Allison's Bad-to-the-Bone CISSP Flashcards (Domain 4: Communications and Network Security
Trivial File Transfer Protocol (TFTP)
A lean, mean version of FTP without directory-browsing capabilities or user authentication. Generally considered less secure than FTP, _____________ operates on UDP port 69.
local area network (Source: Dummies)
A _________________________________ is a data network that operates across a relatively small geographic area, such as a single building or floor. A ________ connects workstations, servers, printers, and other devices so that network resources, such as files and email, can be shared. Key characteristics: - Can connect networked resources over a small geographic area, such as a floor, a building, or a group of buildings. - Are relatively inexpensive to set up and maintain, typically consisting of readily available equipment such as servers, desktop PCs, printers, switches, hubs, bridges, repeaters, wireless access points (WAPs or simply, APs), and various security devices such as firewalls and intrusion prevention systems (IPSs). - Can be wired, wireless, or a combination of both wired and wireless. - Perform at relatively high speeds- typically 10 megabits per second (Mbps), 100 Mbps, 1000 Mbps (also referred to as 1 gigabit per second [1 Gbps]), 10 Gbps, and 40 Gbps for wired networks, and 11 Mbps, 54 Mbps, or 600 Mbps for wireless networks. *Hint: Same term for all blanks
Value-added network (VAN)
A type of extranet that allows businesses within an industry to share information or integrate shared processes. For example, Electronic Data Interchange (EDI) allows organizations to exchange structured documented- such as order forms, purchase orders, bills of lading, and invoices- over a secure network.
Campus area network (CAN) and wireless campus area network (WCAN)
Connects multiple buildings across a high-performance backbone.
These are ring, bus, star, and mesh.
Exam Essentials: Know the standard network topologies
Network segmentation can be used to managed traffic, improve performance, and enforce security. Examples of network segments or subnetworks include intranet, extranet, and DMZ.
Exam Essentials: Understand the various types and purposes of network segmentation.
Metropolitan area network (MAN) and wireless metropolitan area network (WMAN)
Extends across a large area, such as a small city.
HyperText Transfer Protocol (HTTP)
The language of the World Wide Web (WWW), used by web servers and browsers for non-sensitive content. ______ operates on TCP port 80.
Simple Mail Transfer Protocol (SMTP)
Used to send a receive email across the Internet. This protocol has several-well known vulnerabilities that make it inherently insecure. _________ operates on TCP/ UDP port 25. ________ over SSL/ TLS (SMTPS) uses TCP/ UDP port 465. *Hint: term is the same for all blanks
Presentation Layer is responsible for coding and conversion functions.
What is the Presentation Layer responsible for?
Do not confuse HTTPS and S-HTTP. They are two distinctly different protocols with several differences. For example, HTTPS encrypts an entire communications session and is commonly used in VPNs, whereas S-HTTP encrypts individual messages between a client and server pair.
DUMMIES WARNING: Flip the card!!
data encapsulation
Each layer communicates only with the layer immediately above and below it (adjacent layers). This communication is achieved through a process known as _______________________________. ___________________________ wraps protocol information from the layer immediately above in the data section of the layer immediately from the layer immediately above in the data section of the layer immediately below.
A MAC filter is a list of authorized wireless client interface MAC addresses that is used by a wireless access point to block access to all nonauthorized devices.
Exam Essentials: Understand MAC Filtering
There are several types of firewalls: static packet filtering, application-level gateway, circuit-level gateway, stateful inspection, deep-packet inspection, and next-gen.
Exam Essentials: Understand the different types of firewalls
Virtual local area network (VLAN)
Implemented on network switches in a LAN as a way of logically grouping users and resources in a broadcast domain. Often, such VLANs correlate to department functions (such as Accounting, Sales, and Research & Development) and/ or IP subnets. VLANs provide scalability, segmentation, and (some) security at Layer 2 and can also work to limit the size of your Ethernet broadcast domains. VLANs are implemented by using Institute of Electrical and Electronics Engineers (IEEE) 802.1q tagging to tag Ethernet frames with VLAN information. Note: the IEEE is an international organization that defines many standards, including numerous 802 networking standards.
Telnet
Provides terminal emulation for remote access to system resources. ______________ operates on TCP/UDP port 23. Because ___________ transmits passwords in cleartext, it is no longer considered safe; instead SSH is preferred. *Hint: term is the same for all blanks
Presentation Layer (Layer 6)
The ______________________________________ provides coding and conversion functions that are applied to data being presented to the Application Layer (Layer 7). These functions ensure that data sent from the Application Layer of one system are compatible with the Application Layer of receiving system.
HyperText Transfer Protocol Secure (HTTPS)
The language of commercial transactions on the World Wide Web (WWW). ________________ is actually the HTTP protocol used in combination with SSL/ TLS. _________ operates on TCP port 443, but occasionally on other ports such as 8443. *Hint: same term for all blanks
The LAN shared media access technologies are CSMA, CSMA/CA (used by 802.11 and AppleTalk), CSMA/CD (used by Ethernet), token passing (used by Token Ring and FDDI/ CDDI), and polling (used by SDLC, HDLC, and some mainframe systems).
Written Lab: Name the LAN shared media access technologies and examples of their use, if known.
Email is inherently insecure because it is primarily a plaintext communication medium and employs non-encrypted transmission protocols. This allows for email to be easily spoofed, spammed, flooded, eavesdropped on, interfered with, and hijacked. Defenses against these issues primarily include having stronger authentication requirements and using encryption to protect the content while in transit.
Written Lab: What are some security issues with email and options for safeguarding against them?
wide area network
A ___________________________ connects multiple LANs and other WANs by using telecommunications devices and facilities to form an internetwork. Key characteristics of WANs include the following: - Connect multiple LANs over large geographic areas, such as a small city (for example, a metropolitan area network ([for MAN]), a region or country, a global corporate network, the entire planet (for example, the Internet), or beyond (for example, the International Space Station via satellite). - Can relatively expensive to set up and maintain, typically consisting of equipment such as routers, Channel Service Unit/ Data Service Unit (CSU/ DSU) devices, firewalls, virtual private network (VPN) concentrators, and various other security devices. - Perform at relatively low speeds by using various technologies, such as dial-up (56 kilobits per second [Kbps]); digital subscriber line, or DSL (approximately 45 Mbps); OC-12 (approximately 622 Mbps); and OC-255 (approximately 13 Gbps).
File transfer protocol (FTP)
A program used to copy files from one system to another over a network. ________ operates on TCP ports 20 (the data port) and 21 (the control port).
Internet Message Access Protocol (IMAP)
A store-and-forward electronic mail protocol that allows an email client to access, manage, and synchronize email on a remote mail server. ___________ provides more functionality and security than POP3, such as requiring users to explicitly delete emails from the server. The most current version is IMAPv4 (or IMAP4), which operates on TCP and UDP port 143. Email clients that use ___________ can be secured by using TLS or SSL encryption over TCP/ UDP port 993.
Wireless wide are network (WWAN)
A wireless network that typically uses mobile cellular technologies such as 4G Long-Term Evolution (LTE), Global System for Mobile Communications (GSM), Universal Mobile Telecommunications System (UMTS), or Code Division Multiple Access (CDMA2000), to extend wireless network coverage regionally, nationally, and/ or globally.
Wireless local area network (WLAN)
Also known as Wi-Fi network. A wireless LAN that uses wireless access points (WAPs, or simply APs) to connect wireless-enabled devices to a wired LAN.
Post Office Protocol 3 (POP3)
An email retrieval protocol that allows and email client to access email on a remote mail server by using TCP port 110. Inherently insecure, ________ allows users to authenticate over the Internet by using plaintext passwords. Email clients that use POP3 can be secured by using TLS or SSL encryption over TCP/ UDP port 995.
- File transfer protocol (FTP) - HyperText Transfer Protocol (HTTP) - HyperText Transfer Protocol Secure (HTTPS) - Internet Message Access Protocol (IMAP) - Post Office Protocol Version 3 (POP3) - Privacy Enhanced Mail (PEM) - Secure Hypertext Transfer Protocol (S-HTTP) - Secure Multipurpose Internet Mail Extensions (S/MIME) - Simple Mail Transfer Protocol (SMTP) - Simple Network Management Protocol (SNMP) - Telnet - Trivial File Transfer Protocol (TFTP)
Applications that function at the Application Layer include:
Personal area network (PAN) and wireless personal area network (WPAN)
Connects an individual's electronic devices to each other or to a larger network, such as the Internet and the Internet of Things (IoT). Examples of devices that might be connected via a PAN include laptop computers, smartphones, tablets, wearable technology, virtual personal assistants (such as Amazon Alexa, Apple Siri, Google Assistant, and Microsoft Cortana) home appliance, smart thermostats, and home security cameras. These devices can be connected via wired technologies such as USB and FireWire, or wireless technologies such as Wi-Fi, Bluetooth, IrDA (Infrared Data Associate), 6LoWPAN (IPv6 over Lower power Wireless Personal Area Networks), Bluetooth Low-Energy (BLE, also known as Bluetooth Smart of Bluetooth 4.0+), Bluetooth Mesh, Threat, ZigBee, and Open Connectivity Foundation (OCF). A wireless PAN is also sometimes referred to as a WPAN.
Storage area network (SAN)
Connects servers to a separate physical storage device (typically a disk array). The server operating system sees the storage as if it were directly attached to the server, SANs typically comprise several terabytes or more of disk storage and incorporate highly sophisticated design architectures for fault tolerance and redundancy. Communications protocols used in SANs typically include SCSI (Small Computer System Interface, pronounced "Scuzzy"), iSCI (IP-based SCSI), Fibre Channel Protocol (FCP, SCSI over Fibre Channel), and FCoE (Fibre Channel over Ethernet). SANs are highly scalable, enable technologies such as virtualization and snapshots, provide flexibility in server deployment options, facilitate disaster recovery (for example, with real-time replication), and tried to reduce the overall cost of data storage.
DUMMIES WARNING: Be careful when referring to data capacity (and their abbreviations) and data storage. 100 Mbps is "100 megabits per second," and 100 MB is "100 megabytes." The distinction is subtle (a little b versus a big B, bits rather than bytes), but the difference is significant: A byte is equal to 8 bits. Data speeds are typically referred to in bits per second; data storage is typically referred to in bytes.
DUMMIES WARNING: Flip the card!!
Try creating a mnemonic to recall the layers of the OSI model, such as All People Seem To Need Delicious Pizza, and in reverse, Please Do Not Throw Sausage Pizza Away.
Dummies Tip - Flip the card!
NAT protects the addressing scheme of a private network, allows the use of the private IP addresses, and enables multiple internal clients to obtain internet access through a few public IP addresses. NAT is supported by many security border devices, such as firewalls, routers, gateways, and proxies.
Exam Essentials: Be able to explain NAT
Social engineering is a means by which an unknown person gains the trust of someone inside your organization by convincing employees that they are, for example, associated with upper management, technical support, or the help desk. The victim is often encouraged to make a change to their user account on the system, such as reset their password, so the attacker can use it to gain access to the network. The primary countermeasure for this sort of attack is user training.
Exam Essentials: Be able to explain what social engineering is
The most common LAN technology is Ethernet. Also be familiar with analog vs. digital communications; synchronous vs. asynchronous communications; baseband vs. broadband communications; broadcast, multicast, and unicast communications; CSMA, CSMA/CA, and CSMA/CD; token passing; and polling
Exam Essentials: Be familiar with the common LAN technologies
These are SKIP, SWIPE, SLL, SET, PPP, SLIIP, CHAP, PAP, EAP, and S-RPC. They can also include VPN, TLS/SSL, and VLAN.
Exam Essentials: Be familiar with the various protocols and mechanisms that may be used on LANs and WANs for data communications.
A security boundary can be the division between one secured area and another secured area. It can also be the division between a secured area and an unsecured area. Both must be addressed in a security policy.
Exam Essentials: Explain the concept of security boundaries
Know the difference between TCP and UDP; be familiar with the four TCP/IP layers (Application, Transport, Internet, and Link) and how they correspond to the OSI model. In addition, understand the usage of the well-known ports and be familiar with the subprotocols.
Exam Essentials: Have a thorough knowledge of TCP/ IP
Fax security is primarily based on using encrypted transmissions or encrypted communication lines to protect the faxed materials. The primary goal is to prevent interception. Activity logs and exception reports can be used to detect anomalies in fax activity that could be symptoms of attack.
Exam Essentials: Know how fax security works
Application: HTTP, FTP, LPD, SMTP, Telnet, TFTP, EDI, POP3, IMAP, SNMP, NNTP, S-RPC, and SET Presentation: Encryption protocols and format types, such as ASCII, EBCDICM, TIFF, JPEG, MPEG, MIDI Sessions: NFS, SQL, and RPC Transport: SPX, SSL, TLS, TCP, and UDP Network: ICMP, RIP, OSPF, BGP, IGMP, IP, IPSec, IPX, NAT, and SKIP Data Link: SLIP, PPP, ARP, L2F, L2TP, PPTP, FDDI, ISDN Physical: EIA/ TIA-232, EIA/TIA-449, X.21, HSSI, SONET, V.24, and V.35
Exam Essentials: Know the OSI model layers and which protocols are found in each.
Common network devices are firewalls, routers, hubs, bridges, modems, repeaters, switches, gateways, and proxies.
Exam Essentials: Know the common network devices
This include STP, 10BaseT (UTP), 10Base2 (thinnet), 10Base5 (thicknet), 100BaseT, 1000BaseT, and fiber-optic. You should also be familiar with UTP categories 1 through 7.
Exam Essentials: Know the different cabling types and their lengths and maximum throughput rates
These are Frame Relay, SMDS, X.25, ATM, HSSI, SDLC, HDLC, and ISDN.
Exam Essentials: Know the protocol services used to connect to LAN and WAN communication technologies
Countermeasures to PBX fraud and abuse include many of the same precautions you would employ to protect a typical computer network: logical or technical controls, administrative controls, and physical controls.
Exam Essentials: Know the threats associated with PBX systems and the countermeasures to PBX fraud.
Know that most WAN technologies require a channel service unit/data service unit (CSU/DSU), sometimes called a WAN (switch0. Three are many types of carrier networks and WAN connection technologies require additional specialized protocols to support various types of specialized systems or devices.
Exam Essentials: Know the various types of WAN technologies
Be familiar with remote access, dial-up connections, screen scrapers, virtual applications/ desktops, and general telecommuting security concerns
Exam Essentials: Know various issues related to remote access security
Tunneling is the encapsulation of a protocol-deliverable message within a second protocol. The second protocol often performs encryptions to protect that message contents.
Exam Essentials: Know what tunneling is
Phreaking is a specific type of attack in which various types of technology are used to circumvent the telephone system to make free long-distance calls, to alter the function of telephone service, to steal specialized services, or even to cause service disruptions. Common tools of phreakers include black, red, blue, and white boxes.
Exam Essentials: Recognize what a phreaker is
802.11 is the IEEE standard for wireless network communications. Versions include 802.11 (2 Mbps), and 802.11a (54 Mbps), 802.11 (11 Mpbs), 802.11g (54 Mbps), 802.11n (600 Mbps), and 802.11ac (1.3+ Mbps). The 802.11 standard also defines Wired Equivalent Privacy (WEP).
Exam Essentials: Understand 802.11 and 802.11a, b, g, n, and ac
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) was created to replace WEP and TKIP/ WPA. CCMP uses AES (Advanced Encryption Standard) with a 128-bit key.
Exam Essentials: Understand CCMP
EAP (Extensible Authentication Protocol) is not a specific mechanism of authentication; rather it is an authentication framework. Effectively, EAP allows for new authentication technologies to be compatible with existing wireless or point-to-point connection technologies.
Exam Essentials: Understand EAP
FCoE (Fibre Channel over Ethernet) is used to encapsulate Fibre Channel communications over Ethernet networks.
Exam Essentials: Understand FCoE
Fibre Channel is a form of network data storage solution (i.e., SAN (storage area network) or NAS (network-attached storage)) that allows for high-speed file transfers.
Exam Essentials: Understand Fibre Channel
LEAP (Lightweight Extensible Authentication Protocol) is a Cisco proprietary alternative to TKIP for WPA. This was developed to address deficiencies in TKIP before the 802.11i/ WPA2 system was ratified as a standard.
Exam Essentials: Understand LEAP
PEAP (Protected Extensible Authentication Protocol) encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption.
Exam Essentials: Understand PEAP
Wireless networks traditionally announce their SSID on a regular basis within a special packet known as the beacon frame. When the SSID is broadcast, any device with an automatic detect and connect feature is not only able to see the network, but it can also initiate a connection with the network.
Exam Essentials: Understand SSID Broadcast
TKIP (Temporal Key Integrity Protocol) was designed as the replacement for WEP without requiring replacement of legacy wireless hardware. TKIP was implemented into 802.11 wireless networking under the name WPA (Wi-Fi Protected Access).
Exam Essentials: Understand TKIP
VPNs are based on encrypted tunneling. They can offer authentication and data protection as a point-to-point solution. Common VPN protocols are PPTP, L2F, L2TP, and IPsec.
Exam Essentials: Understand VPNs
WPA2 is a new encryption scheme known as the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on the AES encryption scheme
Exam Essentials: Understand WPA2
A wide variety of antenna types can be used for wireless clients and base stations. These include omnidirectional pole antennas as well as many directional antennas, such as Yagi, cantenna, panel and parabolic.
Exam Essentials: Understand antenna types
A captive portal is an authentication technique that redirects a newly connected wireless web client to a portal access control page.
Exam Essentials: Understand captive portals
Security controls should be transparent to users. Hash totals and CRC checks can be used to verify message integrity. Record sequences are used to ensure sequence integrity of a transmission. Transmission logging helps detect communication abuses.
Exam Essentials: Understand common characteristics of security controls
Internet email is based on SMTP, POP3, and IMAP. It is inherently insecure. It can be secured, but the methods used must be addressed in a security policy. Email security solutions include using S/MIME, MOSS, PEM, and PGP.
Exam Essentials: Understand how email security works
iSCSI (Internet Small Computer System Interface) is a networking storage standard based on IP.
Exam Essentials: Understand iSCSI
Network security should take into account IP and non-IP protocols, network access control, using security services and devices, managing multilayer protocols, and implementing endpoint security.
Exam Essentials: Understand secure network architecture and design
A site survey is the process of investigating the presence, strength, and reach of wireless access points deployed in an environment. This task usually involves walking around with a portable wireless device, taking note of the wireless signal strength, and mapping this on a plot or schematic of the building.
Exam Essentials: Understand site survey
A dedicated line is always on and is reserved for a specific customer. Examples of dedicated lines include T1, T3, E1, E3, and cable modems. A nondedicated line requires a connection to be established before data transmission can occur. It can be used to connect with any remote system that uses the same type of nondedicated line. Standard modems, DSL, and ISDN are examples of nondedicated lines.
Exam Essentials: Understand the difference between dedicated and nondedicated lines
In circuit switching, a dedicated physical pathway is created between the two communicating parties. Packet switching occurs when the message or communication is broken up into small segments and sent across the intermediary networks to the destination. Within packet-switching systems are two types of communication paths, or virtual circuits: permanent virtual circuits (PVCs) and switched virtual circuits (SVCs).
Exam Essentials: Understand the difference between packet switching and circuit switching
The Point-to-Point Protocol (PPP) is an encapsulation protocol designed to support the transmission of IP traffic over dial-up or point-to-point links. PPP includes a wide range of communication services, including assignment and management of IP addresses, management of synchronous communications, standardized encapsulation, multiplexing, link configuration, link quality testing, error detection, and feature or option negotiation (such as compression). PPP was originally designed to support CHAP and PAP for authentication. However, recent versions of PPP also support MS-CHAP, EAP, and SPAP. PPP replaced Serial Line Internet Protocol (SLIP). SLIP offered no authentication, supported only half-duplex communications, had no error-detection capabilities, and required manual link establishment and teardown.
Exam Essentials: Understand the differences between PPP and SLIP
Cell phones, Bluetooth (802.15), and wireless networking (802.11) are all called wireless technologies, even though they are all different. Be aware of their differences, strengths, and weaknesses. Understand the basics of securing 802.11 networking.
Exam Essentials: Understand the different wireless technologies.
Remote access security management requires that security system designers address the hardware and software components of an implementation along with issues related to policy, work tasks, and encryption.
Exam Essentials: Understand the issues around remote access security management
VoIP is at risk for caller ID spoofing, vishing, SPIT, call manager software/ firmware attacks, phone hardware attacks, DoS, MitM, spoofing, and switch hopping.
Exam Essentials: Understand the security issues related to VoIP
Communication systems are vulnerable to many attacks, including distributed denial of service (DDoS), eavesdropping, impersonation, replay, modification, spoofing, and APR and DNS attacks. Be able to supply effective countermeasures for each.
Exam Essentials: Understand the various network attacks and countermeasures associated with communications security.
Voice communications are vulnerable to many attacks, especially as voice communications become an important part of network services. You can obtain confidentiality by using encrypted communications. Countermeasures must be deployed to protect against interception, eavesdropping, tapping, and other types of exploitation. Be familiar with voice communication topics, such as POTS, PSTN, PBX, and VoIP.
Exam Essentials: Understand voice communications security
Open Systems Interconnection (OSI) Reference Model (or simply, the OSI model)
In 1984, the International Organization for Standardization (ISO) adopted the ____________________________________ to facilitate interoperability between network devices independent of the manufacturer. - consists of 7 distinct layers that describe how data is communicated between systems and applications on a computer network
- Internet: The mother of all WANs, the Internet is the global network of public networks originally developed by the U.S. Department of Defense (DoD) Advanced Research Projects Agency (DARPA). Users and systems connect to the Internet via Internet service providers (ISPs). - Intranet: An intranet can be thought of as a private Internet. An intranet typically uses web-based technologies to disseminate company information that's available only to authorized users on an internal company network. - Extranet: An extranet extends the basic concept of an intranet to include partners, vendors, or other related parties. For example, an automobile manufacturer may operate an extranet that connects networks belonging to parts manufacturers, distributors, and dealerships. Extranets are commonly operated across the Internet by using a virtual private network (VPN) or other secure connection.
List some examples of WANs:
- Application (Layer 7) - Presentation (Layer 6) - Session (Layer 5) - Transport (Layer 4) - Network (Layer 3) - Data Link (Layer 2) - Physical (Layer 1)
List the layers (in order from Layer 7 to Layer 1) of the OSI model:
A local area network (LAN) is a data network that operates across a relatively small geographic area, such as a building or group of buildings.
The Dummies book wants you to remember this! FLIP THE CARD!
The Application Layer is responsible for identifying and establishing availability of communication partners, determining resource availability, and synchronizing communication.
The Dummies book wants you to remember this! FLIP THE CARD!
The Presentation Layer is responsible for coding and conversion functions.
The Dummies book wants you to remember this! FLIP THE CARD!
wide area network (WAN)
The Dummies book wants you to remember this! FLIP THE CARD!
- Clarifies the general functions of a communication process, instead of focusing on specific issues. - Reduces complex networking processes into simpler sub-layers and components - Promotes interoperability by defining standard interfaces - Aids development by allowing vendors to change individual features at a single layer, instead of rebuilding the entire protocol stack. - Facilitates easier (and more logical) troubleshooting.
The OSI & TCP/IP models define standard protocols for network communication and interoperability by using a layered approach. This approach divides complex networking issues into simpler functional components that help the understanding, design, and development of networking solutions and provides the following specific advantages: (?)
Application Layer (Layer 7)
The _______________________________ is the highest layer of the OSI model. It supports the components that deal with the communication aspects of an application that requires network access, and it provides an interface to the user. So, both the _________________ layer and the end-user itneract directly with the application. This layer is responsible for: - Identifying and establishing availability of communication partners - Determining resource availability - Synchronizing communication
Simple Network Management Protocol (SNMP)
Used to collect network information by polling stations and sending traps (or alerts0 to a management station. __________ has many well-known vulnerabilities, including default cleartext community strings (passwords). ______ operates on TCP/UDP ports 161 (agent) and 162 (manager). Secure ______ uses TCP/UDP ports 10161 (agent) and 10162 (manager). *Hint: term is the same for all blanks
- American Standard Code for Information Interchange (ASCII) - Extended Binary-Coded Decimal Interchange Code (EBCDIC) - Graphics Interchange Format (GIF) - Joint Photographic Experts Group (JPEG) - Motion Picture Experts Group (MPEG)
What are some examples of the Presentation Layer?
- Data representation: Use of common data representation formats (standard image, sound, and video formats) enable application data to be exchanged between different types of computer systems. - Character conversion: Information is exchanged between different systems by using common character conversion schemes. - Data compression: Common data compression schemes enable compressed data to be properly decompressed at the destination. - Data encryption: Common data encryption schemes enable encrypted data to be properly decrypted at the destination.
What are the tasks associated with the Presentation Layer?
This layer is responsible for: - Identifying and establishing availability of communication partners - Determining resource availability - Synchronizing communication
What is the Application Layer responsible for?
IPsec's transport mode is used for host-to-host links and encrypts only the payload, not the header. IPsec's tunnel mode is used for host-to-LAN and LAN-to-LAN links and encrypts the entire original payload and header and then adds a link header.
Written Lab: Describe the differences between transport mode and tunnel mode of IPsec.
Methods to secure 802.11 wireless networking include disabling the SSID broadcast; changing the SSID to something unique; enabling MAC filtering; considering the use of static IPs or using DHCP with reservations; turning on the highest form of encryption offered (such as WEP, WPA, or WPA2/802.11i); treating wireless as remote access and employing 802.1X, RADIUS, or TACACS; separating wireless access points from the LAN with firewalls; monitoring all wireless client activity with an IDS; and considering requiring wireless clients to connect with a VPN to gain LAN access.
Written Lab: Discuss methods used to secure 802.11 wireless networking.
Network Address Translation (NAT) allows for the identity of internal systems to be hidden from external entities. Often NAT is used to translate between RFC 1918 private IP addresses and leased public address. NAT serves as a one-way firewall because it allows only inbound traffic that is a response to a previous internal query. NAT also allows a few leased public addresses to be used to grant internet connectivity to a larger number of internal systems.
Written Lab: Discuss the benefits of NAT.
Application (7) Presentation (6) Session (5) Transport (4) Network (3) Data Link (2) Physical (1)
Written Lab: Name the layers of the OSI model and their numbers from top to bottom.
Problems with cabling and their countermeasures include attenuation (use repeaters or don't violate distance recommendations), using the wrong CAT cable (check the cable specifications against throughput requirements, and err on the side of caution), crosstalk (use shielded cables, place cables in separate conduits, or use cables of different twists per inch), cable breaks (avoid running cables in locations where movement occurs), interference (use cable shielding, use cables with higher twists per inch, or switch to fiber-optic cables), and eavesdropping (maintain physical security over all cable runs or switch to fiber-optic cables).
Written Lab: Name three problems with cabling and the methods to counteract those issues.
Circuit switching is usually associated with physical connections. The link itself is physically established and then dismantled for the communication. Circuit switching offers known fixed delays, supports constant traffic, is connection oriented, is sensitive only to the loss of the connection rather than the communication, and was most often used for voice transmissions. Packet switching is usually associated with logical connections because the link is just a logically defined path among possible paths. Within a packet-switching system, each system or link can be employed simultaneously by other circuits. Packet switching divides the communications into segments, and each segment traverses the circuit to the destination. Packet switching has variable delays because each segment could take a unique path, is usually employed for bursty traffic, is not physically connection oriented but often use virtual circuits, is sensitive to the loss of data, and is used for any form of communication.
Written Lab: What are the main differences between circuit switching and packet switching?
Some of the frequency spectrum-use technologies are spread spectrum, Frequency Hopping Spread Spectrum (FHSS), Direct Sequence Spread Spectrum (DSSS), and Orthogonal Frequency-Division Multiplexing (OFDM).
Written Lab: What are the various technologies employed by wireless devices to maximize their use of the available radio frequencies?
Secure Multipurpose Internet Mail Extensions (S/MIME)
___________ is a secure method of sending email incorporated into several popular browsers and email applications.
Privacy Enhanced Mail (PEM)
______________ is an IETF (Internet Engineering Task Force) standard for providing email confidentiality and authentication. ________ is not widely used. *Hint: term is the same for all blanks
Secure HyperText Transfer Protocol (S-HTTP)
______________ is an Internet protocol that provides a method for secure communications with a web server. ___________ is a connectionless-oriented protocol that encapsulates data after security properties for the session have been successfully negotiated. *Hint: term is the same for all blanks
American Standard Code for Information Interchange (ASCII)
a character-encoding scheme based on the English alphabet, consisting of 128 characters
Joint Photographic Experts Group (JPEG)
a photographic compression method widely used to store and transmit photographs
Graphics Interchange Format (GIF)
a widely used bitmap image format that allows up to 256 colors and is suitable for images or logos (but not photographs)
Extended Binary-Coded Decimal Interchange Code (EBCDIC)
an 8-bit character-encoding scheme largely used on mainframe and mid-range computers
