Attempt 2 Net +
IBSS
Ad hoc technology where wireless adapter allows connections to and from other wireless devices
ARP
Address Resolution Protocol. Resolves IP addresses to MAC addresses. ARP poisoning attacks can redirect traffic through an attacker's system by sending false MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning attacks within a network.
Link State
Allows a router to store the complete network topology and assess the least-cost paths from topology database
iSCSI (Internet Small Computer System Interface)
IP tunneling protocol that enables the transfer of SCSI data over an IP-based network to create a SAN
Bus Topology
More than two nodes is shared access topology, meaning that all nodes share the bandwidth of the media
CSMA/CA
Nodes listen to the media before transmitting and transmit when the media is clear
Penetration Testing
Discovers exploitable weaknesses in security system, it is an active approach to assessing vulnerabilites
Star Topology
Each endpoint node is connected to a central forwarding node such as a hub, switch or router
Ring Topology
Each node is wired to its neighbor in a closed loop
Logical Topology
Flow of data through the network
NetFlow
a tool used to gather network traffic statistics
SIEM
Security control used to integrate vulnerability and threat assessment efforts through automated collection, aggregation and analysis of log data
Layer 5
- Session Layer - creates the session between clients. establishes session - uses a session ID to keep the data stream separate
mGRE (Multipoint Generic Routing Encapsulation)
This is widely used to connect branch offices to an on-premises datacenter located at the head office
Encapsulation Errors
Will prevent transmission and reception, physical link is up but line protocol is down
Layer 3
- Network Layer - Routing - Assignment IP address - Packet/ Datagram - Routers & Gateways
tcpdump
- A command-line protocol analyzer. Administrators use it to capture packets. - tcpdump -i eth0 (eth0 is interface to listen on can be subsituted)
Layer 2
- Data Link - Responsible for transferring data between nodes on the same logical segment (Sends traffic to one another using physical hardware addresses)
TCP
- Guarantee delivery of packets - Connection-oriented - Transport Layer
UDP
- Non guarantee communication - Connectionless - Transport Layer
Layer 1
- physical - responsible for the transmission and receipt of the signals that represent bits of data from one node to another node
Layer 7
-Application layer - protocol association HTTP, Telnet, FTP etc -Integrating of network functionality into the host OS -Enabling communication between network client and services
Layer 6
-Presentation layer - handles syntax, encryption and compression - specifies data format
5G
50mbs - 300 mbps
Vulnerability
A security weakness
SLA
Agreement setting out the detailed terms provided under an ongoing service
MoU
Agreement to express an intent to work together
Passive TAP
Box with ports for incoming and outgoing network cabling and an inductor or optical splitter that physically copes the signal from the cabling to a monitor port
Port Aggregation
Combines two or more separate links into a single channel, which increases speed & redudnancy
Mesh Topology
Common in WANS, requires each device has a point-to-point link with every other device on network
SDN Infrastructure Layer
Devices that handle the actual forwarding of traffic and imposition of ACL and other configs for security
RIP (Routing Information Protocol)
Distance vector routing, uses a hop count metric to determine the distance to the destination network
Security Policy
Ensures the confidentiality, integrity, and availability of any data assets or processing systems
SDN Management Plane
Implements monitoring of traffic conditions and network status
DHCP Snooping
Inspects DHCP traffic arriving on access ports to ensure a host isn't trying to spoof its MAC addres, also prevents rogue DHCP servers from operating
Neighbor Discovery Protocol (NDP)
Main function is redirection which enables router to inform a host of a better route to a destination
SDN Application Layer
Makes decision on how traffic should be prioritized and secured and where it should be switched (Segmentation, ACL, QoS, Policy/shaping)
4G (LTE)
Max 150 mbps
Exploit
Means of utilizing a vulnerability
Network ID
Number common to all hosts on the same IP network
Host ID
Number identifies a host within an IP network
Zero Trust
Perimeter security is unlikely to be completely robust, it uses authentication and conditional access to mitigate privilege escalation and account compromise
Physical Topology
Placement of nodes and how they are connected by the network media
SPAN (switched port analyzer)/mirror port
Sensor is attached to a specially configured port on the switch that receives copies of frames addressed to nominated access ports
SDWAN Software-Defined WAN
Software-defined mechanisms and routing policies to implement virtual tunnels and overlay networks over multiple types of transport network
OSPF
Suited for large organizations with multiple redundant paths between networks, has high convergence performance and weighted elements such as reliability, bandwidth, and load
Yagi antenna
Unidirectional antenne, this is common for outdoor use and can boost radio signals long distances
BGP
Used between routing domains and is used as the routing protocol on the internet primarily between ISPs
MPLS (Multiprotocol Label Switching)
Used by service providers to implement WAN access links and virtual private networks with (Congestion control), Class of Service, and Quality of Service
Hybrid Topology
Uses a mixture of point-to-point, star, mesh, ring, and bus topologies
Distance Vector
Uses number of hops to destination, the route with the fewest hops is the least-cost path and the network will select it for use
Active TAP
this is a powered device that performs signal regeneration (again, there are copper and fiber variants), which may be necessary in some circumstances. Gigabit signaling over copper wire is too complex for a passive tap to monitor and some types of fiber links may be adversely affected by optical splitting. Because it performs an active function, the TAP becomes a point of failure for the links in the event of power loss. When deploying an active TAP, it is important to use a model with internal batteries or connect it to a UPS.
Layer 4
transport layer -> TCP and UDP
