networks
zero day
attack between the time a software vulnerability is discovered and when a patch to fix the problem is produced
osi model
"All people seem to need data processing" L7: Application, L6: Presentation, L5: session, L4:Transport, L3: Network, L2: Data Link, L1: Physical
data link layer
2.. Switches and Bridges. Its primary function is to divide the data it receives from the Network layer into frames that can then be transmitted by the Physical layer. network medium access control. Layer 2, prepares data for the network medium by framing it. This is where the different LAN and WAN technologies live. (e.g. ARP (address resolution protocol, IP to MAC address) and RARP (MAC to IP address). Switches and Bridges operate at this layer using MAC Addresses. This layer performs error detection but not correction This layer provides reliable transit of data across a physical link. The Data Link layer is concerned with physical addressing, network topology, access to the network medium, error detection, sequential delivery of frames, and flow control. The Data Link layer is composed of two sub layers; the MAC and LLC.
Presentation layer
6.Presentation layer translate between the application and the network. Here, data is formatted in a schema that the network can understand, with the format varying according to the type of network used, manages data encryption and decryption, such as the scrambling of system passwords. The network layer format data to make data viewable by the user through data presentation, data compression and data encryption This layer prepares data to be passed to the next layer. It is at this layer that data encryption and compression takes place, handles data formatting; controls data encryption & data decryption; handles data compression & data decompression; network translator & redirector; handles protocol conversion
application layer
7 layer FTP,SMTP HTTP, HTTPS, SNMP, TELNET Used in information transfers between users through application programs. data formatting, conversion, and encryption. It also provides an application interface while providing session establishment and control services, Responsible for information transfer between two network applications. This involves such functions as security checks, identification of the two participants, availability checks, negotiating exchange mechanisms and most importantly initiating the exchanges themselves. See OSI Model.
1000BASE-SX
A Physical layer standard for networks that specifies 1-Gbps transmission over fiber-optic cable using baseband transmission. Its maximum segment length is 550 meters.
token ring
A ________network is a local area network (LAN) in which all computers are connected in a ring or star topology and a bit- or token-passing scheme is used in order to prevent the collision of data between two computers that want to send messages at the same time.
Tracert
A command-line utility, installed with the TCP/IP protocol suite, that traces the route taken by packets to a destination. (15) A TCP/IP troubleshooting utility that uses ICMP to trace the path from one networked node to another, identifying all intermediate hops between the two nodes.
multiplexing
A communications method that allows multiple signals to transmit simultaneously across a single physical channel by varying length of transmission, Frequency used or both
HOST
A computer that has two-way access to other computers (1) the Internet term for a network node that is capable of communicating at the application layer. Each Internet host has a unique IP address. (2) a networked computer with centralized program or data files that makes those resources available to other computers on the network.
Switch
A connectivity device that logically subdivides a network into smaller, individual collision domains. It can interpret MAC address information to determine whether to discard or forward packets it receives.
BGP
A distance-vector routing protocol capable of considering many factors in its routing metrics; mostly used on Internet backbones.
logical address
A generic reference to addresses as defined by Layer 3 protocols, which do not have to be concerned with the physical details of the underlying physical media. Used mainly to contrast these addresses with data-link addresses, which are generically considered to be physical addresses because they differ based on the type of physical medium.
mesh
A hybrid network topology used for fault tolerance in which all computers connect to each other.
Protocol Analyzer
A monitoring device or a computer with monitoring software that captures each packet to decode & analyze its contents. Also called a sniffer. In planning for a firewall implementation, Pete, a security administrator, needs a tool to help him understand what traffic patterns are normal on his network. Which of the following tools would help Pete determine traffic patterns?
network Hub
A network device that connects several nodes of a local area network.
ipSec
A protocol that is used to secure and authenticate IP connections. Works at the network layer and can handle multiple tunnels at the same time. What protocol is used with L2TP to provide encryption?
Layer 3 Switch
A switch capable of interpreting data at Layer 3 (Network layer) of the OSI model.
You need to monitor the temperature of your server room. What device should you use
A temperature monitor
You want to monitor your UPS systems and make sure they are functioning correctly. What device should you use
A voltage event recorder
Which of the following types of connectors are used for unshielded twisted-pair connections?
ATP
PING -n
Allows you to specify a number of echo requests to send.
crimper
Also called a crimping took, a tool used to secure an RJ-45 connector (a "crimp") onto the end of a UTP cable.
ppp
CHAP is an authentication scheme used by _________ servers t
802.3
CMSA/CD
What type of device determines if a cable meets standards specifications?
Cable Certifier
FRAME RELAY
Centeralized office, full mesh, Allows multiple companies and networks to share WAN media Also a framing standard: ond of the most cost-effective WAN technologies used to connect LANs. ___ is an updated, digital version of X.25 that relies on packet switching.
Port 21`
Check telnet
True/False: A TDR is used to test fiber connections.
False
True/False: An IDS box can find and fix a problem as the attack occurs.
False
IEEE 802.8
Fiber-Optic
ipv6
IPv6 An extended scheme of IP addresses, using 128-bit IP addresses, that allows for more IP addresses than current system, IPv4, which uses 32-bit IP addresses.app
nbstat -n
If you want to know the NetBIOS name of the workstation you are currently on, which utility and trigger would you use?
Transceiver
In a wireless network, a device that translates the electronic data that needs to be sent along the network into radio waves and then broadcasts these radio waves to other network nodes.
Q: Which of the following are used by Diameter for providing end-to-end security to remote access clients?
IpSec, TLS
802.2
Logical link
man-in-the-middle
MITM a person who intercepts communications between two servers
firekiller2000
Malware software, security,firewalls
peer tp peer
NO CENTRAL STORAGE
Q: Which of the following tools can an attacker use to perform a DNS zone transfer?
NSLOOKUP, HOST,DIG
Physical Layer
OSI Layer 1 The lowest, or first, layer of the OSI model. Protocols in the physical layer generate and detect signals so as to transmit and receive data over a network medium. These protocols also set the data transmission rate and monitor data error rates, but do not provide error correction. Creates the electrical, optical, or electromagnetic signal that represents the bits in each frame Hub
network layer
OSI Layer 3 ROUTER The Network Layer provides mechanisms for the routing of data between devices across single or multiple network segments. A network firewall operates at which layer of the network stack? Protocols in the Network layer translate network addresses into their physical counterparts and decide how to route data from the sender to the receiver. OSI Layer 3. responsible for routing, addressing, and fragmentation of data through a communication network. Protocols in the Network layer translate network addresses into their physical counterparts and decide how to route data from the sender to the receiver.
collision domain
On an Ethernet network, a(n) ____ is the portion of a network in which collisions occur if two nodes transmit data at the same time.
nbstat
On networks that run NetBIOS over TCP/IP, the ___ utility can provide information about NetBIOS statistics and resolve NetBIOS names to their IP addresses A command-line tool for displaying NetBIOS over TCP/IP (NetBT) protocol statistics, NetBIOS name tables for both the local computer and remote computers, and the NetBIOS name cache. running nbstat is a handy way to see what systems are on your windows network. Displays NetBIOS over TCP/IP statistics for local and remote computers Useful only on networks that run Windows-based operating systems and NetBIOS This displays NetBIOS sessions and attempts to convert the remote IP addresses to names.
What type of device is used to put an RJ-45 end on a Cat 5e cable
Repeater input
Transport Layer
Retransmits packets, OSI Layer 4 4th layer; protocols ensure that data are transferred from point A to point B reliably and without errors; services include flow control, acknowledgment, error correction, segmentation, reassembly, and sequencing Layer 4, provides end-to-end transmissions (e.g. UDP, TCP, SMTP) Error Handling
PING -r
Som 1-9, displays the route taken during ping hops Direct Ping. Send to a host directly, without using routing tables. Returns an error if the host is not on a directly attached network.
logical link layer
Sub-layer of data link layer, OSI. Controls error checking.
Session layer
The Session layer establishes and maintains communication between two nodes on the network. It can be considered the "traffic cop" for network, sets up, maintains and breaks down the dialog (session) between two applications (e.g. connection to a database from a web app), PDU is Data Deals with initiating and terminating network connections Coordinates communications and maintains the sesion for as long as it is nedeed- performing security, logging, and administrative functions. Initiates, maintains and terminates each logical session between sender and receiver, is included in this layer
DNS zone transfer
The process of replicating the databases containing the DNS data across a set of DNS servers. 53 (TCP)
netstat -S
This command switch displays network activity statistics for TCP, UDP, and IP
802.4
Token Passing bus
802.5
Token passing ring
An OTDR is used to test fiber connectionS
True
True/False: An IDS box will report an attack but not fix it.
True
replay
Uses network sniffers to extract usernames and passwords to be used at a later date to gain access
Adsl
What is the most commonly used DSL technology?
nbstat -S
Which nbstat switch display a list of all the NetBIOS sessions currently active on the local workstation? this displays the sames sessions as with the -s parameter. The only difference is that remote computers will be listed in by IP address.
Tone Generator
Which type of cable testing can be used to locate cable in a wall that is a part of a cable bundle?
802.11
Wireless Lan
TACACS+
____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. Which user-authentication method utilizes the TCP protocol? The most used TACACS version with the added use of a user name and password for authentication, or other methods, such as Kerberos or the use of security tokens Which of the following is an authentication, authorization, and accounting method that provide The most used TACACS version with the added use of a user name and password for authentication, or other methods, such as Kerberos or the use of security tokens Terminal Access Controller Access-Control System +. Provides central authentication for remote access clients and used as an alternative to RADIUS. TACACS + uses TCP port 49, compared with TACACS, which uses UDP port 49. It encrypts the entire authentication process, compared with RADIUS, which only encrypts the password. It uses multiple challenges and responses.
pppoe
____ is the standard for connecting home computers to an ISP via DSL or broadband cable.
Port Scanner
____ software searches a node for open ports. and application used to identify every service and protocol running on a host Software that searches a server, switch, router, or other device for open ports, which can be vulnerable to attack. The item (physical or software) that scans a server for open ports that can be taken advantage of. Port scanning is the process of sending messages to ports to see which ones are available and which ones aren't. Which of the following would an attacker use to footprint a system?
802.1
`Engineering specification for the wireless standard; this defines how a wireless interface between clients and access points is structured
OPTICAL TIME DOMAIN
a popular certification method for fiber systems. The OTDR injects light into the fiber and then graphically displays the results of the detected reflected light. The OTDR measures the elapsed transit time of reflected light to calculate the distance to different events. The visual display allows determination of loss per unit lenght, evaluation of splices and connectors, and fault location. OTDR zooms in to certain locations for a close-up picture of portions of the link.
Packet Sniffer
a program that looks at (sniffs) each data packet as it travels on the Internet.
denial of service
an attack that attempts to consume network resources so that the network or its devices cannot respond to legitimate requests.
bus topology
massive disturbance, A network design built by running cable from one PC or file server to the next, like links in a chain.
core layer
one of three basic layers in the hierarchical design of Ethernet networks. The core layer is the innermost part of the network that connects the different distribution-layer networks to each other, such as the primary BN on a campus or a set of MAN or WAN circuits connecting different offices together.
STP
shielded twisted pair Spanning Tree Protocol
ARP
shows interface, physical&dynamic
logical ring
the token system is used to prevent collisions; one token in the ring