Domain 4. Networking Flashcards

Question 1

Q

What is the function of ARP (Address Resolution Protocol)?

Answer

A

MAC to IP translation

Question 2

Q

What is the function of IGMP (Internet Group Messaging Protocol)?

Answer

A

Used for multicasting

Question 3

Q

What is the function of ICMP (Internet Control Messaging Protocol)?

Answer

A

Used for troubleshooting and error messaging - ping, tracert

Question 4

Q

What is the function of IP (Internet Protocol)?

Answer

A

Used for addressing and routing

Question 5

Q

How many bits is IPv4?

Answer

A

32-bit, 4-octet identifier

Question 6

Q

How many bits in IPv6?

Answer

A

128-bit HEX identifier

Question 7

Q

What is the function of UDP (User Datagram Protocol)?

Answer

A

Connection-less delivery, no handshaking

Question 8

Q

What is the function of TCP?

Answer

A

Connection guaranteed delivery. Three-way handshake

Question 9

Q

What is the port?

Answer

A

A port is an identifier for an application within a computer. Port is associated with either UDP or TCP.

Question 10

Q

How many ports do we have?

Question 11

Q

“Well known ports” are…

Question 12

Q

Dynamic ports (private ports) are …

Answer

A

49, 151 - 65,535

Question 13

Q

Registered ports are…

Answer

A

1024 - 49,151

Question 14

Q

DNSSEC

Answer

A

all responses from DNSSEC are digitally signed using public key encryption

Question 15

Q

What is MPLS?

Answer

A

Multiprotocol Label Switching - used to create cost effective, private Wide Area Networks (WANs) faster and more secure than regular routed “public” IP networks like the internet
More secure than the public internet, because a “virtual” private network (end-to-end circuit)can be built just for your organization
Layer 3 technology

Question 16

Q

Name 4 wireless network sizes

Answer

A

WPAN -> WLAN -> WMAN -> WWAN
WPAN - personal area network
WLAN - 802.11x network
WMAN - connectst 802.11 network using 802.16
WWAN - point to point microwave links

Question 17

Q

What is Bluejacking?

Answer

A

Sending spam to nearby bluetooth devices

Question 18

Q

What is Bluesnarfing?

Answer

A

Copes information off remote device

Question 19

Q

Name 802.11 Access Modes?

Answer

A

WEP, WPA, WPA2

Question 20

Q

Name Wireless Attack Vectors

Answer

A

Passive:Sniffing, Eavesdropping, packet capture
MitM: Rogue Access Point, MAC impersonation, Replay Attack
DoS: Bogus requests, signal jamming, packet injection

Question 21

Q

WEP

Answer

A

broken ecryption, no integrity

Question 22

Q

WPA2

Answer

A

uses 801.11, EAP, AES and CBC-MAC

Question 23

Q

Encryption can be used to ensure … ?

Answer

A

Confidentiality

Question 24

Q

Hashing can be used to ensure … ?

Answer

A

Integrity

Question 25

Q

Digital signature can be used to ensure … ?

Answer

A

non-repudiation

Question 26

Q

Digital certificates can be used to ensure … ?

Answer

A

authentication

Question 27

Q

How S/MIME can be used?

Answer

A

digitally sign and encrypt emails

Question 28

Q

Eavesdropping

Answer

A

Violation of confidentiality

Question 29

Q

Tampering

Answer

A

Violation of integrity

Question 30

Q

Spoofing

Answer

A

violation of authenticity

Question 31

Q

Digital signature

Answer

A

Message Digest (MD) encrypted with the private key

Question 32

Q

DMZ

Answer

A

Semi-trusted network

Question 33

Q

Enclave network

Answer

A

Segment within a trusted network

Question 34

Q

NAT

Answer

A

used to translate internal IP

Question 35

Q

bridge

Answer

A

connects same protocol LANs

Question 36

Q

TEMPEST

Answer

A

Emanation certification network

Question 37

Q

What is the goal of CDN

Answer

A

Server content to end users with high availability and high performance

Question 38

Q

Name 4 VPN technologie

Answer

A

PPTP - point to point Tunneling Protocol
L2TP Layer 2 Tunneling Protocol
IPsec - internet protocol security
SSL - secure Socket Layer

Question 39

Q

IPsec two different modes

Answer

A

Transport mode - used for end-2-end protection between client and server. IP payload is encrypted. Headers are not encrypted
Tunnel mode - server to server, gateway-gateway. Everything is encrypted.

Question 40

Q

Name IPsec securitry services

Answer

A

Authentication - Kerberos or preshared key or digital cert

Integrity - HMAC - hash messaged auth code

Confidentiality - 3DES, AES

Non-repudiation - digital signature

Question 41

Q

IPsec Authentication Header (AH)

Answer

A

provide data integrity, data origin authentication, replay protection. Can be used as standalone IPsec protocol if confidentiality is not required

Question 42

Q

IPsec Encapsulating Security Payload (ESP)

Answer

A

All features of AH + symmetric encryption for payload

Question 43

Q

IPsec IKE

Answer

A

provides mechanism for device authentication and establishing security association

Question 44

Q

IPsec SPI

Answer

A

Security Parameter Index (SPI)

includes algo that will be used (hashing encryption), key length and key information

Question 45

Q

What is the difference between IPsec transport mode and tunnel mode?

Answer

A

In transport mode only payload is encrypted, but in tunnel mode - entire packet is encrypted

Question 46

Q

What PDU (Protocol Data Unit) and protocols is used in Layer 7 Application?

Answer

A

Application layer, Datastream

FTP, TFTP, SSH, IMAP, POP, HTTP, HTTPS

Question 47

Q

What PDU (Protocol Data Unit) and protocols is used at level 6 Presentation?

Answer

A

Presentation layer, Datastream

Question 48

Q

What PDU (Protocol Data Unit) and protocols is used at level 5 Session?

Answer

A

Session layer, Datastream

SQL, RPC

Question 49

Q

What PDU (Protocol Data Unit) and protocols is used at level 4?

Answer

A

Transport layer, Segment
TCP
UDP
SSL/TLS

Question 50

Q

What PDU (Protocol Data Unit) and protocols is used at level 3?

Answer

A

Network layer, Packets

IP, IPv6, IP NAT, ICMP, BGP

Question 51

Q

What PDU (Protocol Data Unit) and protocols is used at level 2?

Answer

A

Data link layer, Frames

Token ring, PPTP, L2TP, WLAN, Wi-Fi

Question 52

Q

What PDU (Protocol Data Unit)and protocols is used at level 1?

Answer

A

Physical layer, Bits

Question 53

Q

What is encapsulation?

Answer

A

Takes information from higher network layer and adds a header to it, treating the higher-layer information as data

Question 54

Q

What layer 1 device provides basic physical connectivity?

Answer

A

Hub, modem, Wireless Access Point, cable, physical interface of NIC, repeater

Question 55

Q

Name 3 different types of cables

Answer

A

Coaxial, Twisted Pair, FiberOpitc

Question 56

Q

Name 4 Layer 1 network topolgies

Answer

A

Bus, Ring, Star, Mesh

Question 57

Q

What is the most fault tolerant and redundant topology?

Question 58

Q

What threats exists in Physical Layer 1?

Answer

A

Sniffing, Interference, Data Emanation

Question 59

Q

Name 2 sub-layers of Data Link layer

Answer

A

LLC - Logical link Control - error detection

MAC - Media Access Control

Question 60

Q

ARP

Answer

A

Address Resolution Protocol. Takes known IP address and maps it to unknown MAC address. IP to MAC resolution. Broadcast base.

Question 61

Q

RARP

Answer

A

Reverse Address Resolution Protocol.

Takes known MAC address and provides IP (basis for DHCP)

Question 62

Q

ARP Poisoning, Cash Poisoning

Answer

A

Layer 2 attack. Uses unsolicited replies.

Question 63

Q

MAC (Media Access Control) Mechanisms - collision control

Answer

A

CSMA/CD - Collision Detection
CSMA/CA - Collision Avoidance
Token passing

Question 64

Q

How HUB works?

Answer

A

Sends all data out for all ports

Answer 62

A

Switch, Switch doesn’t isolate broadcast, isolate collision domain

Answer 63

A

Layer 3 device, router isolate broadcast domains

Answer 64

A

Lots of ping traffic

Answer 65

A

sending data in ICMP messages - Covert Channel

Answer 66

A

Layer 3. All protocols starting from i - are layer 3 protocol. Except imap!

Answer 67

A

uses spoofed source address (target) and direct broadcast to launch a DDoS

Answer 68

A

Incomming traffic

Answer 69

A

Outcomming address

Answer 70

A

Provides End to End data transportation services

Answer 71

A

SSL/TLS, TCP, UDP

Answer 72

A

Layer 4-7

Answer 73

A

Adds security
Easier to program with
Truly implements a sessio

Answer 74

A

SYN Floods

Slower then UDP

Answer 75

A

SYN
SYN/ACK
ACK
Has a guaranteed delivery based on handshake process

Answer 76

A

Responsible for establishing a connection between two APPLICATIONS! (either on the same computer of two different coputers)

Create connection
Transfer data
Release connection

Answer 77

A

Present data in a format that all computers can understand..

Answer 78

A

Layer 6, Presentation layer

Answer 79

A

Concerned with encryption, compression and formatting

Answer 80

A

Defines a protocol that two different programs or applications understand

Answer 81

A

HTTP, HTTPS, FTP, TFTP, SMTP, SNMP,

Answer 82

A

Performance and expensive

Answer 83

A

User application service

Answer 84

A

Data translation, Compression and encryption

Answer 85

A

Session establishment, management and termination

Answer 86

A

End to end connection, segmentation and reassembly

Answer 87

A

Logical Addressing, Routing, Datagram encapsulation, error handling

Answer 88

A

Logical Link Control (LLC), MAC Media Access Control, Data framing, Addressing, Error Detection

Answer 89

A

Encoding & signaling, Physical data transfer, Topology and design

Answer 90

A

Many small attacks add up to equal a large attack

Answer 91

A

Altering/Manipulation data, usually before entry

Answer 92

A

Attacker steps in between

Answer 93

A

Sending Malformed packets which the Operating System does not know how to reassemble. Layer 3 attack

Answer 94

A

Attacks that overwhelm a specific type of memory on a system—the buffers. Is best avoided with input validation

Answer 95

A

Similar to the Teardrop attack. Manipulates how a PC reassembles a packet and allows it to accept a packet much too large.

Answer 96

A

Creates a “circular reference” on a machine. Sends a packet where source and destination are the same.

Answer 97

A

Type of attack that exploits the three way handshake of TCP. Layer 4 attack. Stateful firewall is needed to prevent

Answer 98

A

Uses an ICMP directed broadcast. Layer 3 attack. Block distributed broadcasts on routers

Answer 99

A

Similar to Smurf, but uses UDP instead of ICMP. Layer 4 attack. Block distributed broadcasts on routers

Answer 100

A

Layer 7 Application

Answer 101

A

Keeps tracks of connections

Answer 102

A

A buffer zone between an unprotected network and a protected network that allows for the monitoring and regulation of traffic between the two.

Answer 103

A

Multi-homed firewalls may be used to setup a DMZ with a single firewall.

Answer 104

A

x.x.x
16.xx-172.31.x.x
168.x.x

Answer 105

A

DSL, ISDN, PSTN, t-carriers

Answer 106

A

X.25, Frame relay, ATM, VOIP, MPLS, Cable modem

Answer 107

A

Eavesdropping

Answer 108

A

Fixed Dely

Answer 109

A

Variable delay

Answer 110

A

Point to Point. Layer 2

Answer 111

A

Point to Point Tunneling Protocol
Uses EAP for authentication
Work only with IP networks

Answer 112

A

Layer 2 Tunneling Protocol

There is no security in L2TP

Answer 113

A

Weak IV (24 bits)
IV transmitted in clear text
RC4 stream cipher
Easy crackable
No backward compatible

Answer 114

A

Stronger IV
Introduced TKIP (temporary key integrity protocol)
Still used RC4

Answer 115

A

AES
CCMP - key protection
Not backwards compatible

Answer 116

A

Allows use of the phone
Allows one to make calls
Can eavesdrop on calls

Answer 117

A

As the gateway decrypts from WTLS and encrypts as SSL/TLS, the data is plaintext. If someone could access the gateway, they could capture the communications

Answer 118

A

Application
Transport
Internet
Link

Answer 119

A

Common-Mode noise occurs between hot and ground wires

Answer 120

A

Traverse-mode noise occurs between hot and neutral wires.

Brainscape's Knowledge GenomeTM

Domain 4. Networking Flashcards

Brainscape's Knowledge Genome^TM