Sybex Chp 11 Flashcards
This layer of the OSI contains the device drivers that tell the protocol how to employ the hardware for the transmission and reception of bits.
Layer 1 - Physical Layer
ARP resolves __________ into __________
ARP resolved IP Addresses into MAC Addresses
What is the concern with firewalls and non-IP protocols on private networks?
Firewalls may not be able to inspect the packet header, address, or payload content of non-IP protocols. The firewalls must be configured to allow all or deny all.
List the example(s) of Distant Vector Protocols.
OSPF
RIP
IGRP
BGP
The following are Distant Vector Protocols:
RIP
IGRP
BGP
OSPF is a Link State Routing Protocol
This layer of OSI provides segmentation and sequencing.
Transport Layer 4
This layer of OSI has half-duplex, full-duplex, and sinplex
Session Layer 5
In the OSI Layer 7, is the user application (ex: MS Word) loaded into this layer?
No
What is the TCP Model and OSI Model mapping?
TCP Application Layer has OSI layers 7,6,5
TCP Transport Layer has OSI Layer 4 (Transport)
TCP Internet Layer has OSI Layer 3 (Network)
TCP Link Layer has OSO layers 2,1
Protocols used to establish VPNs:
PPTP - IP only
L2F - encapsulate any LAN protocol
L2TP - encapsulate any LAN protocol
IPSec - IP only
True / False
UDP is half-duplex
False
UDP is Simplex Connectionless
TCP is Full-Duplex Connection-oriented
True / False
A TCP Wrapper serves as a basic firewall.
True
A TCP Wrapper serves as a basic firewall because it restricts access to ports and resources based on USER IDs or SYSTEM IDs.
TCP Wrappers is a form of port-based access control.
True / False
TCP has sequence numbers
True
TCP uses sequence numbers to rebuild original communication by reordering received segments using the sequence number
Name the TCP Flags in order
“Unskilled Attackers Pester Real Security Folk”
URG ACK PSH RST SYN FIN
Ping of Death does what?
Ping of Death sends a malformed ping larger than 65,535 bytes.
Smurf Attack does what?
Smurf attack generates generate large amounts of traffic by spoofing broadcast pings
True / False
ARP uses caching while RARP uses broadcasting.
False
Both ARP and RARP use caching and broadcasting
What OSI layer does Fiber Channel over Ethernet (FCoE) operate?
FCoE - Network Layer 3
- used for network attached storage
- operates at 10 Gbps
- used to encapsulate Fiber Channel over Ethernet
iSCSI is considered a low-cost alternative
What is Software Defined Networking?
SDN aims at separating the infrastructure layer from the control layer
mix and match hardware - centralized administration
-network virtualization
What is Content Distribution Networks?
Collection of resource services deployed in numerous data centers across the Internet in order to provide low latency, high performance, and high availability of the hosted content.
What is the difference between wireless infrastructure mode and wireless ad-hoc mode?
Ad hoc Mode means that two wireless devices can communicate without a centralized control authority (w/o an AP)
Infrastructure Mode means that wireless devices require an AP to communicate. This mode has the following:
Stand-alone: APs connected to each other (like a hub) but not to a wired connection.
Wired Extension: AP acts like a connection point to the wired network
Enterprise Extended: allows for wired roaming across multiple APs.
Wireless security
SSID should be changed to something unique
SSID broadcasting should be disabled
Treat wireless as remote access (802.1X)
Treat wireless as external access (Separate wireless from wired with a firewall)
Treat wireless as an entry point for attackers (use IDS)
Require all wireless communications to be encrypted
WPA pass-phrases are recommended to be how long?
14 characters or more
Wireless omidirectional antennas should point what direction?
Up
Directional antennas should point in whatever direction you want.
What is a wireless captive portal?
Authentication technique that redirects newly connected wireless web clients to a portal page (input logon creds, privacy policy, etc.)
