Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
37 Cards in this Set
- Front
- Back
|
• Dual-homed firewalls can be compromised if the operating system does not
have packet forwarding or routing disabled. |
• A protocol is a set of rules that dictates how computers communicate over
networks. |
|
|
• The application layer, layer 7, has services and protocols required by the user’s
applications for networking functionality. |
• The presentation layer, layer 6, formats data into a standardized format and
deals with the syntax of the data, not the meaning. |
|
|
• Routers work at the network layer, layer 3.
|
• The session layer, layer 5, sets up, maintains, and breaks down the dialog
(session) between two applications. It controls the dialog organization and synchronization. |
|
|
• The transport layer, layer 4, provides end-to-end transmissions.
|
• The network layer, layer 3, provides routing, addressing, and fragmentation
of packets. This layer can determine alternative routes to avoid network congestion. |
|
|
• The data link layer, layer 2, prepares data for the network medium by framing
it. This is where the different LAN and WAN technologies live. |
• The physical layer, layer 1, provides physical connections for transmission and
performs the electrical encoding of data. This layer transforms bits to electrical signals. |
|
|
• TCP/IP is a suite of protocols that is the de facto standard for transmitting data
across the Internet. TCP is a reliable, connection-oriented protocol, while IP is an unreliable, connectionless protocol. |
• Data are encapsulated as they travel down the OSI model on the source
computer, and the process is reversed on the destination computer. During encapsulation, each layer adds its own information so the corresponding layer on the destination computer knows how to process the data. |
|
|
• The data link layer defines how the physical layer transmits the network layer
packets. ARP and RARP are two protocols at this layer. |
• Two main protocols at the transport layer are TCP and UDP.
|
|
|
• UDP is a connectionless protocol that does not send or receive
acknowledgments when a datagram is received. It does not ensure data arrives at its destination. It provides “best-effort” delivery. |
• TCP is a connection-oriented protocol that sends and receives
acknowledgments. It ensures data arrives at its destination. |
|
|
• ARP translates the IP address into a MAC address (physical Ethernet address),
while RARP translates a MAC address into an IP address. |
• ICMP works at the network layer and informs hosts, routers, and devices of
network or computer problems. It is the major component of the ping utility. |
|
|
• DNS resolves hostnames into IP addresses and has distributed databases all
over the Internet to provide name resolution. |
• Altering an ARP table so an IP address is mapped to a different MAC address
is called ARP poisoning and can redirect traffic to an attacker’s computer or an unattended system. |
|
|
• Packet filtering (screening routers) is accomplished by ACLs and is a firstgeneration
firewall. Traffic can be filtered by addresses, ports, and protocol types. |
• Tunneling protocols move frames from one network to another by placing
them inside of routable encapsulated frames. |
|
|
• Packet filtering provides application independence, high performance, and
scalability, but it provides low security and no protection above the network layer. |
• Firewalls that use proxies transfer an isolated copy of each approved packet
from one network to another network. |
|
|
• An application proxy requires a proxy for each approved service and can
understand and make access decisions on the protocols used and the commands within those protocols. |
• Circuit-level firewalls also use proxies but at a lower layer. Circuit-level
firewalls do not look as deep within the packet as application proxies do. |
|
|
• A proxy firewall is the middleman in communication. It does not allow
anyone to connect directly to a protected host within the internal network. Proxy firewalls are second-generation firewalls. |
• Application proxy firewalls provide good security and have full applicationlayer
awareness, but they have poor performance, limited application support, and poor scalability. |
|
|
• Stateful inspection keeps track of each communication session. It must
maintain a state table that contains data about each connection. It is a thirdgeneration firewall. |
• VPN uses tunneling protocols and encryption to provide a secure network link
between two networks or hosts. A private and secure connection can be made across an unsecure network. |
|
|
• VPN can use PPTP, L2TP, or IPSec as a tunneling protocol.
|
• PPTP works at the data link layer. IPSec works at the network layer and can
handle multiple tunnels at the same time. |
|
|
• Dedicated links are usually the most expensive type of WAN connectivity
method because the fee is based on the distance between the two destinations rather than on the amount of bandwidth used. T1 and T3 are examples of dedicated links. |
• Frame relay and X.25 are packet-switched WAN technologies that use virtual
circuits instead of dedicated ones. |
|
|
• A hub (concentrator) in star topologies serves as the central meeting place for
all cables from computers and devices. |
• A bridge divides networks into more controllable segments to ensure more
efficient use of bandwidth. Bridges work at the data link layer and understand MAC addresses, not IP addresses. |
|
|
• A switch is a device with combined repeater and bridge technology. It works at
the data link layer and understands MAC addresses. |
• Routers link two or more network segments, where each segment can function
as an independent network. A router works at the network layer, works with IP addresses, and has more network knowledge than bridges, switches, or repeaters. |
|
|
• A bridge filters by MAC addresses and forwards broadcast traffic. A router
filters by IP addresses and does not forward broadcast traffic. |
• Layer 3 switching combines switching and routing technology.
|
|
|
• Attenuation is the loss of signal strength when a cable exceeds its maximum
length. |
• STP and UTP are twisted-pair cabling types that are the most popular, cheapest,
and easiest to work with. However, they are the easiest to tap into, have crosstalk issues, and are vulnerable to electromagnetic interference (EMI). |
|
|
• Coaxial cable is more expensive than UTP and STP, is more resistant to EMI,
and can carry baseband and broadband technologies. |
• Fiber-optic cabling carries data as light waves, is expensive, can transmit data
at high speeds, is difficult to tap into, and is resistant to EMI. If security is extremely important, fiber cabling should be used. |
|
|
• ATM transfers data in fixed cells, is a WAN technology, and transmits data at
very high rates. It supports voice, data, and video applications. |
• FDDI is a LAN and MAN technology, usually used for backbones, that uses
token-passing technology and has redundant rings in case the primary ring goes down. |
|
|
• Ethernet, 802.3, is the most commonly used LAN implementation today and
can operate at 10 to 1,000 Mbps. |
• Token Ring, 802.5, is an older LAN implementation that uses a token-passing
technology. |
|
|
• Ethernet uses CSMA/CD, which means all computers compete for the shared
network cable, listen to learn when they can transmit data, and are susceptible to data collisions. |
• Circuit-switching technologies set up a circuit that will be used during a data
transmission session. Packet-switching technologies do not set up circuits— instead, packets can travel along many different routes to arrive at the same destination. |
|
|
• A permanent virtual circuit (PVC) is programmed into WAN devices, whereas
a switched virtual circuit (SVC) is temporary. SVCs are set up and then torn down quickly when no longer needed. |
• CSU/DSU is used when a LAN device needs to communicate with WAN
devices. It ensures the necessary electrical signaling and format are used. It interfaces between a DTE and a DCE. |
|
|
• ISDN has a BRI rate that uses two B channels and one D channel, and a PRI
rate that uses up to 23 B channels. They support voice, data, and video. |
• Frame relay is a WAN protocol that works at the data link layer and performs
packet switching. It is an economical choice because the fee is based on bandwidth usage. |
|
|
• PPP is an encapsulation protocol for telecommunication connections. It replaced
SLIP and is ideal for connecting different types of devices over serial lines. |
• DSL transmits high-speed bandwidth over existing phone lines.
|
|
|
• Remote access servers can be configured to call back remote users, but this can
be compromised by enabling call forwarding. |
• PAP sends credentials in cleartext, and CHAP authenticates using a challenge/
response mechanism and therefore does not send passwords over the network. |
|
|
• SOCKS is a proxy-based firewall solution. It is a circuit-based proxy firewall
and does not use application-based proxies. |
• IPSec tunnel mode protects the payload and header information of a packet,
while IPSec transport mode protects only the payload. |
|
|
• A screened-host firewall lies between the perimeter router and the LAN.
|
• A screened subnet is a DMZ created by two physical firewalls.
|
|
|
• NAT is used when companies do not want systems to know internal hosts’
addresses, and it enables companies to use private, nonroutable IP addresses. |
• The 802.11 standard is a WLAN technology and has several variations—
802.11a, 802.11b, 802.11f, 802.11g, and 802.11i. |
|
|
• The 802.15 standard outlines wireless personal area network (WPAN)
technologies, and 802.16 addresses wireless MAN technologies. |
• WAP is a protocol stack used instead of TCP/IP on wireless devices.
|
|
|
• Environments can be segmented into different WLANs by using different SSIDs.
|
• The 802.11b standard works in the 2.4GHz range at 11 Mbps, and 802.11a
works in the 5GHz range at 54 Mbps. |
|
|
• IPv4 uses 32 bits for its addresses, whereas IPv6 uses 128 bits; thus, IPv6
provides more possible addresses with which to work. |
• Subnetting allows large IP ranges to be divided into smaller, logical and easier
to maintain network segments. |
|
|
• SIP (Session Initiation Protocol) is a signaling protocol widely used for VoIP
communications sessions. |
• A new variant to the traditional e-mail spam has emerged on VoIP networks,
commonly known as SPIT (Spam over Internet Telephony). |
|
|
• Open relay is a SMTP server that is configured in such a way that it can
transmit e-mail messages from any source to any destination. |
• Open relay is a SMTP server that is configured in such a way that it can
transmit e-mail messages from any source to any destination. |
