Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
158 Cards in this Set
- Front
- Back
|
What did ISO create to get everyone on the same networking standards allowing for integration across vendors? |
OSI (Open Systems Interconnection) model |
|
|
True or False. The OSI model has 7 layers that talk to the layer above and below as well as to the peer layer in another system. |
True |
|
|
What is a common mnemonic to help you remember the 7 layers of the OSI model? |
All People Seem To Need Domino's Pizza |
|
|
What is the OSI layer 1 and what is transmitted there? |
Physical and bits are transmitted |
|
|
What is the OSI layer 2 and what is transmitted? |
Data Link and frames are transmitted |
|
|
What is the OSI layer 3 and what is transmitted? |
Network and packets are transmitted |
|
|
What is the OSI layer 4 and what is transmitted? |
Transport and segments/datagrams are transmitted |
|
|
What is the OSI layer 5 and what is transmitted? |
Session and data streams are transmitted |
|
|
What is the OSI layer 6 and what is transmitted? |
Presentation and data streams are transmitted |
|
|
What is the OSI layer 7 and what is transmitted? |
Application and data streams are transmitted |
|
|
What is the addition of a header and sometimes a footer to the payload as communication goes down the OSI layers? |
Encapsulation |
|
|
What is it when headers are peeled away from the payload as communication goes up the OSI layers? |
De-encapsulation |
|
|
What OSI layers are considered media layers? |
Layers 1-3 (physical, data link, network) |
|
|
What OSI layers are considered host layers? |
Layers 4-7 (transport, session, presentation, application) |
|
|
This OSI layer is where media, signal and binary transmission occurs. |
L1 Physical |
|
|
This OSI layer is where physical MAC & LLC addressing occurs. |
L2 Data Link |
|
|
This OSI layer is where path determination and logical IPSEC addressing occurs. |
L3 Network |
|
|
This OSI layer is where end to end connections and reliability occurs. |
L4 Transport |
|
|
This OSI layer is where interhost communication is established. |
L5 Session |
|
|
This OSI layer is where data representation and encryption occurs. |
L6 Presentation |
|
|
This OSI layer is where the network connects to the application. |
L7 Application |
|
|
What computer networking model did DARPA/DoD (dept of defense) create with just 4 levels? |
TCP/IP (Transmission Control Protocol/ Internet Protocol) |
|
|
What are the 4 TCP/IP layers? |
Network Access, Internet, Transport, Application |
|
|
What OSI & TCP/IP layers do ethernet and token rings belong to? |
Physical - Network Access |
|
|
What OSI & TCP/IP layers do ARP & RARP (address resolution) protocols play? |
Data Link - Network Access |
|
|
What OSI & TCP/IP layers do IP, ICMP, IGMP (control message) protocols play in? |
Network - Internet |
|
|
What OSI & TCP/IP layers do TCP, UDP (transmission control, user datagram) protocols play? |
Transport - Transport (aka host-to-host) |
|
|
What OSI & TCP/IP layers do DNS, DHCP, NTP, HTTPS, FTP, SSH, POP3, Telnet play? |
Application - Application |
|
|
What devices/apps show up at the L1 Physical and Network Access layers? |
Hub, repeaters, modems |
|
|
What devices/apps show up at the L2 Data Link and Network Access layers? |
Bridge, layer 2 switch |
|
|
What devices/apps show up at the L3 Network and Internet layers? |
Router, firewalls, layer 3 switch |
|
|
What devices/apps show up at the L4 Transport layers? |
Gateways |
|
|
What devices/apps show up at L5 Session, L6 Presentation , L7 Application layers? |
Web server, mail server, browser |
|
|
What are the 3 layers of TCP/IP addressing? |
1. Domain name (google.com) 2. IP address (temp number assigned to MAC address) 3. MAC address (permanent) |
|
|
What is the number range for IP Class A (the 1st of the 4 sections in an IP address) and what is the host count? |
1 - 126 Host count is 16 million |
|
|
What is the number range for IP Class B and what is the host count? |
128 - 191 Host count is 65 thousand |
|
|
What is the number range for IP Class C and what is the host count? |
192 - 223 Host count is 254 |
|
|
What is the number range for IP Class D and what is its purpose? |
224 - 239 Purpose is multicasting (transmitting to multiple recipients) |
|
|
What is the number range for IP Class E and what is its purpose? |
240 - 254 Purpose is future use and research |
|
|
What IP address broadcasts to all hosts on the local network? |
255.255.255.255 |
|
|
What IP address range is reserved for loopback or local host? |
127.x.x.x |
|
|
What uses mask bits rather than dotted decimal notation? |
CIDR (classless inter-domain routing) |
|
|
IEEE 802.11 is the standard for what? |
Wireless network communications |
|
|
What IEEE amendment introduced the 5 Ghz frequency? |
IEEE 802.11a |
|
|
What IEEE amendment introduced 200+ Mbps and both 2.4 & 5 Ghz? |
IEEE 802.11n |
|
|
What is a case sensitive, 32 character unique identifier attached to the header of packets sent over a wireless LAN (WLAN) and acts like a password when a mobile device connects to the basic service set (BSS)? |
SSID (service set identifier) |
|
|
What is a security algorithm for wireless networks intended to provide data confidentiality comparable to wired networks? |
WEP Wired Equivalent Privacy |
|
|
True or False. WEP uses Rivest Cipher 4 (RC4), symmetric stream cipher, but was cracked because it used the same key for all connections. |
True |
|
|
Name the 2 methods for authenticating wireless clients. |
1. Open System Authentication (OSA) 2. Shared Key Authentication (SKA) |
|
|
What superseded WEP and negotiates unique keys and requires a passphrase of 14 characters or more? |
Wi-Fi Protected Access (WPA) |
|
|
What wireless network security method uses Counter Mode Cipher Block Chaining Message Protocol (CCMP)? |
WPA2 (Wireless Protected Access 2) |
|
|
What does EAP (extensible authentication protocol) do? |
It allows for new technologies to be compatible. |
|
|
What kind of portal is it where hotels want you to provide your name and room number before granting internet access? |
Captive portal |
|
|
What are the 8 steps in securing a new wireless/wi-fi network? |
1. Change the default password 2. Disable SSID broadcast 3. Change SSID to something unique 4. Enable MAC filtering 5. Turn on highest form of authentication and encryption (WPA2) 6. Separate external access using a firewall 7. Monitor communications with IDS (intrusion detection system) 8. Require VPN link |
|
|
What do attackers use to discover wireless networks (usually from within a car) then move to using sniffers to gather wireless packets? |
Wardriving |
|
|
What is a cross between the internet and intranet, such as DMZ's (demilitarized zones)? |
Extranet |
|
|
What is an approach to computer security that attempts to unify endpoint security technology (such as anti-virus and host intrusion prevention) with authentication and network security enforcement? |
Network Access Control (NAC) |
|
|
What network device manages, controls, blocks, and filters traffic? |
A firewall |
|
|
True or False. Firewalls are effective at blocking viruses and malware. |
False, but you can add antivirus scanners and IDS tools. |
|
|
True or False. Firewalls can hide the network, but can also be a single point of failure when you concentrate security features there. |
True |
|
|
What type of firewall filters traffic by looking at the message header; it has no authentication and operates at Network layer 3? |
Static packet-filtering firewall |
|
|
What type of firewall copies packets from one network to another; slows things down as each packet is examined and operates at Application layer 7? |
Application-level gateway firewall (aka Proxy) |
|
|
What type of firewall manages based off circuits, not the content of the traffic and operates at Session layer 5? |
Circuit level gateway firewall |
|
|
What type of firewall manages based off states in the network traffic like destination address, source of origin and operates at either Transport layer 4 or Network layer 3? |
Stateful inspection firewall (aka Dynamic packet filtering) |
|
|
What is a firewall with more than one interface where one acts as a bastion (guard house)? |
Multihomed firewall |
|
|
3 types of firewall architecture. |
Single, two, and three tiered |
|
|
What says that each device must maintain local security? |
End point security |
|
|
What rule defines the number of repeaters/concentrators used in a network design? |
5-4-3 rule [5 segments - 4 repeaters - 3 segments with clients] |
|
|
Fill in the blanks. _____ based network cables transmit electricity. _____ cable transmit light. |
Conductor and Fiber-optic |
|
|
What network topology connects each system/node to exactly two other nodes forming a single continuous pathway in a circle? |
Ring topology |
|
|
What network topology connects each system/node to a common trunk or backbone cable? |
Bus topology |
|
|
What network topology connects each system/node to a central device? |
Star topology |
|
|
What network topology connects each system/node connect systems to other systems? |
Mesh topology |
|
|
What is the finite set of signals that must be managed and is measured in frequency (Hz/hertz) and 900 MHz, 2.4 GHz, and 5 GHz are most common frequencies and are unlicensed? |
Radio Spectrum |
|
|
What is the use of multiple frequencies at the same time where the message is broken into parts and sent in parallel over multiple frequencies? |
Spread Spectrum |
|
|
What is FHSS (frequency hopping spread spectrum)? |
Sends data in a series while always changing the frequency. |
|
|
What is DSSS (direct sequence spread spectrum)? |
Uses available frequencies at the same time (goes faster). |
|
|
What is an example of a PAN (personal area network)? |
Bluetooth |
|
|
What LAN technology is a broadcast technology allowing numerous devices on the same medium? |
Ethernet |
|
|
What LAN technology passes tokens to control which systems can transmit data over network medium? |
Token Ring |
|
|
What LAN technology is a high speed token passing technology? |
FDDI fiber distributed data interface |
|
|
What listens to see if media is in use before transmitting, but doesn't address collisions? |
Carrier-Sense Multiple Access (CSMA) |
|
|
What CSMA has collision avoidance? AppleTalk and 802.11 use it. |
CSMA/CA |
|
|
What CSMA has collision detection sending a jam signal when a collision occurs? Ethernet uses it. |
CSMA/CD |
|
|
What has a copper core and braided shielding allowing 2 way communication? It is resistant to EMI (electromagnetic interference) |
Coaxial cable |
|
|
What cable transmits only a single signal at a time? |
Baseband cable |
|
|
What cable transmits multiple signals at a time? |
Broadband cable |
|
|
What secure channel protocol for applications is for sharing encryption keys? |
SKIP (Simple Key mgmnt for Internet Protocol) |
|
|
What secure channel protocol for applications encapsulates for authentication, integrity and confidentiality? |
swIPe (SW IP Encryption) |
|
|
What secure channel protocol for applications was developed by Netscape and protects between the web server and the browser? |
SSL (secure socket layer) |
|
|
What secure channel protocol for applications is the same as SSL, but uses stronger authentication and encryption? |
TLS (transport layer security) |
|
|
If the internet uses SSL/TLS, what does Visa and MC use for secure transactions over the internet (based on RSA encryption and the DES-data encryption standard)? |
SET (secure electronic transaction) |
|
|
What controls how logon credentials are exchanged and whether they have to be encrypted? |
Authentication protocols |
|
|
What authentication protocol encrypts username and password and uses a challenge-response dialogue? |
CHAP (Challenge Handshake Authentication Protocol) |
|
|
What authentication protocol has username and password in cleartext and no encryption? |
PAP (Password Authentication Protocol) |
|
|
What authentication protocol is more of a framework than a protocol and allows for customized authentication like smart cards, tokens and biometrics? |
EAP (Extensible Authentication Protocol) |
|
|
What authentication protocol encapsulates EAP (extensible authentication protocol) in a TLS tunnel? |
PEAP (Protected Extensible Authentication Protocol) |
|
|
What authentication protocol is Cisco's proprietary EAP response to the insecure WEP? |
LEAP (Lightweight Extensible Authentication Protocol) |
|
|
What encapsulates audio into IP packets for phone calls over TCP/IP? |
VoIP (voice over Internet Protocol) |
|
|
What is a phreaker? |
Someone who hacks a telecommunications system |
|
|
What colored box (Phreakers attack tool) is a custom built circuit board that attacks voltage lines to steal long distance service? |
Black box |
|
|
What colored box (Phreakers attack tool) simulates tones of coins being deposited into a pay phone? |
Red box |
|
|
What colored box (Phreakers attack tool) simulates 2600Hz tones attacking the telephone network trunk system? |
Blue box |
|
|
What colored box (Phreakers attack tool) controls the phone system with a dual tone multifrequency keypad? |
White box |
|
|
What is SMTP (simple mail transfer protocol)? |
Electronic mail (email) transmission standard |
|
|
What is a SMTP (simple mail transfer protocol) that does not authenticate called? |
Open relay agent |
|
|
What is a standard for authentication and confidentiality via public key encryption and digital signatures of email? |
S/MIME (Secure Multipurpose Internet Mail Extension) |
|
|
What is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail is authorized and has not been modified through verification of domain name identity? |
DKIM (DomainKeys Identified Mail) |
|
|
What is an email encryption mechanism that provides authentication, integrity, confidentiality, and nonrepudation and uses RSA, DES and X.509? |
PEM (Privacy Enhanced Mail) |
|
|
What are the 2 types of messages that can be formed using S/MIME (Secure Multipurpose Internet Mail Extension)? |
Signed and enveloped |
|
|
What email security solution uses MD2 and MD5 algorithms and RSA public key and DES (data encryption standard)? |
MOSS (MIME Object Security Services) |
|
|
What independently developed product is a public-private key system that uses various encryption algorithms to encrypt files and email? |
PGP (pretty good privacy) |
|
|
What 4 things do you need to address when planning your remote access security? |
1. Remote connectivity technology 2. Transmission protection 3. Authentication protection 4. Remote user assistance |
|
|
What dial up protocol is a full duplex transmission of TCP/IP authenticated with CHAP (Challenge Handshake Authentication Protocol) or PAP (Password Authentication Protocol)? |
PPP (point to point protocol) |
|
|
What older dial up protocol is rarely used as it only supports IP? |
SLIP (Serial Line Internet Protocol) |
|
|
What networking protocol is Cisco's response to RADIUS and separates out the authorization functionality from authentication and uses TCP rather than UDP? |
TACACS+ (terminal access controller access- control system plus) |
|
|
True or False. VPNs provide confidentiality and integrity, but do not guarantee availability. |
True |
|
|
What is encapsulating network communication packets called? They are virtual paths between 2 points? |
Tunneling |
|
|
Fill in the blanks. The act of encapsulating involves ____ blank. ____ blank allows you to transport sensitive data across untrusted networks. |
The act of encapsulating involves ENCRYPTION. TUNNELING allows you to transport sensitive data across untrusted networks. |
|
|
What are the 4 common VPN protocols? |
1. PPTP (point to point tunnelling protocol) 2. L2F (layer 2 forwarding protocol) 3. L2TP (layer 2 tunnelling protocol) 4. IPSec (IP security) |
|
|
Of the 4 common VPN protocols, which is the only one with native encryption? |
IPSec |
|
|
Of the 4 common VPN protocols, which ones have native authentication? |
All 4 do |
|
|
Of the 4 common VPN protocols, which one does not support dial up? |
IPSec |
|
|
How many simultaneous connections do the 4 VPN protocols support? |
Single |
|
|
What maps the IP addresses of your internal clients to leased addresses outside your company (saves global address space)? |
NAT (network address translation) |
|
|
What maps internal IP addresses to an external address and port number combination? |
PAT (port address translation) |
|
|
What do you call communication that is broken up into lengths dictated by the protocol and sent across the network? |
Packet switching |
|
|
What is the line between any 2 things where the security requirements differ called? |
Security boundary |
|
|
What is transparency in cybersecurity? |
Security controls that are unseen by users |
|
|
What military term refers to the electromagnetic emissions from computers and related equipment? |
TEMPEST |
|
|
What 2 sub layers exist in Layer 2 of the OSI model, Data Link? |
MAC (media access control) and LLC (logical link control) |
|
|
True or False. TCP (transmission control protocol) is a connection orientated protocol? |
True |
|
|
What is an intranet that has been extended to include external parties? |
Extranet |
|
|
What is a group of IP address ranges under the control of a single Internet entity which assigns a 16 or 32 bit number (ASN) that uniquely identifies someone's network on the internet? |
Autonomous System (AS) |
|
|
What version of IEEE 802.11 is WPA? |
802.11i |
|
|
What GHz does Bluetooth operate at? |
2.4 GHz |
|
|
What are the 3 basic types of firewalls? |
Packet-filtering; circuit-level gateway; application-level gateway |
|
|
What is a packet-switched protocol that handles multiple virtual circuits over WANs? |
Frame Relay |
|
|
What routing protocol creates a list of destinations with metrics including distance and direction, Link-State protocol or Distance-Vector protocol? |
Distance-Vector |
|
|
What type of ISDN is fastest, BRI (basic rate interface) or PRI (primary rate interface)? |
Primary Rate Interface (PRI) |
|
|
Packet filtering firewalls are what generation of firewalls? |
First generation |
|
|
Stateful firewalls are what generation of firewalls? |
Third generation |
|
|
Application layer firewalls are what generation of firewalls? |
Second generation |
|
|
What issue occurs when data transmitted over one set of wires is picked up by another set of wires? |
Crosstalk |
|
|
When you connect your laptop to your tablet, what wireless network mode are you using? |
Ad hoc mode |
|
|
Why is it easy to break WEP in less than 1 minute? |
It relies on a single, predefined shared static key. |
|
|
What is the process of planning and designing a wireless network called? |
Site survey (wireless survey) |
|
|
What network technology is a token passing network that uses a pair of rings with traffic flowing in opposite directions? |
FDDI (fiber distributed data interface) |
|
|
What is the best way to avoid security problems with email attachments? |
Train users and use anti malware |
|
|
What is this? BC-5F-F4-7B-4B-7D |
MAC address that tells the network interface card's manufacturer |
|
|
What is the likely security issue with PBX (private branch exchange) and how do you prevent it? |
Eavesdropping and prevent it with physical security |
|
|
What firewall architecture is simply a private network behind a firewall? |
Single tier |
|
|
What firewall architecture has 3 interfaces? |
Two tier |
|
|
What firewall architecture has multiple subnets separated by firewalls? |
3 tier |
|
|
True or False. A static packet filtering firewall is only aware of what is in the header of the packet such as source, destination and the port it is sent from and headed to. |
True |
|
|
What is the most common challenge for end point security system deployments? |
The volume of data |
|
|
Modern dial up connections use what dial up protocol? |
PPP (point to point) replacing SLIP |
|
|
Circuit level gateway firewalls are what generation? |
Second generation |
