• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/195

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

195 Cards in this Set

  • Front
  • Back
  • 3rd side (hint)

What is the DORA cycle, and what does DORA stand for?

It is a suqeunce that supplies and IP address to a network client.


- Discover Offer Request Ack

What is an asynchronous server/client relationship?

The server waits for communication from clients.

What is a socket in networking terms?

It is the end point and start point of communication

How do sockets communicate?

They create a virtual curcuit on physical networking hardware

What protocols will a file transfer client like FileZilla implement?

FTP and SFTP

What protocols will a mail client like Thunderbird implement?

SMTP, MAPI or IMAP

What did Telnet enable computers to do?

Processes to be shared amongst users

What port does Telnet listen to?

Port 23

What are some of the main issues with Telnet?

- No authentication system


- Messages are not encrypted


- Susceptable to Man In The Middle attacks

What are the main protocols associated with Telnet?

- HTTP


- FTP


- SMTP

What does HTTP stand for?

HyperText Transfer Protocol

What is the main purpose of HTTP?

Transportation of web messages

What underlying protocol does HTTP use to send messages?

TCP/IP

What does stateless mean in terms of HTTP?

A request is processed and HTTP forgets the cleint again, preventing backtracking.

What type of data does HTTP transfer?

HTML web page content

What is the major difference between HTTP 1.0 and 1.1?

1.1 Keeps the conenction to the server open via pipelining, maintaining a persistent connection until all files are downloaded

What is the major difference between HTTP 1.1 and 2.0?

2.0 Uses push technology: Receives page along with associated files based on the request, even if they are not required.

What is the mian benefit of the pipelining persistent connection in HTTP 1.1?

Takes less time and processing power to complete a request.

What are the 2 main fields in an HTTP request header?

- GET (Version of HTTP required)


- Host: (name of site)

What do the main fields of an HTTP response header indicate?

- Acknowledgement of HTTP version being correct


- Confirmation of host domain, server name & version

What does the user-agent HTTP request header field specify?

Specifices details about the client system, such as OS, Web Client etc.

What does the MIME request header field define in HTTP request headers & what does MIME stand for?

Defines the file types that are acceptable for attachment in an email.


- Multipurpose Internet Mail Extensions

What does the Accept-language HTTP request header field specify?

Acceptable language, as set in the clients web client (web browser)

What does the Accept-encoding HTTP request header field specify?

Encryption used for the web page

What does the Accept-charset HTTP request header field specify?

Accepted character set

What does the Keep-alive HTTP request header field specify?

- Timeout in seconds for connection


- How long the web server should wait for subsequent requests nefore timing out.

What does the Connection HTTP request header field specify?

Persistent connections

What is the status code for the HTTP version being correct in an HTTP response header?

200

What does the Set-cookie HTTP response header field set?

The session cookie

What does the Transfer-encoding HTTP response header field replace?

- Replaces content-length from the request header.

What does the Content-type HTTP response header field indicate?

MIME type

What are the 8 methods for an HTTP request?

1) Options


2) Get


3) Head


4) Post


5) Put


6) Delete


7) Trace


8) Connect

What are the safe methods of HTTP request and why are they deemed safe?

Get & Head, as they only retrieve data

What are the unsafe methods of HTTP request and why are they deemed unsafe?

Post, Put & Delete:


- Post updates the server database


- Put - 'puts' file to server (can insert malware)


- Delete - Deletes file off server (dangerous for obvious reasons)

What is the main function of the Trace HTTP request method & why is it potentially dangerous?

- Debugging tool


- It displays information about the server to the client, (useful information for bad guys)

What does the 100 series of Status Codes indicate?

Information, e.g. Request recevied, continuing process, confirmations etc.

What does the 200 series of Status Codes indiciate?

Success, request was received, understood and processed. (an ack for web page requests)

What does the 300 series of Status Codes indicate?

Redirection, if a site has had a domain name change temporarily or permanently.

What does the 400 series of Status Codes indicate?

Client error, client has made a request that is invalid, or that they are not authorised to make (colloquially known as PEBCAK, lol)

What does the 500 series of Status Codes indicate?

Server error, server failed to fulfill a valid request, ussually a server crash.

How does an X.509 certificate request work?

- A key pair is generated, one public, one private


- Private key is kept private


- The public key is used to match the private key when a client requests verification of the signature of the requested certificate.

What is SSL & what does it stand for?

An encrypted tunnel between the client and server.


- Secure Socket Layer

Where does the SSL sit?

Between the application and presentation/network layers.

What is the Diffie-Helman Exchange method used for?

- Exchanging cryptographic keys


- Allows 2 parties that have no prior knowledge of each other to communicate with each other securely


- Sharing of keys between 2 or more parties.

What are the main objectives of SSL?

- Authenticating server and clients to each other


- Ensure data integrity and privacy


- Paves the way for a secure communication tunnel

Explain the first part of the SSL communication process.

1) Client hello


2) Server hello


3) Server sends certificate, key exchange and requests clients certificate


4) Server done

This is the server part of the process

Explain the second part of the SSL communication process.

1) Client sends certificate, verification and completes key exchange


2) Change cipher spec


3) Client done


4) Server changes cipher spec

This is the client side of the process, the server finishes it.

What happens during the change cipher spec part of SSL & why is this done?

Server and Client stop and re-negotiate the encryption.


- This is to avoid someone slowly cracking the encryption

What are the 2 layers of SSL architecture?

1) Data security


2) Establish connection

What is the purpose of the SSL record protocol?

- Encrypts messages passed thorugh it


- Breaks messages into chunks


- Define data transmit format

What is the method of the SSL connection protocol?

Server/client hash generated from clients MAC address, and then matched with the hash that the server has on record.

What is the purpose of the SSL handshake protocol?

Allow client and server to select cyptographics algorithms and to establish encypted SSL connection.

What is the purpose of the SSL connection algorithm?

Logical server/client link


- P2P connection through 2 network nodes

Maps the path accross the network

What is the purpose of the SSL session protocol?

Associate client and server and define parameters such as algorithms and session numbers

What are the parameters of the SSL session protocol?

- Session ID


- Peer certificate


- Compression method


- Algorithm spec

What are the parameters of the SSL connection protocol?

- Server and client random


- Server/client write MAC secret


- Server/client write key


- Sequence number

What is the purpose of the SSL alert protocol?

Handling of errors

What size chunks does the SSL record protocol break up messages into?

16Kb chunks

What are the 2 main hash algorithms used to calculate MAC hash?

- MD5


- SHA-1

What formula is used to determine MAC hash?

MAC = Hash function [secret key, primary data, padding, seq no.]

How does MAC creation verify data integirty when data reaches its destination?

- MAC is calculated by client through write MAC secret


- Server will perform the same calculation and a matching result certifies integrity

What are the main issues with SSL?

- Susceptible to Man In The Middle attacks.


- Proxy servers unencrypt data which makes it readable

What happens during a certificate exchange?

- Server sends certificate to client


- Client authenticates certificate form certification body for the server.

What is TLS and what does it stand for?

It is a replacement/update to SSL


- Transport Layer Security

What is the main purpose of HTTPS?

- Browser requests a secure page form site

What are 4 the stages of HTTPS?

1) Browser request


2) Server sends public key and certificate


3) Browser uses public key to encyrpt some data and sends


4) Server decrypts using public and private key

Who are certificate authorities?

Buisinesses mostly

Why are certificate authorities needed?

They provide authenticated web browsing

Are certificate authorities secure?

Mostly, some are run by nefarious groups

What are the alternatives to certificate authorities?

- Having your own certificate


- Groups of CA's authenticate certificates, instead of just one.

What is the primary function of web servers?

- Deliver web pages


- Deal with uploads and downloads


- Support website languages like PHP and RUBY

What are web servers emmbedded in devices collectivley known as?

Internet Of Things (IOT)

E.g. Printers, Routers, Smart Fridges/lights

What is virtual hosting on web servers?

Serving many web sites using one IP address

What does a URL do and what does it stand for?

Requests a web server, and maps to physical path to a web server


- Uniform Request Link

What is bandwidth throttling?

Limitation of the speed of responses to prevent network saturation.

What is server-side scripting?

The generation of dynamic web pages

What are the main features of kernel mode web servers?

- Ussually work faster


- Can dierctly use all hardware resources available for its needs

What are the main features of user-mode web servers?

- Have to request permission to use more memory or CPU

What is caching on a web server?

Store most popularly accessed web pages on a faster, more reliable server.

What do the load limits on a web server allow control over?

- Number of concurrent client connections


- HTTP request type


- Static or dynamic content


- Cached content


- Hardware and software limits

What techniques can be used to stop overloading of web servers?

- Network traffic management


- Different domain names for different content


- Multiple web servers per host


- More hardware resources

What are the bottlenecks associated with web server HDD access?

- Disk latency


- Database requests

What are the bottlenecks associated with web server CPU access?

- Unoptimised code for processor


- Uncompressed output

What does a caching policy for a web server determine?

Which resources should and shouldnt be cached, and for how long.

What are some hardware configurations that can optimise a web servers performance?

- Maxmise RAM capactiy


- RAID HDD


- Fast HDD/SSD


- Multiple NIC's


- Fast CPU

What are the main web server daemons?

- Apache


- IIS


- Nginx


- Google

What 2 ports does an FTP server use, and what does it use each of these for?

- Port 20 for data


- Port 21 for commands

What are the 4 stages of an FTP client/server hadnshake?

1) Client tells server on port 21 the clients second port num.


2) Server acks


3) Server opens data channel to clients second port


4) Client acks

What is active mode FTP? What is the issue when there is a firewall involved?

A client creates a TCP control connection.


- Firewall blocks connection beacuse the server uses a different port than the initial conection.

What is passive mode FTP? How does it resolve the issue of firewall blocking?

Client sends a PASV command to state that it will create the connection.


- Server remains passive, and allows the client to initiate the second port connection

How is different data represented in FTP?

1) ASCII mode


2) Image mode


3) EBCDIC mode


4) Local mode

1) Text


2) Image


3) IBM Text


4) Identical machines in proprietary format

What are the 3 data transfer modes in FTP?

1) Stream mode


2) Block mode


3) Compressed mode

1) Data sent in continuous STREAM


2) Breaks data into several chunks


3) Data is COMPRESSED using algorithm

What is FTP normal authentication?

Username and password login

USER & PASS commands

What is FTP anonymous authentication?

Login with valid email address


- Often used for serve software software updates

What are the main vulnerabilities of FTP?

- Brute force attacks


- Bounce attacks


- Packet capturing


- Port stealing


- Spoofing

What are the unique features of FTPS?

- Secure transmission


- Encrypts username and pass


- Encypts actual content


- Uses SSL/TLS

What are the unique features of explicit FTPS?

- Clients can request encyption of FTP session


- Server can deny connection requests that do not ask for TLS

What are the unique features of Implicit FTPS?

- Uses different ports to standard FTP


- Requires use of SSL or TLS

What are the unique features of SFTP?

- Uses SSH Shell


- Encrypts both commands and data


Can an SFTP client communicate with an FTP client?

No

What are the unique features of TFTP & what does it stand for?

- Uses UDP instead of TCP conection on port 69


- Fixed block size


- Stop and wait protocol


- Trivial File Transfer Protocol

What are the disadvantages of TFTP?

- Has to supply its own transport and session support


- Each file transferred is an indpendant exchange


- Low throughput


- No authentication

Is the email service a guaranteed service?

No


What model of transport does email use?

Store and forward model

What are the 4 stages of SMTP email transfer?

1) Email sent to target mailserver


2) Mail server forwards email to the destination mail server.


3) Mail is sent incoming mail server on the receiving end


4) Receiving client fethces mail from incoming mail server.

What does the sending mail server use to determine the destination receiving server?

Mail Exchange record or MX record

What format are multi-media attatchments sent in?

MIME format

What is an MTA and what does it do?

- Mail Transfer Agent


Sends and receives messages

What is an MUA and what does it do?

- Mail User Agent


Software used to read and process messages

What does SMTP stand for?

Simple Mail Transfer Protocol

What does the header of an SMTP message typically contain?

- From


- To


- CC


- Subject


- Date

What does the body of an SMTP message typically contain?

Basic content


- Text


- Signature blocks


- HTML

What fields must be included in an SMTP message header?

From & Date

What fields are optional, but are recommended for SMTP message headers?

- Message-ID


- In-reply_To

What information does SMTP trace show?

- Received


- Return path


- Authentication-Results


- Received-SPF


- Auto-submitted


- VBR-Info

What is the purpose of SPF (Super Policy Framework) in SMTP?

Prevents spam

What is the purpose of VBR (Vouch by Reference) in SMTP?

avoid spam filtering

What is the strucutre designed for SMTP message bodies?

- 8-bit ASCII


- Plain text

What does POP3 do and what does it stand for?

Downloads messages form incoming mail server and onto client device, then deletes message form receiving server.


- Post Office Protocol 3

What does IMAP do and what does it stand for?

Users account accesses mail folders on IMAP mail server, reading device requests message downloads, IMAP backs up mail


- Internet Message Access Protocol

What does MAPI do and what does it stand for?

Allows complete control over messaging system on client device. Create and manange mesages on client


- Messaging Application Programming Interface

How does Web-Mail work?

Web browser based interface


Allows for creation of messages from 3rd party applications via MAPI

What are the main vulnerabilities with email?

- Infected emails can be opened without realisation of their malicious intent


- Servers can crash


- No encryption as standard

What is the primary function of web clients and what are they more commonly known as?

Retrieving, presenting and traversing information resources on the web


- Web Browsers

How are information resources identified to a web client?

Uniform Resource Locator (URL)

Name some modern web clients

Any of:


- Google chrome


- Mozilla firefox


- Internet Explorer


- Opera


- Safari

What protocols do web clients support?

- HTTP & HTTPS


- FTP & SFTP


- FILE


- MAILTO


as well as others

What 2 HTTP methods do web clients implement?

GET & POST

What are the 7 components of a web browser/client?

- UI


- Layout engine


- Rendering engine


- JavaScript interpreter


- UI backend


- Networking component


- Data persistence component

What is DOM in web browsers?

Cross-platform and language-independant convetion for representing and interacting with objects.

How is DOM structured in web browsers?

Tree structure, with the top node being the Document or Object being interacted with

What is CSS in web browers?

Cascading Style Sheet:


Provides technical specs for layout of a page, the style setting 'cascade' to the lowest node in the DOM tree.

Relates to DOM

What is JavaScript in relation to web browsers/clients?

Object based interpreted language. Runs client side scripts to interact with the user or control the browser in some way.

What do the JS libraries allow in terms of other web languages?

It facilitates easy integration with other laguages such as RUBY, PHP, CSS etc.

What setting or steps can be taken to implement stronger security and privacy in browsers?

- Privacy setting in browser


- Add-ons to browser e.g. Ghostery


- Search tools


- Use of anonymous browser such as TOR.

What is the purpose of DHCP?

Dynamic allocation of IP addresses to clients.

How is DHCP implemented?

- Central DHCP server facilitates DHCP to expanding network


- DHCP server manages a 'pool' of IP addresses


- Leases IP addresses to clients

Do a client and a DHCP server need to be on the same subnet?

Yes

What is dynamic IP allocation?

- DHCP server allocates IP addresses sequentially


- When lease expires, IP address is leased to another machine

What is automatic IP allocation?

- Server keeps a list of MAC addresses


- Server will allocate IP based on the MAC in the discover message


- Server allocates the same IP address that the MAC address had in a previous session, if that IP address is available.

What is automatic IP allocation also known as?

Conservative allocation

What is static IP allocation?

- Pre-determined MAC addresses are given pre-determined IP addresses.

What type of connection and port numbers does DHCP use?

- Uses UDP connection


- Port 67 for sending data to server


- Port 68 for sending data to client

TCP or UDP?

Are DHCP communications stateless?

Yes

What are the 4 stages of DHCP DORA?

- Discover


- Offer


- Request


- Ack

What happens during a DHCP discover?

- Client broadcasts discover message to 255.255.255.255


- Client can request its last-known IP address

What is special about the 255.255.255.255 destination?

It is a universal broadcast address that all network cards will listen on.

What happens during a DHCP offer?

- Server receives a discover message on 255.255.255.255


- Server reserves an IP for the client based on its config


- Offers the IP and lease to client

What happens during a DHCP request?

- Client receives a lease and IP address from DHCP server


- Client requests IP and lease from DHCP server


- Tells other DHCP serves to stop

What happens during a DHCP ack?

- Server recevies request from client


- Server sends ack to client


- Lease begins


- NIC config to requested setting

Why does DHCP use UDP instead of TCP?

- DHCP messages are short and can fit in a single UDP packet


- TCP creates tree packets to establish connection, therefore it is inefficient

What is vendor identification and why is it used in DHCP?

Identifies the vendor of the NIC of the client


- It allows the server to check that the IP addressed is being assigend to the correct device

Why does DHCP breach confidentiality?

DHCP server logs every connection made


- This means that someone can read the log and detect which device is connected at any given time or previous time.

What methods are used to increase the reliability of DHCP?

- At 50% lease time the client requests a new IP address


- Client broadcasts a new discover if the DHCP server doesnt respond to IP address request before its lease runs out

What are the main security shortcomings of DHCP?

- Uses no authentication


- Unauthorised DHCP server can provide IP addresses to clients


- Vice versa with clients


- Malicious DHCP clients exhaust resources of server

What are the 6 main fields of a dhcp.conf file?

- domain-name


- domain-name-servers


- option-routers


- default-lease-time


- subnet netmask


- arrange

What do the dest addr and src addr section of an ethernet frame contain?

- Destination adn Source MAC addresses of the frame

What is the size and life-span of an ethernet frame?

- 1500 byte payload + 24 bytes preamble = 1524 bytes


- Last for a single hop accross nodes.

What does the ARP protocol do and what does it stand for?

Reolution of network layer addresses to link layer addresses


- Address Resolution Protocol

What is the packet structure of an ARP packet?

Contains one address resultion request or response

What is a router?

A device that forwards data packets between computer networks

How does a router route packets accross a network?

- Reads address information of incoming packets


- Uses routing table or policy to determine output connection

What are the 4 types of router?

- Access


- Distribution


- Security


- Core

What does forwarding do in terms of routing?

- Minimizes state information associated with individual packets


- Makes descisions on best route

What does a routing algorithm determine?

Determines the best path:


- Prefix-length


- Metric


- Administrative distance

What are the unique features of an access router?

- Typically one outgoing connection


- Wired and wireless connnection

What are the unique features of a distribution router?

- Half a dozen ins and outs


- Usually quite capable computers

What are the unique features of a security router?

- Firewall machines


- Filter inputs


- Preventing DDoS


- Packet re-direction


- Dumping excess packets in high traffic

What are the unique features of core routers?

- Works as a type of mesh router


- Same network, multiple access points

What is the semantic of Unicast?

- Talks to one node, and no other

What is the semantic of Broadcast?

- Listens to all nodes

What is the semantic of Multicast?

- Willl listen to all nodes that have paid to be listened to

What is the semantic of Anycast?

- Has a range of servers available to it, it will communicate with just one of them

What is the semantic of Geocast?

- Listens and talks to nodes in a geographical area,

What are the 2 adaptive routing algorithms?

- RIP


- OSPF

What is the distance vector in routing?

- Costing in time between nodes

What is the link state in routing?

- A map of the network, each node contains as much info about the network around it as it can

What do route analytics determine?

Which protocol is the best.

What is static routing?

Manually entering routes into the routing table

What is dynamic routing?

- Router learns the netwrok destinations


- Can share knowledge with other routers

What is DNS and what does it stand for?

- Hierachical distributed naming system for internet/intranet


- Maps domain names to IP addresses


- Domain Name Service

What is a name server and what does it know?

It is a server which has knowledge of which IP addresses belong to which domain names

What is an authoritative name server?

It is a name server responsible for its own domains

Do DNS servers have to respond to all queries?

Yes

What are the elements of DNS syntax?

- Each domain is known as a label


- Maxmimum of 127 labels


- Characters are LDS (alphanumeric with -'s and .'s)

How is the domain name space strucuted?

- As a tree of domain names


- Each node in the tree has 0 or more resource records


- Tree divides into zones starting with the root zone

How does the address resolution mechanism function in DNS servers?

- example.org is request sent by browser to the root of the .org DNS server


- Root name server then indicates which IP address the .org is at


- Browser then makes request for example from .org server


- the process repeats until domain name is resolved

What is a Wildcard DNS record?

Specifies that anything with a given domain name will go to a specific address

What are the common security issues with DNS?

- Access to DNS server can allow change of IP resolution


- Not signed responses, plain text


- Cache poisoning

Who administers and sells domain names to people?

Registrars

Who accredits the domain name registrars?

ICANN

What does the WHOIS protocol do in DNS?

Reverse lookup


- It can show who the domain is registered to.

What is DNS cache poisoning?

- DNS server cache is 'poisoned' with false IP address resolutions for a specific domain name


- If this is an authoritative DNS serer, all sub DNS servers copy it, thus the 'poison' spreads

Wat port does DNS listen on?

Port 53

What port does Telnet listen to?

Port 23