Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
31 Cards in this Set
- Front
- Back
|
Define a router.
|
Connects multiple networks that use the same protocol. Routers can examine the protocol-based addressing information in the network packets and determine the most efficient path for data to take. They can also filter network traffic based on other criteria. Most routers will not forward broadcast network traffic.
|
|
|
Define a switch.
|
Has multiple network ports and combines multiple physical network segments into a single logical network. It controls network traffic on the logical network by creating dedicated, or "switched," connections that contain only the two hosts involved in a transmission. Standard switches generally forward broadcasts to all ports on the switch, but will send individual packets to the specific destination host based on the unique physical address assigned to each network adapter. Some switches can perform routing functions based on protocol addresses.
|
|
|
Define a proxy server.
|
Can isolate internal networks from the internet by downloading and storing internet files on behalf of internal clients. It intercepts requests for web-based or other external resources that come from internal clients, and, if it does not have the data in its cache, generates a completely new request packet using itself as the source. In addition to providing security, the data chache can also improve client response time and reduce internet traffic by providing frequently used pages to clients from a local source. A proxy server can also include NAT and firewall functionality.
|
|
|
Define a firewall.
|
Any software or hardware device that protects a system or network by blocking unwanted network traffic. Firewalls generallly are configured to stop suspicious or unsolicited incoming traffic, but permit most types of outgoing traffic. Information about the incoming or outgoing connections can be saved to a log, and used for network monitoring or hardening purposes.
|
|
|
Define a collision domain.
|
The group of hosts that must compete for access to the network media before making any type of transmission.
|
|
|
Define a broadcast domain.
|
The group of hosts that will receive a network broadcast packet, which is not addressed to any individual host, and is the network equivalent of mass mailing. Too many broadcasts increase network traffic and reduce available bandwidth; too many collisions decrease network reliability and throughput.
|
|
|
Is it a good idea to disable unnecessary network protocols on network devices?
|
Yes. Disable or remove legacy transport protocols such as NetBEUI, NWLink, and AppleTalk unless they are absolutely required for interoperability with other systems. Also, do not run unneeded special protocols, such as NNTP, on a server that does not need to provide those services. Turning off a protocol is the best and easiest way to prevent attacks against that protocol.
|
|
|
Define a NAC.
|
Network Access Control. A general term for the collected protocols, policies, and hardware that govern access on device network interconnections. NAC provides an additional security layer that scans systems for conformance and allows or quaranties updates to meet policy standards. Deploy based on three needs: authentication method, endpoint vulnerability assessment, and network security enforcement.
|
|
|
Describe SNMP v1 and its vulnerabilities.
|
Simple Network Management Protocol. Port 161-162. Uses cleartext to send SNMP community names, which can be used to gain administrative access and take over network connection devices. Use SNMPv2 or higher.
|
|
|
Describe Telnet Service and its vulnerabilities.
|
TCP Port 23. A simple terminal-emulation service that enables a client to connect remotely to a server. Often used to administer network routers. Unencrypted, easy to hijack.
|
|
|
Describe the vulnerabilities of router config files.
|
Improperly stored copies of router configuration files on unsecured servers can allow an attacker to gain administrative access to the devices.
|
|
|
Describe the vulnerabilities of the Finger service.
|
An attacker can attempt to determine the type of router you are using by sending a request to theis service. Once the attacker knows the type of service, he can work on known exploits for that type of service.
|
|
|
Define a DMZ.
|
Demilitarized Zone. A small section of private network that is located between two firewalls and made available for public access. A DMZ enables external clients to access data on private systems, such as web servers, without compromising the security of the internal network as a whole. The external firewall enables public clients to access the service; the internal firewall prevents them from connecting to protected internal hosts.
|
|
|
Define NAT.
|
Network Address Translation. A simple form of internet security that conceals internal addressing schemes from the public internet. A router is configured with a single public IP address on its external interface and a private, nonroutable address on its internal interface. A NAT service translates between the two addressing schemes. Packets sent to the internet from internal hosts all appear as if they came from a single IP address, preventing external hosts from identifying and connecting directly to internal systems. Must be configured correctly and use a firewall in addition to.
|
|
|
Define coaxial cable.
|
Copper cable that features a central conducting copper core surrounded by an insulator and braided or foil shielding. A dialectric insulator separates the conductor and shield and the entire package is wrapped in an insulating layer called a sheath or jacket. The data signal is transmitted over the central conductor. The outer shielding serves to reduce electromagnetic interference.
|
|
|
Define twisted-pair cable.
|
A type of cable in which color-coded pairs of copper wires are twisted around each other and clad in a protective and insulating outer jacket. Typically, two conductors or wires are twisted around each other and form pairs and then all the pairs are encased in a plastic sheath or jacket. The number of pairs in the cable will vary depending on the cable type. Shielding can be added around the bundle of twisted pairs to reduce electronic interference. It comes in two main types: unshielded twisted pair (UTP) and shielded twisted pair (STP). STP has an additional foil shield included with the wiring to protect against electromagnetic interference. However, STP is more expensive than UTP, as well as stiffer, bulkier, and harder to work with.
|
|
|
Define fiber-optic cable.
|
A type of network cable in which the core is one or more glass or plastic strands surrounded by silica cladding, which reflects light back to the core in patterns determined by the transmission mode. A buffer often made of plastic, surrounds the cladding and core. To add strength, strands of kevlar surround the buffer. An outer jacket, sometimes called armor, wraps and protects the whole assembly. Light pulses from a laser or high intensity LED are passed through the core to carry the signal. The cladding reflects the light back into the core, increasing the distance the signal can travel without being regenerated. Fiber-optic cable is high performance and is used for very high-speed, long-distance networking implementations, but is very expensive and difficult to handle and install.
|
|
|
Define CAT-1 twisted-pair.
|
Voice grade, not suitable for networking.
|
|
|
Define CAT-2 twisted-pair.
|
Digital telephone and low-speed networks. 4 Mbps.
|
|
|
Define CAT-3 twisted-pair.
|
Ethernet. 10 Mbps. Bandwidth: 16 MHz. Currently used for telephone wiring.
|
|
|
Define CAT-4 twisted pair.
|
IBM Token Ring. 16 Mbps. May substitute 10 Mbps ethernet.
|
|
|
Define CAT-5 twisted pair.
|
5: Fast Ethernet. 100 Mbps.
5e: Gigabit Ethernet. 350 Mbps. |
|
|
Define CAT-6 twisted pair.
|
Gigabit ethernet. 1 Gbps. 250 MHz.
|
|
|
Define CAT-7 twisted pair.
|
Gigabit ethernet. 1 Gbps+. 1 GHz.
|
|
|
Define single-mode fiber.
|
Carries a single optical signal. Has a small core, allows only a single beam o flight to pass. A laser, usually operating in the infrared portion of the spectrum, is modulated in amplitude (intensity) to transmit the signal through the fiber.
|
|
|
Define step index multimode fiber.
|
Contains a core surrounded by cladding, each with its own uniform index of refraction. When light from the core enters the cladding, a "step down" occurs due to the difference in the refractive indices. Step-index fiber uses total internal reflection to trap light.
|
|
|
Define graded index multimode fiber.
|
Possess variations in the core glass to compensate for mode path length differences. Provedes up to 2 GHz of bandwidth, which is significantly more than step-index fiber.
|
|
|
Explain the vulnerabilities of Small servers.
|
Some rarely used Cisco services (for example, echo on port 7 and chargen on port 19) could be exploited for a CPU DoS attack, if bombarded with requests from an attacker.
|
|
|
Explain the vulnerabilities of RIP.
|
Routing Information Protocol v1. Dynamic routing protocol that provides a weak level of authentication, which can provide opportunities for an attacker to connect to a device and manipulate the routing table, possibly to cause a DoS attack.
|
|
|
Explain the vulnerabilities of ICMP.
|
Internet Control Message Protocol. An IP network service that reports on connections between two hosts. It is often used for simple functions, such as the "ping" command, that checks for a response from a particular host. Attackers can use redirected ICMP packets in two ways: to flood a router and cause a DoS attack by consuming memory resources and to reconfigure routing tables by using forged packets.
|
|
|
Define DNS and BIND.
|
Domain Name System service provides resolution of host names to IP addresses on the internet as well as on most private IP networks. Without DNS, users would have to access internet hosts using an IP address rather than a friendly name. Berkely Internet Name Domain (BIND) is a popular Unix-based implementation of DNS that runs on many DNS servers on the internet.
|
