Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/397

Click to flip

397 Cards in this Set

  • Front
  • Back
Response time ranges:
Greater than 15 seconds: rules out conversational interaction
Greater than 4 seconds: generally too long for a conversation requiring the operator to retain information in operator's short-term memory.
2 to 4 seconds: delay longer than 2 seconds can be inhibiting to terminal operations demanding a high level of concentration
Less than 2 seconds: the more detailed the information remembered, the greater the need for responses of less than 2 seconds.
Sub-second response time: certain types of thought-intensive work, especially with graphics applications, require very short response times to maintain the user's interest and attention for long periods of time.
Decisecond response time: response to pressing a key and seeing the character displayed on the screen or clicking a screen object with a mouse needs to be almost instantaneous
Web systems with a ________________ or better response time maintain a high level of user attention.
3-second
Web systems with a response time between ___________ result in loss of some user concentration.
3 and 10 seconds
Web systems with a response time above ___________ discourage the user, who may simply abort the session.
10-seconds
Define Response Time.
The time it takes a system to react to a given input. Or, the time it takes for the system to respond to a request to perform a particular task.
User response time: the time span between the moment a user receives a complete reply to one command and enters the next command (think time)
System response time: time span between the moment the user enters a command and the moment a complete response is displayed on the terminal.
What is considered an acceptable system response time for interactive applications and how does this response time relate to acceptable response times for Web sites?
Less than two seconds would be an acceptable system response time for interactive applications. the more detailed the information remembered, the greater the need for responses of less than 2 seconds. Web Systems with a 3--second or better response time maintain a high level of user attention.
Routers
A device that connects two networks and whose primary function is to relay data from one network to the other on a route from the source to the destination end system. Internet Gateways, ensure interoperability between the pieces of the Internet.
Subnetwork
a logically visible subdivision of an IP network; constituent network
End Systems (ESs)
the devices connected to the subnetwork.
Intermediate Systems (ISs)
subnetworks connected by devices that provide a communications path and perform the necessary relaying and routing functions so that data can be exchanged between devices attached to different subnetworks in the internet.
Two types of ISs
Bridges
Routers
What are the Three principal network classes?
Class A: Few Networks, each with many hosts
Class B: Medium number of networks, each with a medium number of hosts
Class C: Many networks, each with a few hosts
Dotted Decimal Notation
format of IP addresses - a decimal number represents each of the octets o the 32-bit address.
Class A: Few Networks, each with many hosts
All Class A network addresses begin with a binary 0; binary 00000000 thru 01111111 (0 - 127) are reserved, making 126 Potential Class A network numbers
Class B: Medium number of networks, each with a medium number of hosts
Class B addresses begin with a binary 10; binary 10000000 to 10111111. The second octet is also part of the Class B address, so that there are 2 to the 14 power = 16,384 Class B addresses.
Class C: Many networks, each with a few hosts
The first decimal number ranges from 192 - 223 (binary 11000000 to 11011111); the total number of Class C addresses is 2 to the 21 power = 2,097,152
Subnet Masks
a logically visible subdivision of an IP network. The practice of dividing a network into two or more networks is called subnetting.
Router Function
responsible for receiving and forwarding packets through the interconnected set of networks. Makes routing decisions based on knowledge of the topology and traffic/delay condtions of the internet-must avoid portions of the network that have failed and should avoid portions of the network that are congested.
Two Concepts of Routing Function
Routing Information
Routing Algorithm
Routing Information
Information about the topology and delays of the internet
Routing Algorithm
The algorithm used to make a routing decision for a particular datagram, based on current routing information
Characteristics of an Autonomous System (AS)
1. An AS is a set of routers and networks managed by a single organization.
2. An AS consists of a group of routers exchanging information via a common routing protocol.
3. Except in times of failure, an AS is connected (in a graph-theoretic sense); that is, there is a path between any pair of nodes.
Interior Router Protocol (IRP)
A shared routing protocol passes routing information between routers within an AS - does not need to be shared outside the system - flexibility that allows IRPs to be custom tailored to specific applications and requirements. Needs to build up a rather detailed model of the interconnection of routers within an AS in order to calculate the least-cost path from a given router to any network within the AS
Exterior Router Protocol (ERP)
the protocol used to pass routing information between routers in different ASs. supports the exchange of summary reachability information between separately administered ASs - Simpler and uses less detailed information than an IRP
Border Gateway Protocol (BGP)
developed for use in conjunction with internets that employ the TCP/IP suite - concepts are applicable to any internet.
**The preferred ERP for the internet
allows routers (gateways in the standard) in different ASs to cooperate in the exchange of routing information. Operates in terms of messages which are sent over TCP connections. Current version - BGP-4
There are 3 functional procedures - Neighbor acquisition, Neighbor reachability, Network Reachability
Neighbors
Refers to two routers that share the same network.
What are the 3 functional procedures in BGP?
Neighbor Acquisition -
Neighbor Reachability -
Network Reachability -
Neighbor Acquisition
occurs when two neighboring routers in different autonomous systems agree to exchange routing infomation regularly.
Neighbor Reachability
Once neighbor relationship is establised the neighbor reachability procedure is used to maintain the relationship - periodically pass Keepalive message between routers.
Network Reachability
Each router maintains a database of the networks that it can reach and the preferred route for reaching each network.
Open Shortest Path First (OSPF) Protocol
Protocol widely used as an interior router protocol in TCP/IP networks. Uses what is known as a link state routing algorithm. Each router maintains descriptions of the state of its local links to networks
Each router maintains a database that reflects the known __________ of the autonomous system of which it is a part.
topology
topology expressed as a directed graph, consisting of the following:
1. Vertices, or nodes, of two types
- Router
- Network
a. Transit if it can carry data that neither originates nor terminates on an end system attached to this network
b. Stub, if it is not a transit network
2. Edges, of two types:
- A graph edge that connects two router viertices when the correspoonding routers are connected to each other by a direct point-to-point link
- A graph edge that connects a router vertex to a network vertex when the router is directly connected to the network.
'What are the two significant trends that altered the role of the PC, and therefore the requirements of the LAN?
1. The speed and computing power of PCs continued to enjoy explosive growth.
2. IT organizations have recognized the LAN as a viable and essential computing platform, resulting in the focus on Network
What are the four examples of requirements that call for higher-speed LANs?
1. Centralized Server Farms: Systems draw huge amounts of data from multiple centralized servers
2. Power workgroups: typically consist of a small number of cooperating users who need to draw massive data files across the network. (Software Development group)
3. High-speed local backbone
4. Convergence and unified communications: increasing reliance on the LAN for voice and video, plus increasing usage of collaborative applications.
Two examples of Digital Electronics
Digital Versatile Disc (DVD)
Digital Cameras
The Internet and the Internet Protocol (IP) were designed to provide a __________ ____________, ________ _______________ service
best effort
fair delivery
All packets are treated equally.
Networking scheme designed from day one to support both traditional TCP and UDP traffic and real-time traffic:
ATM
Elastic Traffic
can adjust, over wide ranges, to changes in delay and throughput across and internet and still meet the needs of its applicaitons. (traditional traffic supported by TCP/IP, traffic on individual connections adjusts to congestion by reducing the rate at which data are presented to the network. (e.g., e-mail, network mgmt, interactive applications)
Inelastic Traffic
Does not easily adapt (if at all) to changes in delay and throughput across an internet. Prime examples: voice and video
Requirements for Inelastic Traffic
Throughput: minimum throughput value may be required.
Delay - example: stock exchange
Delay variation: The larger the allowable delay, the longer the real delay in delivering the data and the greater the size of the delay buffer required.
Packet Loss: Real-time applicaitons vary in the amount of packet loss, if any, that they can sustain.
Differentiated Services
architecture designed to provide a simple, easy-to-implement, low-overhead tool to support a range of network services that are differentiated on the basis of performance. Provides QoS on the basis of the needs instead of the basis of flow.
Key characteristics of DS that contribute to its efficiency and ease of deployment:
1. IP packets are labeled for differing QoS treatment using the 6-bit DS field in the IPv4 and IPv6 headers.
2. A service level agreement (SLA) is established between the service provider (internet domain) and the customer prior to the use of DS.
3. DS provides a built-in aggregation mechanism. All traffic with the same DS octet is treated the same (grouped together)
4. DS is implemented in individual routers by queuing and forwarding packets based on the DS octet.
DS type of Service
provided within a DS domain, defined as a contiguous portion of the Internet over which a consistent set of DS policies are administered. Typically under the control of one administrative entity.
Service contract between a customer and the service provider that specifies the forwarding service that the customer should receive for various classes of packets.
Parameters listed in a DS Framework Document
* Service performance parameters - throughput drop prob ability and latency
* Constraints on the ingress and egress points at which the service is provided (indicates scope of service)
* Traffic profiles that must be adhered to for the requested service to be provided
* Disposition of traffic submitted in excess of the specified profile
*Should provide examples
DS Field
also referred to as: DS Codepoint
the label used to classify packets for differentiated services.
Default: codepoints of the form (xxxxx0) are reserved for assignment of standards (best effort forwarding behavior of existing routers.)
Codepoints of the form xxx11 are reserved for experimental of local use.
Codepoints of the form xxxx01 are also reserved for experimental or local use but may be allocated for future standards action as needed.
Route selection
A particular route may be selected if the router has a smaller queue for that route or if the next hop on that route supports network precedence or priority.
Network Service:
If the network on the next hop supports precedence
Queuing Discipline
Router may use precedence to affect how queues are handled.
Queue Service
1. routers should implement precedence ordered queue service - when a packet is selected for output on a logical link, the packet of highest precedence that has been queued for that link is sent;
2. Any router may implement other policy-based throughput management procedures that result in other than strict precedence ordering - must be configurable to suppress
Congestion Control
when a router receives a packet beyond its storage capacity, must discard it or some other packet or packets.
Routers in a DS Domain are either ____________nodes or _____________ nodes.
Boundary

Interior
Interior Nodes
implement simple mechanisms for handling packets based on their DS codepoint values.
Per-Hop Behavior (PHB)
Must be available at all routers and typically PHB is the only part of DS implemented in interior routers.
Have minimal functionality and minimal overhead in providing the DS service.
Five Elements of Traffic Conditioning Function
1. Classifier - separates submitted packets into different classes - foundation of differentiated services.
2. Meter - measures submitted traffic for conformance to a profile - determines if the given packet stream class is within or exceeds the service level guaranteed for that class.
3. Marker: remarks packets with a different codepoint as needed.
4. Shaper: delays packets as necessary so that the packet stream in a given class does not exceed the traffic rated specified in the profile for that class.
5. Dropper: drops packets when the rate of packets of a given class exceeds that specified in the profile for that class.
After a flow is classified, its ____________ ______________ must be measured.
resource consumption
The ______________ function measures the volume of packets over a particular time interval to determine a flow's compliance with the traffic agreement.
metering
A _______________ _____________ scheme is an example of a way to define a traffic profile to take into account both packet rate and burstiness.
Token Bucket
Two parameters of a token bucket
R = token replenishment rate
B = bucket size
Token Replenishment Rate (R)
specifies the continually sustainable data rate; that is over a relatively long period of time, the average data rate to be supported for this flow.
Bucket Size (B)
specifies the amount by which the data rate can exceed R for short periods of time.
Exact Condition of Token bucket traffic specification:
During any time period T, the amount of data sent cannot exceed RT + B
Service Level Agreement (SLA)
a contract between a network provider and a customer that defines specific aspects of the service that is to be provided. a formal definition that typically defines quantitative thresholds that must be met.
SLA Typically includes this information, and also includes:
* A description of the nature of service to be provided.
* The expected performance level of the service.
* The process for monitoring and reporting the service level.
*****************Also Includes:
Availability (100%)
Latency (delay) - Average round-trip transmissions of </=45 ms; the process for monitoring and reporting the service level.
Network packet delivery (reliability)
Jitter performance will not exceed 1 ms between access routers.
Network Jitter
the variation or difference in the end-to-end delay between received packets of an IP or packet stream.
Performance Metrics Working Group (IPPM)
chartered by IETF to develop standard metrics that relate to the quality, performance and reliability of Internet data delivery.
Two Trends dictating the need for a standardized measurement scheme:
1. the internet has grown and continues to grow at a dramatic rate and its topology is increasingly complex.
2. The internet serves a large and growing number of commercial and personal users across an expanding spectrum of applications.
A standardized and ____________ set of _____________ enables users and service providers to have an accurate common understanding of the performance of the internet and private internets.
effective
metrics
Singleton Metric
the most elementary, or atomic, quantity that can be measured for a given performance metric.e.g., for a delay metric, a singleton metric is the delay experienced by a single packet
Sample Metric
a collection of singleton measurements taken during a given time period
e.g., the set of delay values for all of the measurements taken during a one-hour period
Statistical Metric
value derived from a given sample metric by computing some statistic of the values defined by the singleton metric on the sample
e.g., the mean of all the one-way delay values on a sample might be defined as a statistical metric
Active Technique
measurement technique that requires injecting packets into the network for the sole purpose of measurement
Passive Technique
observe and extract metrics from existing traffic
Poisson Sampling
Uses a Poisson distribution to generate random time intervals with the desired mean value. recommended by RFC 2330
Connectivity Metric
Ability to deliver a packet over a transport connection
Bulk Transfer Capacity
Long-term average data rate (bps) over a single congestion-aware transport connection
An essential element of the internet is it's _________ scheme.
Addressing
It is necessary that each attached host have a unique address to make routing and delivery possible - duh!
An internet __________ protocol is used to exchange information about reachability and traffic delays, allowing each router to construc a next-hop routing table for patghs through the internet.
Routing
A ______ ____________ allows the internet to treat different classes of traffic differently in order to optimize the service to all cusomers.
QoS facility
Autonomous System (AS)
a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators that presents a common, clearly defined routing policy to the Internet
Best Effort
a network service in which the network does not provide any guarantees that data is delivered or that a user is given a guaranteed quality of service level or a certain priority. In a best-effort network all users obtain best-effort service, meaning that they obtain unspecified variable bit rate and delivery time, depending on the current traffic load.
Routing Protocol
Routers exchange routing information using a special routing protocol so that routers can make dynamic decisions (avoid failed or congested portions of network)
Routing Algorithm
the algorithm used to make a routing decision for a particular datagram, based on current routing information
Routing
the determination of a path that a data unit (frame, packet, message) will traverse from source to destination.
Describe the 5 classes of Internet addresses
There are 5 classes of internet addresses under IPv4. They are Class A, B, C, D, E. Classes A, B and C are the principal classes with A being suitable for a few networks with many hosts, B being in the middle with medium networks and medium hosts and C being used for numerous networks but only a few hosts. D is used for multicasting and E is kept in reserve for future use.
Multicasting
the delivery of a message or information to a group of destination computers simultaneously in a single transmission from the source. Copies are automatically created in other network elements, such as routers, but only when the topology of the network requires it.
Quality of Service (QoS)
Set of parameters that describe the quality (data rate, timeliness, buffer usage, priority) of a specific stream of data. Minimum QoS is best effort. QoS may dictate the path chosen for delivery by a router, the network service requested by the router of the next network on that path and the order in which waiting packets are forwarded.
What is the purpose of the subnet mask?
The purpose of the subnet mask is to let IP separate the network ID from the full IP address and thus determine whether source and destination are on the same network
What is the difference between an interiour router protocol and an exterior router protocol?
An interior router protocol is an internal protocol to the system and passes information between routers in the AS. An exterior router protocol passes routing information between routers of different AS's external to the system
OSPF uses what type of routing algorithm?
The Open Shortest Path First (OSPF) protocol uses the link state routing algorithm. Each router stores the descriptions of local links to networks and transmits updated information to all routers. The OPSF computes the route through the internet that incurs the least cost based on what the user has configured to be the metric of cost
OSPF is designed as what type of routing protocol?
designed and widely used as an interior router protocol in TCP/IP networks
What is the purpose of a DS Codepoint?
Differentiated Services Code Point (DSCP) is a field in an IP packet that enables different levels of service to be assigned to network traffic. This is achieved by marking each packet on the network with a DSCP code and appropriating to it the corresponding level of service.
How does DSCP work?
Quality of Service (QoS)-enabled programs request a specific service type for a traffic flow through the generic QoS (GQoS) application programming interface (API). The available service types are:
• Guaranteed service - provides high quality, quantifiable guarantees with bounded (guaranteed minimum) latency.
• Controlled load service-provides high quality, quantifiable guarantees without bounded latency.
What is a token bucket and how does it work?
A token bucket itself has no discard or priority policy. The following is an example of how the token bucket metaphor works:
•Tokens are put into the bucket at a certain rate.
•Each token is permission for the source to send a certain number of bits.
•To send a packet, the traffic regulator must be able to remove from the bucket a number of tokens equal in representation to the packet size.
•If not enough tokens are in the bucket to send a packet, the packet either waits until the bucket has enough tokens (in the case of a shaper) or the packet is discarded or marked down (in the case of a policer).
•The bucket itself has a specified capacity. If the bucket fills to capacity, newly arriving tokens are discarded and are not available to future packets. Thus, at any time, the largest burst a source can send into the network is roughly proportional to the size of the bucket. A token bucket permits burstiness, but bounds it.
Backend Networks
used to interconnect large systems such as mainframes, supercomputers, and mass storage devices. Key requirement is build data transfer among a limitednumber of devices in a small area.
Characteristics of a Backend Network
•High data rate - > 100 Mbps or more are required.
•High-speed interface - data transfer operations typically performed thru high-speed I/O interfaces, therefore physical link must be high-speed
•Distributed Access - distributed medium access control (MAC) technique ius needed to enable a number of devices to share the LAN with effiicient &reliable access.
•Limited Distance - typically will be employed in a computer room or a small number of contiguous rooms.
•Limited number of devices - number of epensive mainframes and mass storage devices found in the coputer room generally is in the tens of devices.
_________ _____________ should be possible to maximize utilization and performance.
Load leveling
Storage Area Network (SAN)
a separate network to handle storage needs. Decouples storage tasks from specific servers and creates a shared sorage facility across a high-speed network.
Backbone LANs
A higher capacity LAN interconnecting LANs with a flexible strategy for connecting distributed processing applications and personal computers to support local networking.
Factory LANs
Interconnection of all the factory devises and mechanisms provided for their cooperation to automate the factory more effectively. Key Characteristics:
•High Capacity
•Ability to handle a variety of data traffic
•Large geographic extent
•High reliability
•Ability to specify and control transmission delays.
Tiered LANs
Departmental LANs attached together with a backbone LAN of higher capacity - shared systems are also supported off of this backbone.
•Personal computers and workstations
•Server Farms
•Mainframes
Server Farms
Servers, used within a department or shared by users in a number of departments, can perform a variety of functions - mass storage devices, maintaining databases...
Top-Down design of a LAN
the company decides to map out a total local networking strategy. Decision is centralized because it impacts the entire operation or company.
Advantage: built-in compatibility to interconnect the users.
Disadvantage: Need for responsiveness and timeliness in meeting the needs at the department level
Transmission Medium
the physical path between transmitter and receiver, can be classified as guided or unguided. in both cases, communication is in the form of electromagnetic waves.
Guided Media
the waves are guided along a solid medium such as copper twisted pair, copper coaxial cable or optical fiber.
Unguided Media
means of transmitting electromagnetic signals but do not guide them - usually referred to as wireless transmission
e.g., atmosphere and outer space
Stations
The end devices that wish to communicate
Nodes
Swiching devices whose purpose is to provide communication
Communications Network
Nodes are connected to one another in some topology by transmission links; each statin attaches to a node and the collection of nodes is a communications network.
_______-_______ links are generally dedicated point-to-point links.
Node-Station
Usually, the network is not fully connected; that is there is not a ______________ _____________ between every possible pair of nodes
direct link
_____________ ______________ is still the dominant technology for voice communications today.
Circuit switching
List/define the 3 phases of Circuit Switching:
1. Circuit establishment: end-to-end (station-to-station) circuit must be established
2. Data transfer: data can now be transmitted from one point, through the network to end point. Generally connections are full duplex, and signals may be transmitted in both directions simultaneously.
3. Circuit disconnect: connection is terminated after some period of data transfer - usually by the action of one of the two stations.
List the four general components of a public telecommunications network:
Subscribers - devices that attach to the network.
Subscriber Line: the link between the subscriber and the network
Exchanges: the switching centers in the network.
Trunks: The branches between exchanges (carrier systems)
Key requirement for voice traffic
There must be virtually no transmission delay and certainly no variation in delay.
Control Signals
The means by which the netork is managed and by which calls are established, maintained, and terminated.
What are the most important of the signalling functions?
1. Audible communication with the subscriber - dial tone, ring tone, busy signal, and so on
2. Transmission of the number dialed to switching offices that will attempt to complete a connection
3. Transmission of information between switches indicating that a call cannot be completed.
4. Transmission of information between switches indicating that a call has ended and that the path can be disconnected.
5. A signal to make a telephone ring
6. Transmission of information used for billing purposes
7. Transmssion of information giving the status of equipment or trunks in the network.
8. Transmission of information used in diagnosing and isolating system failures.
9. Control of special equipment such as satellite channel equipment.
Supervisory
term generally used to refer to control functions that have a binary character (t/f or on/off), such as request for service, answer, alerting and return to idle.They deal with the availability of the called subscriber and of the needed network resources.
Supervisory Control Signals
used to determine if a needed resource is available and if so, to seize it. Also used to communicate the status of the requested resources.
Address
signals identify a subscriber - generated by a calling subscriber when dialing a telephone number.
Call information
refers to those signals that provide information to the subscriber about the status of a call.
Network Management Signals
used for the maintenance, troubleshooting, and overall operation of the network. May be in the form of messages, such as a list of preplanned routes being sent to a station to update its routing tables.
Two contexts of Control Signaling
1. Signaling between a subscriber and the network.
2. Signaling within the network.
Inchannel Basis
traditional control signaling in circuit-switching networks has been on a per-trunk or inchannel basis.
With inchannel signaling, the same channel is used to carry control signals as is used to carry the call to which the control signals relate.
Common Channel Signaling
control signals are carried over paths completely independent of the voice channels. One independednt control signal path can carry the signals for a number of subscriber channels and is a common control channel for these subscriber channels.
Softswitch Architectre
The latest trend in the development of circuit-switching technology, a general-purpose computer running specialized software that turns it into a smart phone switch. Cost significantly less and provide more functions. Can convert a stream of digitized voice bits into packets.
Media Gateway
performs the physical switching function
Media Gateway Controller (MGC)
houses the call processing logic
Typical Components of a digital PBX:
Control processor - runs the software that operates the system features
Modules: House interface cards that provide endpoint interfaces to the switch
Inter-module switching: Allows the interconnection of ports in different modules, using circuit switching.
Endpoints: fax machines, modems, PDAs and telephony applications running on laptop computers.
Datagram Approach
each packet is treated independently, with no reference to packets that have gone before. Each node chooses the next node on a packet's path, taking into account information received from neighboring nodes on traffic, line failures, and so on. The packets do not all follow the same route and may arrive out of sequence. The exit node restores the packets to their original order before delivering them to the destination.
Each packet is referred to as a datagram.
Virtual Circuit Approach
A preplanned route is established before any packets are sent. Once route is established, all the packets between a pair of communicating parties follow ths same route through the network.
Difference from datagram approach: path is pre-established; the node need not make a routing decision for each packet.
Value-Added Network
Network provides a packet transmission service to a variety of subscribers. the network provider owns a set of packet-switching nodes and links these together with leased lines provided by a carrier such as AT&T. The network adds value to the underlying transmission facilities.
Public Data Network (PDN)
a public network owned or controlled by the government and referred to as a PDN.
Public Packet Switching Network
the user must lease a line from the user's computing equipment to the nearest packet-switching node
Private packet-switching network
the user owns or leases the packet-switching nods, which are generally collocated with the user's data processing equipment. Leased lines, typically 56 or 64 kbps digital lines, interconnect the nodes.
Private leased lines:
Dedicated lines can be used between sites. No switching is involved, so a leased line is needed between any pair of sites that wish to exchange data.
Pubic Circuit-switching networks:
With the use of modems or switched digital service, the user can employ dial-up telephone lines for data communcations.
Private Circuit-Switching Networks:
the user has an interconnected set of digital PBXs either by leased 56 kbps lines or T-1 lines, then the network can carry data as well as voice.
Integrated Services Digital Network (ISDN)
offers both packet switching and traditional circuit switching in an integrated service.
Two Classifications of Data Communications Traffic
Stream: stream traffic is characterized by lengthy and fairly continuous transmission. i.e., file transfer, telemetry
Bursty: traffic characterized by short, sporadic transmissions. ie., interactive client/server traffic such as transaction processing, faxes, data entry and time sharing.
Considerations for Choice of Network
Accont Control, Reliability, Security and the issues of cost and performance.
Strategic Control
Involves the process of designing and implementing the network to meet the organization's unique requirements.
Growth Control
allows users to plan for network expansion and modifications arising as their needs change.
Day-To-Day Operations Concerns
user is concerned with accommodateing peaks of traffic and with quickly diagnosing and repairing faults
Exchange
The switching centers in the network. A switching center that directly supports subscribers is known as an end office.
Local Loop
The link between the subscriber and the network (Subscriber Line, Subscriber Loop). Almost all Local Loop connections use twisted-pair wire. The length of a local loop is typically in a range from a few kilometers to a few tens of kilometers.
Subscriber Loop
The link between the subscriber and the network (Subscriber Line, Local Loop). Almost all Local Loop connections use twisted-pair wire. The length of a local loop is typically in a range from a few kilometers to a few tens of kilometers.
Trunk
The branches between exchanges - carry multiple voice frequency circuites using either FDM or synchronous TDM. Also referred to as Carrier systems.
Circuit Switching
Implies there is a dedicated path between two stations. That path is a connect sequence of links between network nodes. On each physical link, a channel is dedicated to the connection. i.e., Telephone Network
Subscirbers
The devices that attach to the network.
Subscriber Line
The link between the subscriber and the network, also regerred to as the subsriber loop or local loop.
Why is it useful to have more than one possible path through a network for each pair of stations?
It's useful to have more than one possible path, because it will make the network more reliable. If one of the nodes of one path fails, then there is still another path for the station to communicate through.
Concerning a switched communicaitons network, answer the following as either true, or false:
a. All switching nodes are connected to every other node.
b. Links between switching nodes utilize some sort of multiplexing technique.
c. Circuit switching is very efficient.
a. All switching nodes are connected to every other node. - False. Each node is attached to another node, but not every node is attached to ever other node. For example in Stallings Figure 12.1, Nodes 1 and 2 are not connected to node 5.
b. Links between switching nodes utilize some sort of multiplexing technique. - False - links between nodes are usually multiplexed links, not always.
c. Switching nodes provide connectivity for a single end station. - False. Nodes may have more than one station attached to them.
What is the principle application that has driven the design of circuit-switching networks?
The principal application was the analog telephone. Circuit switching is very appropriate for use with analog transmission of voice signals. In addition to voice traffic, it also handles data traffic via modems
Distinguish between static and alternate routing in a circuit-switching network.
Static routing is commonly used for the PTSN. It routes a path and is not able to adapt if the path fails or if the path is blocked. Dynamic or alternate routing allows for the change of the routing depending on traffic on the circuit.
What is the difference between inchannel and common channel signaling?
Inchannel signaling is the tradition.control signaling where the control signals and the call are carried on the same channel. Common channel signaling allows for the carrying of control signals over a different independent path than that of the voice channel (either physically distinct facilities or separate logical channels. Common channel signaling also allows for control signals to be transferred directly from one processor to another without being tied to a voice channel. This helps reduce call setup time.
The control signals used in the public switched telephone network are part of what architecture?
Softswitch Architecture = a general--purpose computer running specialized software that turns it into a smart phone switch. Significantly lower cost and provides additional functionality.
Explain the difference beetween datagram and virtual circuit operation.
A datagram operation approach has each node treat each packet independently and therefore each node chooses the path for each packet. This means that packets can arrive out of order and either the exit node or the destination needs to recognize and re-order the information. In contrast, the virtual circuit operation acts like a circuit-switching network in that it pre-plans a route through the nodes prior to sending the packets. Unlike the datagram, this means that each node need not decide how to route each packet since it is pre-planned.
What are some advantages of private networks?
economies of scale, strategic control over design, service and maintenances; control over growth of the network; and increased reliability and security.
What are some of the limitations of using a circuit-switching network for data transmission.
channel capacity is reserved for the connection for the duration of the connection, if no data is being transferred or if the data is bursty, the channel capacity is being wasted. The network also requires compatibility with subscribers. Since the connection is transparent, each end of the circuit must be compatible in regards to data rate and protocols.
What is a Value-Added Network (VAN) ?
the network provider owns some of the packet switching nodes and they link the nodes together with the leased lines of a carrier. Therefore the network adds value to the carrier transmission facilities.
Why is packet switching impractical for digital voice transmission?
Because the packet delay overall may be substantial in a transmission. Packets can take alternate routes, may arrive out of order, and may be delayed at the switches that they encounter.
Nonswitched/Dedicated Line
a transmission link leased for a fixed price. Such lines can be leased from a carrier and used to link offices of an organization
Wide Area Network ( WAN )
is a network that covers a broad area (i.e., any telecommunications network that links across metropolitan, regional, or national boundaries) using private or public network transports.
Internet can be considered a WAN as well, and is used by businesses, governments, organizations, and individuals for almost any purpose imaginable.
X.25 Packet Switching
Older version, still used to provide a switched data transfer service. Becoming increasingly inadequate due to graphics and multimedia
Integrated Services Digital Network (ISDN)
[rpvodes bptj corciot swotcjomg amd X.325 packet switching over 65-kbps B channels. Higher data rates are also achievable
Frame Relay
A connnection-oriented link layer service that preserves the order of frame transfer with a small probability of frame loss. Switched network technology, protocol can be used over a dedicated line to provide convenient and flexible multiplexing technique, capability of speeds equivalent to the leased T-1 rate, and in some places, higher rates compared to T-3. Low overhead makes it good for interconnecting LANs and high-speed standalone systems.
Asynchronous Transfer Mode (ATM)
Widely viewed as a universal networking technology, destined to replace many of the current offerings.
Cells
fixed sized packets used in ATM
Virtual Channels
Logical connections in ATM; analogous to a virtual circuit in X.25 or a frame relay data link connection. It is the basic unit of switching in an ATM network.
A virtual channel is set up between two end users through the network and a variable-rate, full-duplex flow of fixed-size cells is exchanged over the connection. Also used for user-network exchange (control signaling) and network-network exchange (network managment and routing)
Virtual Path
a bundle of virtual channels that have the same endpoints. All of the cells flowing over all of the virtual channels in a single virtual path are switched together.
Generic Flow Control (GFC)
a field that does not appear in the cell header internal to the network, but only at the user-network interface. Can be used to help the customer in controlling the flow of traffic for different qualities of service. Used to alleviate short-term overload conditions in the network
Virutal Path Identifier (VPI)
a field that constitues a routing field for the network. It is 8 bits at the user-network interface and 12 bits at the network-0network interface , allowing for mor virtual paths to be supported within the network.
Virtual Channel Identifier (VCI)
a field used for routing to and from the end user, fuinctions like a service access point.
Constant Bit Rate (CBR)
service used by applications that require a fixed data rate that is continously available during the connection lifetime and a relatively tight upper bound on transfer delay. Common uses: videeoconferencing, interactive audio (telephony)
Variable Bit Rate (VBR)
service where the end system specifies a peak cell rate, a sustainable or average cell rate, and a measuer of how bursty or clumped the cells may be.
Available Bit Rate (ABR)
Service that specifies a peak cell rate (PCR) that it will use and a minimum cell rate (MCR) that it requires. The network allocates resources so that all ABR applications receive at least their MCR capacity. Any unused capacity is then shared in a far and controlled fsion among all ABR sources. The ABR mechanism uses explicit feedback to sources to assure that capacity is fairly allocated. Any capacity not used by ABR sources remains avalable for UBR traffic.
Unspecified Bit Rate (UBR)
Serice suitable for applications that can tolerate variable delays and some cell losses, which is typically true of TCP-based traffic. Cells are forwarded on a first-in, first-out basis using the capacity not consumed by other services; both delays and variable looses are possible.No initial commitment is made to a UBR source and no feedback concerning congestion is provided. this is referred to as a best-effort service. i.e., Text/data/image transfer, messaging, distribution, retireval, Remote terminal.
Real-Time Variable Bit Rate (rt-VBR)
intended for time-sensitive applications, those requiring tightly constrained delay and delay variation. Applications appropriate for rtVBR transmit at a rate that varies with time - characterized as somewhat bursty. i.e., real time video
Sonet
High-speed networking services for WANs, they are multiplexed line schemes and use the highest-speed leased lines that are available.
T-1
Most common leased line for high traffic voice and data needs was the T-1. Its a High-speed networking service for WANs, they are multiplexed line schemes with a leased line capable of high-traffic voice and data needs.
T-3
High-speed networking services for WANs, they are multiplexed line schemes with a leased line capable of high-traffic voice and data needs-provides for greater needs than a T-1.
1What are the key high-speed networking services available for wide area networking?
The key high-speed wide area networking services are frame relay and ATM. ATM is "considered technically superior" (stallings 374) but frame relay is used more in the market since it has been established longer. There are many other nonswitched (Analog, Digital Data service, T-1, T-3, SONET) and switched (Dialup/modem, X.25, ISDN, ADSL, SMDS), but Frame Relay and ATM are the most used.
How does frame relay differ from packet switching?
There are a few major differences between the X.25 and frame relay. The X.25 has a lot of overhead versus the frame relay that has very little overhead. The X.25 can support data rates of up to 64kbps where frame relay can support data rates up to 44.736 Mbps. The frame relay protocol can also be used over switched and nonswitched lines whereas X.25 is only a switched service. ----- In addition, in frame relay, the call control signal is carried on a separate logical connection from that of the user data. In X.25, it's carried on the same channel and virtual circuit. In frame relay, the multiplexing and switching takes place at layer 2 where in X.25 it takes place at layer 3 (which means an additional layer needs to get involved). Also, the X.25 has error control and flow control in both layer 2 and 3, where in frame relay, complete end-to-end flow control and error control are the responsibility of a higher layer if they are used at all.
What are the relative advantages and disadvantages of frame relay compared to packet switching?
The major disadvantage of frame relay as it compares to X.25 is the potential loss of reliability from frame relay. Since frame relay does not employ link by link flow and error control, like X.25, there is no link layer protocol to provide reliable transmission from the source to packet switching network to destination. (Though end to end flow and error control can be implemented at a higher layer and with increased reliability of transmission this is not a huge disadvantage).
The advantages are: streamlined process, higher throughput and lower delay. With the reduction in the overhead and not using layer three, the frame relay streamlines the processing of the data which allows for greater throughput with much lower delay. The studies have shown that the improvement in throughput alone is on the order of a magnitude.
Why is all of the error checking used by an X.25 system not required on modern communication facilities?
It's not required because modern communication facilities today use reliable digital transmission technology with reliable and high quality transmission links which are mostly fiber. With the high data rates available with fiber, the use of that much overhead for error control will slow down the utilization of the data rate.
How is congestion control handled in a frame relay network?
Congestion control with frame relay is difficult due to the streamlined nature of the protocol. Therefore it is the responsibility of both the end user and the network to control congestion. This is accomplished by employing two strategies: congestion avoidance and congestion recovery. Congestion avoidance is when the network senses an onset of congestion and it sends an explicit signal to start congestion avoidance process. Congestion recovery is procedures that are used to prevent the collapse of the network when there is significant congestion. These are communicated with implicit signals. The explicit signals are backward explicit congestion notification (BECN) and forward explicit congestion notification (FECN). Implicit signal is discard eligibility (DE).
How does ATM differ from frame relay?
ATM or cell relay is even more streamlined than frame relay and can support data rates that are much higher than that of frame relay. In addition ATM utilizes virtual channels and virtual paths. Also the information field in frame relay is variable whereas the cells in ATM are fixed
What are the relative advantages and disadvantages of ATM compared to frame relay?
Congestion is the responsibility of the network and end users for both.
Frame Relay - more wiedely available than ATM, more affordable than ATM.
ATM - suppors much higher access speeds to accomodate much higher requirements such as graphic and video; use of small cells may reduce queuing delay for a high-priority cell because it waits less if it arrives slightly behind a lower-priority call; fixed-size cells can be switched more efficiently; with fixed-size cells, it is easier to implement the switchintg mechanism in hardware.
What is the difference btween a virtual channel and a virtual path?
A virtual channel is the basic unit of switching over the network, a virtual path is a bundle of the virtual channels that are going to the same endpoint.
What are the characteristics of a virtual channel?
provides a QoS specified by parameters like cell loss ratio and cell delay variation; both switched connections and dedicated channels can be provided; sequence of transmitted cells within a Virtual channle is preserved; traffic parameters can be negotiated between a user and the network for each virtual channel.
What are the characteristics of a virtual path?
QoS, switched and semipermanent virtual paths, cell sequence integrity and traffic parameter negotiatioand uswage monitoring; once a virtual path is set up, it is possible for the end users to negotiate the creation of new virtual channels however there is a discipline applied to the choices - provides a virtual channel identifier restriction within a virtual path because some may be reserved for network use.
List and briefly explain the fields in an ATM cell.
Generic Flow Control (GFC) appears only at the user-network interface and is used for control of cell flow - alleviates short-term overload conditions in the network
Virtual Path Identifier (VPI) - field that sonstitues a routing field for the network; 3 bits at user-network interface level and 12 bits at the network-network level - allows for more virtual paths to be supported within the network.
Virtual Channel Identifier (VCI) field used for routing to and from the end user, functions as a service access point
Payload Type (PT) field that indicates the type of information in the information field by bit indication
Cell Loss Priority (CLP) bit used to provide guidance to the network in the even of congestion - signals priority, 0 = higher, 1 = discardable
Header Error Control (HEC) field is an 8-bit error code that can be used to correct single-bit errors in the header and to detect double-bit errors.
List and briefly define the ATM service categories.
Real-Time Service: continual flow
- Constant Bit Rate(CBR) fixed data rate that is continously available during connection lifetime - Videoconferenceing, interactive audio...
- Real-Time Variable Bit Rate (rt-VBR) intended for time-sensitive applicaitons - tightly constrained delay and delay variation - somewhat bursty
Non-Real-Time Service: intended for applications that have bursty traffic chars and do not have tight constraints on delay and delay veriation.
- Non-Real-Time Variable Bit Rate (nrt-VBR)end system specifies a peak cell rate, sustainable/average cell rate and a measure of how Bursty or clumped cells may be. resources allocated to provide relatively low delay and minimal cell loss
- Available Bit Rate (ABR) specifies a peak cell rate and a minimum cell rate required. unused capacity is shared
- Unspecified bit rate (UBR) suitable for applications that can tolerate variable delays and some cell losses - typically true of TCP-based traffic. (best-effort service)
- Guaranteed frame rate (GFR) designed specifically to support IP backbone subnetworkds. provides better service than UBR for frame-based traffic (including IP and ethernet. Opitimizes handling of frame-based traffic
A nonswitched, or dedicated line is a transmission link leased for a fixed price. What are some of the common lines available?
Analog
Digital Data Servies - gigh qual, require digital signaling units rather than modems
X.25
Frame Relat
T-1
T-3
Sonet
ATM
Analog line
least expensive option, twisted-pair analog link. With dedicated private line odems, data rates of 4.8 to 56 kbps are common.
Digital Data Servies
High quality lines that require digital signaling units instead of modems, more expensive but can be leased at higher data rates
Cell
an area of a cellular network with a low-power transmitter, served by its own antena and base station.
Base Station
Each cell is allocated a band of frequencies an is served by a base station that consists of a transmitter, receiver and control unit.
Reuse Factor
number of cells in a repetitios pattern
Frequency Borrowing
frequencies are taken from adjacent cells by congested cells; frequencies can also be assigned to cells dynamically.
Cell Splitting
the distribution of traffic and topographic features is not uniform and theis presents opportunities for capacity increase. Cells in areas of high usage can be split into smaller cells. Power level used must be reduced to keep the signal within the cell.
Handoff
Mobile units that move out of range of one cell and into the range of another during a connection; the traffic channel has to change to one assigned to tghe BS in the new cell. Systen najes thge change without interrupting the call or alerting the user.
Cell sectoring
a cell is divided into a number of wedge-shaped sectors, each with its own set of channels, typically three or six sectors per cell. Each sector is assigned a separate subset of the cell's channels and directional antennas at the base station are used to focus on each sector
Microcells
As cells become smaller, antennas move from the tops of tall buildings or hills, to the tops of small buildings or the sides of large buildings, and finally to lamp posts, where they form microcells - useful in city streets, congested areas along highways and inside large public buildings.
Control channels
type of channel available between the mobile unit and the base station(BS); used to exchange information having to do with setting up and maintaining calls and with establishing a relationship betwen a mobile unit and the nearest BS.
Traffic channels
type of channel abailable between the mobile unit and the base station; carry a voice or data connection between users.
Mobile unit initialization
when the mobile unit is turned on, it scans anc selects the strongest setup control channel used for this system. Cells with diffferent frequency bands repetitively broadcast on different setup channels, receiver selects the strongest setup channel and monitors that channel.
Handshake
mobile unit automatically selected the BS antenna oif the cell within which it will operatie. "handshake" takes place between the mobile unit and the MTSO controllingh this cell hrough the BS in this cell. Handshake i9s used to identify the user and registrer its location.
Mobile-originated call
cell sends the number of the called unit on the preselected setup channel. the receiver at the mobile unit first checks that the setup channel is idle by examining information in the forward channel. Mobile may transmit on the corresponding reverse channel when an idle is detected. BS sends the request to the MTSO.
Paging
MTSO attempts to complete the connection to the called unit, sends a paging message to certain BSs depending on the called mobile number. Each BS transmits the paging signal on its own assigned setup channel.
Call accepted
called mobile unit recognizes its number on the setup channel being monitored and responcds to that BS, which sends the response to the MTSO, which sets up a circuit between the calling and called BSs. BS notifies the mobile unit
Ongoing call
While thd connection is maintained, the two mobile units exchange voice or data signals, going through their respective BSs and the MTSO.
Call Blocking
During the mobile-initiated call stage, if all the traffic channels assigned to the neares BS are nbusiy, then the mobile unit makes a preconfigured number of repeated attemps. After a certain number of failed tries, a busy signal is returned to user.
Call Termination
one or both users hang up, MTSO is informed and the traffic channels at the two BSs are released.
Call Drop
During a connection, because of interference or weak signal spots in certain areas, if the BS cannot maintain the minuimum required signal strength for a certain period of time, the traffic channel to the user is dropped and the MTSO is informed.
Calls to/from fixed and remote mobile subscriber
MTSO connects to the public switched telephone network (PSTN) and can set up a connection between a mobile user in its area and a fixed subscriber via the telephone network. MTSO can also connect to a remote MTSSO via the telephone network or via dedicated lines and set up a connection between a mobile user in its area and a remote mobile user.
Mobile Telecommunications Switching Office (MTSO)
Connects with each BS typically by a wire line, although a wireless link is also possible. The MTSO connects
calls between mobile units.The MTSO is also connected to the public telephone or telecommunications network and can make a connection between a fixed subscriber
to the public network and a mobile subscriber to the cellular network.
The first-generation systems are based on _________ voice communication using frequency modulation.
analog
The second generation, which uses ________________ techniques and time division multiple access (TDMA) or code division multiple access (CDMA) for channel access.
digital
Spreading Factor
take a signal that to communicate that has a data rate of D bits per second and convert it for transmission into a longer message and transmit it at a higher rate, kD - k is the spreading factor
Multiple Access
emphasizes that a single channel is being shared (accessed by) multiple users.Multiple users can independently use the same (Higher) bandwidth with very little interference.
What are the four ways to divide the spectrum among active users?
Frequency Division Multiple Access (FDMA)
Time Division Multiple Access (TDMA)
Code Division Multiple Access (CDMA)
Space Division Multiple Access (SDMA)
Space Division Multiple Access (SDMA)
the idea of using the same spectral band in two physically disjoint places, the idea of frequency reuse in cells - the same frequency can be used in two different cellls as long as the cells are sufficiently far apart so that their signals do not interfere.
Code Division Multiple Access (CDMA)
based on direct sequence spread spectrum (DSSS); take a signal that we wish to communicate that has a data rate of D bits per second and convert it for transmission into a longer message and transmit it at a higher rate kD, where k is called the spreading factor.Several users can independently use the same (higher) bnandwidth with very little interference. Each user’s signal is scrambled using a uniquecode so that it resembles random background noise to other users.
Frequency Division Multiple Access (FDMA)
each user communicates with the base station on its own narrow frequency band
Time Division Multiple Access (TDMA)
users share a wider frequency band and take turns
communicating with the base station
The primary multiple access schemes used in cellular telephony (and satellite communications as well) are:
FDMA (e.g., the first-generation system AMPS),
TDMA (e.g., Digital AMPS, the digital successor to AMPS, and GSM, which also uses FDM),
and CDMA,
What is the objective of third generation of wireless communications?
to provide fairly high speed wireless communications to support multimedia, data, and video in addition to voice
Wireless Application Protocol (WAP)
a universal, open standard developed by the WAP Forum to provide mobile users of wireless phones and other wireless terminals such as pagers and personal digital assistants (PDAs) access to telephony and information services, including the Internet and the Web; designed to work with all wireless network technologies;based on existing Internet standards, such as IP, XML, HTML, and HTTP, and includes security.
The WAP Programming Model is based on what three elements:
the client,
the gateway: acts as a proxy server for the wireless
domain
the original server
Wireless Markup Language (WML)
uses a small set of markup tags appropriate to
telephony-based systems; does not assume a standard keyboard or a mouse as an input device. It is designed to work with telephone keypads, styluses, and other input devices common to mobile, wireless communication
Microbrowser
a user interface model appropriate for mobile, wireless
devices
Wireless Telephony Applications (WTAs)
provides an interface to the local and wide area telephone systems; using WTA, applications developers can use the microbrowser to originate telephone calls and to respond to events from the telephone network
The heart of a satellite communications system is a ____________ ___________ ___________ in a stable orbit above the earth.
satellite-based antenna
Earth Stations
The antenna systems on or near the earth.
Uplink
A transmission from an earth station to the satellite.
Downlink
transmissions from the satellite to the earth station
Transponder
electronics in the satellite that takes an uplink signal and converts it to a downlink signal
Geostationary Satellite (GEO)
most common type of communications satellite today
Low-Earth-Orbiting Satellites (LEOSs)
Satellite in a different orbit than the GEO, with a circular or slightly elliptical orbit at less than 2000 km.
Little LEOS
Intended to work at communication frequencies below 1 GHz using no more than 5 MHz of bandwidth and supporting data rates up to 10 kbps.These systems are aimed at paging, tracking, and low-rate messaging. used by businesses to track trailers, railcars, heavy equipment, and other remote and mobile assets.
Big LEOS:
Work at frequencies above 1 GHz and support data rates up to a few megabits per second. These systems tend to offer the same services as those of the small LEOS, with the addition of voice & positioning services. i.e., Globalstar. It has no onboard processing or communications between satellites. Most processing is done by the system’s earth stations.
What are 3 of the most important applications for satellites?
• Television distribution
• Long-distance telephone transmission
• Private business networks
Cellular Wireless Network
networks that have traditionally supported mobile telephony but now also support wireless Internet access and other wireless data networking applications.
Direct Sequence Spread Spectrum (DSSS
physical media operating in the 2.4 GHz ISM band,
at data rates of 1 Mbps and 2 Mbps
What geometric shape is used in cellular system design?
hexagon
What is the principle of frequency reuse in the context of a cellular network?
The same frequency can be used in two different
cells as long as the cells are sufficiently far apart so that their signals do not interfere.
List five ways of increasing the capacity of a cellular system.
• Adding new channels
• Frequency borrowing
• Cell splitting
• Cell sectoring
• Microcells
Explain the paging function of a cellular system.
The MTSO attempts to complete the connection to a called unit. The MTSO sends a paging message to certain BSs depending on the called mobile number. Each BS transmits the paging signal on its own assigned setup channel.
What is cellular handoff?
If a mobile unit moves out of range of one cell and into the range of another during a connection, the traffic channel has to change to one assigned to the BS in the new cell.The system makes this change without either interrupting the call or alerting the user.
For a cellular system, describe the function of the following: control channels and traffic
channels.
Control channels are used to exchange information having to do with setting up and maintaining calls and with establishing a relationship between a mobile unit and the nearest BS. Traffic channels carry a voice or data connection between users.
Describe what is meant by the term multiple access as it applies to cellular communication.
multiple access emphasizes that a single channel is being shared (accessed by) multiple users.
Briefly explain the principle behind CDMA.
many users can simultaneously use the same wide frequency band. Each user’s signal is scrambled using a unique code so that it resembles random background noise to other users.The base station uses the same codes to unscramble the different user signals. CDMA allows more users to share a given bandwidth than does FDMA or TDMA.
Under what circumstances would you use GEOS, LEOS, and MEOS, respectively?
satellites are well suited to television distribution; Satellite transmission is also used for point-to-point trunks between telephone exchange offices in public telephone networks. It is a useful medium for high-usageinternational trunks and is competitive with terrestrial systems for many long distance intranational links, particularly in remote and undeveloped areas.
Amplitude Modulation
amplitude is one of the three principal characteristics of a carrier signal; the amplitude of the carrier varies with the pattern of the modulating signal
Amplitude Shift Keying (ASK)
Modulation in which the two binary values are represented by two different amplitudes of the carrier frequency.
Analog Data
Data represented by a physical quantity that is considered to be continuously variable and whose magnitude is made directly proportional to the data or to a suitable function of the data.
Analog Signal
a continuously varying electromagnetic wave that may be transmitted over a variety of media, depending on frequency
Analog Transmission
means of transmitting analog signals without regard to
their content; the signals may represent analog data (such as voice) or digital data (such as data that pass through a modem);the analog signal will suffer attenuation, which limits the length of the transmission link.
Asynchronous Transmission
data are transmitted one character at a time, where each character is 5 to 8 bits in length.2 Timing or synchronization must only be maintained within each character; the receiver has the opportunity to resynchronize at the beginning of each new character
Baud
A unit of signaling speed equal to the number of discrete conditions or signal events per second, or the reciprocal of the time of the shortest signal element.
Codec
Coder-decoder. Transforms analog data into a digital bit stream (coder) and digital signals into analog data
(decoder).
cyclic redundancy check (CRC)
An error detecting code in which the code is the remainder resulting from dividing the bits to be checked by a predetermined binary number.
Digital Data
Data represented by discrete
values or conditions
Digital Signal
A discrete or discontinuous signal, such as a sequence of voltage pulses
Digital Transmission
The transmission of digital data or analog data that have
been digitized, using either an analog or digital signal, in which the digital content is recovered and repeated at
intermediate points to reduce the effects of impairments, such as noise, distortion, and attenuation.
Error-Detecting Code
A code in which each data signal conforms to specific rules of construction, so that departures from this construction in the received signal can be automatically detected.
Error Detection
The destination detects frames that are in error, using the techniques, and discards those frames.
Frequency Modulation
conveys information over a carrier wave by varying its instantaneous frequency
Frequency Shift Keying (FSK)
Modulation in which the two binary values are represented by two different frequencies near the carrier frequency.
modem
Modulator/demodulator.A device that converts digital data to an analog signal that can be transmitted on a
telecommunication line and converts the received analog signal to digital data.
Parity Bit
A check bit appended to an array of binary digits to make the sum of all the binary digits, including the
check bit, always odd or always even.
Phase Modulation (PM)
Analog encoding of Analog information; the phase of the carrier varies with the pattern of the modulating signal
Phase Shift Keying
Modulation in which
the phase of the carrier signal is shifted
to represent digital data.
Pulse-Code Modulation (PCM)
A process in which a signal is sampled, and the magnitude of each sample with respect to a fixed reference is quantized and converted by coding to a digital signal.
Synchronous Transmission
Data transmission in which the time of occurrence of
each signal representing a bit is related to a fixed time frame.
Attenuation
A decrease in magnitude of current, voltage, or power of a signal in transmission between points.
Frequency
Rate of signal oscillation in cycles per second (Hertz).
Distinguish among analog data, analog signaling, and analog transmission.
Analog data are entities that convey meaning, or information. Analog Signals are electric or electromagnetic representations of the analog data. Analog Signaling is the physical propagation of the signal along a suitable medium. Transmission is the communication of the analog data by the propagation and processing of signals.
Distinguish among digital data, digital signaling, and digital transmission.
Digital data take on discrete values; examples are text, integers, and binary data. A digital signal is a sequence of voltage pulses that may be transmitted over
a wire medium; Digital transmission is concerned with the content of the signal; a digital signal can be propagated only a limited distance before attenuation endangers the integrity of the data, however repeaters can be used
What is the difference between amplification and retransmission?
In order to make the signal reach further, a certain method must be employed to return the signal to its original strength after it has travelled some distance. Amplification is the simplest way - basically increases the signal power. Retransmission on the other hand, is a more complex method that takes the input signal, extracts the information, &sends out that information as a new signal.
(Internet)
What is differential encoding?
the signal is decoded by comparing the polarity of adjacent signal elements rather than determining the absolute value of a signal element
What function does a modem perform?
Modulator/demodulator.A device that converts digital data to an analog signal that can be transmitted on a
telecommunication line and converts the received analog signal to digital data.
Are the modem and the codec functional inverses (i.e., could an inverted modem function as a codec, or vice versa)?
Yes, they're functional inverses, but no, you couldn't reverse one to do the other's job. A modem converts binary digital signals into analog for transmission over the voice network and then back into a digital binary signal at the other end. A codec is the functional inverse it's for coding analog data into digital form for trans-mission and then decoding it back into analog at the receiving end.
Indicate three major advantages of digital transmission over analog transmission.
1. Digital signals do not get corrupted by noise etc.
2. Digital signals typically use less bandwidth.
3) Digital can be encrypted so that only the intended receiver can decode it.
How are binary values represented in amplitude shift keying, and what is the limitation of this approach?
the two binary values are represented by two different amplitudes of the carrier frequency. One binary digit is represented by the presence, at constant amplitude,
of the carrier, the other by the absence of the carrier. ASK is susceptible to sudden gain changes and is a rather inefficient modulation technique.
Indicate the major categories into which modems may be classified based on their data rates.
Dial up modem - 33.6Kbs Up and 56kbs down.
ISDN basic rate 2 channels 128kbs up and 128kbs down.
ADSL 16-640kbs up and 1.5-9Mbs down.
Cable modem - 400kbs up and 10-30Mbs down
What is NRZ-L? What is a major disadvantage of this data encoding approach?
Digital encoding of digital data. NRZL is Nonreturn to zero level. Easiest way to transmit digital signals is to use two different voltage levels for the two binary digits. A negative voltage is binary 1 and positive is binary 0. This means that the voltage is never 0. It can be difficult to determine where the stream ends and where it begins. Also, if the leads in the twisted cable are reversed, it inverts the 1's and 0's. This doesn't happen in differential encoding
Match the device or system with the correct type of signal and data:
Device/System Data/Signal
Modem transmissions A. Digital data/digital encoding
Ethernet B. Digital data/analog encoding
AM/FM radio C. Analog data/digital encoding
PCM D. Analog data/analog encoding
Ethernet - Digital data/digital encoding
PCM - Digital data/analog encoding
AM/FM radio - Analog data/analog encoding
Modem transmissions - Analog data/digital encoding
(I think...)
How is the transmission of a single character differentiated from the transmission of
the next character in asynchronous transmission?
Following the data bits of the character there is a parity bit that is used for error detection and then a stop element which signals the end of the character. The stop element is continually transmitted until the transmitter is ready to send the next character.
What is a major disadvantage of asynchronous transmission?
requires an overhead of 2 to 3 bits per character. For example, for an 8-bit character with no parity bit,
using a 1-bit-long stop element, 2 out of every 10 bits convey no information but are there merely for synchronization; thus the overhead is 20%; percentage overhead could be reduced by sending larger blocks of bits between the start bit and stop element. However the larger the block of bits, the greater the cumulative timing error.
Asymmetric Digital Subscriber Line (ADSL)
provides more capacity downstream (from the carrier’s central office to the customer’s site) than upstream (from customer to carrier); originally targeted at the expected need for video on demand and related services which didn't materialize, but meets the need for high-speed internet even though the user requires far higher capacity for downstream than for upstream transmission.
Automatic Repeat Request (ARQ)
collection of mechanisms (Error detection, Positive acknowledgment, Retransmission after timeout, and Negative acknowledgment and retransmission) used to turn a potentially unreliable data link into a reliable one.
Data Link Control Protocol
flow control is achieved by numbering each frame sequentially; Initially, a buffer is allocated at the receiver of an agreed size. As frames arrive and are processed, the receiver returns an acknowledgment indicating which frames have been received and implicitly indicating that more frames may be sent.
Dense Wavelength Division Multiplexing (DWDM)
There is no official or standard definition of this term. The term connotes the use of more channels, more closely spaced, than ordinary WDM. In general, a channel spacing of 200 GHz or less could be considered dense.
Digital Subscriber Line (DSL)
the link between subscriber and network that provides a high-speed link over telephone lines and requires a special DSL modem; converts digital information for conveyance over an analog network.
discrete multitone (DMT)
uses multiple carrier signals at different frequencies, sending some of the bits on each channel. The available transmission band (upstream or downstream) is divided into a number of 4-kHz subchannels. On initialization, the DMT modem sends out test signals on each subchannel to determine the signal-to-noise ratio. The modem then assigns more bits to channels with better signal transmission qualities and less bits to channels with poorer signal transmission qualities.
Error Control
techniques that enable a receiver to detect errors that
occur in the transmission and reception process. Data link control provides mechanisms by which the two sides cooperate in the retrnsmission of frames that suffer from errors on the first try. Most common techniques for error control are: Error detection, Positive acknowledgment, Retransmission after timeout, and negative acknowledgment and retransmission.
Flow Control
A technique for assuring that a transmitting entity does not overwhelm a receiving entity with data. The computer must do a certain amount of processing before passing the data to the higher-level software.
Frame
A group of bits that includes data plus one or more addresses and other protocol control information. Generally refers to a link layer (OSI layer 2) protocol data unit.
Frequency Division
Division of a transmission facility into two or more channels by splitting the frequency band transmitted by the facility into narrower bands, each of which is used to constitute a distinct channel.
High-Level Data Link Control
(HDLC)
HDLC accepts the user data and delivers it to a higher layer of software on that side; the two HDLC modules exchange control information to provide for flow control, error control, and other control functions.
Multiplexing
two communicating stations will not utilize the full capacity of a data link. For efficiency, it should be possible to share that capacity.
Synchronous Digital Hierarchy
(SDH)
SONET specification that defines a hierarchy of standardized digital data rates. Multiple STS-1 signals can be combined to form an STS-N signal.
Synchronous Optical Network (SONET)
an optical transmission interface originally proposed by BellCore and standardized by ANSI. SONET was intended to provide a specification for taking advantage of the high-speed digital transmission capability of
optical fiber.
Synchronous TDM
Synchronous TDM is called synchronous not because synchronous transmission is used but because the time slots are preassigned to sources and are fixed. The time slots for a given source are transmitted whether or not the source has data to send.
TDM channel
The set of time slots in TDM are dedicated to one source, from frame to frame, is called a channel.
TDM frame
The data transmitted Are organized into frames, each of which contains a cycle of time slots. In each frame, one or more slots are dedicated to each data source. Transmission consists of the transmission of a sequence of frames.
Time Division Multiplexing (TDM)
commonly used for multiplexing digitized voice streams and data streams; possible when the data rate of the transmission medium exceeds the required data rate of signals to be transmitted. A number of digital signals, or analog signals carrying digital data, can be carried simultaneously by interleaving portions of each signal in time.
Wavelength Division Multiplexing (WDM)
The true potential of optical fiber is fully exploited when multiple beams of light at different frequencies are transmitted on the same fiber, commonly called wavelength division multiplexing (WDM).With WDM, the light streaming through the fiber consists of many colors, or wavelengths, each carrying a separate channel of data.
List common ingredients for error control for a link control protocol.
information is formatted into a frame with the following characteristics:
Flag - synchronization
Address - indicates secondary station for transmission
Control - Identifies purpose and function of frame
Information - contains the data to be transmitted
Frame Check Sequence - 16- or 32-bit cyclic redundancy check used for error detection.
What is the putpose of the flag field in HDLC?
used for synchrnization - appears at the beginning and end of the frame and always contains the pattern 01111110.
What type of error detection is used in the HDLC frame check sequence field?
Cyclic redundancy checks
What are the three frame types supported by DLC? Describe each.
Information Frames: carry the user data to be transmitted for the station.Also contain control informaton for flow control and error control.
Supervisory Frames: (S Frames) Provide another means of exercising flow control and error control.
Unnumbered frames: provide suppliemental link control functions
The set of time slots or the frequency allocated to a single source is called what?
Channel
Why is multiplexing so cost effective?
The higher the data rate, the more cost-effective the transmission facility. Also, most individuals data communicating devices require relatively modest data rate support.
How is interference avoided by using frequency division multiplexing?
Each modulated signal requires a certain bandwidth centered on its carrier frequency (channel); To prevent interference, the channels are separated by guard bands, which are unused portions of the spectrum.
What is echo cancellation?
a signal processing technique that when used allows the entire frequency band for the upstream channel to overlap the lower portion of the downstream channel.
Explain how synchronous time division multiplexing (TDM) works.
Can be used with digital or analog signals carrying digitial data. Data from various sournces are carried in repetitive frames. Each frame consists of a set of time slots and eac source is assigned one or time slots per frame. The effect is to interleave bits of data from the various sources.
accountability
The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. keeping transaction logs for tracking purposes if necessary.
active attack
attempt to alter system resources or affect their operation
asset
hardware, software, data, and communication lines and networks
attack
any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset
authenticity
The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator. This means verifying that users are who they say they are and that each input arriving at the system came from a trusted source.
availability
Assures that systems work promptly and service is not denied to authorized users
backdoor
logic in the system to provide subsequent access to a system and its resources by other than the usual procedure.
confidentiality
Preserving authorized restrictions on information access
and disclosure, including means for protecting personal privacy and proprietary information
data integrity
Assures that information and programs are changed only in a specified and authorized manner
deception
A circumstance or event that may result in an authorized entity receiving false data and believing it to be true.
Example:
Masquerade, Falsificaiton, Repudiation
denial of service
prevents or inhibits the normal use or management of
communications facilities (active attack)
disruption
a threat to availability or system integrity
exposure
Sensitive data are directly released to an unauthorized
entity.
falsification
Active attack, form of deception, refers to the altering or replacing of valid data or the introduction of false data into a file or database
e-mail virus
computer code sent to you as an e-mail note attachment which, if activated, will cause some unexpected and usually harmful effect, such as destroying certain files on your hard disk and causing the attachment to be remailed to everyone in your address book
hacker
the intruder - one of the two most publicized threats to security
insider attack
an employee using their login credentials to copy/steal information from the company/consumers - among the most difficult to detect and prevent
integrity
Guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity.
interception
a common attack in the context of communications.
On a shared local area network (LAN), such as a wireless LAN or a broadcast Ethernet, any device attached to the LAN can receive a copy of packets intended for another device. On the Internet, a determined hacker can gain access to e-mail traffic and other data transfers. All of these situations create the potential for unauthorized access to data.
intruder
To put or force in inappropriately, especially without invitation, fitness, or permission
intrusion
an intruder gains, or attempts to gain, access to a
system (or system resource) without having authorization to do so
logic bomb
code embedded in some legitimate program that is set to “explode” when certain conditions are met
macro virus
Infects files with macro code that is interpreted by an application
malicious software
programs that exploit vulnerabilities in computing systems - two categories: those that need a host
program, and those that are independent
malware
software designed to cause damage to or use up the resources of a target computer
masquerade
An unauthorized entity gains access to a system or
performs a malicious act by posing as an authorized entity.
passive attack
very difficult to detect because they do not involve any alteration of the data. Typically, the message traffic is sent and received in an apparently normal fashion and neither the sender nor receiver is aware that a third party has read the messages or observed the traffic pattern. However, it is feasible to prevent the success of these attacks, usually by means of encryption.
privacy
Assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed
replay
involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect
repudiation
a user either denies sending data or a user denies
receiving or possessing the data.
system integrity
Assures that a system performs its intended function in an
unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system
threat
an act of coercion wherein an act is proposed to elicit a negative response. It is a communicated intent to inflict harm or loss on another person, computer or system.
traffic analysis
a more subtle form of passive attack; opponent observes the pattern of messages. The opponent could determine the location and identity of communicating hosts and could observe frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
trap door
Another name for Back Door; Any mechanism that bypasses a normal security check; it may allow unauthorized access to functionality
Trojan horse
A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by
exploiting legitimate authorizations of a system entity that invokes the Trojan horse program.
usurpation
is a threat to system integrity. Attacks can result in this threat consequence:
Misappropriation
Misuse
virus
Malware that, when executed, tries to replicate itself into other executable code; when it succeeds the code is said to be infected.When the infected code is executed, the virus also executes.
virus kit
Such a toolkit enables a relative novice to quickly create a number of different viruses. Although viruses created with toolkits tend to be less sophisticated than viruses designed from scratch, the sheer number of new viruses that can be generated using a toolkit creates a problem for antivirus schemes.
worm
a program that can replicate itself and send copies from computer to computer across network connections. Upon arrival, the worm may be activated to replicate and propagate again. In addition to propagation, the worm usually performs some unwanted function.
What are some of the major uses of T-1 lines?
• Private voice networks
• Private data networks
• Video teleconferencing
• High-speed digital facsimile
• Internet access
Why is the use of private T-1 lines attractive to companies?
T-1 permits simpler configurations than the use of a mix of lower-speed offerings, and second, T-1 transmission services are less expensive.
Define computer security.
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality
of information system resources (includes hardware, software, firmware, information/data, and telecommunications)
What are the fundamental requirements addressed by computer security?
• Confidentiality: This term covers two related concepts:
—Data1 confidentiality
—Privacy
What is the difference between passive and active security threats?
Passive attacks are difficult to detect, but measures are available to prevent their success. It is quite difficult to prevent active attacks absolutely, because to do so would require physical protection of all communications facilities and paths at all times
List and briefly define three classes of intruders.
• Masquerader: An individual who is not authorized to use the computer and who penetrates a system’s access controls to exploit a legitimate user’s account - likely to be an outsider;
• Misfeasor: A legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but
misuses his or her privileges - generally is an insider
• Clandestine user: An individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection - can be either an outsider or an insider
List and briefly define three intruder behavior patterns.
1. Hacker - done for the thrill of it or for status in the hacking community which is determined by level of competence.
2. Criminals - organized groups of hackers have become a widespread and common threat to Internet-based systems. These groups can be in the employ of a corporation or government but often are loosely affiliated gangs of hackers
3. Insider attacks - among the most difficult to detect and prevent. Employees already have access to and knowledge of the structure and content of corporate databases. Insider attacks can be motivated by revenge or simply a feeling of entitlement.
What is the role of compression in the operation of a virus?
compresses the executable file so that both
the infected and uninfected versions are of identical length - in order to escape detection.
What is the role of encryption in the operation of a virus?
5
What are typical phases of operation of a virus or worm?
• Dormant phase: The virus is idle. The virus will eventually be activated by some event, such as a date, the presence of another program or file, or the capacity
of the disk exceeding some limit. Not all viruses have this stage.
• Propagation phase: The virus places an identical copy of itself into other programs or into certain system areas on the disk. Each infected program will now
contain a clone of the virus, which will itself enter a propagation phase.
• Triggering phase: The virus is activated to perform the function for which it was intended. As with the dormant phase, the triggering phase can be caused by a variety of system events, including a count of the number of times that this copy of the virus has made copies of itself.
• Execution phase: The function is performed. The function may be harmless, such as a message on the screen, or damaging, such as the destruction of programs and data files.
In general terms, how does a worm propagate?
It can replicate itself and send copies from computer to computer across network connections.
antivirus
software that integrates with the operating system of a host computer and monitors program behavior in real time for malicious actions
bot
A bot (robot), also known as a zombie or drone, is a program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to the bot’s creator
digital immune system
a comprehensive approach to virus protection developed by IBM and subsequently refined by Symantec. It is a prototype digital immune system; objective of this system is to provide rapid response time so that viruses can be stamped out almost as soon as they are introduced.When a new virus enters an organization, the immune system automatically captures it, analyzes it, adds detection and shielding for it, removes it, and passes information about that virus to systems running IBM AntiVirus so that it can be detected before it is allowed to run elsewhere.
firewall
an important complement to host-based security services such as intrusion detection systems, inserted between the premises network and the Internet to establish a controlled link and to erect an outer security wall or perimeter, with the purpose of protecting the premises network from Internet-based attacks and to provide a single choke point where security and auditing can be imposed.
host-based IDS
add a specialized layer of security software to vulnerable or sensitive systems; examples include database servers and administrative systems. The host-based IDS monitors activity on the system in a variety of ways to detect suspicious behavior; can halt an attack before any damage is done, but its primary purpose is to detect intrusions, log suspicious events, and send alerts
IP security (IPSec)
authentication and encryption as necessary security features. (IAB) issued a report titled “Security in the Internet Architecture” (RFC 1636).The report stated the general consensus that the Internet needs more and better security and identified key areas for security
mechanisms.
intrusion detection
A security service that monitors and analyzes system events for the purpose of finding, and providing real-time or near-real-time warning of, attempts to access
system resources in an unauthorized manner
intrusion detections system (IDS)
a specialized layer of security software to detect intrusions, log suspicious events, and send alerts.
packet filtering firewall
applies a set of rules to each incoming and outgoing IP packet and then forwards or discards the packet; typically configured to filter packets going in both
directions; Filtering rules are based on information
contained in a network packet: Source IP address, Destination IP address, Source and destination transport-level address(UDP or TCP), IP protocol field, or Interface.
Secure Sockets Layer (SSL)
designed to make use of TCP to provide a reliable end-to-end secure service; not a single protocol but rather two layers of protocols. Provides basic security services to various higher layer protocols such as the Handshake Protocol, the Change Cipher Spec Protocol, and the Alert Protocol.
Stateful inspection firewall
tightens up the rules for TCP traffic by
creating a directory of outbound TCP connections. There is an entry for each currently established connection. The packet filter will now allow incoming traffic to high-numbered ports only for those packets that fit the profile of one of the entries in this directory
Transport Layer Security (TLS)
provides a secure transport-level protocol.
Wi-Fi Protected Access (WPA)
A Wi-Fi standard. WPA is a set of security mechanisms that eliminates most 802.11 security issues and
was based on the current state of the 802.11i standard. requires the use of an authentication server (AS) and defines a more robust authentication protocol.
stateful packet inspection firewall
reviews the same packet information as a packet filtering firewall, but also records information about TCP connections. Some stateful firewalls also keep track of TCP sequence numbers to prevent attacks that depend on the sequence number, such as session hijacking. Some even inspect limited amounts of application data for some well-known protocols like FTP, IM and SIPS commands, in order to identify and track related connections.
What services are provided by IPSec?
an authentication-only function referred to as
Authentication Header (AH), a combined authentication/encryption function called
Encapsulating Security Payload (ESP), and a key exchange function.
What protocols comprise SSL?
the HTTP Protocol, the Handshake Protocol, the Change Cipher Spec Protocol, and the Alert Protocol.
What is the difference between and SSL connection and an SSL session?
A connection is a transport that provides a suitable type of service. For SSL, such connections are peer-to-peer relationships. The connections are transient.
An SSL session is an association between a client and a server. Sessions are created by the Handshake Protocol. Sessions define a set of cryptographic security parameters, which can be shared among multiple connections.
What services are provided by the SSL Record Protocol?
- Confidentiality: The Handshake Protocol defines a shared secret key that is used for conventional encryption of SSL payloads.
- Message Integrity: The Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC).
What security areas are addressed by IEEE 802.11i?
addresses three main security areas: authentication, key management, and data transfer privacy. To improve authentication, 802.11i requires the use of an authentication server (AS) and defines a more robust authentication protocol. The AS also plays a role in key distribution. For privacy, 802.11i provides three different encryption schemes. The scheme that provides a long-term solution makes use of the Advanced Encryption Standard (AES) with 128-bit keys. However, because the use of AES would require expensive upgrades to existing equipment, alternative schemes based on 104-bit RC4 are also defined.
Explain the difference between anomaly intrusion detection and signature intrusion detection.
In essence, anomaly approaches attempt to define normal, or expected, behavior, whereas signature-based approaches attempt to define proper behavior.
List three design goals for a firewall.
1. All traffic from inside to outside, and vice versa, must pass through the firewall.
2. Only authorized traffic, as defined by the local security policy, will be allowed to pass.
3. The firewall itself is immune to penetration
List four techniques used by firewalls to control access and enforce a security policy.
1. Service control: Determines the types of Internet services that can be accessed, inbound or outbound.
2. Direction control: Determines the direction in which particular service requests may be initiated and allowed to flow through the firewall.
3. User control: Controls access to a service according to which user is attempting to access it.
4. Behavior control: Controls how particular services are used. (i.e., may filter e-mail to eliminate spam)
What information is used by a typical packet-filtering router?
Source IP address: The IP address of the system that originated the IP packet.
Destination IP address: The IP address of the system the IP packet is trying to reach.
Source and destination transport-level address: The transport level (e.g., TCP or UDP) port number, which defines applications such as SNMP or TELNET.
IP protocol field: Defines the transport protocol.
Interface: For a router with three or more ports, which interface of the router the packet came from or which
interface of the router the packet is destined for.
What are some weaknesses of a packet-filtering router?
The weaknesses of static (or stateless) packet filters and stateful packet filters are different in a few ways. Stateless packet filters frequently block SYN scans of networks, but ....Stateless packet filters application layer protocols like FTP, H323Because of the nature of connection tracking and state awareness, stateful packet filters are vulnerable to resource exhaustion and deliberate attempts to trip rate-limiting features. application layer protocols like FTP, H323. Because of the nature of connection tracking and state awareness, stateful packet filters are vulnerable to resource exhaustion and deliberate attempts to trip rate-limiting features.
What is the difference between a packet-filtering router and a stateful inspection firewall?
A traditional packet filter makes filtering decisions on an individual packet basis
and does not take into consideration any higher layer context. A stateful inspection packet filter tightens up the rules for TCP traffic by creating a directory of outbound TCP connections. There is an entry for each currently established connection. The packet filter will now allow incoming traffic to high-numbered ports only for those packets that fit the profile of one of the entries in this directory
What is a digital immune system?
A closed-loop, suspect-code submission system designed to detect unknown but potentially malicious code, quarantine the code, submit it for analysis, and finally push out new virus definitions to affected systems.
How does behavior-blocking software work?
intercepts all files before they are loaded into memory and intercepts prefetching/caching attempts for those files. It calculates the hash of the executable at the point it attempts to load into the memory. It then compares this hash with the list of known / recognized applications that are on the Comodo safe list.
Describe some worm countermeasures.
• Generality: The approach taken should be able to handle a wide variety of worm attacks, including polymorphic worms.
• Timeliness: The approach should respond quickly so as to limit the number infected systems and the number of generated transmissions from infected systems.
• Resiliency: The approach should be resistant to evasion techniques employed by attackers to evade worm countermeasures.
• Minimal denial-of-service costs: The approach should result in minimal reduction in capacity or service due to the actions of the countermeasure software.