Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

67 Cards in this Set

  • Front
  • Back

Layers of the OSI model






Data link


Application layer device/protocols

User applications







Presentation layer device/protocols





Session layer device/protocol

Logical ports / inter host communication




Transport layer device/protocols





Network layer device/protocols






Data link layer device/protocols







Physical layer device / protocols

Physical characteristics of the hardware -






Layer 1

The physical layer describes the networking hardware, such as electrical signals and network interfaces and cabling.

Layer 2

The data link layer describes data transfer between machines, for instance by an Ethernet.

Layer 3

The network layer describes data transfer between networks, for instance by the Internet Protocol IP.

Layer 4

The transport layer describes data transfer between applications, flow control, and error detection and correction, for instance by TCP.

Layer 5

The session layer describes the handshake between applications, for instance, authentication processes.

Layer 6

The presentation layer describes the presentation of information, such as ASCII syntax

Layer 7

The application layer describes the structure, interpretation, and handling of information. Insecurity terms, it is relevant because it relies on all underlying layers.

The layer in which Ethernet is described in the OSI reference model

Layer 2 data-link layer

Port address translation PAT

An extension to network address translation (NAT) that permits multiple devices on a local area network (LAN) to be map to a single public IP address.


A utility that will attempt to trace the route to the target address over a maximum of 30 hops. As a result, it will tell the user which routes are valid, and where the packets are being dropped, allowing them to quickly diagnose connectivity problems.

Ping scanning

A basic network mapping technique that helps narrow the scope of an attack. An attacker can use one of many tools such as a Very Simple Network Scanner for Windows based platforms NMAP for Linux and Windows based platforms to ping all of the addresses in a range. If the host replies to a ping, than the attacker knows the host exist at the address.

Power over Ethernet PoE

Allows a single cable to provide both data connection and electrical power to devices such as wireless access points or IP cameras.

Virtual Private Network VPN

Extends a private network across a public network such as the Internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network and thus are benefiting from the functionality, security and management policies of the private network.

Virtual local area network VLAN

Any broadcast domain that is partitioned and isolated in a computer network at the data link layer.

Optimal location for network based intrusion detection system

On the network perimeter, to alert the network administrator of all suspicious traffic.

Intrusion detection system IDS

Monitor activity and send alerts when they detect suspicious traffic.

Two types of intrusion detection systems

Host based IDS - which monitor activity on servers and workstations

Network based IDS - monitor network activity

Two parts of a subnet mask

Network ID and host ID

Network ID

Represents the network the device is connected to

Subnet Mask

Only devices in the same subnet mask are able to communicate with other devices on the same subnet

Convert ip-based networks can contain the following devices

Physical security, industrial monitoring, CCTV, voice services, data, television

TCP/IP port filtering

The practice of selectively enabling or disabling the Transmission Control Protocol (TCP) ports and user Datagram Protocol (UDP) ports on computers or network devices.

Content filtering

HTTP proxy is used as a means to implement. Logging or blocking traffic that has been defined as or is assumed to be non business related for some reason.

Devices that should be part of a network's perimeter defense

A firewall

A proxy server

A host-based intrusion detection system(HIDS)

Security perimeter

The first line of protection between trusted and untrusted networks.

Principal security risks of wireless LANs

Lack of physical access control - wireless networks allow users to be mobile while remaining connected to a LAN.

IPv4 routing protocols

RIPvl: (legacy) IGP, distance vector, classful protocol

IGRP: (legacy) IGP, distance vector, classful protocol developed by Cisco

RIPv2: IGP, distance vector, classless protocol

EIGRP: IGP, distance vector, classless protocol developed by Cisco

OSPF: IGP, link-state , classless protocol

IS-IS: IGP, link-state , classless protocol

BGP: EGP, path-vector, classless protocol


Provides mechanisms for authentication and encryption

IP security IPSec

A suite of protocols for communicating securely with IP by providing mechanisms for authenticating an encryption. Authenticates only to hosts with each other


Have to understand a wide variety of different applications and network element (routers/switches) logs and formats; consolidate these logs into a single database and then correlate events looking for clues to unauthorized behaviors that would be otherwise inconclusive isf observed in a single log file.

What is Security Event Management (SEM) service performs

Aggregates logs from security devices and applications servers looking for suspicious activity.

Principal weakness of DNS (Domain Name System)

Lack of authentication of servers and thereby authenticity of records. Authentication services have been delegated upward to higher protocol layers.

Open email relay

A server that forwards email from domains other than the one it serves. Also widely considered a sign of bad system administration.

Principal tool for the distribution of spam

Open email relays


A group of dispersed, compromised machines controlled remotely from illicit reasons.

Bots and botnets

Zombies controlled by ethereal entities from the dark places on the internet

WPA2 ( Wi-Fi Protected Access 2)

Security technology commonly used on Wi-Fi wireless networks. Replace the original WPA technology on all certified Wi-Fi hardware since 2006 and is based on the IEEE 802.11i technology standard for data encryption.

Disabling the SSID will

Further enhances the security of the solution, as it requires a user that wants to connect to the WAP to have the exact _______ as opposed to selecting it from a list.


Requires two twisted pair so it is deployed primarily for PBX network connections, digital loop carrier systems, interchange POPs, Internet servers, and private data networks.

Operating range of HDSL

Limited to 12,000 feet so signal repeaters are installed to extend the service

DSL (digital subscriber line) methods

ADSL- Asymmetric digital subscriber line - downstream transmission rates are much greater than upstream one typically 256 or 512 kbps downstream and 64 kbps upstream

RADSL- Rate adaptive DSL - the upstream transmission rate is automatically tuned based on the quality of the line

SDSL - Symmetric digital subscriber line - uses the same rates for upstream and downstream transmissions what are you doing

VDSL - Very high bitrate DSL- supports much higher transmission rates than other DSL technologies, such as 13 mbps downstream and 2 megabytes per second upstream

Fiber cable

Relies on light. Electromagnetic and source power based distortions do not affect it.

Media types that rely on electromagnetic principles to operate and are therefore susceptible to electromagnetic interference

Coax cable


Shielded twisted pair

Media types that rely on electromagnetic principles to operate and are therefore susceptible to electromagnetic interference

Coax cable


Shielded twisted pair

Coaxial cable (or simply coax)

Uses one thick conductor that is surrounded by a grounding braid of wire. A non-conducting layer is placed between the two layers to insulate them. The entire cable is placed within a protective sheath.

Disadvantages of coaxial cable

Is expensive, and is difficult to bend during installation.

Thicker than the twisted pair and therefore can support greater bandwidth and longer cable length

Coax cable


On coax cable ____ makes it harder for an intruder to monitor the signal with antenna or install a tap.

Protects coax cable from electrical interference such as EMI and RFI

Superior insulation

UTP unshielded twisted pair

The most common cable type. Is inexpensive and can be easily bent during installation. Risks of drawbacks does not justify more expensive cables.

STP - Shielded twisted pair

Pairs of insulated twisted copper are in close in a protective jacket. Uses an electronically grounded shield to protect signal. The shield surrounds each of the twisted pairs in the cable, surround the bundle of twisted pairs, or both. Disadvantages over UTP = more expensive and is bulkier and hard to bend during installation

Multi layer protocols such as Modbus

Are often insecure by their very nature as they are not designed to natively operate over today is IP networks. Often used in industrial control systems.

Packet switched technologies include

X. 25

Link access / procedure balanced LAPB

Frame Relay

Switched multi megabyte data services SMDS

Asynchronous transfer mode ATM

Voice over IP VoIP

Generation 1 firewalls

Static packet filter

Stateful Packet Inspection

Second-generation firewalls

Proxy services


A system designed to prevent unauthorized access to or from a private network.

Third-generation firewalls, firewalls evolved, next generation firewalls

Stateful multilevel inspection, screen see entire packet, OSI layers 2 through 7, rapidly compares each packet to known bit patterns of friendly packets before deciding whether to pass the traffic. Coupled with or integrated into intrusion detection system IDS, SMLI offers the first glimpse of this new definition of firewall.

If the communication mode is gateway-gateway or host-gateway

Encapsulating security payload (ESP) authentication must be used


A LAN transmission protocol