Networking

Question 1

ISO 7498

Answer 1

OSI model

Question 2

OSImodel

Answer 2

Application
Presentation
Session
Transport
Network
Data Link
Physical

Question 3

Converged Protocols

Answer 3

Standard protocols (like TCP/IP) mixed with proprietary protocols

Question 4

Fibre Channel over Ethernet (FCoE)

Answer 4

Converged Protocol. High-speed network data storage (storage area network SAN) or network-attached storage (NAS) for file transfers.

Replaces IP at Layer 2

Question 5

Multiprotocol Label Switching (MPLS)

Answer 5

Converged Protocol. Uses short labels to route traffic instead of long network addresses. Encapsulates with other transport mechanisms besides TCP/IP

Question 6

Internet Small Computer System Interface (iSCSI)

Answer 6

Converged Protocol. Network storage standard based on IP. Seen as cheaper alternative to FCoE

Question 7

Voice over IP (VoIP)

Answer 7

Converged Protocol. Tunneling mechanism to support voice/data transfer over TCP/IP.

Question 8

Software-Defined Networking (SDN)

Answer 8

Converged Protocol. Way to control network w/ software, freeing up how hardware is bought & configured. Don’t have to worry about IP addressing, subnets, etc. being programmed into or deciphered by hosting applications

Effectively network virtualization

Question 9

CDN

Answer 9

Content Delivery/Distribution Network
Geographical/logical load balancing. Low latency, high-availability. high perf, stability to hosted content.

CloudFlare, Akamai, Amazon CloudFront, CacheFly,

Question 10

Data Emanation

Answer 10

(Wireless Networks)

transmission of data across electromagnetic signals

Question 11

Wireless Cells

Answer 11

Areas where a wireless device can connect to a wireless access point. Can adjust the strength of the WAP to minimize un-authed user access

Question 12

Wife networking amendments

Answer 12

.11 - 2 Mbps - 2.4GHz
.11a - 54 -        5
.11b - 11 -         2.4
.11g - 54         2.4
.11n -   200+   - 2.4/5
.11ac  - 1GB      - 5Ghz

Question 13

Infrastructure Mode vs Ad-Hoc Mode

Answer 13

(WIFI)
WAPs configured to Infra, not ad-hoc.

In ad-hoc, two devices w/ wireless network cards can connect directly without centralized control authority.

Question 14

Stand-Alone (Infra mode)

Answer 14

WAP connecting wireless clients to each other but not to to any wired devices.
Infra does. WAP serves as wireless hub exclusively

Question 15

Wired Extension (Infra Mode)

Answer 15

WAP acts as a connection point to link wireless clients to wired network

Question 16

Enterprise Extended (Infra Mode)

Answer 16

multiple WAPs used to connected a large physical area to same network.

Each WAP uses the same extended service set identifier (ESSID) so clients can roam

Question 17

Bridge Mode (Infra Mode)

Answer 17

WAP is used to connect to wired networks

Question 18

SSID

Answer 18

Service Set Identifier. Used to differentiate wireless networks.

BSSID: Basic Service Set Identifier. in Inframode, MAC address of base station hosting the ESSID
ESSID: extended service set ID. name of wireless network when WAP or wireless base station used.

Question 19

Beacon frame

Answer 19

Special transmission that WAPs use to broadcast SSID to available network devices

Question 20

How to secure WAP/ SSID Beaconing

Answer 20

Use WPA2 for auth/encryption instead of hiding the SSID

Question 21

Site survey

Answer 21

Physical survey to find weaknesses/spread of WiFi networks

Question 22

OSA

Answer 22

Open System Authentication. A method to authenticate to WAPs because normal network comms can occur. basically means anyone can connect. As long as a radio signal can be transmitted, comms are allowed. Everything transmitted in clear text

Question 23

SKA

Answer 23

Shared Key Authentication. A method to auth to WAPS.

Some form of auth must be performed. WEP is one example. Later amendments are WPA, WPA2, other

Question 24

Wireless Network Security

Answer 24

• Secure WAPs (site survey, Secure SSID)
• Secure Encryption Protocols (WEP, WPA, WPA2, 802.1X/EAP)
• Antenna placement

Question 25

WEP

Answer 25

Wired Equivalent Privacy. Same level of security to wireless networks as on wired. Static shared secret key to encrypt all messages, provides hash (confidentiality + integrity). Uses RC4 cipher. Easy to crack, so not recommended.

Question 26

WPA

Answer 26

WiFi protected Access Replaced WEP. Uses LEAP/TKIP cryptosystems to secure communications, but one secret key per host. Still vulnerable to brute force.

Question 27

WPA2

Answer 27

Improvement on WFA per 802.11i. New method of securing: | Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP), based on AES.

Question 28

802.1X/EAP

Answer 28

Extensible Auth Protocol: framework for new auth mechanisms to be incorporated into wireless comms PEAP, LEAP, MAC Filter, TKIP, CCMP

Question 29

General Wifi Security Procedure

Answer 29

1. Change default admin password 2. Disable SSID broadcast 3. Change the SSID to something unique 4. Enable MAC filtering 5. Consider using static IP addresses, or configure DHCP with reservations 6. Turn on highest form of auth and encrytpion supported (WPA2) 7. Treat wireless as remote access, and manage access w/ 802.1X 8. Treat wireless as external access, and separate WAP fro Wired using a firewall 9. Treat wireless as entry point and monitor WAP-to-wired with IDS 10. Require VPN.

Question 30

Intranet vs extranet

Answer 30

Intranet: totally internal internet. Extranet: combo of intra + public internet, common as DMZ

Question 31

NAC

Answer 31

Network access control. Control access to an environment through strict adherence to set of policies. - Reduce 0days - Enforce sec policy throughout network - Use identities to perform access control

Question 32

Firewalls

Answer 32

Filter/block network traffic coming in/out of network. Often between internal vs public internet, but can be anywhere. Can't block viruses or malware. Single, two-, and three-tiered deployment. 2.1 = split, 3.2 = split

Question 33

Repeaters, Concentrators, Amplifiers

Answer 33

Layer 1 tools that used to strengthen comms signal over cable segment, connect segments over same protocol.

Question 34

Hubs

Answer 34

Connect multiple systems and connect network segments using same protocol. Broadcasts incoming data across all outbound ports. Multiport repeater. Not great for sec

Question 35

Modems

Answer 35

Modulates between analog carrier signal and ditial information. Mostly replaced by ISDN, cable modems, DSL modems, wifi, etc.

Question 36

Bridges

Answer 36

Connect two networks together (of different types) of same protocol.

Question 37

Switches

Answer 37

Not hub - forwards to one port to the specific destination

Question 38

Router

Answer 38

Layer 3, control traffic flow on networks. Static defined routing table or dynamic routing system

Question 39

Ring topology

Answer 39

Ring topology, only one device can send data at a time, with the use of a token that's passed around in one direction.

Question 40

Bus Topology

Answer 40

One central trunk, devices off it. Collisions can occur. to prevent, everyone listens for any other occurring traffic, waits until coast is clear. also more resilient against single segment failures. Linear vs tree. Not used much because must be terminated at both eneds, and any disconnection can take down the entire network

Question 41

Star topology.

Answer 41

Uses central connection device. Logical bus or logical ring can be applied on top of physical star implementation

Question 42

Mesh topology

Answer 42

Many paths between systems.

Question 43

Frequency Hopping Spread Sprectrum

Answer 43

Spread spectrum comms. | Bits of message are sent sequentially at different frequency bands

Question 44

Direct Sequence Spread Spectrum

Answer 44

Spread spectrum comms. | Sends parts of message in parallel across all available frequencies at same time

Question 45

Orthogonal Frequency-Division Multiplexing

Answer 45

Spread spectrum comms. | Modulated signals are perpendicular to minimize interferece

Question 46

Bluetooth Risks

Answer 46

Personal Area Network. pairing over 2.4 GhZ 4 digit code (easy to BF) Bluesnarfing: connect w/o knowledge and collect data Blue bugging: remote control over bluetooth device Bluejacking: transmit SMS-like messages

Question 47

LAN technologies

Answer 47

Ethernet Token Ring Fiber Distributed Data Interface (FDDI)

Question 48

Ethernet

Answer 48

LAN Allows numerous devices to communicate, but have to do collision detection and avoidance. Broadcast and collision domains Full-duplex Twisted-pair cabling Uses frames for units Most often star/bus technologies

Question 49

Token ring

Answer 49

LAN | Token passing mechanism. Can be deployed on ring or star topologies

Question 50

Fiber Distributed Data Interface

Answer 50

FDDI. LAN | 2 token rings in opposite directions.

Question 51

LAN Media Access

Answer 51

Used to prevent or avoid transmission collisions. ``` CSMA CSMA/CA CSMA/CD Token Passing Polling ```

Question 52

Carrier-Sense Multiple Access

Answer 52

CSMA 1. Host listens to LAN media to determine whether in use 2. If LAN not being used, transmits 3. Host waits for acknolwedgement 4. If no ack after a timeout, host starts over at stpe 1

Question 53

CSMA with Collision Avoidance

Answer 53

1. Host has inbound + output lines 2. Host listens to LAN media to see if not being used. If not, requests permission to send 3. If receives permission sends. If not, step 1 4. If permission granted, transmits comms over outbound 5. Waits for ack 6. If no ack received after timeout, starts over at step 1

Question 54

CSMA Collection Detection

Answer 54

CSMA/CD 1. Host listens to LAN media to determine if in use 2. If not in use, transmits comms 3. While transmitting, listens for collision 4. If collision detection, transmit a jam signal 5. If jam signal received, all hosts stop tramsitting. Each host waits a random period of time then starts over at step 1 Ethernet.

Question 55

Token Passing

Answer 55

LAN media system to prevent collision

Question 56

Polling

Answer 56

LAN media access technology that uses master + slave config.

Question 57

UTP Categories

Answer 57

``` Cat 1: Voice only (modems) Cat 2: 4 Mpbs - mainframes Cat 3: 10M: 10BaseT ethernet networks, phone cables Cat4: 16 - Token ring Cat5: 100 - 100Base-TX, FDDI, ATM Cat6: 1K - high-speed Cat 7: 10Gpbs 10 gig-speed networks ```