Chapter 4 Protocols
IPSec creates secure connections in five steps. Put the following steps in order of operation. 1. Key management 2. Data transfer 3. Security negotiations 4. IPSec initiation 5. Termination
4, 1, 3, 2, 5
DoT (DNS over TLS), pronounced dot, is the practice of securing DNS resolution requests directly using SSL/TLS. What port does DoT use by default?
853
Tommy is currently in the process of selecting a firewall to purchase. With several options available, each specializing in different layers of the OSI model, he has decided to opt for a layer 7 firewall over a layer 4 firewall. Why would Tommy choose a layer 7 firewall?
A layer 7 firewall can read through the entire message to check for signs of malware
What is the difference between an Address Resolution Protocol (ARP) table and a Media Access Control (MAC) table? Choose all that apply.
An ARP table maps layer 3 IP addresses to layer 2 MAC addresses. A MAC address table maps layer 2 MAC addresses to layer 1 physical interfaces on a device.
What are the multiple types of Address Resolution Protocols (ARP) entries? Choose all that apply.
Dynamic ARP table entries Static ARP table entries
During the data transfer step in IPSec, a secure channel is established to facilitate secure transmissions and then the data is encrypted before transmission. Which types of encryption can be used? Choose all that apply.
ESP (Encapsulating Security Payload) encryption AH (authentication header) encryption
IPSec is an enhancement to IPv6.
False
TCP/IP is a suite of protocols, or standards, that includes TCP, IP (IPv4 and IPv6), UDP, ARP, and many others. Many of these protocols function by adding information at the end of messages transported across the network in fields called footers.
False
What is fragmentation and why does it happen?
Fragmentation is the process of dividing packets that are too large for a network's hardware into smaller packets that can safely traverse the network.
Besides IP, what other protocol plays a significant role on both IPv4 and IPv6 networks?
ICMP
What is the protocol that can traverse (internetwork) more than one LAN segment and more than one type of network through a router?
IP
Why is there no fragment offset field in an IPv6 packet?
IPv6 hosts adjust their packet sizes to fit the requirements of the network.
What are the main differences between TLS and SSL? Choose all that apply.
TLS operates at the transport layer and SSL operates at the application layer. TLS uses slightly different encryption algorithms than SSL.
Why is the ISN (Initial Sequence Number) of the first SYN message in the three-way handshake considered a security risk?
The ISN is calculated by a predictable clock-based algorithm.
While conducting a network audit, Hamid discovered that the Media Access Control (MAC) address of a workstation had changed since the previous audit. What could be the explanation for this change?
The NIC was replaced.
Authentication is a process of ensuring that an entity is who they say they are.
True
Bianca is live-streaming from her friend's birthday party. What Internet protocol is most likely being used for this service?
UDP
Dixon wants to confirm that the new NIC (network interface card) that he installed on a Windows computer is working properly. What command-line utility will he use to test it?
ping
Ingrid is in charge of managing one division of her company's IT department, which is responsible for out-of-band management. The other division of the department handles in-band management help desk issues. Ingrid likes to work in the out-of-band management division since it provides remote options that are not accessible when working in-band. What are some of the functions that are unique to an out-of-band scenario?
power up a device reinstall an operating system troubleshoot boot problems
At the beginning of a Transmission Control Protocol (TCP) segment, TCP manages several elements by posting data to fields in the TCP headers. What are some of these elements? Choose all that apply.
sequencing checksum flow control
Antonella wants to send a private email to her friend Margaret. To ensure the privacy of the email, she uses GnuPG (GNU Privacy Guard) to create a key. She then sends the email to Margaret, and later sends the key to her. What type of encryption is Antonella using in this scenario?
symmetric encryption
Diya, a network administrator, prefers using command-line tools to monitor traffic on Linux servers in her network. What utility would Diya use to do this?
tcpdump
Ron received a call from one of his clients, who was experiencing issues with a workstation and needed assistance. However, due to the distance between Ron's location and the client's office, which was over 50 miles away, Ron couldn't make it to the client's office on the same day. To solve the problem, Ron requested the client's permission to log into their computer so he could troubleshoot the issue. This is an example of what type of function?
terminal emulation
Lynn is sending a message to a colleague, who is located on the other side of the country. The message contains information about some intellectual property that their company has recently designed. It is crucial that the data remains confidential and is not leaked to anyone. In this scenario, which IPSec transmission mode would be the most suitable for ensuring secure communication?
tunnel mode
True story: Fred was the marketing manager for a non-profit organization that collected donations through an online portal. One day, he received a message from a donor reporting an error message that appeared when attempting to make a donation: "NET::ERR_CERT_DATE_INVALID."The donor expressed their regret that they could not donate online due to this problem, which caused the organization to lose money. Fred was uncertain about the cause of the error and involved the IT team in investigating the issue. What did the IT team discover?
expired SSL certificate
In terms of security, data exists generally in three states. In what state is data being moved?
in transit
If a router that reads and processes the network layer header and leaves alone the transport layer header. At what layer is the router working?
layer 3
Briar needs to look up the port on which a TCP/IP service is running. Which utility should they use?
netstat
The Telnet protocol is a utility used for terminal emulation in Telnet client-server applications that permit an administrator or another user to remotely control a computer. However, it is no longer considered safe to use Telnet for controlling other computers. What are the reasons for this issue? Choose all that apply.
no encryption poor authentication
Effective and secure key management is critical to the safety of an organization's data, which is encrypted using keys. Where should keys never be kept? Choose all that apply.
code documents scripts
What is the purpose of the Link Layer Discovery Protocol (LLDP)? Choose all that apply.
discover neighboring networking devices discover information about neighboring networking devices such as configurations or capabilities
What is the reason as to why ARP (Address Resolution Protocol) is sometimes said to function at layer 2.5?
It touches IP and MAC address information at both layers.
It is important to regularly rotate keys, replacing old keys with new ones and re-encrypting data previously encrypted with the old key using the new one. Why is it important to rotate keys?
Key rotation reduces the risk of data being compromised.
The data link layer is unique because it can be divided into sublayers. What are those sublayers? Choose all that apply.
MAC sublayer LLC (logical link control) sublayer
What defines the maximum payload size that a layer 2 frame can encapsulate?
MTU (maximum transmission unit)
If Address Resolution Protocol (ARP) is responsible for IPv4 network host discovery through Internet Control Message Protocol (ICMP),, how do IPv6 devices learn about other devices on their networks?
NDP (Neighbor Discovery Protocol)
Jeremy was sitting in the network operations center (NOC) watching a live stream from the president of his company. As he was watching the feed, he noticed that the picture was a little "glitchy," occasionally patches of color would be missing from the feed. There was nothing he could do about it because of the way the feed was being transmitted. What protocol could the feed be transmitting in, and why would it look like there were errors in the feed?
UDP. It does not provide error checking or correction mechanisms, so if a packet is lost or corrupted during transmission, it will not be retransmitted, which is why the image had data packets dropping out of it.
Which OSI layer protocols collaborate with User Datagram Protocol (UDP) to emulate some of the reliability provided Transmission Control Protocol (TCP)?
application layer
Danika frequently uses online banking to check her account balance, transfer funds, and pay bills. However, she has never paid attention to the mechanism that authenticates her identity when logging in or how the system recognizes that she is using a different computer. For instance, she wonders why she receives a notification on her phone when she logs in from a new browser on a different device than she has previously used. What is this a function of?
asymmetric encryption
What are digital certificates primarily used for?
certifying and securing web servers where sensitive information is exchanged
