Telecommunications and Network Security Flashcards
(289 cards)
1
Q
The ____ _____ layer is the lowest layer at which meaning is assigned to the
bits that are transmitted over the network.
A
Data Link
2
Q
Data-link protocols address things, such as?
A
Size of each packet of data to be sent, a means of addressing each packet so that it’s delivered to the
intended recipient, and a way to ensure that two or more nodes don’t try to
transmit data on the network at the same time.
3
Q
What does the data link layer provide for the network layer?
A
The data
link layer provides transparent network services to the network layer so the
network layer can be ignorant about the underlying physical network topology
4
Q
What kind of devices operate of the Data Link layer?
A
Switches, bridges,
WAPs, and NICs
5
Q
The ______ ______ layer is concerned with the local delivery of frames
between devices on the same LAN.
A
Data Link
6
Q
What are the two sublayers of the Data link layer?
A
Logical Link Control
and Media Access Control
7
Q
What services does the Data link Media access control sublayer provide?
A
Multiple access protocols (CSMA/CD for Ethernet bus and hub networks or
CSMA/CA for wireless networks), MAC Addressing, LAN switching (packet
switching), Data packet queuing, Quality of Service control, and VLANs
8
Q
What layer handles the task of routing network messages from one computer to
another?
A
Network Layer
9
Q
What is a Logical Address?
A
Logical addresses are created and used by
Network Layer protocols, such as IP or IPX. The Network Layer protocol
translates logical addresses to MAC addresses
10
Q
What are the five steps of Data Encapsulation?
A
1) The application,
presentation, and session layer take user input and convert it into data
2)The transport layer adds a segment header converting the data into segments
3) The network layer adds a network header and converts the segments into
packets/datagrams
4) The data link layer adds a frame header converting the
packets/datagrams into frames 5) The MAC sublayer converts the frames into
bits, which the physical layer can put on the wire
11
Q
What are two important functions of the Network layer?
A
Logical addressing
and routing
12
Q
What type of threats are there to layer 1?
A
Theft, Unauthorized access, Vandalism, Sniffing, Interference, Data Emanation
13
Q
What are some ways to strengthen security at the Data Link Layer (Layer 2)?
A
Disable unused ports in order to prevent fraudulent connections which could
lead to eavesdropping, flooding attacks, or ARP spoofing. Using secure
protocols for communication (using WPA2 or WPA over WEP) and correctly
configuring VLANs
14
Q
What are the four general classes of Malware?
A
Virus, Worm, Trojan Horse,
Spyware
15
Q
What framework handles multiple connections at the same time, provides
secure authentication and encryption, and works at the network layer and
provides security on top of IP?
A
IPSec
16
Q
What does IPSec help protect against?
A
Network-based attacks from untrusted
computers, attacks that can result in the DOS of applications, services, or
the network, Data corruption, Data theft, User credential theft,
Administrative control of servers, other computers, and the network
17
Q
What service usually runs on port 25?
A
Simple Mail Transfer Protocol (SMTP)
18
Q
What service usually runs on port 21?
A
File Transfer Protocol (FTP)
19
Q
What service usually runs on port 23?
A
Telnet
20
Q
What service usually runs on port 53?
A
Domain Name Service (DNS)
21
Q
What is the range of the Well Known Ports?
A
0 through 1023
22
Q
Ports from 1024 through 49151 are called?
A
Registered Ports
23
Q
Ports from 49152 through 65535 are called?
A
Dynamic and/or Private Ports
24
Q
What is an example of a fast packet-switching network that can be used for
either data, voice or video, but packets are of a fixed size?
A
Asynchronous Transfer Mode (ATM)
25
What was developed to support TCP/IP networking over low-speed serial
interfaces?
Serial Line IP (SLIP)
26
What is Wireless Transport Layer Security?
A communication protocol
that allows wireless devices to send and receive encrypted information over
the Internet.
27
What is the Internet?
The Internet is a global network of public networks
| and Internet Service Providers throughout the world.
28
________ switching is a network switching technique in which data is routed
in its entirety from the source node to the destination node, one hop at a
time.
Message
29
What is it called when messages are divided into packets before they are
sent and each packet can be transmitted individually and can follow
different routes to its destination?
Packet switching
30
What is circuit switching?
Circuit switching is a methodology of
implementing a telecom network in which two network nodes establish a
dedicated comm channel (circuit) through the network before they communicate
31
A _______ _______ protocol allows higher level protocols to avoid dealing
with the division of data into segments, packets, or frames
Virtual
| Circuit
32
IPSec provides confidentiality and integrity to information transferred over
IP networks through ________ layer encryption and authentication.
Network
33
What is a communication channel that is divided into an arbitrary number of
variable bit-rate digital channels or data streams?
Statistical
| multiplexing
34
Information from each data channel is allocated bandwidth based on
pre-assigned time slots, regardless of whether there is data to transmit?
Time-division multiplexing (TDM)
35
ATM uses ______ _______ ______ _______, and encodes data into small
fixed-sized packets called cells.
Asynchronous time-division
| multiplexing
36
What is a technique by which the total bandwidth available in a comm medium
is divided into a series of non-overlapping frequency sub-bands, each of
which is used to carry a separate signal?
Frequency Division
| Multiplexing (FDM)
37
What was designed to support multiple network types over the same serial
link?
Point-to-Point Protocol (PPP)
38
What was designed to support multiple network types over the same LAN?
Ethernet
39
This is used when a dest IP address is not located on the current LAN
segment. It consist of a list of station and network addresses and a
corresponding gateway IP address.
IP Routing Table
40
Most modern Wide Area Network (WAN) protocols, including TCP/IP, X.25, and
Frame Relay, are based on what?
Packet switching technologies
41
What is circuit switching best used for?
Real time data such as live
| audio and video
42
What is port knocking?
Port knocking is where the client will attempt to
connect to a predefined set of ports to identify him as an authorized
client. The port knocking sequence is used to identify the client as a
legitimate user.
43
What's a security benefit of using a full-duplex switch?
That is
ensures that most traffic is segregated between computer and switch and not
broadcast to all hosts
44
Which OSI model layer manages communications in simplex, half-duplex, and
full-duplex modes?
Session
45
______ ________ firewalls are able to grant a broader range of access for
authorized users and activities and actively watch for unauthorized users
and activities.
Stateful Inspection
46
What is a TCP wrapper?
A TCP wrapper is an application that can serve as a basic firewall by
restricting access based on user IDs or system IDs.
47
What can be described as a logical circuit that always exists and is waiting
for the customer to send data?
Permanent Virtual Circuit (PVC)
48
What is an amendment to the 802.11 standard that defines a new
authentication and encryption technique that is similar to IPSec and no
real-world attack has compromised this wireless network?
802.11i(WPA-2)
49
802.1q defines what?
VLAN tagging, it is used by switches and bridges to manage traffic within
and between VLANs.
50
What is a form of wireless authentication protection that requires all
wireless clients to pass a gauntlet of RADIUS or TACACS services before
network access is granted?
802.1x
51
What is 1000Base-T commonly called? 100Base-TX?
Giga-bit Ethernet, Fast Ethernet
52
10Base2 is also called? 10Base5? 10Base-T?
Thinnet, Thicknet, Twisted-pair
53
A peer-to-peer wireless network connection between two(or more) individual
systems without the need for a wireless base station?
Ad-hoc
54
A subprotocol of the TCP/IP protocol suite that operates at the Data Link
Layer, normally used to discover the MAC address of systems by polling using
its IP address?
Address Resolution Protocol (ARP)
55
Suite of protocols developed by Apple for networking of Macintosh Systems?
AppleTalk(No longer in use by Apple since 2009)
56
What is a type of firewall that filters traffic based on the internet
service used to transmit or receive the data(Also known as second gen
firewalls)?
Application-level gateway firewall
57
What kind of WAN tech is this? Uses cell-switching rather than
packet-switching and uses virtual circuits but guarantee's throughput due to
the fixed size frames or cells, is also excellent for voice and
videoconferencing.
Asynchronous transfer mode(ATM)
58
Attenuation is what?
The loss of signal strength and integrity on a cable because of the length
of the cable
59
What is the IP address range used by Automatic Private IP addressing
(APIPA)?
169.254.0.0 - 169.254.255.255
60
What is a feature/benefit provided by service providers that allows clients
to consume more bandwidth when needed and if the carrier network has the
capacity(such consumption is often charged at a higher rate)?
Bandwidth on demand
61
What is baseband?
A communication medium that supports only a single communication signal at a
time
62
What is Base Rate Interface (BRI)?
An ISDN service type
63
What is a beacon frame?
A type of wireless network packet that broadcasts the presence of the
wireless network by announcing the network's SSID or network name
64
What is a device used to simulate 2600 Hz tones to interact directly with
telephone network trunk systems aka backbones?
Blue box
65
What is an attack that grants hackers remote control over the features and
functions of a Bluetooth device?
Bluebugging
66
Hijacking a Bluetooth connection to eavesdrop or extract information from
devices
Bluejacking
67
What is an attack that allows hackers to connect with your Bluetooth devices
without your knowledge and extract information from them?
Bluesnarfing
68
What is a wireless standard commonly used to pair accessories to mobile
phones or computers?
Bluetooth (802.15)
69
What is a bridge?
A network device used to connect networks with different speeds, cable
types, or topologies that still use the same protocol(This is considered a
layer 2 device)
70
A form of wireless access point deployment that is used to link two wired
networks together over a wireless bridged connection?
Bridge mode
71
What is broadband?
A communication medium that supports multiple communication signals
simultaneously
72
What is a communications transmission to multiple but unidentified
recipients?
Broadcast
73
What is a Broadcast address?
The address that all devices within a given network grouping or container
receive data on
74
A group of networked systems in which all other members receive a broadcast
signal when one of the members of the group transmits it?
Broadcast domain
75
A communication system based on or dependent on broadcasts rather than
unicast signaling?
Broadcast technology
76
What is a brouter?
A network device that first attempts to route and then defaults to bridging
if routing fails
77
What is a network that spans a college, university, or multi building office
complex?
Campus area network (CAN)
78
What is a captive portal?
An authentication technique that redirects a newly connected wireless web
client to a portal access control page, the page may require the user to
input payment information, provide logon creds, or input an access code
79
What is the designed replacement for WEP and TKIP/WPA(Implements AES with a 128 bit key as a stream cipher)?
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol
(CCMP)
80
What is an authentication protocol used over PPP links and it encrypts
usernames and passwords?
Challenge Handshake Authentication Protocol (CHAP)
81
What is a channel service unit/data service unit (CSU/DSU)?
A border connection device that converts LAN signals into the format used by
the WAN carrier network, and vice versa
82
What is a firewall used to manage communications sessions between trusted
partners and operates at the Session layer?
Circuit-level gateway firewall
83
What is fairly EMI resistant, low cost, easy to install cable?
Coaxial Cable or coax
84
What is a minimum guaranteed bandwidth allocation for a virtual circuit?
Committed information rate (CIR)
85
What is common mode noise?
EMI noise generated by the difference in power between the hot and ground
wires of a power source or operating electrical equipment
86
What is a content-distribution network(CDN) or content delivery network?
A collection of resource services deployed in numerous data centers across
the Internet in order to provide low latency, high performance, high
availability of the hosted content. CDNs provide the desired multimedia
performance quality demanded by customers through the concept of distributed
data hosts.
87
What are converged protocols?
The merging of specialty or proprietary protocols with standard protocols,
such as those from the TCP/IP suite. Some common examples of converged
protocols include FCoE, MPLS, iSCSI, and VoIP.
88
What is the deployment of FDDI using twisted-pair(copper) wires(susceptible
to interference)?
Copper Distributed Data Interface (CDDI)
89
Similar to a hash total, a value that indicates whether a message has been
altered or damaged in transit?
Cyclic Redundancy Check (CRC)
90
What is a Data Circuit-Terminating equipment (DCE)?
A networking device that performs the actual transmission of data over the
Frame Relay as well as establishing and maintaining the virtual circuit for
the customer.
91
What is the combination of Transport Layer UDP header and payload?
Datagram
92
What is a data stream?
Data from an application sent into a protocol stack. The data stream
becomes the initial payload of the top layer protocol
93
What is a networking device that acts like a router or a switch and provides
the customers network access to the frame relay network?
Data terminal equipment (DTE)
94
What is a dead zone?
A network segment using an alternative Network layer protocol instead of IP,
such as IPX or AppleTalk.
95
What is deencapsulation?
The process of stripping a layer's header and footer from a PDU as it
travels up the OSI model layers
96
What is a wireless tech that employs all of the available frequencies
simultaneously in parallel?
Direct Sequence Spread Spectrum (DSSS)
97
What is distance vector routing protocol?
A routing protocol that maintains a list of destination networks along with
metrics of direction and distance as measured in hops(in other words, the
number of routers to cross to reach the destination)
98
What is a client/server model of networking where client may be local or
connected over WAN links, including VPNs and the Internet?
Distributed architecture
99
What is Dynamic Host Configuration Protocol(DHCP)?
A protocol used to assign TCP/IP configuration settings to systems upon
bootup. DHCP uses UDP port 67 for server point-to-point response and port
68 for client request broadcast. DHCP supports centralized control and
management of network addressing.
100
What is a dynamic packet-filtering firewall?
A firewall that enables real-time modification of the filtering rules based
on traffic content. Dynamic packet-filtering firewalls are known as fourth
generation firewalls
101
What is a type of electrical noise that can do more than just cause problems
with how equipment functions; it can also interfere with the quality of
communications, transmissions, and playback?
Electromagnetic Interference (EMI)
102
What is Encapsulating Security Payload (ESP)?
An element of IPSec that provides encryption to protect the confidentiality
of transmitted data but can also perform limited authentication
103
What is encapsulation?
The process of adding a header and footer to a PDU as it travels down the
OSI model layers
104
What is the use of multiple wireless access points to support a single
wireless network over a larger geographic area than could be supported by a
single wireless access point?
Enterprise extended mode
105
What is Ethernet?
A common shared media LAN tech
106
What is a extranet?
A cross between the internet and an intranet. An extranet is a section of
an organization's network that has been sectioned off so that it acts as an
intranet for the private network but also serves information to a limited
number of specific outsiders. Often access into an extranet from the
internet requires a VPN connection. Extranets are often used in B2B
applications, between customers and suppliers.
107
What is Fibre Channel over Ethernet (FCoE)?
A converged protocol used to encapsulate Fibre Channel communications over
Ethernet networks. It typically requires 10 Gbps Either in order to
support the Fibre Channel protocol
108
What is a high speed token passing tech that employs two rings with traffic
flowing in opposite directions, offers transmission rates of 100 Mbps, and
is often used as a backbone to large enterprise networks?
Fiber Distributed Data Interface (FDDI)
109
What is fiber optic cabling?
A cabling form that transmits light instead of electrical signals. Fiber
optic cable supports throughputs up to 2 Gbps and lengths of up to 2 km
110
What is a set of rules or restrictions commonly found on security devices,
such as firewalls and proxies(also known as rules and ACLs)?
Filter(s)
111
What is a firewall?
A network device used to filter traffic. A firewall is typically deployed
between a private network and a link to the internet, but it can be deployed
between departments within an organization. Firewalls filter traffic based
on a defined set of rules.
112
What is a footer?
Information added by a protocol to the end of a payload received from a
higher layer protocol
113
What is a fragment?
When a network receives a packet larger than its maximum allowable packet
size, it breaks it up into two or more fragments. These fragments are each
assigned a size(corresponding to the length fo the fragment) and an offset
(corresponding to the starting location of the fragment)
114
What is the combination of data Link layer header, payload, and footer?
Frame
115
What is a frame relay?
A shared connection medium that uses packet-switching tech to establish
virtual circuits for customers
116
What is a measurement of the number of wave oscillations within a specific
time identified using the unit hertz (Hz), or oscillations per second?
Frequency
117
What is Frequency Hopping Spread Spectrum (FHSS)?
An early implementation of the spread spectrum concept. This wireless
access tech transmits data in a series while constantly changing the
frequency in use.
118
What is a gateway?
A networking device that connect networks that are using different network
protocols
119
What is it when mobile devices with GPS support enable the embedding of
geographical location in the form of latitude and longitude as well as
date/time information on photos taken with these devices?
Geo-tagging
120
What is a handshake?
A three way process utilized by the TCP/IP protocol stack to set up
connections between two hosts
121
What is a header?
Information added by a protocol to the front of a payload received from a
higher layer protocol
122
What is High Level Data Link Control (HDLC)?
A layer 2 protocol used to transmit data over synchronous communication
lines. HDLC is an ISO standard based on IBM's SDLC. HDLC supports full
duplex communications, support both point to point and multipoint
connections, offers flow control, and includes error detection and
correction.
123
What is a layer 1 protocol used to connect routers and multiplexers to ATM
or Frame Relay connection devices?
High Speed Serial Interface (HSSI)
124
What is a network device used to connect multiple systems together in a star
topology and that repeats inbound traffic over all outbound ports?
Hub
125
What is the Hypertext Transfer Protocol?
The protocol used to transmit web page elements from a web server to web
browsers(over the well known service TCP/UDP port address 80)
126
What is Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)?
A standard that uses port 443 to negotiate encrypted communications sessions
between web servers and browser clients
127
What is a wireless network configuration that uses a wireless base station
to connect all wireless devices to the network and potentially to each
other?
Infrastructure mode
128
What is a Integrated Services Digital Network (ISDN)?
A digital end to end communications mechanism. ISDN was developed by
telephone companies to support high speed digital communications over the
same equipment and infrastructure that is used to carry voice communications
129
What is a protocol used to transfer email messages from an email server to
an email client(Works at the application layer)?
Internet Message Access Protocol (IMAP)
130
What is the collection of devices that can communicate over the internet
with each other or with a control console in order to affect and monitor the
real world
Internet of Things
131
What is a Internet Key Exchange (IKE)?
A protocol that provides for the secure exchange of cryptographic keys
between IPSec participants
132
What is Internet Security Association and Key Management Protocol (ISAKMP)?
A protocol that provides background security support services for IPSec.
133
What is Internet Small Computer System Interface (iSCSI)?
A networking storage standard based on IP. This tech can be used to enable
location independent file storage, transmission, and retrieval over LAN,
WAN, or public internet connections. iSCSI is often viewed as a low cost
alternative to fibre channel
134
With IPX/SPX which one worked at the network layer?
IPX
135
What is an intranet?
A private network that is designed to host the same information services
found on the internet.
136
What is a IP header protocol field value?
An element in an IP packet header that identifies the protocol used in the
IP packet payload (usually this will be 6 for TCP, 17 for UDP, or 1 for
ICMP, or any of a number of other valid routing protocol numbers).
137
What is a IP Payload Compression (IPComp) protocol?
A protocol that allows IPSec users to achieve enhanced performance by
compression packets prior to the encryption operation
138
What is a standards based mechanism for providing encryption for point to
point TCP/IP traffic?
IP security (IPSec)
139
What is a Kernel Proxy Firewall?
A firewall that is integrated into an operating system's core to provide
multiple levels of session and packet evaluation. Kernel proxy firewalls
are known as fifth generation firewalls.
140
What kind of Fiber optics is used for short distances?
Multi-mode
141
What kind of Fiber optics is used for long distances?
Single mode
142
What are some Media Access Technologies?
Token Passing, CSMA/CD, CSMA/CA
143
What is a security impact of collision domains?
Sniffing and DoS
144
What is the most common form of LAN networking?
Ethernet
145
What are some characteristics of Ethernet?
Shares media, Broadcast and collision domains, CSMA/CD, supports full duplex with a switch, defined by IEEE 802.3
146
What are some characteristics of switches?
Can be called a 'multi-port bridge', usually have 24 or more ports, computers can send data AND receive data at the same time(full duplex), each port is it's own collision domain, switches do not alter broadcast domains
147
What does Layer 4 provide?
Transport Layer provides end-to-end data transport services and establishes a logical connection between 2 computers systems
148
What are the protocols used at Layer 4?
SSL/TLS, TCP, UDP, SPX
149
What are the advantages and disadvantages of TCP?
Advantages: Easier to program with, truly implements a session, adds security
Disadvantages: More overhead/slower, SYN floods
150
What is this protocol?
Connectionless, Unreliable, No handshaking, useful for when real time transfer is essential
151
What is the session layer responsible for?
Establishing a connection between two applications(either on the same computer or two different computers)
152
What are some characteristics of layer 6?
The presentation layer does NOT have any protocol, and is concerned with encryption, compression, and formatting.
153
This layer defines a protocol(way of sending data) that two different programs or applications understand?
Layer 7, Application
154
What are some examples of protocols that work at the Application layer?
Protocol: HTTP, HTTPS, FTP, TFTP, SMTP, SNMP, SSH, IMAP, POP3, EDI, S-RPC, SET, NNTP, LPD
Application proxies,
Non-repudiation, certificates, integration with directory services, time awareness
155
In the TCP/IP model what does the Application layer map to in the OSI model?
Application, Presentation, Session
156
In the TCP/IP model what does the Host to host or transport layer map to in the OSI model?
Transport
157
In the TCP/IP model what does the Internetwork layer map to in the OSI model?
Network
158
In the TCP/IP model what does the Network Access/Interface layer map to in the OSI model?
Data link and Physical
159
What are some examples of protocols that work at the Session layer?
NFS, SQL, RPC
160
What are some examples of protocols that work at the Network layer?
ICMP, RIP, OSPF, BGP, IGMP, IP, IPsec, IPX, NAT, SKIP
161
What are some examples of protocols that work at the Data link layer?
SLIP, PPP, ARP, RARP, L2F, L2TP, PPTP, FDDI, ISDN
162
What are some examples of protocols that work at the Physical layer?
EIA/TIA-232, EIA/TIA-449, X.21, HSSI, SONET, V.24, V.35
163
What is a LAN extender?
A remote access, multilayer switch used to connect distant networks over
WAN links. This is a strange beast of a device in that it creates WANs, but marketers of
this device steer clear of the term WAN and use only the terms LAN and extended LAN.
The idea behind this device was to make the terminology easier to understand and thus
make the device easier to sell than a more conventional WAN device grounded in complex
concepts and terms.
164
Layer 2 Forwarding (L2F)
A protocol developed by Cisco as a mutual authentication
| tunneling mechanism. L2F does not offer encryption.
165
Layer 2 Tunneling Protocol (L2TP)
A point‐to‐point tunnel protocol developed by
combining elements from PPTP and L2F. L2TP lacks a built‐in encryption scheme but
typically relies on IPSec as its security mechanism.
166
An encryption technique that protects entire communications circuits
by creating a secure tunnel between two points. This is done by using either a hardware or
software solution that encrypts all traffic entering one end of the tunnel and decrypts all
traffic exiting the other end of the tunnel.
link encryption
167
link state routing protocol
A routing protocol that maintains a topography map of all
| connected networks and uses this map to determine the shortest path to the destination.
168
A network that is geographically limited, such as within a
| single office, building, or city block.
local area network (LAN)
169
The logical operation of a network. It defines the arrangement and
organization of devices as well as the means used to communicate to and with each other.
Also known as signal topology.
logical topology
170
loopback address
The IP address used to create a software interface that connects to
itself via TCP/IP. The loopback address is handled by software alone. It permits testing of
the TCP/IP protocol stack even if network interfaces or their device drivers are missing or
damaged.
171
A 6‐byte address written in hexadecimal. The
first 3 bytes of the address indicate the vendor or manufacturer of the physical network
interface. The last 3 bytes make up a unique number assigned to that interface by the
manufacturer. No two devices on the same network can have the same of this?
Media Access Control (MAC) address
172
modem
A traditional land‐line modem (modulator‐demodulator) is a communications
device that covers or modulates between an analog carrier signal and digital information in order to support computer communications of PSTN (public switched telephone network)
lines.
173
A protocol suite or collection that operates across multiple layers of
the OSI model, typically using encapsulation. A common example is TCP/IP.
multilayer protocols
174
A high‐throughput, high‐performance network
technology that directs data across a network based on short path labels rather than longer
network addresses.
multiprotocol label switching (MPLS)
175
NetBEUI
```
NetBEUI (NetBIOS Extended User Interface, aka NetBIOS Frame protocol
or NBF) is most widely known as a Microsoft protocol developed in 1985 to support file and printer sharing. Microsoft has enabled support of NetBEUI on modern networks by
devising NBT (NetBIOS over TCP/IP). This in turn supports the Windows sharing protocol
of SMB (Server Message Block), which is also known as CIFS (Common Internet File
System). NetBEUI is no longer supported as a lower‐layer protocol; only its SMB and CIFS
variants are still in use.
```
176
A mechanism for converting the internal private
IP addresses found in packet headers into public IP addresses for transmission over the
Internet.
Network Address Translation (NAT)
177
network topology (aka physical topology)
The physical layout and organization of
| computers and networking devices.
178
non‐IP protocols
Non‐IP protocols are protocols that serve as an alternative to IP at the
OSI Network layer (3). In the past, non‐IP protocols were widely used. However, with the
dominance and success of TCP/IP, non‐IP protocols have become the purview of special purpose
networks. The three most recognized non‐IP protocols are IPX, AppleTalk, and
NetBEUI.
179
OAuth
An open SSO standard designed to work with HTTP and it allows users to log on
with one account across multiple sites/locations.
180
An open SSO standard maintained by the OpenID Foundation that can be used
in conjunction with OAuth or on its own.
OpenID
181
open relay agent
An SMTP server that is configured to accept email messages from any
source and will forward them on to their destination. Open relay agents are commonly
hijacked by spammers.
182
open system authentication (OSA)
A connection scheme for wireless networks where
no real authentication is required; as long as a radio signal can be transmitted between the
client and WAP, communications are allowed.
183
A standard model developed to establish a
| common communication structure or standard for all computer systems.
Open Systems Interconnection (OSI) model
184
Orthogonal Frequency‐Division Multiplexing (OFDM)
A wireless technology that
employs a digital multicarrier modulation scheme that allows for a more tightly compacted
transmission.
185
A portion of a message that contains data and the destination address; also called
a datagram. Typically located at the Network layer.
packet
186
Password Authentication Protocol (PAP)
A standardized authentication protocol
for PPP. PAP transmits usernames and passwords in the clear. PAP offers no form of
encryption; it simply provides a means to transport the logon credentials from the client to
the authentication server.
187
Networking and distributed application solutions that share tasks and
workloads among peers.
peer to peer (P2P)
188
peer‐to‐peer network
A network structure between individual devices without the need
or use of a primary controlling entity or device.
189
A predefined virtual circuit that is always available for a
| Frame Relay customer.
permanent virtual circuit (PVC)
190
A full‐duplex protocol used for the transmission of TCP/
IP packets over various non‐LAN connections, such as modems, ISDN, VPNs, Frame
Relay, and so on.
Point‐to‐Point Protocol (PPP) PPP is widely supported and is the transport protocol of choice for dial‐up
Internet connections.
191
Point‐to‐Point Tunneling Protocol (PPTP)
An enhancement of PPP that creates encrypted
tunnels between communication endpoints. PPTP is used on VPNs but is often replaced by
L2TP.
192
A connection address within a protocol.
port
193
Port Address Translation (PAT)
A mechanism for converting the internal private
IP addresses found in packet headers into public IP addresses and port numbers for
transmission over the Internet. PAT supports a many‐to‐one mapping of internal to external
IP addresses by using ports.
194
port isolation or private ports
Private VLANs that are configured to use a dedicated
or reserved uplink port. The members of a private VLAN or a port isolated VLAN can
interact only with each other and over the predetermined exit port or uplink port. A
common implementation of port isolation occurs in hotels.
195
Post Office Protocol (POP)
A protocol used to transfer email messages from an email
| server to an email client.
196
An ISDN service type that provides up to 23 B channels and
one D channel. Thus, a full PRI ISDN connection offers 1.544 Mbps throughput, the same
as a T1 line.
Primary Rate Interface (PRI)
197
A sophisticated telephone system often used by
organizations to provide inbound call support, extension‐to‐extension calling, conference
calling, and voicemail. This can be implemented as a stand‐alone phone system network or
integrated with the IT infrastructure.
private branch exchange (PBX)
198
protocol
A set of rules and restrictions that define how data is transmitted over a network
medium (for example, twisted‐pair cable, wireless transmission, and so on). Protocols make
computer‐to‐computer communications possible.
199
A device or software that can translate between protocols. Typically
able to move payloads between IP and IPX. Also known as a gateway.
protocol translator
200
proxy
A mechanism that copies packets from one network into another. The copy process
also changes the source and destination address to protect the identity of the internal or
private network.
201
A type of noise that is generated by a wide number of
common electrical appliances, including fluorescent lights, electrical cables, electric space
heaters, computers, elevators, motors, electric magnets, and so on. RFI can affect many of
the same systems EMI affects.
radio frequency interference (RFI)
202
Devices used to simulate tones of coins being deposited into a pay phone.
red boxes
203
A service used to centralize the
| authentication of remote dial‐up connections.
Remote Authentication Dial‐In User Service (RADIUS)
204
A sub protocol of the TCP/IP protocol
suite that operates at the Data Link layer (layer 2). Used to discover the IP address
of a system by polling using its MAC address.
Reverse Address Resolution Protocol (RARP)
205
RFC 1918
The public standard that defines public and private IP addresses.
206
A network device used to control traffic flow on networks. These are often used
to connect similar networks together and control traffic flow between them. They can
function using statically defined routing tables or employ a dynamic routing system.
router
207
screen scraper or screen scraping
1) Remote control, remote access, or remote desktop–
like services. 2) A technology that can allow an automated tool to interact with a human
interface in order to parse the results to extract just the relevant information.
208
secure communication protocol
A protocol that uses encryption to provide security for
| the data transmitted by it.
209
Secure Electronic Transaction (SET)
A security protocol for the transmission of
transactions over the Internet. SET is based on RSA encryption and DES. SET had the
support of major credit card companies, such as Visa and MasterCard. However, it has
mostly been abandoned in light of newer and more secure alternatives.
210
The second major protocol used to provide security on the World
Wide Web.
Secure HTTP (S‐HTTP)
211
A protocol used to secure the
| transmission of email and attachments.
Secure Multipurpose Internet Mail Extensions (S/MIME)
212
Secure Remote Procedure Call (S‐RPC)
An authentication service. S‐RPC is simply a
| means to prevent unauthorized execution of code on remote systems.
213
Secure Shell (SSH)
An end‐to‐end encryption technique. This suite of programs provides
encrypted alternatives to common Internet applications such as FTP, Telnet, and rlogin.
There are two versions of SSH. SSH1 supports the DES, 3DES, IDEA, and Blowfish
algorithms. SSH2 drops support for DES and IDEA but adds support for several other
algorithms.
214
Secure Sockets Layer (SSL)
An encryption protocol developed by Netscape to protect
| the communications between a web server and a web browser.
215
Security Assertion Markup Language (SAML)
An XML‐based convention for
communication authentication and authorization details between security domains, often
over web protocols. SAML is often used to provide a web‐based SSO solution.
216
In an IPSec session, the representation of the communication
session and process of recording any configuration and status information about the
connection.
security association (SA)
217
security boundary
The line of intersection between any two areas, subnets, or
| environments that have different security requirements or needs.
218
The combination of Transport layer TCP header and payload.
segment
219
segmentation
The act of subdividing a network into numerous smaller units. These
smaller units, groupings, segments, or subnetworks (i.e., subnets) can be used to improve
various aspects of the network. Segmentation can boost performance, reduce congestion,
compartmentalize communication problems (such as broadcast storms), and provide
security improvements through traffic isolation. Segments can be created by using switchbased
VLANs, routers, or firewalls (as well as combinations of all of these).
220
The Transport layer protocol of the IPX/SPX
| protocol suite from Novell.
Sequenced Packet Exchange (SPX)
221
Serial Line Internet Protocol (SLIP)
An older technology developed to support TCP/IP
| communications over asynchronous serial connections, such as serial cables or modem dialup.
222
Service Provisioning Markup Language (SPML)
A markup language used with federated
identity management systems to exchange user information for federated identity single
sign‐on purposes. It is derived from the Standard Generalized Markup Language (SGML),
the Extensible Markup Language (XML), and the Generalized Markup Language (GML).
223
A ticket‐based authentication mechanism similar to Kerberos.
SESAME
224
A connection scheme for wireless networks that
requires that some form of authentication must take place before network communications
can occur.
shared key authentication (SKA) The 802.11 standard defines one optional technique for SKA known as
WEP.
225
shielded twisted‐pair (STP)
A twisted‐pair wire that includes a metal foil wrapper inside
the outer sheath to provide additional protection from EMI.
226
Simple Key Management for IP (SKIP)
An encryption tool used to protect sessionless
| datagram protocols.
227
Simple Mail Transfer Protocol (SMTP)
The primary protocol used to move email
| messages from clients to servers and from server to server.
228
single sign‐on (SSO)
A mechanism that allows subjects to authenticate themselves only
once to a system. With SSO, once subjects are authenticated, they can freely roam the
network and access resources and services without being rechallenged for authentication.
229
The ability of TCP to dynamically alter its transmission window size
based on link reliability.
sliding windows
230
socket
Another name for a port.
231
software‐defined networks (SDN)
A unique approach to network operation,
design, and management. The concept is based on the theory that the complexities of a
traditional network with on‐device configuration (i.e., routers and switches) often force
an organization to stick with a single device vendor, such as Cisco, and limit the flexibility
of the network to changing physical and business conditions. SDN aims at separating the
infrastructure layer (i.e., hardware and hardware‐based settings) from the control layer (i.e.,
network services of data transmission management).
232
software IP encryption (swiPe)
A layer 3 security protocol for IP. It provides
| authentication, integrity, and confidentiality using an encapsulation protocol.
233
spread spectrum
A means or method of communication that occurs over multiple
| frequencies at the same time.
234
A wireless network that uses a wireless access point to connect
wireless clients together, but does not offer any access to a wired network.
stand‐alone mode
235
stateful inspection firewall
A firewall that evaluates the state or the context of network
traffic. By examining source and destination address, application usage, source of origin,
and relationship between current packets with the previous packets of the same session,
stateful inspection firewalls are able to grant a broader range of access for authorized users
and activities and actively watch for and block unauthorized users and activities. Stateful
inspection firewalls are known as third‐generation firewalls.
236
stateful NAT
The ability or means by which NAT maintains information about
the communication sessions between clients and external systems. NAT operates by
maintaining a mapping between requests made by internal clients, a client’s internal IP
address, and the IP address of the Internet service contacted.
237
static packet‐filtering firewall
A firewall that filters traffic by examining data from
a message header. Usually the rules are concerned with source, destination, and port
addresses. Static packet‐filtering firewalls as known as first‐generation firewalls.
238
The name of a wireless network that each wireless client
| must know in order to communicate with the host access point.
station set identifier (SSID)
239
A networking device that uses a memory buffer to store
| packets until they can be forwarded onto a slower network segment.
store‐and‐forward device
240
streaming audio
An audio transmission that is being presented to the end user as it is
received based on an ongoing transmission from the provider/server. Streaming media is
commonly served over the Internet either in real time (i.e., live) or on demand.
241
streaming video
A video transmission that is being presented to the end user as it is
received based on an ongoing transmission from the provider/server. Streaming media is
commonly served over the Internet either in real time (i.e., live) or on demand.
242
supervisory control and data acquisition (SCADA)
An ICS unit that can operate as a
stand‐alone device, be networked together with other SCADA systems, or be networked
with traditional IT systems. Most SCADA systems are designed with minimal human
interfaces. Often, they use mechanical buttons and knobs or simple LCD screen interfaces
(similar to what you might have on a business printer or a GPS navigation device). However,
networked SCADA devices may have more complex remote‐control software interfaces.
243
switch
A network device that is an intelligent hub because it knows the addresses of the
systems connected on each outbound port. Instead of repeating traffic on every outbound
port, a switch repeats only traffic out of the port on which the destination is known to
exist. Switches offer greater efficiency for traffic delivery, create separate broadcast and
collision domains, and improve the overall throughput of data.
244
Switched Multimegabit Data Service (SMDS)
A connectionless network communication
service. SMDS provides bandwidth on demand. SMDS is a preferred connection mechanism
for linking remote LANs that communicate infrequently.
245
switched virtual circuit (SVC)
A virtual circuit that must be rebuilt each time it is used;
| similar to a dial‐up connection.
246
Synchronous Data Link Control (SDLC)
A layer 2 protocol employed by networks with
dedicated or leased lines. SDLC was developed by IBM for remote communications with
SNA systems. SDLC is a bit‐oriented synchronous protocol.
247
TCP model
A network protocol conceptual model that was derived from TCP/IP. Also
known as the DARPA model and the DoD model. The TCP model has four layers as
opposed to the OSI model’s seven. Those four layers from the bottom up are Link, Internet,
Host‐to‐Host, and Process.
248
TCP wrapper
An application that can serve as a basic firewall by restricting access based
on user IDs or system IDs.
249
telephony
The collection of methods by which telephone services are provided to an
organization or the mechanisms by which an organization uses telephone services for
either voice and/or data communications. Traditionally, telephony included POTS or PSTN
services combined with modems. However, this has expanded to include PBX, VoIP, and
VPN.
250
TEMPEST
The study and control of electronic signals produced by various types of
electronic hardware, such as computers, televisions, phones, and so on. Its primary goal is
to prevent EM and RF radiation from leaving a strictly defined area so as to eliminate the
possibility of external radiation monitoring, eavesdropping, and signal sniffing.
251
Terminal Access Controller Access Control System (TACACS)
An alternative to
RADIUS. TACACS is available in three versions: original TACACS, XTACACS (extended
TACACS), and TACACS+. TACACS integrates the authentication and authorization
processes. XTACACS keeps the authentication, authorization, and accounting processes
separate. TACACS+ improves XTACACS by adding two‐factor authentication.
252
throughput rate
The rate at which a biometric device can scan and authenticate subjects.
A rate of about six seconds or faster is required for general acceptance of a specific
biometric control.
253
An electronic authentication factor used by the Kerberos authentication system.
ticket
254
ticket‐granting service (TGS)
An element of the Kerberos authentication system. The
TGS manages the assignment and expiration of tickets. Tickets are used by subjects to gain
access to objects.
255
A token‐passing LAN technology.
token ring
256
topology
The physical layout of network devices and connective cabling. The common
network topologies are ring, bus, star, and mesh.
257
A form of monitoring in which the flow of packets rather than the actual
content of packets is examined. Also referred to as trend analysis.
traffic analysis
258
A short duration of line noise disturbance.
transient
259
Transmission Control Protocol (TCP)
A connection‐oriented protocol located at layer 4
| of the OSI model.
260
A capability built into connection‐ or session‐oriented
protocols and services. If it is determined that a message, in whole or in part, was corrupted,
altered, or lost, a request can be made for the source to resend all or part of the message.
transmission error correction
261
A form of auditing focused on communications. Transmission
logging records the details about source, destination, time stamps, identification codes,
transmission status, number of packets, size of message, and so on.
transmission logging
262
transmission window
The number of packets transmitted before an acknowledge packet
is sent.
263
Transport Layer Security (TLS)
Based on SSL technology, TLS incorporated many
security enhancements and was eventually adopted as a replacement for SSL in most
applications. Early versions of TLS supported downgrading communications to SSL v3.0
when both parties did not support TLS. However, in 2011 TLS v1.2 dropped this backward
compatibility. As with SSL, TLS uses TCP port 443.
264
transport mode
A mode of IPSec when used in a VPN. In transport mode, the IP packet
data is encrypted but the header of the packet is not.
265
traverse mode noise
EMI noise generated by the difference in power between the hot and
neutral wires of a power source or operating electrical equipment.
266
tunnel mode
A mode of IPSec when used in a VPN. In tunnel mode, the entire IP packet is
encrypted and a new header is added to the packet to govern transmission through the tunnel.
267
tunneling
A network communications process that protects the contents of protocol
packets by encapsulating them in packets of another protocol.
268
unicast
A communications transmission to a single identified recipient.
269
unified threat management (UTM)
A security device that includes traditional functions
of a firewall such as packet filtering and stateful inspection. It is able to perform packet
inspection techniques, allowing it to identify and block malicious traffic. It can filter
malware using definition files and/or whitelists and blacklists. It also includes intrusion detection
and/or intrusion‐prevention capabilities. Aka next‐generation firewall.
270
unshielded twisted‐pair (UTP)
A twisted‐pair wire that does not include additional EMI
| protection. Most twisted‐pair wiring is UTP.
271
User Datagram Protocol (UDP)
A connectionless protocol located at layer 4 of the OSI
| model.
272
virtual private network (VPN)
A network connection established between two systems
over an existing private or public network. A VPN provides confidentiality and integrity for
network traffic through the use of encryption.
273
virtual private network (VPN) protocol
The protocols, such as PPTP, L2TP, and IPSec,
| that are used to create VPNs.
274
VLAN
A logical network segmentation implemented on switches and bridges to manage
traffic. Multiple VLANs can be hosted on the same switch but are isolated as if they are
separate physical networks. Only through a routing function, often provided by a multilayer
switch, can cross‐VLAN communications occur. VLANs function like physical network
segments.
275
VLAN hopping
The ability to make network traffic jump between VLANs through an
abuse of IEEE 802.1Q VLAN tagging known as double encapsulation.
276
Voice over IP (VoIP)
A network service that provides voice communication services by
transporting the voice traffic as network packets over an IP network.
277
web application firewall
An Application layer firewall configured specifically to protect
against web‐based attacks and exploitations.
278
webcasting
A form of media distribution occurring over the Internet (in contrast to more
traditional means such as over‐the‐air or cable TV broadcasts and radio stations). Can
also include and is related to video casting, audio casting, podcasting, net casting, Internet
television, and IP TV.
279
well‐known ports
The first 1,024 ports of TCP and UDP. They are usually assigned to
commonly used services and applications.
280
white box
Device used to control the phone system. A white box is a dual‐tone
multifrequency (DTMF) generator (that is, a keypad).
281
wide area network (WAN)
A network or a network of LANs that is geographically diverse.
Often dedicated leased lines are used to establish connections between distant components.
282
Wi‐Fi Protected Access (WPA)
An early alternative to WEP based on a secret passphrase
and employing the LEAP and TKIP crypto systems. It is attackable through passphrase
guessing.
283
A wireless standard that defines citywide wireless access technologies.
This standard has yet to be widely deployed.
WiMax (802.16)
284
Wired Equivalent Privacy (WEP)
A form of encrypted authentication that employs
RC4. WEP supports only one‐way authentication from client to WAP. WEP is considered
insufficient for security because of several deficiencies in its design and implementation.
285
wired extension mode
A wireless network configuration where the wireless access point
acts as a connection point to link the wireless clients to the wired network.
286
Wireless Application Protocol (WAP)
A functioning industry‐driven protocol stack that
allows users through their WAP‐capable devices, such as mobile phones, to communicate
over a carrier’s network with the Internet.
287
wireless networking (802.11)
A form of networking that uses radio waves as the
| connection medium following the 802.11 standard. Often called Wi‐Fi.
288
wiring closet
The room where the networking cables for a whole building or just a
floor are connected to other essential equipment, such as patch panels, switches, routers,
LAN extenders, backbone channels, and so on. A more technical name for wiring closet is
premises wire distribution room.
289
An older WAN protocol that uses carrier switching to provide end‐to‐end
connections over a shared network medium.
X.25
