Domain 4: Communications and Network Security

Question 1

IEEE 802.3

Answer 1

Ethernet Protocol

Question 2

SPX

Answer 2

Archaic OSI Layer 4 (transport layer) protocol.

Question 3

Four network Topologies

Answer 3

Ring - all endpoints are conneted in ring

Bus - one central trunk each pc connects to

Star - central router or hub

Mesh - every endpoint is connected to every other endpoint.

Question 4

Layer 6 OSI

Answer 4

The Presentation Layer. The presentation layer transforms data into format structures that other systems can understand. Examples of presentation layer formats include JPEG, MPEG, ASCII, and GIF.

Question 5

Layer 5 OSI

Answer 5

Session Layer: The Session layer of the Open Systems Interconnection (OSI) model is used primarily to track application dialogue. The Session layer (Layer 5) establishes, coordinates, and terminates communication sessions between applications. Examples of Session layer protocols are Remote Procedure Call (RPC) and Network File System (NFS).

Question 6

DTE vs DCE on old Serial Equipment

Answer 6

Data terminal equipment (DTE) is a term for the interface a customer will connect to when using older serial-based wide-area network (WAN) connections. This is common in Frame Relay and Asynchronous Transfer Mode (ATM) connections. The circuit-terminating equipment (DCE) end connects to the provider.

Question 7

Layer 2 TCP/IP

Answer 7

Internet layer

Question 8

802.1AE

Answer 8

MACsec

802.1AE, also known as MACsec, is an Institute of Electrical and Electronics Engineers (IEEE) standard that provides confidentiality and integrity at the data link layer of the Open Systems Interconnection (OSI) model.

Question 9

WEP

Answer 9

IEEE 802.11

Uses a shared key between clients and APs.

Not considered secure.

Question 10

Is IP considered a connectionless protocol?

Answer 10

Yes

Question 11

Is Web Security Gateway an actual term?

Answer 11

Yes - once upon a time this was a dedicated appliance for content filtering.

Most firewalls have this built in as a feature now.

Question 12

Packet Switching Protocol

Answer 12

TCP, UDP, GRE, SPX, etc

Question 13

CSMA/CD and CSMA/CA

Answer 13

Carrier-sense multiple access with collision detection

Carrier-sense multiple access with collision avoidance

Question 14

DSSS

Answer 14

Direct-sequence spread spectrum

Direct-sequence spread spectrum (DSSS) is a modulation technology that increases bandwidth and adds redundancy by adding sub-bits to messages. These sub-bits are called “chips” and can be used to reconstruct data similar to how RAID-5 reconstructs data after a drive failure.

Question 15

Most fundamental component of a VPN

Answer 15

Tunneling

The communication between the two endpoints is encapsulated and travels through another network medium. Since a VPN is impossible without encapsulation or tunneling, it is the most crucial component.

Question 16

Baseband

Answer 16

Baseband has only one channel, so it can only send one communication signal at a time. Baseband signaling uses a single channel for the transmifssion of digital signals and is common in twisted-pair cabling.

Ethernet networks are baseband: a “100baseT” UTP cable means 100 megabit, baseband, and twisted pair.

Question 17

FCoE

Answer 17

Fiber Channel over Ethernet

Question 18

Phreaker

Answer 18

phone + freak = phreak

Someone who abuses phone systems/telecommunications.

Question 19

Latest WiFi Standard

Answer 19

Wifi 6E

Question 20

VLAN Hopping Attack

Answer 20

VLAN hopping occurs when an attacker manipulates a frame, so the switch moves it to a different VLAN. VLAN hopping can happen by spoofing a switch, setting up a dynamic trunk or tagged interface, or creating a double-encapsulated 802.1Q tag.

Question 21

TCP/IP layers

Answer 21

Layer 1: datalink/Network Access Layer.
Layer 2: network/Internet Layer.
Layer 3: Transport Layer.
Layer 4: Application Layer.

Question 22

OSI model layers

Answer 22

Physical, Data Link, Network, Transport, Session, Presentation, and Application.

Question 23

TCP URG header

Answer 23

Marks the packet as urgent, requires immediate attention.T

Question 24

Pre-admit NAC

Answer 24

Systems are tested BEFORE they are admitted network access.

Question 25

Post-admit NAC

Answer 25

Systems are tested AFTER they are admitted network access.

Question 26

Clientless NAC

Answer 26

No Agent deployed to the endpoints being verified by NAC.

Question 27

Client-based NAC

Answer 27

The NAC Service has an agent running on the endpoint to gather more data.

Question 28

Disassociation Attack

Answer 28

Attack on WiFI, used to:

Discover SSID of hidden networks - If forced to disassociate, an endpoint will send a connection request with the plaintext of the hidden SSID

Entice clients to connect to a rogue WAP

DOS Attack

Question 29

APIPA - Automatic Private IP Addressing

Answer 29

AKA link-local address assignment, assigns an IP address to a system if DHCP fails.

169.254.0.1 to 169.254.255.254.

Question 30

Bluejacking

Answer 30

Bluejacking is the sending of unsolicited messages over Bluetooth. An attacker may also send a malicious attachment via Bluetooth. The goal is for the victim to allow an attacker to connect to the device enabling the hacker can gain access to contacts, images, and other private data.

Question 31

Bluesnarfing

Answer 31

Bluesnarfing allows hackers to connect with a Bluetooth device without the user’s knowledge and extract information from the device.

Question 32

Bluebugging

Answer 32

Bluebugging is an attack that grants hackers remote control over the features and functions of a Bluetooth device.

Question 33

Cat 7 cable

Answer 33

is used for 10 gigabit Ethernet for data up to 10Gbps

Question 34

OSI Model - Please Do Not Throw Salami Pizza Away

Answer 34

Please Do Not Throw Salami Pizza Away

Physical
Datalink
Network
Transport
Session
Presentation
Application

Question 35

TCP/IP Model

Answer 35

Network Access (Physical, Data Link)

Internet (Network)

Transport (Transport)

Application (Session, presentation, application)

Question 36

FDDI

Answer 36

Fiber Distributed Data Interface (FDDI) is a high-speed token-passing technology that employs two rings with traffic flowing in opposite directions.

Question 37

Screened Subnet/DMZ

Answer 37

A screened subnet is a network between two routers or firewalls and is frequently called a Demilitarized Zone (DMZ). Screened subnets are generally used when internet users need to access internal resources. Designated systems are placed in the DMZ with firewall policies that allow internet users access. This allows firewall administrators to expose only a small network to the internet without adding private networks.

Question 38

Type of firewall that automatically adjusts filtering based on context and content of traffic.

Answer 38

Stateful firewall.

(For CISSP, NOT a WAF)

Question 39

WPA3 supported Authentication Mechanisms

Answer 39

ENT - Enterprise WiFi Authenticaition AKA 802.1x

SAE - Simaltaneous auth of equals