ISOC and SSL

Question 1

Responsibilities of IETF

Answer 1

Applications Area, Internet Area, Network Management, OSI integration, Routing area, Security Area, Transport and service area

Question 2

IETF

Answer 2

Internet Engineering Task Force

Question 3

IANA

Answer 3

Internet Assigned Number Authority

Question 4

Responsibilities of IANA

Answer 4

Coordinate assigned values of protocol parameters, Type codes, Protocol numbers, Port numbers, Internet addresses and Standards

Question 5

IRTF

Answer 5

Internet Research Task Force

Question 6

Responsibilities of IRTF

Answer 6

End to End research, Autonomous networks, Electronic libraries, Internet Architecture, Electronic Communities, Resource discovery

Question 7

TCPIP Architecture Design

Answer 7

Layered design, makes it easier for future developments.

Question 8

3 Levels of TCPIP Architecture

Answer 8

Connectionless Oriented Delivery (IP, Network Layer). Transport Layer Services (using IP). Highest Level is Application layer service

Question 9

IETF RFC791 IPV4

Answer 9

Routing layer diagram of the TCP IP suite. IP frame header contains routing info and control info associated with datagram delivery.

Question 10

IPv6 / IPnG

Answer 10

Increases address size from 32bits to 128 to support more levels of addressing. Adds scalability of multicast addresses.

Question 11

Anycast address

Answer 11

sends a packet to a group of nodes. added with ipv6.

Question 12

Advantages of IPv6

Answer 12

Efficient Formatting, Less Stringent Limits, Greater Flexibility. Support for extensions in headers.

Question 13

TCPIP Addressing Scheme (IPv4)

Answer 13

Nodes connected to IP network. 32 bit addresses. IP contains NetID and HostID.

Question 14

TCPIP Address Classes

Answer 14

IP Address spaces are divided into fixed length structures called address classes.

Question 15

Class A

Answer 15

First bit of IP is 0. From 1.0.0.0 to 126.0.0.0

Question 16

Class B

Answer 16

First two bits of IP are 1 0. From 127.0.0.0 to 191.255.0.0

Question 17

Class C

Answer 17

First 3 bits are 1 1 0. 3 Bits for address class, 21 for network, 8 for host.

Question 18

Class D

Answer 18

first 4 bits are 1 1 1 0. Multicast address not a specific network. ex. Video Conferencing

Question 19

Class E

Answer 19

first 4 bits are 1 1 1 1. Special Reserved address. Doesn’t refer to specific networks. No numbers currently assigned in this range.

Question 20

Subnetting

Answer 20

Provides a way to extend network portion of IP beyond allocated bits. Uses a mask to host address to access subnetworks.

Question 21

Subnetting Overhead

Answer 21

Allocated bits for host identification

Question 22

Using Subnet Mask on IP

Answer 22

identifies network and node parts of address. Network bits represented by 1 and node by 0. Doing logical AND between these gives network address.

Question 23

Default Subnet Masks

Answer 23

Class A - 255.0.0.0
Class B - 255.255.0.0
Class C - 255.255.255.0

ex use C for smaller groups

Question 24

Limit of nodes part of address in subnet

Answer 24

196 nodes instead of 254 since subnetting has better traffic isolation and security

Question 25

CIDR

Answer 25

Classless interdomain Routing. Invented to keep from running out of IPs. Classful system was wasteful. Extends classful system, allocating only the amount of space needed

Question 26

Subnet Mask Notation in CIDR

Answer 26

Reduced. Listed as the number of 1s that start the mask.

Question 27

SSL

Answer 27

Secure Sockets Layer Protocol. Universally accepted over WWW for authenticated and encrypted communication between client and server.

Question 28

Transport Layer Security

Answer 28

TLS, based on SSL. IETF standard

Question 29

Where does the SSL protocol run

Answer 29

Above TCP/IP but below high level protocols such as HTTP, IMAP.

Question 30

SSL uses TCP on behalf of higher protocols to allow:

Answer 30

SSL enabled server to auth SLL enabled client
Client Auth to server
Encrypted connection between both parties

Question 31

SSL Protocol addresses concerns:

Answer 31

SSL Server authentication
SSL client authentication
Encrypted SSL connection

Question 32

SSL Server authentication

Answer 32

Can use standard techniques of public key cryptography to check server certificate and public IP is valid and certified.

Question 33

SSL client authentication

Answer 33

Allows server to confirm user’s identity, using the same techniques for server authentication

Question 34

Encrypted SSL connection

Answer 34

Requires all info sent between client and server to be encrypted by sending and decrypted by receiving software.

Question 35

SSL Sub protocols

Answer 35

SSL Record And SSL Handshake

Question 36

SSL Record

Answer 36

Defines format to transmit data

Question 37

SSL Handshake

Answer 37

Uses record to exchange series of messages between SSL server and client connection

Question 38

SSL exchange of messages is designed to facilitate the following:

Answer 38

Authenticate server to client
Allow client and server to select cyptographic algorithms
Authenticate client to server
Use public key encryption and generate shared secret
Establish an SSL connection

Question 39

Ciphers used with SSL

Answer 39

DES (Data Encryption Standard)
DSA (Data signature algorithm)
KEA (Key exchange method)
MD5 (Message Digest Algorithm)
SHA-1

Question 40

Most commonly used SSL Cipher

Answer 40

RSA key exchange

Question 41

Key exchange algorithms

Answer 41

govern how server and client determine symmetric keys they will both use during session.

Question 42

Cipher suites with RSA key exchange

Answer 42

Triple DES, RC4, RC2, DES, all support encryption and authentication

Question 43

What key encryption does SSL protocol use

Answer 43

a mix of public and symmetric key encryption

Question 44

SSL begins session with

Answer 44

Handshake. Allow server to authenticate and cooperate with client for encryption.

Question 45

SSL Handshake Process

Answer 45

Go check the notes for this

Question 46

Client encrypts premaster secret with

Answer 46

servers public key

Question 47

What can decrypt premaster secret?

Answer 47

private key that corresponds to it.

Question 48

Client Authentication cyptography

Answer 48

client encrypts random data with its private key. Public key in clients certificate can correctly validate the signature only if private key was used.

Question 49

VLAN

Answer 49

Group of isolated devices on a LAN. Subgroup of LAN and segregation of data. Can be addressed by MAC address of TCP.

Question 50

IP orientation

Answer 50

connectionless oriented

Question 51

TCP orientation

Answer 51

connection oriented