Telecommunications & Network Security Flashcards

Question

What two devices connect LAN segments together such as servers and workstations?

Answer 1

Hub (concentrator) and Switch

Answer 2

Active and Passive

Answer 3

A switch sends packets to destination devices as opposed to a hub which will send packets to all devices on the network.

Answer 4

Physical and Data

Answer 5

Logical Link Control and Media Access Control

Answer 6

Logical Link Control (operates between the network layer above and sub MAC layer below)

Answer 7

Media Access Control (operates between the LLC sub layer above and Physical layer below)

Answer 8

Second portion

Answer 9

Contention Token Passing Polling

Answer 10

Contention

Answer 11

token passing

Answer 12

- Internet - Intranet - Extranet

Answer 13

to facilitate interoperability between network devices independent on the manufacturer.

Answer 14

- clarifies general functions of a communications process. - reduces complex networking processes into simpler sub-layers and components. - Promotes interoperability by defining standard interfaces - Aids development by allowing vendors to change individual features at a single layer, instead of rebuilding the entire stack - Facilitates easier troubleshooting

Answer 15

Personal Area Network (PAN)

Answer 16

Storage Area Network (SAN)

Answer 17

Virtual Local Area Network (VLAN)

Answer 18

Campus Area Network (CAN)

Answer 19

Metropolitan Area Network (MAN)

Answer 20

Value-added network (VAN)

Answer 21

Bus and Ring

Answer 22

- single solid copper wire sourrounded by a plastic or teflon insulator, braided metal shielding with a plastic wrap. - durable and resistant to EMI and RFI. - commonly used to connectcable /satellite tv

Answer 23

Thick (RG8 or RG11) screw type | Thin (RG58) bayonet type

Answer 24

- similar to coax cable but consists of two solid copper wires - used to achieve high data transmission speeds over very short distances at low cost - typically used for SANs or top of rack switches that connect critical servers to a high sped core. - also low transceiver latency, power consumption and Bit Error ratio (BER) - durable and resistant to EMI and RFI.

Answer 25

- most popular LAN cable in use today - lightweight, flexible, inexpensive - consists of 4 copper wire pairs twisted together to improve transmission and reduce crosstalk and attenuation.

Answer 26

occurs when a signal transmitted over one channel or circuit negatively affects the signal transmitted over another.

Answer 27

gradual loss of intensity of a wave as it travels over a medium

Answer 28

Cat 3, Cat 5e, Cat 6, Cat 6a

Answer 29

Cat 5, Cat 5e, Cat 6

Answer 30

- most expensive most most reliable - typically used in backbone and HA networks (FDDI) - uses light signals rather than electrical signals - high speed, long distance and best resistance to interference, inference

Answer 31

Unshielded twisted pair, followed by shielded twisted pair

Answer 32

Passive: data enters one port and exits all others without any signal amplification or re-regeneration Active: Combines the features of a passive hub and repeater. (Multi-port repeater)

Answer 33

1. uses a cyclic redundancy check (CRC): a simple mathematical calculation or checksum used to create a message profile. 2. CRC is re-calculated by the receiving device. 3. If calculated CRC does not match received CRC, then packet is dropped and request to re-send is transmitted.

Answer 34

``` ARCnet Ethernet Token-Ring Fiber Distributed Data Interface (FDDI) Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP) ```

Answer 35

Token-ring

Answer 36

Fiber Distributed Data Interface (FDDI)

Answer 37

Address Resolution Protocol (ARP)

Answer 38

Reverse Address Resolution Protocol (RARP)

Answer 39

Unitcast: packets sent from source to single destination Broadcast: packets sent to every device on network using broadcast address. Multi-cast: packets copied and sent from source to multiple destinations using special Multi-cast IP

Answer 40

Type, Speed, Description - 802.11a, 54Mbps, Operates at 5GHz (less interference than 2.4GHz, - 802.11b, 11Mbps, Operates at 2.4GHz (first used protocol) - 802.11g, 54Mbps, Operates at 2.4GHz (backward compatible with 802.11b) - 802.11n, 600Mbps, Operates at 5GHz or 2.4 GHz

Answer 41

Physical, Data (primary) and Network

Answer 42

- Point to Point Links - Circuit switched networks - Packet switched networks - High level data link controls (HLDC) - Synchronous Data Link Control (SDLC)

Answer 43

a pre-established WAN comms path from customer network across a carrier network to a remote network

Answer 44

- Layer 2 Forwarding Protocol (L2F) - layer 2 Tunnelling Protocol (L2TP) - Point to Point Protocol (PPP) - Point to Point tunnelling protocol (PPTP) - Serial Line IP (SLIP)

Answer 45

Layer 2 Forwarding Protocol (L2F)

Answer 46

layer 2 Tunnelling Protocol (L2TP)

Answer 47

- Point to Point Protocol (PPP)

Answer 48

- Point to Point tunnelling protocol (PPTP)

Answer 49

- Serial Line IP (SLIP)

Answer 50

- a dedicated, physical circuit path is established, maintained and terminated between the sender and receiver across a carrier network for each communications message (the call) - used extensively in telephone company networks

Answer 51

- Digital Subscriber Line (xDSL) - Data Over Cable Services Interface Specification (DOCSIS) - Integrated Services Digital Network (ISDN)

Answer 52

Always on (constant)

Answer 53

Digital Subscriber Line (xDSL)

Answer 54

Data Over Cable Services Interface Specification (DOCSIS)

Answer 55

- Integrated Services Digital Network (ISDN)

Answer 56

- ADSL & ADSL 2: asymmetric digital subscriber line. delivers higher bandwidth downstream than upstream, ie from central office to customer site - SDSL: single line digital subscriber line. designed to deliver high bandwidth both upstream and downstream using twisted copper pair. - HDSL: High rate Digital Subscriber Line. High bandwidth both upstream and downstream using twisted copper pair. commonly used for T1. - VDSL: Subscriber Line; designed to deliver extremely high bandwidth over a single copper twisted pair (VDSL2 provides simultaneous upstream/downstream)

Answer 57

ADSL & ADSL 2

Answer 58

ADSL & ADSL 2

Answer 59

Basic Rate Interference (BRI) | Primary rate Interference (PRI) (quicker)

Answer 60

- devices share bandwidth on communications links to transport packets between a sender and receiver over a carrier network - more resilient to error and congestion that circuit switched networks

Answer 61

- Asynchronous Transfer Mode (ATM) - Frame Relay - Multi-Protocol Label Switching (MPLS) - Synchronous Optical Network (SONET) and Synchronous Digital Hierarchy (SDH) - Switched Multi-megabit Data Service (SMDS) - X.25

Answer 62

Asynchronous Transfer Mode (ATM)

Answer 63

- Frame Relay

Answer 64

- Multi-Protocol Label Switching (MPLS)

Answer 65

Synchronous Optical Network (SONET) and Synchronous Digital Hierarchy (SDH)

Answer 66

- Switched Multi-megabit Data Service (SMDS)

Answer 67

SVC is a temporary connection that is dynamically created to transmit data, whereas a PVC are permanently established connections.

Answer 68

PVC requires less bandwidth due to the lack of circuit establishment and termination but is more expensive

Answer 69

Customer loses visibility into the cloud, however so would an attacker

Answer 70

A self contained unit of data that is capable of being routed between a source and destination. Similar to a packet that is used in IP, datagrams are commonly used in UDP and other protocols such as AppleTalk

Answer 71

Circuit switching is connection oriented, using fixed delays and is ideal for always on connections, constant traffic and voice communications. Packet switching is connectionless oriented, using variable delays and is ideal for bursty traffic and data communications

Answer 72

- a bit oriented, synchronous protocol that was created by ISO to support point to point and multipoint configurations. - specifies a data encapsulation method for synchronous serial links and is the default for serial links on Cisco routers. - various vendors implementations of HDLC are incompatible with each other

Answer 73

- a bit-oriented full duplex serial protocol that was developed by IBM to facilitate communications between mainframes and remote offices - defines and implements a polling method of media access.

Answer 74

Asynchronous: data transmitted in a serial stream. devices must communicate at same speed of slowest party. parity bits used to reduce transmission errors as no internal clocking signal is used. Synchronous: utilises an internal clocking signal to transmit large blocks of data, known as frames. characterised by very high speed transmission rates.

Answer 75

DS0 - Slowest (used on T1) - Digital Signalling Level DS1 (used on E1) - Digital Signalling Level DS3 -Fastest (used on T3) - Digital Signalling Level T1 - WAN carrier Facility T3 - Fastest - WAN carrier Facility E1 - Wide area digital transmission scheme (Europe) E3 - Wide area digital transmission scheme (Europe)

Answer 76

a repeater used to connect two or more network segments. maintains an ARP cache that holds MAC addresses of devices connected on network segments. forwards data to all network segments if data isn't on the local network segment

Answer 77

broadcast traffic is automatically forwarded by a bridge, effectively flooding a network

Answer 78

- uses MAC addresses to route traffic - unlike a hub, a switch transports data, only to the port connected to the destination MAC address - used to create separate collision domains and thus increases transmission rates available on individual network segments.

Answer 79

Layer 3 (Network) and 7 (Application)

Answer 80

term used to classify devices at the user end of a user to network interface, ie a workstation.

Answer 81

consists of devices at the network end of a user to network interface. provides the physical connection of the network, forwards network traffic, etc.

Answer 82

NIC, Modem, CSU (Channel Service Units), DSU (Data Service units)

Answer 83

Routing Protocols

Answer 84

Routed Protocols

Answer 85

Static or Dynamic

Answer 86

Static routing

Answer 87

Dynamic routing

Answer 88

distance vector

Answer 89

the time it takes for all routers in a network to update their routing tables. Without convergence some routers on a network may be unaware of topology changes, however during convergence the network slows down considerably.

Answer 90

link state

Answer 91

path vector

Answer 92

A distance vector protocol that uses hop count as its routing metric.

Answer 93

packets getting stuck bouncing between various router nodes

Answer 94

Split horizon Route poisoning Holddown timers

Answer 95

Split horizon

Answer 96

Route poisoning

Answer 97

Holddown timers

Answer 98

Flapping: occurs when a router repeatedly changes state over a short period of time

Answer 99

- slow convergence | - insufficient security (RIPv1 has no authentication and RIPv2 transfers passwords in clear text)

Answer 100

Its simplicity

Answer 101

A link state protocol widely used in large enterprise networks. considered an interior gateway protocol (IGP) because it performs routing with a single autonomous system (AS). OSPF is encapsulated directly into IP datagrams as opposed to using a Transport Layer Protocl such as TCP or UDP.

Answer 102

An autonomous system (AS) - uses AS Numbers to uniquely identify the network on the internet

Answer 103

(IS-IS) Intermediate System to Intermediate System

Answer 104

Border gateway Protocol (BGP)

Answer 105

When BGP runs within an AS such as a private IP network

Answer 106

Routed Protocols such as IP (internet protocol) and IPX (internetwork packet exchange)

Answer 107

Is part of the TCP/IP suite and contains addressing information that allows packets to be routed.

Answer 108

- Connectionless, best effort (no guarantee) delivery of datagrams - Fragmentation and reassembly of datagrams

Answer 109

127.0.0.1 to 127.255.255.255

Answer 110

IP address ranges reserved for use on private networks and are not routable on the internet

Answer 111

To conserve IP addresses

Answer 112

security multi-media support plug and play compatibility backward compatibility with IPv4

Answer 113

connectionless protocol used primarily in older Novell Netware networks for routing packets across the network. part of the IPX/SPX suite which is analogous to the TCP/IP suite

Answer 114

Internet Control Message Protocol (ICMP) | Simple Key Management for Internet Protocols (SKIP)

Answer 115

error reporting regarding processing of packets

Answer 116

to share encryption keys

Answer 117

doesn't require a prior communication session to be established before it sends encrypted keys or packet, however it is bandwidth intensive because of additional header size due to encryption.

Answer 118

Routers and gateways

Answer 119

transparent, reliable, data transport and end to end transmission control.

Answer 120

- Flow Control - Multi-plexing (Enables data from multiple applications to be transmitted over a single physical link) - Virtual Circuit Management (Establishes, maintains and terminates virtual circuits) - Error checking and recovery (detects transmission errors)

Answer 121

- TCP - UDP - SPX - SSL/TLS

Answer 122

SYN - SYN-ACK - ACK

Answer 123

Sequenced Packet Exchange (SPX) - connection-oriented protocol

Answer 124

``` TCP (Layer 4) connection-oriented UDP (Layer 4) connectionless-oriented IP (Layer 3) connectionless-oriented IPX (Layer 3) connectionless-oriented SPX (Layer 4) connection-oriented ```

Answer 125

Provides session based encryption and authentication for secure communication between clients and servers on the internet.

Answer 126

Session Layer

Answer 127

Connection establishment Data transfer Connection release

Answer 128

Simplex Mode (one way) -radio Half-duplex mode (two way but one at a time) - walkie talkie Full-duplex mode (two way simultaneously) - phone

Answer 129

- Net-BIOS - Microsoft Protocol that allows apps to communicate over a LAN - Network File System (NFS) - transparent user access to remote resources on a UNIX TCP/IP network - Remote Procedure Call (RPC) - client server re-direciton tool - Secure Shell (SSH and SSH2) - establishes an encrypted tunnel between client and server Session Initiation Protocol (SIP) - signalling protocol for real-time comms such as voice, video, text over IP based networks

Answer 130

Presentation Layer (ensures compatibility)

Answer 131

- Data representation (image, sound, video formats) - Character conversion (common character conversion schemes) - Data compression - Data encryption

Answer 132

- American Standard Code for Information Interchange (ASCII) (character encoding scheme ie alphabet) - Extended Binary Code Decimal Interchange Code (EBCDIC) - GIF - JPEG - MPEG

Answer 133

Application Layer

Answer 134

Application layer protocols

Answer 135

a store and forward electronic mail protocol that allows and email client to access, manage and synchronise email on a remote mail server.

Answer 136

using SSL/TLS

Answer 137

requires users to explicitly delete e-mails from the server

Answer 138

An email retrieval protocol that allows an email client to retrieve email from a remote mail server. allows users to authenticate over internet using plain-text passwords. can be secured using TLS/SSL

Answer 139

a secure client-server protocol. using public and private keys with diffie-hellman

Answer 140

Used to send and receive email across the internet.operates on TCP/UDP port 25. has well known vulnerabilities that make it inherently insecure.

Answer 141

Used to collect network information by polling stations or sending traps

Answer 142

uses default cleartext community strings (passwords)

Answer 143

Terminal emulation for remote access to system resources

Answer 144

Passwords sent in cleartext

Answer 145

A lean version of FTP without directory browsing or authentication. Less secure than FTP

Answer 146

The TCP/IP model

Answer 147

- Application Layer (loosely corresponds to the Application, Presentation and Session layer) - Transport Layer (corresponds to the OSI Transport Layer) - Internet Layer (corresponds to the OSI Network Layer) - Network Access (or Link) Layer (corresponds to the Data and Physical Layer of the OSI model)

Answer 148

An intrusion Detection and Prevention System

Answer 149

To control traffic between a trusted network (LAN) and an untrusted network (WAN).

Answer 150

- Packet filtering - Circuit level gateway - Application level gateway

Answer 151

Packet filtering firewall

Answer 152

A dynamic packet filtering firewall (allows the creation of dynamic access list rules for individual sessions)

Answer 153

- Circuit level gateway

Answer 154

Stateful inspection firewall

Answer 155

Application level gateway

Answer 156

- screening router - dual homed gateway - screened host gateway - screened subnet

Answer 157

- screening router

Answer 158

A dual homed gateway (or bastion host)

Answer 159

a general term used to refer to proxies, firewalls, gateways or any server that provides applications or services directly to an untrusted network

Answer 160

- screened host gateway

Answer 161

- screened subnet

Answer 162

To separate them from private services on your network

Answer 163

Active and Passive Network based and Host based knowledge based and behaviour based

Answer 164

Active is known as an IPS which blocks attacks, whereas passive is an IDS that only detects attacks?

Answer 165

By flooding the network with alarms that cause it no block connections until no connection or bandwidth is available

Answer 166

network based sniffs all traffic on the network whereas host based is an agent monitoring a single host

Answer 167

Knowledge based uses signatures whereas behaviour based detects anomalies.

Answer 168

Cable Modems, Wireless Devices and protocols such as asynchronous dial-up, ISDN, xDSL

Answer 169

- Restricted Access: restricts access based on allowed IP - Caller ID: restricts access based on allowed phone No.s - Callback: restricts access by requiring a remote user to authenticate with a remote access server (RAS). RAS then disconnects and calls the user back at a pre-configured phone number.

Answer 170

phone numbers are more difficult to spoof than IP's

Answer 171

Call forwarding

Answer 172

EAP, PAP and CHAP

Answer 173

PAP (Password Authentication Protocol)

Answer 174

CHAP (Challenge Handshake Authentication Protocol)

Answer 175

A Microsoft enhancement to CHAP that allows the shared secret to be stored in a encrypted form.

Answer 176

EAP (The Extensible Authentication Protocol)

Answer 177

RAS RADIUS TACACS Diameter

Answer 178

PPP, RADIUS, TACACS

Answer 179

- open source, UDP, client-server protocol - provides authentication and accountability - user provides username/password information to a RADIUS client using PAP or CHAP. - RADIUS client encrypts the password and sends the user-name and encrypted password to the RADIUS server for authentication

Answer 180

Passwords exchanged between the RADIUS client and RADIUS server are encrypted, however password exchanged between PC client and RADIUS client aren't if PAP is used. If PC client happens to be RADIUS client all password exchanges are encrypted. Also the same for TACACS+

Answer 181

- uses TCP rather than UDP - supports IPSec over TLS - has a larger address space

Answer 182

- UDP based which provides authentication, authorisation and accountability (AAA)

Answer 183

TACACS+ (TCP based and supports practically any authentication mechanism, ie PAP, CHAP, MS-CHAP, EAP, token cards, Kerberos, etc.)

Answer 184

- wide support for various authentication mechanisms | - granular control of authorisation parameters

Answer 185

Creates a secure tunnel over the internet

Answer 186

Encrypt or encapsulate it

Answer 187

- Client to VPN concentrator (or device) - Client to Firewall - Firewall to Firewall - Router to Router

Answer 188

``` PPTP (Point to Point Tunnelling Protocol) (L2F) (Layer 2 Forwarding Protocol) L2TP (Layer 2 Tunnelling Protocol) IPSec SSL ```

Answer 189

PPTP (Point to Point Tunnelling Protocol)

Answer 190

(L2F) (Layer 2 Forwarding Protocol)

Answer 191

L2TP (Layer 2 Tunnelling Protocol)

Answer 192

L2TP (Layer 2 Tunnelling Protocol)

Answer 193

Confidentiality, Integrity and Authenticity

Answer 194

granularity - can grant a user access to a specific application rather than an entire network, however not all applications work over SSL VPN and may lack functions such as File Sharing, printing, etc.

Answer 195

client devices, wireless network cards and wireless access points

Answer 196

Wireless network interface card

Answer 197

half-duplex

Answer 198

- Omni-directional: most common type, short poles that transmit and receive signals with equal strength in all directions around a horizontal axis. - Parabolic: dish antennas made of meshed wired grid or solid metal. used to extend wireless signals over great distances - Sectorised: similar in shape to omni-directional antennas, but have reflectors that transmit signals in a particular direction to provide greater distance and less interference. - Yagi: similar in appearance to a small tv aerial antenna. used for long distances in point to point or point to multipoint wireless applications.

Answer 199

- Root mode: default config for most AP's. directly connected to the wired network. also known as infrastructure mode - Repeater mode: doesn't connect directly to the wired network, but instead provides an upstream link to another AP. extends the range of the WLAN. also known as stand alone mode Bridge mode: rare config that isn't supported in most AP's. used to connect two separate wired network segments using an AP.

Answer 200

WEP SSID WPA

Answer 201

Service Set Identifier (SSID)

Answer 202

Wired Equivalent Privacy (WEP)

Answer 203

Open System Authentication: require no credentials, but encrypts data after client has associated with AP Shared Key Authentication: uses a 4 way handshake to authenticate with the AP and encrypts data thereafter

Answer 204

IPSec and SSH

Answer 205

WiFi Protected Access (WPA)

Answer 206

WiFi Protected Access 2 (WPA2)

Answer 207

combines a secret root key with the initialisation vector by using a key mixing function

Answer 208

most SMTP servers are configured by default to forward or relay all mail regardless of whether the sender or recipient address is valid

Answer 209

a blacklist of domain or IP addresses that are known to send spam

Answer 210

- Missing or deleting important emails - Viruses and other malicious code - Phishing and Pharming scams

Answer 211

- placing mail servers within a DMZ - unnecessary or unused services should be disabled (change the default relay setting) - most other servers and client PC's should have port 25 disabled - implement a spam filter/secure mail gateway

Answer 212

Spam over instant messaging

Answer 213

Spam over Internet Telephony

Answer 214

HTTP (Hypertext Transfer Protocol) | HTML (Hypertext Mark-up Language)

Answer 215

HTTP is the command and response language used by web browsers to communicate with web servers and HTML is the display language that the defines the appearance of web pages.

Answer 216

- Script injection: Hacker injects scripting language commads into forms on web pages in an attempt to fool the web server into sending the contents of a back end database - Buffer overflow: Hackers try to send machine language instructions as part of queries to web servers in an attempt to run those instructions Denial of Service (DOS): an attacker can send specifically crafter queries to a web server to make it malfunctions or huge volumes of queries to make it stop working.

Answer 217

- Using cover pages that include appropriate routing and classification markings - Place fax machines in secure areas - using secure phone lines - Encrypting fax data

Answer 218

PBX (Private Branch Exchange) POTS (Plain Old Telephone Systems) VoIP (Voice over IP)

Answer 219

User security policy regular auditing of calls strong passwords and patching of systems

Answer 220

- Using a calling card: using a long distance calling card often masks the origin of the call - Using callerID services: commercial services are available that can generate any desired callerID - Blocking callerID: some wireline or wireless telephone services block callerID - Re-configure your telephone switch: a telephone switch connected via a trunk to a telephone network can send callerID data. - VoIP: Simple IP smartphone or PC software can be used to generate false callerID data from VoIP phones

Answer 221

``` Bluejacking and Bluesnarfing Fraggle ICMP Flood Session Hijacking (Spoofing) Smurf SYN Flood Teardrop UDP Flood ```

Answer 222

Bluejacking

Answer 223

Bluesnarfing

Answer 224

ICMP flood

Answer 225

Session Hijacking (spoofing)

Answer 226

Cisco routers can be used to disable TCP and UDP services.

Answer 227

Because ICMP isn't required for normal network operations, the easiest defence is to drop ICMP packets at the router or filter them at the firewall

Answer 228

Dropping ICMP packets at the router

Answer 229

Can be countered on Cisco routers using two methods: - TCP intercept which proxies for half-open connections - Committed Access Rate: limits bandwidth available to certain types of traffic Other defences include changing the default maximum number of TCP half-open connections and reducing the timeout period on networked systems

Answer 230

drop unnecessary UDP packets at the router

Answer 231

IP will sub-divide a packet if its size is greater than the maximum size allowed on the local network.

Answer 232

- Carries a subnet mask - Supports password authentication security - specifies the next hop address - does not require that routes be aggregated on the network boundary

Answer 233

results in smaller, more frequent updates everywhere. they converge quickly so can prevent routing loops and Count-to-Infinity (when router continually increment the hop count)

Answer 234

require large amounts of CPU and memory

Answer 235

RIPv2 OSPFv2 BGPv4

Answer 236

Error Messages | Query Messages

Answer 237

- Announce network errors - Announce network congestion - Assist troubleshooting - Announce timeouts

Answer 238

Network layer

Answer 239

``` URG: Urgent Pointer Field Significant ACK: Acknowledgement Field Significant PSH: Push Function RST: Reset the connection SYN: Sync sequence numbers FIN: No more data from sender ```

Answer 240

proof to the client that the ACK is specific to the SYN the client initiated.

Answer 241

Call control protocol for multimedia communication used at Session layer.

Answer 242

CASE (Common Application Service Element) - provides services for the application layer and request services from the session layer SASE (Specific Application Service Element) - provides application specific services

Answer 243

Presentation

Answer 244

Application

Answer 245

Application Proxy - Application Circuit gateway - Session Packet Filter (SPF) - Network

Answer 246

Class, Range of first octet, No. of octets for Network No., No. of hosts in network. ``` A 1-127, 1, 16,777,216 B 128-191, 2, 65,536 C 192-223, 3, 256 D 224-239, Multicast E 240-255, Reserved ```

Answer 247

does not require that a new address be allocated based on the number of hosts in a network class. used to address shortage of IP's

Answer 248

Well known Ports: 0 to 1023 Registered Ports: 1024 to 49151 Dynamic or Private Ports: 49152 to 65535

Answer 249

On most systems, the user may not have the privileges to run an application on a well known port.

Answer 250

Extranet offers controlled access to authenticated connections, whereas a public facing server in a DMZ must normally support unauthenticated connections.

Answer 251

specifies how to implement authentication for DHCP messages so that messages are rejected from invalid sources, ie a protects against an attacker pluggin his machine into a port.

Answer 252

- Ping of Death: (ICMP echo greater than legal packet limit 65,536 bytes) - ICMP re-direct attacks: tells a host to use an attackers machine as default route - Ping scanning: basic technique that helps narrow the scope of an attack. - Traceroute exploitation: map a victim network to learn about its routing

Answer 253

similar to traceroute but instead enumerates a firewall rulset.

Answer 254

used to manage multi-casting groups, which are a set of hosts anywhere on a network that are interested in a particular multi-cast.

Answer 255

Ver1: periodically sends queries to a host on its network to update its database of multicast groups membership. Hosts stagger their replies to prevent a storm of traffic. when replies no longer come, agents will stop forwarding multicasts to that group. Ver2: extends functionality of ver1. does 2 queries, general query and group specific query. Ver3: allows hosts to specify from which sources they want to receive multicasts.

Answer 256

Virtual Router Redundancy Protocol (VRRP)

Answer 257

provides a brokering service between client and application, ie authentication.

Answer 258

weak authentication mechanism which can be leveraged for privilege escalation by an attacker.

Answer 259

DNS authentication

Answer 260

DNSSEC Multicasting Service Directory

Answer 261

TCP: 137 and 138 UDP: 135 (used for remote procedure calls) and 139

Answer 262

enhancement to NIS that uses Secure RPC.

Answer 263

A file sharing protocol on Windows. (freeSAMBA is UNIX alternative) designed to run on top of NetBIOS on TCP port 445. authentication can be performed via challenge response.

Answer 264

passwords delivered in clear text.

Answer 265

Used by Unix, but can also exist on Linux, Windows, etc.

Answer 266

2, UDP, uses RDP, stateless protocols 3 TCP, uses RDP, stateless protocols 4 TCP, stateful, uses encryption based on kerberos.

Answer 267

Secure NFS (DES encryption) Using NFS version 4 tunnel NFS through SSH

Answer 268

lack of authentication and encryption

Answer 269

20 Data stream | 21 Control stream

Answer 270

- Secure FTP with TLS: uses AUTH TLS to request that FTP session be encrypted - SFTP (SSH File Transfer Protocol): not an SFTP protocol so clients cannot be used to talk to an SFTP server, however encrypts both commands and data unlike standard FTP. - FTP over SSH: refers to the practice of tunnelling a normal FTP session over SSH. protects only the channel.

Answer 271

Active (server initiates connection) not common and should be blocked by firewall. Passive (client initiates connection)

Answer 272

guest authentication

Answer 273

used when authentication is not need. simplified version of FTP. operates on UDP 69

Answer 274

In LAN's for pulling packages, ie in booting up a diskles client or deploying images to a client environment

Answer 275

- Anonymising Proxies: allows the anonymisation of HTTP requests. JAP is an example - Open proxy Servers: allows unrestricted access to GET commands from the internet, potentially to be used to launch an attack. - Content Filtering

Answer 276

A reverse proxy.

Answer 277

allows direct access from he internet

Answer 278

Allows tunnelling of applications through firewall

Answer 279

Outdated components

Answer 280

SCADA (Supervisory Control and Data Acquisition) and ICS (Industrial Control System)

Answer 281

- Network Perimeter Vulnerabilities - Protocol Vulnerabilities through stack - Database Insecurities - Session Hijacking MIM attacks - OS and server weaknesses - Device and vendor Backdoors

Answer 282

MODBUS and FIELDBUS

Answer 283

- focus in on uptime not security - send information in cleartext - little or no authentication

Answer 284

physical controls

Answer 285

To prevent IP spoofing

Answer 286

Non-blind spoofing: attacker on same subnet as victim Blind spoofing: packets sent to victim to determine sequence numbers Man in the Middle attack: interception of a legitimate communication (both blind and non-blind spoofing are types of MitM attacks)

Answer 287

uses random sequence number generation

Answer 288

- DMZ, Application Zone, Internal Zone.

Answer 289

Application Zone

Answer 290

allow remote users to access a network from almost any analog phone line. allows a backdoor into the network.

Answer 291

a modem connected to a user's computer converts digital signal to analog to be transmitted over a phone line

Answer 292

Telephony firewalls

Answer 293

multiplex connected devices into one signal , ie FDDI

Answer 294

Global Service for Mobile Communications

Answer 295

Strong signal

Answer 296

IEEE 802.1x based on the EAP framework

Answer 297

EAP-TLS: client server authentication with certificates. more secure but more overhead with managing certificates EAP-TTLS: less secure as only server presents certificate to client, however less overhead to administer EAP-PEAP: similar to EAP-TLS. server authenticates to client with cert and client employs non-digital cert mechanism to authenticate with server. easier to administer, but still a lack of client side cert

Answer 298

- uses 802.1x access control to start an EAP authentication method - uses Counter Mode/CBC-MAC protocol (CCMP for encryption

Answer 299

an attacker can use the AT commands on a victims phone to initiate calls, send messages

Answer 300

WiMAX. Fixed mobile wireless solution meaning that the client devices are highly portable but whilst not in use. 802.16a deals with issues such as improved access. useful for access to MAN network. allow wireless access from long distances

Answer 301

AES and authentication options including EAP.

Answer 302

Wireless Optics: uses infra-red light or lasers to transmit data between two receivers. have advantages over microwave as they are more difficult to intercept, however they are un-reliable due to weather

Answer 303

Fiber Optics

Answer 304

more bandwidth and distance

Answer 305

in single mode, light is transmitted in a direct path down cable. single mode allows for greater bandwidth, longer cables and is suitable for carrier networks

Answer 306

Between Domain Trusts

Answer 307

Address: source/destination address Service: ie port number TCP UDP

Answer 308

Port Address Translation (PAT)

Answer 309

based on IPSec, possesses additional restrictions and enhancements. has the ability to encrypt multi-cast data using high assurance hardware encryption which requires that the same key be loaded on all communicating devices. Often used in military.

Answer 310

a circuit proxy server where users employ a SOCKS client to access a remote server.the client initiates a connection to the SOCKS proxy server which accesses the remote server on behalf of the client.

Answer 311

The ability to use proxy servers

Answer 312

designed for analog communications, but today used for data connections over WAN's.

Answer 313

- open instant messaging protocol - server based app designed to interact with other instant messaging apps. - anyone can offer a Jabber server making the network untrusted. - traffic can be encrypted using TLS, though it does not stop eavesdropping on server. - offers both cleartext and challenge response authentication though credentials are cached on jabber server.

Answer 314

- chat system that typically operates through terminal or telnet connections which leave no log related to file transfers. - client/server based and unencrypted - common platform for social engineering attacks

Answer 315

- strength of the protocol - quality of the implementation - trustworthiness of the operator - behaviour of the user

Answer 316

1812 and 1813, both TCP and UDP

Answer 317

161 and 162 for both TCP and UDP

Answer 318

rlogin: protocol for granting remote access to a machine, normally a Unix server. rsh: grants direct remote command execution rcp: copies data from or to a remote machine

Answer 319

unencrypted authentication is host/IP based. although it will take a user ID, the ID is not verified as rlogin relies on trustworthiness of the host.

Answer 320

80TCP or 443UDP

Answer 321

A mobile worker

Answer 322

similar to a bus, except devices connect to a branching cable.

Answer 323

- only one device can transmit a time - devices compete for available bandwidth - referred as a contention-based protocol.

Answer 324

CSMA/CA(collision avoidance): uses jamming signals so other devices don't transmit. used in the 802.11 wireless standard CSMA/CD(collision detection): listens for carrier before transmitting data. used as part of the IEEE 802.3 (ethernet) standard

Answer 325

IEEE 802.5

Answer 326

VLAN hopping

Answer 327

The act of probing tcp services on a machine

Answer 328

request to close a connection sent to a target machine. works with UNIX, not Windows. if a response is received it provides recognition that port is open.

Answer 329

Firewall Stealth Mode

Answer 330

a device with the ability to copy all data flowing through a network in real time for analysis and storage. can also be deployed for purposes of compliance with legal requirements related to retention of records/transactions for fraud.

Answer 331

-Target Acquisition: intelligence gathering through network scanning. split network security zone, NAT, etc can protect against this. target Analysis: target analysed for security weaknesses/vulnerabilities Target Access: social engineering, unauthorised access via vulnerability. Target Appropriation: escalate privileges

Answer 332

Nessus: vulnerability scanner NMap: discovery scanner

Answer 333

Vulnerability scan uncovers vulnerabilities, whereas penetration scanning exploits them

Answer 334

used to subvert packet filters that only check the first fragment of a fragmented packet. other packets follow that overwrite the first fragment with malicious data. solution is for TCP/IP stacks not to allow fragments to overwrite each other.

Answer 335

where an attacker can specify the path to take to a destination. source routing can be disabled on routers

Answer 336

Authentication. confidentiality is less of a concern as the message is supposed to be published, rather proper identification and authentication of the sender is the issue.

Answer 337

An identification service that allows a user to obtain information about the last login time of a user and whether he or she s currently logged in. implemented as a UNIX daemon.

Answer 338

- has been subject to a number of security exploits - raises privacy and security concerns. can be abused for social engineering - the users self-actuation

Answer 339

TCP and UDP 123

Answer 340

- restrict access based on IP - NTP3 uses symmetric encryption for authentication - NTP4 uses asymmetric encryption for authentication

Answer 341

establish DNS servers dedicated to their domain and vigorously monitor them. an internal DNS server which only accepts queries from the internal network/users.

Answer 342

Use split-DNS zones and refrain from using telling name conventions for servers.

Answer 343

names of hosts that are only accessible on the intranet that are available on the internet

Answer 344

no complete connection is opened. instead only the initial steps of the handshake are performed. makes the scans harder to detect but can't be stopped by firewalls.

Telecommunications & Network Security Flashcards

(415 cards)