Secure Electronic Transaction (SET)


This is one of the authentication protocols used over PPP links. It encrypts usernames and passwords. It performs authentication using a challenge-response dialogue that cannot be replayed. It also periodically reauthenticates the remote system throughout an established communication session to verify a persistent identity of the remote client. This activity is transparent to the user.

Challenge Handshake Authentication Protocol (CHAP)


This is a standardized authentication protocol for PPP. It transmits usernames and passwords in the clear. It offers no form of encryption; it simply provides a means to transport the logon credentials from the client to the
authentication server.

Password Authentication Protocol (PAP)


This is a framework for authentication instead
of an actual protocol. It allows customized authentication security solutions, such as supporting smart cards, tokens, and biometrics.

Extensible Authentication Protocol (EAP)


This encapsulates EAP in a TLS tunnel. It is preferred over EAP because EAP assumes that the channel is already protected but this imposes its own security. It is used for securing communications over 802.11 wireless connections. It can be employed by Wi-Fi Protected Access (WPA) and
WPA-2 connections.

Protected Extensible Authentication Protocol (PEAP)


This was Cisco’s initial response to insecure WEP.
It supported frequent reauthentication and changing of WEP keys (whereas WEP used single authentication and a static key). However, it is crackable using a variety of tools and techniques, including the exploit tool Asleap.

Lightweight Extensible Authentication Protocol (LEAP)


a technology that encapsulates audio into IP packets to support telephone calls over TCP/IP network connections.



a means by which g an unknown, untrusted, or at least unauthorized person gains the trust of someone inside your organization.

Social engineering


an email security standard that offers authentication and confidentiality to email through public key encryption and digital signatures. Authentication is provided through X.509 digital certificates. Privacy is provided through the use of Public Key Cryptography Standard (PKCS) encryption. Two types of messages can be formed using this: signed messages and secured enveloped messages. A signed message provides integrity, sender authentication, and nonrepudiation. An enveloped message provides integrity, sender authentication, and confidentiality.

Secure Multipurpose Internet Mail Extensions (S/MIME)


This can provide authentication, confidentiality, integrity, and nonrepudiation for email messages. It employs Message Digest 2 (MD2) and MD5 algorithms; Rivest, Shamir, and Adelman (RSA) public key; and Data Encryption Standard (DES) to provide authentication and encryption services.

MIME Object Security Services (MOSS)


an email encryption mechanism that provides authentication, integrity, confidentiality, and nonrepudiation. It uses RSA, DES, and X.509.

Privacy Enhanced Mail (PEM)


a means to assert that valid mail is sent by an organization through verification of domain name identity.

DomainKeys Identified Mail (DKIM)


a public-private key system that uses a variety of encryption algorithms to encrypt files and email messages. The first version used RSA, the second version, International Data Encryption Algorithm (IDEA), but later versions offered a spectrum of algorithm options. It is not a standard but rather an independently developed product that has wide Internet grassroots support.

Pretty Good Privacy (PGP)


an older technology developed to support TCP/IP
communications over asynchronous serial connections, such as serial cables or modem dial-up. It is rarely used but is still supported on many systems. It can support only IP, requires static IP addresses, offers no error detection or correction, and does not support compression.

Serial Line Internet Protocol (SLIP)


This is used to centralize the authentication of remote dial-up connections. A network that employs this technology is configured so the remote access server passes dial-up user logon credentials to this for authentication. This process is similar to the process used by domain clients sending logon credentials to a domain controller for authentication.

Remote Authentication Dial-In User Service (RADIUS)


This is an alternative to RADIUS. It is available in three versions: original , extended and plus. The original integrates the authentication and authorization processes. The extended version keeps the authentication, authorization, and accounting processes separate. The plus version improves it by adding two-factor authentication. Plus is the most current and relevant version of this product line.

Terminal Access Controller Access-Control System (TACACS+)


a communication tunnel that provides point-to-point
transmission of both authentication and data traffic over an intermediary untrusted network.

virtual private network (VPN)


the network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol.



What are the four common VPN protocols?

PPTP, L2F, L2TP, and IPSec


an encapsulation protocol developed from the
dial-up Point-to-Point Protocol. It operates at the Data Link layer (layer 2) of the OSI model and is used on IP networks. It creates a point-to-point tunnel between two systems and encapsulates PPP packets.

Point-to-Point Tunneling Protocol (PPTP)


This was derived by combining elements from both PPTP and L2F. It creates a point-to-point tunnel between communication endpoints. It lacks a built-in encryption scheme, but it typically relies on IPSec as its security mechanism.

Layer 2 Tunneling Protocol (L2TP)


This is the most commonly used VPN protocol now.

IP Security (IPSec)


This is both a standalone VPN protocol and the security mechanism for L2TP, and it can be used only for IP
traffic. It works only on IP networks and provides for secured authentication as well as encrypted data transmission.

IP Security (IPSec)


What are the two main components of IPSec

Authentication Header (AH) and Encapsulating Security Payload (ESP)


What component of IPSec provides authentication, integrity, and nonrepudiation.

Authentication Header (AH)


What component of IPSec provides encryption to protect the confidentiality of transmitted data, but it can also perform limited authentication. It operates at the
Network layer (layer 3) and can be used in transport mode or tunnel mode. In transport mode, the IP packet data is encrypted but the header of the packet is not. In tunnel mode, the entire IP packet is encrypted and a new header is added to the packet to govern transmission through the tunnel.

Encapsulating Security Payload (ESP)


In this IPSec mode, the IP packet data is encrypted but the header of the packet is not.

transport mode


In this IPSec mode, the entire IP packet is encrypted and a new header is added to the packet to govern transmission through the tunnel.

tunnel mode


These are used to logically segment a network without altering its physical topology. They are created by switches

virtual LAN (VLAN)


This technology is used to host one or more operating systems within the memory of a single host computer. This mechanism allows virtually any OS to operate on any hardware. Such an OS is also known as a guest operating system.



This is a unique approach to network operation, design,
and management. It aims at separating
the infrastructure layer (i.e., hardware and hardware-based settings) from the control layer
Network Address Translation 525
(i.e., network services of data transmission management). Furthermore, this also removes
the traditional networking concepts of IP addressing, subnets, routing, and the like from
needing to be programmed into or be deciphered by hosted applications.

Software-defined networking (SDN)


The goals of hiding the identity of internal clients, masking the design of your private network,
and keeping public IP address leasing costs to a minimum are all simple to achieve
through the use of this technology.

network address translation (NAT)


a mechanism for converting the internal IP addresses found in packet headers into public IP addresses for transmission over the Internet.

network address translation (NAT).


What are the 3 private IP addresses– (a full Class A range)– (16 Class B ranges)– (256 Class C ranges)


This occurs when the message or communication
is broken up into small segments (usually fixed-length packets, depending on the protocols and technologies employed) and sent across the intermediary networks to the destination.

Packet switching


This is a logical pathway or circuit created over a packet-switched network between two specific endpoints.

virtual circuit


What are the two types of virtual circuits

Permanent virtual circuits (PVCs) and Switched virtual circuits (SVCs)


A border connection device that provides provides all the interfacing needed between the network carrier
service and a company’s LAN.

channel service unit/data service unit (CSU/DSU)


This is an older packet-switching technology that was widely used in Europe. It uses permanent virtual circuits to establish specific point-to-point connections between two systems or networks. It is the predecessor to Frame Relay and operates in much the same fashion.



This is a packet-switching technology that also uses PVCs . However, unlike X.25, it supports multiple PVCs over a single WAN carrier service connection. It is a layer 2 connection mechanism that uses packet-switching technology to establish virtual circuits between communication endpoints.

Frame Relay


This is a cell-switching WAN communication technology, as opposed to a packet-switching technology like Frame Relay. It fragments communications into fi xed-length 53-byte cells. The use of fi xed-length cells allows it to be very efficient and offer high throughputs. It can use either PVCs or SVCs

Asynchronous transfer mode (ATM)


This is a resource consumption attack that has the primary goal of preventing legitimate activity on a victimized system. It renders the target unable to respond to legitimate traffic.

denial-of-service attack