Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
19 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
What is a LAN? |
Local Area Network 1. Local Control 2. Small 3. Can be physically protected 4. Isolated 5. High Speed 6. Relatively Inexpensive 7. Connection usually within same building 8. Example - Token Ring and Ethernet |
8 |
|
|
What is a MAN? |
Metropolitan Area Network 1. Spans several buildings 2. Same City, Town, Metropolitan Area 3. Can bridge several LANs with backbone lines 4. Offers efficient connection to WAN 5. High speed connections 6. Using fiber optical cable means faster |
6 |
|
|
What is a WAN? |
Wide Area Network 1. Not restricted by geographical location 2. Might be confined by state or country 3. Physically Exposed 4. High Speed 5. Relatively Expensive 6. Can be controlled by single organisation 7. Can connect several LANS / MANs 8. Example - the internet is a public WAN |
7 |
|
|
What are the functions of a firewall? |
1. Access Control in both directions (LAN to Internet and Internet to LAN) 2. Virus Checking 3. Statistical and Content Logging 4. Masking structure of LAN to outside world. |
4 - AVSM |
|
|
Firewall Implementation What does a Firewall need to be? |
1. Constant 2. Tamper-proof 3. Simple 4. Can be Hardware or Software |
4 |
|
|
Firewall Implementation
What physical devices can be used? |
Router - 1. A device which sends packets of information to the required destination. 2. Internal messages can be sent directly whereas external messages are forwarded on-wards. Gateway - 1. Performs more substantial transformations on the packets. 2. Can perform modifications, mapping and encryption). |
4 |
|
|
What is Packet Filtering? |
1. The process of passing or blocking packets based on a series of rules blocking the flow of data to certain machine address and sources. 2. Often part of a firewall program / protecting a local network from unwanted intrusion. |
2 |
|
|
Define Stateful Inspection (Packet Filtering) |
1. Check the characteristics of a small section of an incoming packet against a database of accepted / banned actions or originators. 2. This is faster because the entire packet is not scanned |
2 |
|
|
Packet Filtering - What is access is controlled by? (Look for) |
1. Source Address (IP / Domain Name) 2. Destination Address (IP / Domain Name) 3. Service Requirement (Port) 4. Local or Outside IP Address |
4 |
|
|
IP Address |
1. Every Machine Has One. 2. Format: 129.12.253.23 3. All numbers are between 0 and 255. |
3 |
|
|
Ports and Protocols |
1. HTTP (Hyper Text Transfer Protocol) 2. FTP (File Transfer Protocol) 3. UDP (User Datagram Protcol) 4. SMTP (Simple Mail Transport Protocol) 5. SNMP (Simple Network Management Protocol) 6. Telnet |
6 |
|
|
Address Spoofing |
1. Messages sent from within the LAN aren't checked as rigorously. 2. Some firewalls may allow entry to a message that seemingly originated from an IP address within the LAN. 3. Dual Ported routers can detect which side of the firewall the message was received and prevent attacks. |
3 |
|
|
Proxy Servers |
1. Behave like a server to the outside world but include additional security checking mechanisms. 2. Obscures clients IP 3. Blocks Malicious traffic 4. Block Sites (e.g. porn or Facebook within a school or company) 5. Log activity (e.g. How long an employee was on Amazon.) 6. Improve performance (Server can cache an accessed site, so if another user wants to access the same site the proxy server can retrieve it from its cached data rather than accessing the internet. This saves time on the Internet bandwidth. 7. Can be the same machine as a firewall server or separate. |
7 |
|
|
Network Security Issues (Topology) |
1. Resources Sharing 2. Network Complexity 3. Attacker Anonymity Many Points of Access / Unknown Path of Attack 4. Attacker may read, forge, modify or inhibit aspects of the network. |
4 |
|
|
Dual Porting |
Two parts on a router (LAN side, Internet side). Can detect which side the data came from. |
|
|
|
Topologies - Bus |
1. Uses a trunk or backbone to which all of the computers on the network connect. 2. Systems connect to the backbone using T connectors or taps 3. It's cheap and easy to implement |
|
|
|
Topologies - Ring |
1. Data travels in a circular fashion from one computer to another on the network. 2. Typically FDDI, SONET or Token Ring technology are used to implement a ring network. |
|
|
|
Topologies - Star |
1. All computers/devices connect to a central device called hub or switch 2. Each device requires a single cable point-to-point connection between the device and hub 3. Most widely implemented. |
|
|
|
Topologies - Fully Connected |
1. Impractical for large networks 2. There is no hierarchy, all computers are equal. 3. There is a direct link between all pairs of nodes. 3. Expensive 4. Highly reliable |
|
