part 3 Flashcards
(69 cards)
1
Q
station
A
Device that interfaces a user to a network
2
Q
node
A
Device that allows 1 or more stations to access the physical network and is a transfer point for passing info through a network (often a router or telephone switch)
3
Q
sub-network (network cloud)
A
Underlying connection of nodes and telecommunication links
4
Q
Factors of Choosing a Routing Method
A
Method/algorithm chosen must be:
- Optimal
- Fair
- Robust, but not too robust
5
Q
Least Cost Routing Algorithm
A
- Finds all possible paths between 2 locations
- By identifying all, also identifies least cost path
- Determines least cost path between any pair of nodes
6
Q
Flooding Routing
A
- Traffic grows quickly when every node floods
- To limit, each packet has a hop count that increments every time the packet hops
if (hopCount == networkHopLimit) -> discard packet
7
Q
Centralized Routing
A
- One routing table is kept at a “central” node
- If a node needs a routing decision, central node is consulted
- To survive central node failure, routing table should be kept at a backup location
- Central node should be designed to support a high amount of routing requests
8
Q
Distributed Routing
A
- Each node has own routing table
- Each node has to share info with other nodes so individual routing tables can be created
- ** Individual routing tables may hold inaccurate information
9
Q
Adaptive vs. Static Routing
A
Adaptive:
- Routing tables can change to reflect changes in network
Static:
- Routing tables cannot change
- Simpler but does not adapt to network congestion or failures
10
Q
Routing Information Protocol (RIP)
A
- Form of distance vector routing; adaptive and distributed
- Each node has own table and exchanged routing information with its neighbors
11
Q
network congestion
A
When a network or part of a network becomes so saturated with data packets that packet transfer is noticeably impeded
12
Q
Causes of Network Congestion
A
- Node and link failures
- High traffic
- Improper network planning
13
Q
Possible Solutions to Network Congestion
A
- Implicit congestion control: An application can observe its own traffic and notice if packets are disappearing
- Explicit congestion control: The network can inform its applications that congestion has occurred and applications can take action
* Forward Explicit Congestion Notification (FECN)
* Backward Explicit Congestion Notification (BECN) - Slow control: Flow control at a datalink layer allows 2 adjacent nodes to control the amount of traffic passing between them
- **Congestion avoidance: Using buffer preallocation and connection admission control
14
Q
buffer preallocation
A
Before a node sends packets, sending node inquires in advance whether receiving node has enough buffer space
** node asks nicely before sending hehe
15
Q
connection admission control
A
Before making a connection, user requests how much bandwith is needed, or if connection needs to be real-time
Example: Asynchronous transfer mode
16
Q
Internet Control Message Protocol (ICMP)
A
Performs error reporting repeating for the Internet protocol (i.e. invalid IP address)
17
Q
User Datagram Protocol (UDP)
A
- Transport layer protocol used in place of TCP
- Used with connectionless applications as opposed to connection-oriented like in TCP
- Encapsulates a header onto an application packet but the header is much simpler than TCP
18
Q
Multiprotocol Label Switching
A
- Additional label/s encapsulated onto the front of an IP packet
- Used to move Internet packets more quickly through routers
19
Q
Address Resolution Protocol (ARP)
A
- Translates IP address into MAC so frame can be delivered to proper workstation
- Allows packet to find right destination workstation since LAN does not use IP addresses to deliver frames, uses MAC instead
20
Q
Tunneling Protocols and Virtual Private Networks (VPNs)
A
- Creates secure connection through internet by using a tunneling protocol and security procedures
- Two types: Point-to-point TP (PPTP), IPSEC
21
Q
Point-to-Point TP (PPTP)
A
Extension of point-to-point protocol, used for communication between 2 computers using a serial connection
22
Q
IPSEC
A
Set of protocols developed to support the secure exchange of data packets at IP layer
23
Q
Asynchronous Transfer Mode (ATM)
A
- Sends data in small packets called “cells”
- Virtual circuit/connection must be established before the 2 end points can exchange data
- 4 classes of service: Constant Bit Rate Service (CBR), Variable Bit Rate (VBR), Available Bit Rate (ABR), Unspecified Bit Rate (UBR)
24
Q
Constant Bit Rate Service (CBR)
A
Delivers high speed, continuous data stream that can be used with transition-intensive applications
25
Variable Bit Rate (VBR)
Used for real-time applications (i.e. compressed interactive radio) and non-real-time (i.e. sending email with large, multimedia attachments)
26
Available Bit Rate (ABR)
Used for "bursty" traffic that does not need to be transmitted immediately
27
Unspecified Bit Rate (UBR)
For lower rate traffic that may get held up, may even be discarded part way through transmission if congestion occurs
28
Advantages of ATM
- Different classes of service
| - Ability to operate over many types of media and network topologies
29
Disadvantages of ATM
- Potentially higher costs
| - Higher level of complexity
30
Bluetooth
- Designed for very short ranges
| - Communicates using small, low-power transceivers called radio modules
31
Link Manager
Special software that helps identify other Bluetooth devices, creating a link between them and send/receive digital data
Examples: headphones, smart TVs, keyboard/mouse
32
Zig Bee
Designed for applications that require devices with long battery life and can transmit data at distances between 10-15 meters
33
WiGig
- Can transfer video and sound
- Short-range primarily used at home
- Use confined to space within a room with few or no obstacles
34
RFID
Small chips containing a CPU, memory, and other electronic circuitry plus an antenna
35
NFC (Near Field Communication)
- Similar to RFID
- Includes more flexible information (i.e. web addresses, commands)
- Very short distance (i.e. 5-10 cm)
36
Satellite
Used to transmit data over very long distances
Example: GPS, satellite radio
37
Cellular
- Built around concept of low-power transmitters
| - Transmission towers spread throughout a geographic area
38
Wireless LAN
- Extension of wired LAN
| - Uses an Access Point (AP) which relays data signals among all of the devices on the wired network
39
Fixed Broadband Wireless
Used in areas where wired internet connectivity may not be available
40
Internet of Things (IoT)
Type and amount of data that can be collected from smart sensors, transmitted to servers, analyzed in real-time or saved for later analysis
41
Examples of Wireless Applications
- Military
- Education
- Travel
- Offices
- Health care
- Home control systems
42
Wireless Networking Advantages
- Mobility
- Easier and less expensive installation
- Increased reliability
- Disaster recovery
- Future applications
43
Wireless Networking Disadvantages
- Radio signal interference
- Security
- "Health risks"
44
computer virus
Small program that alters the way a computer operates and often does various types of damage (i.e. corrupting data)
45
worms
Program that copies itself from one system to another over a network without the assistance of a human being
46
2 Popular Forms of Attacks
1. Socially engineered
| 2. Exploiting known vulnerabilities in OS or application software
47
Denial of Service (DOS) or Distributed (DDOS)
Bombard site with so many messages that the site is incapable of answering a valid request
48
Ping Storm
Internet ping program used to send flood of packets to a server
49
Email Bombing
Excessive amount of unwanted email sent to someone
50
Smurfing
Attacks a network by exploiting IP broadcast operations
51
Botnets
Malicious programs that take over operation on a comprised computer
52
Spoofing
User creates a packet that appears to be something else or from someone else
53
Phishing
Hackers create emails which look as if they are coming from a legit source but the hacker is attempting to get sensitive information
54
Pharming
Hacker redirects unknowing user to bogus look-alike website
55
Rootkit
Defies detection and takes over the user's computer
56
Keylogger
Software system that secretly captures and records keystrokes
57
cryptography
Study of creating and using encryption and decryption techniques
58
Firewall
System or combination of systems that supports an access control policy between 2 networks
* Limits types of transactions entering and leaving a system
59
3 Types of Firewalls
1. Packet filter
- A router that has been programmed to filter out or allow to pass certain IP addresses or TCP port numbers
2. Proxy server
- More advanced firewall that acts as a doorman into a corporate network
3. Application layer
- Inspects all packets coming into or leaving a connection using the application layer of the TCP/IP suite
60
Controlling Access
- Deciding who has access to what
- Limiting time of day and day of week access
- Limiting access from a location, such as not allowing a user to use a remote login during certain periods of time
61
WLAN Security
- Broadcasting network traffic over the airwaves
- Security implementations are analogous to those in Ethernet
- WLANs are far more exposed to intrusion because the medium is not contained
62
Attacks Against WLANs
1. Hardware theft
- Device may contain information that can assist someone in breaking into the network
2. AP impersonation
- A rogue AP can impersonate a valid device
3. Passive monitoring
- Data transmissions can be monitored
4. Denial of service (DoS)
- Flood the network with transmissions and deny others access to the AP
63
authentication
- Process that verifies that the client device has permission to access the network
- Each WLAN client can be given the SSID of the network manually or automatically
- Turning off SSID broadcast can only protect your network against someone finding it unintentionally
64
privacy
- Ensures that transmissions are not read by unauthorized users
- Accomplished with data encryption
65
Wired Equivalent Privacy (WEP)
- Data encryption specification for wireless devices
- 2 versions: 64-bit and 128-bit encryption
- Attackers can decrypt a 128-bit WEP key in minutes :(
- Uses weak RC4 implementation
66
Wi-Fi Protected Access
- Standard for network authentication and encryption
- Uses a 128-bit pre-shared key (PSK)
- WPA-PSK uses a different encryption key for each client device, for each packet, and for each session
- WPA employs temporal key integral protocol (TKIP) which provides per-packet key-mixing
- TKIP also provides message integrity check (MIC)
- KIP uses a 48-bit hashed initialization vector
67
IEEE 802.11i and IEEE 802.1x
- Define a robust security network association (RSNA)
- Mutual authentication between client devices and AP
- Controlled access to the network
- Establishment of security keys
- Key management
68
Push-Button Wireless Security
- New method of configuring wireless devices
| - Automatically configures the security settings
69
Additional WLAN Security Strategies
- Reduce WLAN transmission power
- Change the default security settings on the APs
- Antivirus and antispyware software
- Separate WLAN transmissions from wired network which place a firewall between the WLAN and the wired LAN
