Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
85 Cards in this Set
- Front
- Back
What is the payload called in each layer of the OSI model? |
7 Application : Data 6 Presentation : Data 5 Session : Data 4 Transport : Segment 3 Network : Packet 2 Data link : Frame 1 Physical: Bit |
|
Layer 1 |
Physical layer: only sends the signal physically over a medium. |
|
Names of the layers in the OSI model |
All People Seem To Need Data Processing. 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data link 1 Physical People don’t need to see P A |
|
The least secure cable |
Twisted pair |
|
Most secure cable |
Fiber optic cable |
|
Different ways to connect computers |
Bus, ring (connected in a ring), star (all connected to a centralized unit), mesh (a full graph). Star is used today. |
|
Hub |
Sends all data out all ports |
|
Modem |
Converts digital to analog and back |
|
Wireless access point |
Provides wireless devices a point of connection to the wired network. |
|
Layer 2 |
Data link layer LLC logical link control - error detection MAC media access control - Physical (uses ARP/RARP and MAC) |
|
ARP and RARP |
Address resolution protocol and reverse address resolution protocol. Converts IP to a MAC address. Between layer 2 and 3. (Mostly 2) |
|
Media access control |
CSMA/CD carrier multiple access with collision detection (IEEE standard) 802.3 Ethernet. If collision send again. CSMA/CA carrier multiple access with collision avoidance (IEEE standard) 802.3 wireless. Signal when you want to communicate. Token Passing: a token is passed around. Only the system with the token can transmit data hence no collisions. |
|
Switch |
Layer 2. Uses Mac addresses to direct traffic Isolated traffic into collision domain Does not isolate broadcast traffic |
|
Router |
Layer 3 Expensive Isolate traffic into broadcast domains Uses IP addressing to direct traffic |
|
VLAN |
Necessary to get broadcast isolation in a switch Not all switches support vlan A layer 2 switch doesn’t understand layer 3 up addressing. A layer 3 switch is necessary for inter-vlan communication |
|
Layer 3 protocols |
All protocols that starts with I except IMAP IP, ICMP (IP “helpers, like ping), IGMP (internet group message protocol), IGRP, IPSEC, IKE, ISAKMP |
|
ICMP |
IP helper, echo utilities like ping Frequently exploited Loki, ping of death, ping floods, smurf. |
|
LOKI attack |
Sending data in ICMP header |
|
SMURF |
Distributed denial of service. Send ping but spoof source address s.t. It responds somewhere else. |
|
FRAGLE(?) attack |
Like SMURf attack but uses the UDP protocol |
|
Layer 4 |
Transport layer. End to end data transport Establish connection between 2 computer systems |
|
Layer 4 protocols |
SSL/TLS TCP UDP |
|
TCP |
3hand handshake Slow but guarantee delivery Syn (can I send) Syn/ack (yes you can send) ack (I will send) |
|
UDP |
Connection less Unreliable No hansdshake Desirable when real time transfer is essential - media streaming - FTP uses TCP - TFTP uses UDP |
|
Layer 5 |
Session layer. Connection between applications (same or different pc) Create connection, transfer data, release connection. |
|
Layer 6 |
Present data in format that all computers understands (Formatting, encryption, compression). Does not have protocols |
|
Layer 7 |
Application layer Way of sending data Non-repudiation Certificates Application proxies Content inspection |
|
Layer 7 protocols |
Http, https, ftp, tftp, smtp, snmp, imap, pop3 |
|
TCP/IP model |
Application layer (application and representation) Host to host / transport layer (session and transport) Internetwork (Network) Network access and Network interface (Data link and Physical) |
|
Virus |
Malicious code. Needs a host and action from user. |
|
Worm |
Virus but does not need a host or action = Selfreplicating |
|
Logic bomb |
Malicious code that lays dormant until local event occurs |
|
Trojan horse |
Program masquerades as another. |
|
Back door program |
Allows administrative access to a system that bypass normal security controls. |
|
Salami |
Many small attacks that adds up to a large attack. |
|
Data diddling |
Altering/manipulating data usually before entry. |
|
Session hijacking |
Hijacker between two hosts. Monitors the exchange or disconnects one. |
|
Sniffing |
Capturing and viewing packets with protocol analyser |
|
Wardialing |
Attack on a RAS (remote access server) where the attacker tries to find the phone number that accepts calls. |
|
Cross site request forgery |
For example send an email with link that starts a chat where I tell you to do things in your bank. Attacker impersonate something to trick the user |
|
Packet filter |
Layer 3 Uses ACL Only looks at IP addresses, port, flags, etc. |
|
State full firewall |
Layer 5 Context dependent access control Keeps track of all connections in a table. Checks both request and response, More complex. |
|
Proxy firewall |
Layer 5 or 7 Two types of proxies: Circuit level (level 5) and application (level 7) |
|
DMZ |
Buffer zone between an unprotected network and a protected network that allows monitoring and regulation of traffic between the two. |
|
NAT/PAT |
Remaps IP addresses. Private internal maps to public up addresses. NAT allows one-to-one mapping of IPs PAT allows multiple private to share one public IP. |
|
Private IPs addresses |
10.x.x.x 172.16.x.x-172.31.x.x 192.168.x.x |
|
Dos
|
Denial of Service: The purpose of these attacks is to overwhelm a system and disrupt its availability
|
|
DDoS
|
Distributed Denial of Service: Characterized by the use of Control Machines (Handlers) and Zombies (Bots) An attacker uploads software to the control machines, wh ich in turn commandeer unsuspecting machines to perform an attack on the victim. The idea is that if one machine initiating a denial of service attack, then having many machines perform the attack is better.
|
|
Ping of Death: |
Sending a Ping Packet that violates the Maximum Transmission Unit (MT U) size—a very large ping packet. |
|
Ping Flooding:
|
Overwhelming a system with a multitude of pings.
|
|
Tear Drop:
|
Sending Malformed packets which the Operating System does not know how to reassemble. Layer 3 attack
|
|
Buffer Overflow:
|
Attacks that overwhelm a specific type of memory on a system— the buffers. Is best avoided with input validation
|
|
Bonk :
|
Similar to the Teardrop attack. Manipulates how a PC reassembles a packet and allows it to accept a packet much too large.
|
|
Land Attack:
|
Creates a "circularreference" on a machine. Sends a packet where source and destination are the same.
|
|
Syn Flood:
|
Type of attack that exploits the three way handshake of TCP Layer 4 attack. Stateful firewall is needed to prevent
|
|
Smurf:
|
Uses an ICMP directed broadcast Layer 3 attack. Block distributed broadcasts on routers
|
|
Loki:
|
Information is stored in the ICMP header (covert Chanel)
|
|
Fraggle:
|
Similar to Smurf, but uses UDP instead of ICMR Layer 4 attack. Block distributed broadcasts on routers
|
|
Layer 3 Firewalls:
|
Static Packet Filters: Base decisions on Source/Destination IP Address and Port
|
|
Layer 5 Firewalls:
|
Stateful inspection. Knowledge of who inititiated the session. Can block unsolicited replies. Protocol Anomaly firewalls—can block traffic based on syntax being different than the RFC would specify
|
|
Layer 7 Firewalls:
|
Application Proxies/Kernel Proxies: Make decisions on Content, Active Directory Integration, Certificates, Time
|
|
LAN |
Local area network High speed Small physical area |
|
WAN |
Wide area network Used to connect LANS Generally slow, using serial links |
|
MAN |
Metropolitan area network Connect sites together within a medium range area (like a city) |
|
Circuit switching |
All data follows the same path to the destination |
|
Dial up |
- |
|
ISDN |
- |
|
ADSL |
- |
|
Packet switching technologies |
X.25 frame relay ATM VOIP MPLD Cable modems |
|
Cable modems |
Shared bandwidth Always in High speed via tv lines |
|
MPLS |
- |
|
VOIP |
Converts analog to digital. At the end there is a smartphone or TA that converts it back. |
|
Wireless encryption protocol |
WEP and WPA |
|
WEP |
Shared authentication password Weak Easy crackable Used RC-4 |
|
WPA |
Stronger Still used RC-4 |
|
WPA2 |
AES Not backwards compatible |
|
WPA and WPA2 enterprise |
Individual passwords for individual users RADIUS |
|
Blue jacking |
Spamming bt device |
|
Blue snarfing |
Copies information off or remote device |
|
Blue bugging |
Allows full access Allows to make calls Allows to eavesdrop |
|
SaaS |
Use software online |
|
PaaS |
Application hosting |
|
IaaS |
- |
|
Private vs public clouds |
- |
|
Community clouds and hybrid clouds |
- |