C172 Network and Security Review
Community Cloud
serves a specific community with common business models, security requirements, and compliance considerations
Private Cloud
serves only one customer or organization and can be located on the customer's premises or off the customer's premises
finger
displays information about a user or users on a remote system, including things such as last log-in time and username. It is primarily used in Linux.
Firewalls
hardware, software, or both designed to prevent unauthorized persons from accessing electronic information
Hybrid Cloud
includes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability
Layer 6
Presentation Layer
nmap
A network utility designed to scan a network and create a map. Frequently used as a vulnerability scanner.
Layer 3
Network Layer
Which OSI layer ensures error-free packets?
Transport
Layer 1 Threat
Wiretapping
Cat3 Cable
10mbps, 16ghz, 10BaseT, used for telephone wiring
Which three levels of the OSI model does stateful inspection require?
3, 4, and 5
Which layers of the OSI model does a packet-filtering firewall operate in?
3, and 4
Which IEEE 802 standard is for wireless LAN connections?
802.11
ifconfig
A TCP/IP configuration and management utility used with UNIX and Linux systems.
netstat
A TCP/IP utility that shows the status of each active connection.
tcpdump
A command-line protocol analyzer. Administrators use it to capture packets.
WPA2 (Wi-Fi Protected Access 2)
A data encryption standard compliant with the IEEE802.11i standard that uses the AES (Advanced Encryption Standard) protocol. WPA2 is currently the strongest wireless encryption standard.
WEP (Wired Equivalent Privacy)
A key encryption technique for wireless networks that uses keys both to authenticate network clients and to encrypt data in transit.
PaaS (Platform as a Service)
A method that enables infrastructure and tools from the service provider so that the client does not need to manage them.
IaaS (Infrastructure as a Service)
A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.
Layer 7
Application Layer
OSI Network Layer
This layer is responsible for the transmission of data between hosts in different networks as well as routing of data packets. This layer is implemented through the use of devices such as routers and some switches.
OSI Presentation Layer
This layer is responsible for translating data from the application layer into the format required to transmit the data over the network as well as encrypting the data for security if encryption is used.
route command
Enables you to display and make changes to the local IP routing table of the computer.
What does the address resolution protocol (ARP) cache map?
IP addresses to MAC addresses
Telnet/SSH
Provides connections to computers over a TCP/IP network
Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination?
Proxy Servers
Which topology uses a switch or hub to connect to all devices in the same network?
Star
Layer 4
Transport Layer
nslookup
A utility that is used to test and troubleshoot domain name servers.
tracepath
A version of the traceroute utility found on some Linux distributions.
Which statement is true when comparing AES encryption to Triple DES (3DES)?
AES requires less CPU utilization and uses a larger block size than 3DES
Which attack tricks a client into mapping an IP address to a spoofed MAC address?
ARP Spoofing
Which network type does not require a wireless router or access point between clients?
Ad-hoc
ARP
Address Resolution Protocol. Resolves IP addresses to MAC addresses. ARP poisoning attacks can redirect traffic through an attacker's system by sending false MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning attacks within a network.
Man-in-the-middle
An attack that intercepts legitimate communication and forges a fictitious response to the sender.
SQL Injection
An attack that targets SQL servers by injecting commands to be manipulated by the database.
CAT4 cable
Cat4 supports 16 Mbps for up to 100 meters and is not commonly used today
What type of medium is commonly used within a 1000 Mbps Ethernet network?
Cat5e
Which type of Ethernet cable can maintain 10Gbps transmission speeds through the course of its maximum 100-meter length?
Cat6a
What is the result of the encryption process?
Ciphertext
Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server?
Circuit Level
Which cloud model provides an exclusive cloud computing service environment that is shared between two or more organizations?
Community
ftp command
Copies the file from one host to another host. The data is unencrypted.
Which Internet access technology uses ordinary telephone wires for data transmission?
DSL
Which OSI layer is responsible for organizing how bits are passed over the physical layer between devices within the same collision domain?
Data Link
Layer 2
Data Link Layer
Which layer of the OSI model does a bridge use to make decisions about forwarding data packets?
Data Link Layer
deauthentication attack
Denial-of-service (DoS) strike that disconnects a wireless host from WAP, so that the victim is forced to reconnect and exchange the wireless key multiple times; an attacker can then perform an offline brute-force cracking of the password.
Which device could be used to send commands to the mainframe for remote execution in early mainframe installations?
Dumb Terminals
Eliptic Curve Cryptography (ECC)
ECC uses the algebraic structure of elliptic curves to create a key that is even smaller than traditional asymmetric keys, yet it is substantially more difficult to crack without the aid of quantum computers.
asymmetric key encryption
Encryption system in which two keys are used: a public key used only to encrypt data, and a private key used only to decrypt it.
Why would someone choose to implement Advanced Encryption Standards (AES) encryption over Triple Data Encryption Standard (3DES) encryption?
For a more secure level of encryption due to increased complexity.
Packet Filters
Hardware or software tools that allow or deny packets based on specified criteria, such as port, IP address, or protocol.
Which phrase describes unencrypted data?
In The Clear
Which encryption application provides authentication and encryption services that are commonly used to create VPN tunnels at OSI Layer 3?
Internet Protocol Security (IPSec)
dig command
It is helpful in troubleshooting DNS problems. It is also used for lookups and will display answers from the query. It is a replacement for nslookup.
What is the meaning of "state" when referring to stateful inspection in firewalls?
It refers to the connection state of a conversation between two computers.
Stateful Inspection
Keep track of each communication, maintain a table that contains data about each connection
A security analyst is testing the security of an organization's website by placing a script directly into a search box. Which level of the OSI model is the analyst addressing?
Layer 7
Which network device is used to convert between digital information from a LAN and analog signals for transmission over a standard telephone wire?
Modem
Which OSI layer is related to the function of the IP protocol suite?
Network
Which transmission control protocol/internet protocol (TCP/IP) layer performs addressing and routing?
Network Layer
A user receives an email from an unknown bank saying that the user's account with the bank has been compromised. The user suspects that this is a phishing exploit. How should the user safely proceed?
Open a new browser page, navigate to the bank's website, and acquire legitimate contact information to report the email.
Which cloud service provides hardware, operating systems, and web servers but not end-user applications?
PaaS
Which device is used to organize network cables as they run between switches and other network devices?
Patch Panel
SaaS (Software as a Service)
Pay for software as you use it. Not installed locally, instead it is 'Hosted'software e.g. Google Docs
Layer 1
Physical Layer
Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet?
Port Address Translation (PAT)
OSI Application Layer
Responsible for network applications and their product to be transferred
In which physical LAN topology are nodes connected to each other with a backbone cable that loops around and ends at the same point it started?
Ring
Which network topology is being implemented when each node connects to exactly two other nodes, forming a single continuous pathway for signals through each node?
Ring
Which device is responsible for implementing network address translation (NAT)?
Router
Which device operates at layer 3 of the OSI model?
Router
Which network device is used to connect two or more network segments by performing OSI layer 3 functions like packet-forwarding?
Router
scp
Secure Copy Protocol
Which protocol provides remote access over encrypted connections?
Secure Shell (SSH)
Symmetric Key Encryption
Sender and receiver use single, shared key
Layer 5
Session Layer
Which layer of the OSI model establishes, manages, and terminates connections?
Session Layer
Which device is used to connect host devices within a local area network?
Switch
Which device operates at layer 2 of the OSI model?
Switch
What is the fastest encryption method for bulk encryption of data?
Symmetric Key Encryption
Which protocol suite performs functions of OSI layer 4?
TCP
ping
Test a network connection
802.1x
The IEEE standard that defines port-based security for wireless network access control
VLAN Hopping
The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
ipconfig
The utility used to display TCP/IP addressing and domain name information in the Windows client operating systems.
OSI Session Layer
This layer is responsible for connection establishment, session maintenance, and authentication.
OSI Data Link Layer
This layer is responsible for the error-free delivery of data to the receiving device or node. This layer is implemented through the use of devices such as switches and bridge devices, as well as anything with a network interface, like wireless or wired network cards.
OSI Physical Layer
This layer is responsible for the physical connections of the devices in the network. This layer is implemented through the use of devices such as hubs, repeaters, modem devices, and physical cabling
OSI Transport Layer
This layer provides services to the application layer and receives services from the network layer. It is responsible for the reliable delivery of data. It segments and reassembles data in the correct order for it to be sent to the receiving device. It may also handle the reliable delivery of data and any retries of data that are lost or corrupted (for example, TCP does this). This layer is often called the heart of OSI.
Which OSI layer would define the scope of a protocol that makes sure packets of data are received correctly and resends them if they are not?
Transport
A company provides access to employees' tax and personal information via a public-facing web portal. What should the company implement to encrypt employees' web access to this information?
Transport Layer Security (TLS)
3DES
Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It was originally designed as a replacement for DES. It uses multiple keys and multiple passes and is not as efficient as AES, but is still used in some applications, such as when hardware doesn't support AES.
Which type of port has access to all VLANs by default in a traditional layer 2 switch?
Trunk
Which Transport layer protocol is best suited for streaming audio and video?
User Datagram Protocol (UDP)
Port Scanning
Using a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).
An office's infrastructure connects network devices and printers through a central access point without the use of cabling. Which network type does this office use?
WLAN
Which type of wireless security protocol is the most secure?
WPA2 + AES
WPA (Wi-Fi Protected Access)
Wireless security protocol that uses encryption key integrity-checking/TKIP and EAP and is designed to improve on WEP's weaknesses. Supplanted by WPA 2.
Spoofing
a technique intruders use to make their network or internet transmission appear legitimate to a victim computer or network
AES
advanced encryption standard, a symmetric 128-bit block data encryption technique
Circuit Level Gateways
allow data into a network only when computers inside the network request the data. Circuit-level gateways are the foundation of network address translation (NAT) and port address translation (PAT), which are commonly used in firewalls to allow private IP address ranges to communicate on the internet.
ARP poisoning
an attack that convinces the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker's machine
whois
an internet utility program that obtains information about a domain name or IP number from the database of a domain name registry
traceroute
command to check the path that a packet takes to reach a destination
tracert
command to check the path that a packet takes to reach a destination (Windows)
A server administrator is tasked to harden the database servers, and one of the requirements is to document any firewall ports that are open and closed. Which native Windows command line utility should the administrator use?
netstat
An organization needs to perform an analysis to identify vulnerabilities such as open firewall ports, unauthorized operating systems or device types, and weak passwords. Which tool is recommended?
nmap
Which command produces the following output? Non-authoritative answer: Name: www.google.comAddress: 172.217.11.132
nslookup
Public Cloud
promotes massive, global, and industrywide applications offered to the general public
Which command should be used to manually enter the default gateway for a computer?
route
Which network diagnostic tool displays the path packets take between two endpoints?
traceroute
The network administrator is receiving complaints about clients experiencing high latency only when connecting to their web-based customer management system (CMS). Which Windows command should this network administrator use to identify where this latency is occurring?
tracert
tftp
transfers a file from either a client to a server or from a server to a client using UDP (user datagram protocol) instead of TCP, and so it is usually used on reliable (local) networks.
