Week 10

Question 1

When do Network Communications work badly?

Answer 1

Network Communication works badly if two or more computers send messages at
the same time.

Question 2

When do Network Communications work well?

Answer 2

Network Communication work well if one computer sends a message at a time (for a limited period of time)

Question 3

What are the 2 sorts of Multiple Access Protocol?

Answer 3

1. Carrier sense, multiple access/ collision detection (CSMA/ CD), for wired networks, such as Ethernet
2. Carrier sense, multiple access/ collision avoidance (CSMA/ CA), for wireless networks such as WiFi

Question 4

What are the properties of a CSMA/ CD wired network?

Answer 4

All computers are attached to a shared cable - Multiple Access (MA)

Any computer may transmit if the cable is unused - Carrier Sense (CS)

Question 5

What is the Collision Detection and Waiting Time of CSMA/CD?

Answer 5

While transmitting, a computer may detect that it is receiving a message - Collision Detection (CD)

After detecting a collision, a computer waits for a random interval (chosen from an exponentially-doubling range), and then tries again

Question 6

What is Random Waiting Time of CSMA/CD?

Answer 6

By using random interval we avoid repeated collisions

Question 7

What is Exponentially-Doubling Range of CSMA/CD?

Answer 7

An exponentially-doubling range enables computers to adapt to the network load

Question 8

Why is CSMA/CD not used today?

Answer 8

Not used today because modern Ethernet variants avoid collisions by operating in full duplex mode

Question 9

What are the properties of a CSMA/ CA wireless network?

Answer 9

All computers use a shared frequency - Multiple Access (MA)

Any computer may transmit if the frequency is clear - Carrier Sense (CS)

Question 10

What is Collision Avoidance in CSMA/CA?

Answer 10

a computer finding the frequency clear, transmits after an instant

a computer finding the frequency busy counts down from a random value
(chosen from an exponentially-doubling range) while the channel is clear;
otherwise, the count is frozen — Collision Avoidance (CA)

a computer then transmits and (hopefully) receives an acknowledgement

Question 11

What is the Hidden Node Problem?

Answer 11

A computer may be in range of the base station, but out of range of another
computer — the hidden node problem

Question 12

How is the Hidden Node Problem Resolved?

Answer 12

The hidden node problem may be solved by reservation using ready to send and
clear to send messages

Question 13

What are the 3 Collision-Free Protocols?

Answer 13

1. Token Ring
2. Bit-map Protocols
3. Binary Countdown

Question 14

What is Token Ring?

Answer 14

In a token ring wired network, a token continuously circulates, to which
messages may be attached, and from which they may be removed

Question 15

What is Token Bus?

Answer 15

In a token bus, the token is passed around a virtual ring

Question 16

What is Bit-Map Protocol?

Answer 16

In a bit-map protocol, host n may announce that it has a frame to send by
inserting a 1 bit into slot n

Following this, hosts begin to transmit frames in numerical order

Question 17

What is Binary Countdown?

Answer 17

Hosts that wish to transmit broadcast their binary address. Hosts with ”1”s in
their address get priority. The winner of the bid gets to transmit a frame

Question 18

What is the property of Network Gateways?

Answer 18

Modern networks have a single fortified point of entry/exit

Question 19

What are the Firewall Characteristics?

Answer 19

A Firewall can:

restrict both incoming and outgoing traffic

use both positive and negative filters

consider both the payload and different TCP/IP headers

consider packets individually or as part of a flow

Question 20

What are the Firewall Characteristics?

Answer 20

1. packet-filtering firewalls
2. stateful packet inspection firewalls
3. application-level gateways
4. circuit-level gateways

Question 21

What are Packet-Filtering Firewalls?

Answer 21

A packet-filtering firewall filters individual packets on the basis of packet headers
(up to the transport layer) and packet payloads

Question 22

What are examples of Packet-Filtering Firewalls?

Answer 22

1. Port Numbers
2. IP addresses
3. Filetypes
4. Malware Signatures

Question 23

What is a Wildcard Mask?

Answer 23

A wildcard mask indicates which bits of an IP address a particular rule is
concerned with during IP address matching.

0: The corresponding bit must match

1: The corresponding bit does not matter

000101000000000100000001000000001

Question 24

What are examples of Wildcard Masks?

Answer 24

Action IP address Wildcard Mask

Allow 20.1.1.1 0.0.255.255

means “allow all IP addresses of the form 20.1.x.y

Action IP address Wildcard Mask

Deny 20.2.1.1 0.0.0.255

means “deny all IP addresses of the form 20.2.1.z

Question 25

What are Stateful Firewalls?

Answer 25

A stateful firewall reviews the same packet information as a packet filtering firewall, but also filters packets on the basis of a directory of established transport-layer connections

Question 26

What are Stateful Firewalls?

Answer 26

A stateful firewall can track TCP connections by looking for handshakes during connection start-up and connection shutdown UDP segments by tracking IP addresses and port numbers

Question 27

What is the Application-Level Gateway?

Answer 27

An application-level gateway filters packets based on applications or certain features of applications. An application-level gateway sets up two TCP connections: one from the trusted network to the firewall, and one from the firewall to the untrusted network

Question 28

What is an example of an Application-Level Gateway?

Answer 28

An application-level gateway can be used as a web or e-mail gateway

Question 29

What are Circuit-Level Gateways?

Answer 29

A circuit-level gateway determines which TCP connections will be allowed. Just as the application-level gateway, a circuit-level gateway sets up two TCP connections.

Question 30

What are examples of Circuit-Level Gateways?

Answer 30

1. The circuit-level gateway receives a TCP connection request from a trusted client 2. The circuit-level gateway approves or denies the TCP connection based on IP addresses, port numbers, user authentication, etc. 3. If the connection is approved, the circuit-level gateway establishes a second TCP connection to the server on the client’s behalf 4. From this point on, the circuit-level gateway simply relays segments in the TCP connection

Question 31

What do Firewall Organisations include?

Answer 31

1. Single firewall inline 2. Double firewall inline

Question 32

What is a Single Firewall Inline?

Answer 32

A single firewall inline puts a firewall between an external and internal router

Question 33

What is a Double Firewall Inline?

Answer 33

A double firewall inline puts a demilitarized zone (DMZ) between an external and internal firewall. The DMZ is a network for systems that must be externally accessible (e.g., e-mail, DNS, web), but still need some protection

Question 34

What are Virtual Private Network?

Answer 34

A virtual private network (VPN) uses encryption and authentication (provided by, for example, IPsec) to provide a secure connection through an otherwise insecure network, typically the Internet

Question 35

What are the benefits of Virtual Private Networks?

Answer 35

A VPN can be used to bypass firewalls and other restrictions, and to increase privacy and security

Question 36

What are the limitations of Virtual Private Networks?

Answer 36

Using a VPN may result in a lower connection speed, blocks from certain internet services, and resale of your data to third parties