CS4220: Computer Networks - Midterm
What are some legitimate reasons for spoofing a MAC address? - Conceal their actual MAC address to avoid being tracked or identified on a public Wi-Fi network - Troubleshoot or debug network connectivity issues - To spoof a MAC address of a WAP to record uninformed users' transmissions. - Maintain privacy or anonymity on a public network
- Conceal their actual MAC address to avoid being tracked or identified on a public Wi-Fi network - Troubleshoot or debug network connectivity issues - Maintain privacy or anonymity on a public network
Which of the following are framing methods? Select all that apply. - Flag bytes with byte stuffing - Physical layer coding violations - Byte count - Flag bits with bit stuffing
- Flag bytes with byte stuffing - Physical layer coding violations - Byte count - Flag bits with bit stuffing
Match the following terms with their definitions. - LAN - WAN - MAN - PAN
- Local-area network (LAN): It interconnects network components within a building. - Wide-area network (WAN): It interconnects network components that are geographically dispersed between two or more locations. - Metropolitan-area network (MAN): It interconnects locations scattered throughout a city. - Personal-area network (PAN): A network scaled smaller than a LAN. An example might be a connection between a smartphone and a headset.
What are the two commonly available PPP authentication mechanisms? - PAP - CHAP - TACACS+ - RADIUS
- PAP (Password Authentication Protocol) - CHAP (Challenge Handshake Authentication Protocol) There are two commonly supported PPP authentication mechanisms: Password Authentication Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP). CHAP is the more secure of the two.
What three types of information does a program need to establish a socket? - The type of addressing format to be used. - Port number - The type of service desired (e.g., reliable byte stream) - The protocol.
- The type of addressing format to be used. - Port number - The protocol.
What are the parts of a frame? - an embedded packet - Error Correcting Code - a checksum in the trailer - control information in the header
- an embedded packet - a checksum in the trailer - control information in the header See Chapter 3 (direct quote): 3.3.2 Basic Transmission and Receipt When the data link layer accepts a packet from the network layer at the sender,it encapsulates the packet in a frame by adding a data link header and trailer to it(see Fig.3-1). Thus,a frame consists of an embedded packet, some control information (in the header), and a checksum (in the trailer). The frame is then transmitted to the data link layer on the other machine.
How many assignable IP addresses exist in the 172.16.1.10/28 network? This question is worth 2 points of extra credit.
14 There are 4 bits left here for host address assignment, and 2 raised to the fourth power is 16. Subtract 2 for the network ID and broadcast address.
How many subnets do you get with a subnet of 192.168.1.0/28? This question is worth 2 points of extra credit.
16 The binary representation of /28 prefix is 11111111.11111111.11111111.11110000. The formula to determine the number of subnets is 2 ^ X, where X equals to the number of borrowed bits beyond the default mask of 24, for this Class C address. In this case, there are 4 borrowed bits ( 2 ^ 4 = 16); therefore, there are 16 possible subnets.
A client with an IP address of 172.16.80.5/18 belongs to what network? This question is worth 2 points of extra credit.
172.16.0.0/18 This host address and subnet mask combination is in the 64.0 network and is part of the host range of usable addresses: 172.16.64.1 to 172.16.127.254.
What port and protocol are used by HTTPS? (Choose two.) - 443 - UDP -TCP - 123 - ICMP - 543
443 and TCP
Which of the following is a wireless standard?
802.11
Which is not an example of a wireless technology found in mobile devices today?
802.11q
What is an OUI and why is it important from a networking perspective, particularly in terms of identifying and managing devices on a network?
A 24 bit identifier (organizationally unique identifier) that identifies the vendor/manufacturer/organization of a network interface card (NIC) - this helps administrators identify the device quickly and helps with maintenance, network security, and troubleshoot issues.
Describe three advantages and at least one disadvantage of fiber over copper cables.
Advantage: - Fiber can travel longer w/o degrading - Higher bandwidth = faster transmit - Typically smaller which can help when space is tight Disadvantage: - Fiber cables break more frequently, less reliable transmission. - Cost fiber > copper. Canvas Ans: Fiber advantages over copper -Handles higher bandwidth -Not affected by power surges, electromagnetic interference, power failures, corrosive chemicals -Thin and lightweight -Do not leak light -Difficult to tap Fiber disadvantage -Less familiar technology that requires specific engineering skills -Fibers damaged easily by being bent too much Lecture resources: Tanenbaum, A. S., Feamster, N., and Wetherall, D. (2021). Computer networks. Pearson. - The Physical Layer chapter
What is geo-tagging?
Annotating photos and videos with the location where they were made
Verifying a username and password is part of which process?
Authentication SSL/TLS and HTTPS Any nosy person who can plug into a network can see and read the HTTP packets moving between a Web server and a Web client. Less than nice people can easily create a fake Web site to trick people into thinking it's a legitimate Web site and then steal their usernames and passwords. For these and other reasons, the Internet has moved away from HTTP. For an Internet application to be secure, it must have the following: • Authentication Usernames and passwords • Encryption Stirring up the data so others can't read it • Nonrepudiation Source is not able to deny a sent message All of Chapter 10Links to an external site. is dedicated to these concepts, but the Web side of things requires mention here. Almost every Web site today uses the secure version of HTTP, called Hypertext Transfer Protocol Secure (HTTPS), to enable connections between clients and servers that hackers can't break. HTTPS uses Transport Layer Security (TLS), the latest version
What is framing?
Breaking up the bitstream into frames. See "3.1.2 Framing" in textbook. "The usual approach is for the data link layer to break up the bit stream into discrete frames, compute a short token called a checksum for each frame, and include the checksum in the frame when it is transmitted."
When stations can quickly detect a collision and abruptly stop transmitting, saving time and bandwidth is called ________________.
CSMA/CD
Which of the following core service primitives tells the service to establish a connection with a waiting peer?
Connect Six core primitives Listen (block waiting for an incoming connection)Connect (establish a connection with a waiting peer)Accept (accept an incoming connection from a peer)Receive (block waiting for an incoming message)Send (send a message to the peer)Disconnect (terminate a connection)
This question is worth 5 points of extra credit. Rubric: 5 pts - all points are discussed thoroughly demonstrating a solid understanding of the concepts 4 pts - all but one key point are discussed thoroughly demonstrating a solid understanding of the concepts 3 pts - most of the key points are mentioned, but maybe not as thorough as it could be 2 pts - a couple of the key points are mentioned, but maybe not as thorough as it could be 1 pts - write something about computer networks
Cont: How does connection-oriented routing differ from connection-less routing, and what are the advantages and disadvantages of each approach? OR Explain scalability. What is scalability? What are some factors impacting scalability? Give an example of scalability. Write down anything you might think means scalability. Ans: Scalability is the ability to handle increasing workloads efficiently. What are some factors impacting scalability? - Load balancing, network bandwidth, hardware performance Give an example of scalability. - Cloud computing services where the resources grow or shrink based on the demand Write down anything you might think means scalability. - The ability to adapt to changing workloads without straining the overall system
In what type of attack does the attacker infiltrate many systems and then instruct those compromised systems, called zombies, to simultaneously flood a targeted system with traffic?
DDoS A distributed denial-of-service attack involves many systems to compromise the availability of a system.
What is the purpose of the Data Link Layer? Hint: DLL also has two sublayers, the Logical Link Layer and the Media Access Control Layer.
DLL: helps move data between devices on a network ensure data is sent error-free in the correct order Sublayers: LLC: establishes, terminates, and maintenance of connections between devices control data flow and check for errors MAC: assign unique ID's to devices make sure devices sure the network and don't collide when sending data Canvas Ans: Answers could include any of the following components: Handles the moving of data into and out of a physical link in a network Data bits are encoded, decoded and organized in the data link layer Transported as frames between two adjacent nodes on the same LAN or WAN Determines how devices recover from collisions Two sublayersThe Logical Link Control (LLC) sublayerMedia Access Control (MACLinks to an external site.) sublayer. LLC sublayer is to control data flow among various applications and services, as well as provide acknowledgement and error notification mechanisms. The LLC sublayer can then talk to a number of IEEE 802 MAC sublayers, whi
What hierarchical database was invented to match fully qualified domain names to IP addresses?
DNS The Domain Name System (DNS) is a global hierarchy system that resolves names to IP addresses.
A hacker has created an evil twin WAP. However, the intended target is still authenticating to the legitimate WAP. What tool can the hacker use to force the user to authenticate to the evil twin?
Deauthentication frame A deauthentication frame that has the user's MAC address as the source can cause the user to be disconnected from the legitimate network and redirected to the evil twin.
An unauthorized and coordinated use of multiple systems launching command and control software against a single system to force an inability to function is known as ________.
Distributed Denial of Service attack
What is Utopia when considering flow control and error correction?
Flow control and error control do not exist.
Match the protocol to the port numbers. - HTTP - SSH - DNS - SSL/TLS - FTP - SMTP
HTTP: Port 80 SSH: Port 22 DNS: Port 53 SSL/TLS: Port 443 FTP: Ports 20, 21 (Port 20 is used for data transfer, and Port 21 is used for control) SMTP: Port 25 (By default; can also use 587 for secure SMTP submission)
What protocol does ping use in its operation?
ICMP The ICMP protocol is used by many troubleshooting and monitoring tools. Ping and traceroute are examples of two of these utilities that are ICMP-based.
What mode is a wireless network said to be in when using one or more WAPs to connect the wireless network nodes centrally, effectively creating a WLAN?
Infrastructure mode
What is the primary purpose of the Extensible Authentication Protocol (EAP) in computer networking and security?
It securely verifies the identity of users or devices in network communication.
Which of the following involving a session hijacking attempt by a hacker involves the capture and replaying of legitimately secure credentials?
Man-in-the-middle/On path In a Man-in-the-middle/On path attack, the hacker intercepts a legitimate authentication request by a legitimate user. Even if the credentials are encrypted, as long as the hacker can replay them accurately, he/she can gain access and copy any traffic sent by the user.
When thinking of a MAC address, what does MAC stand for?
Media Access Control
Which OSI layer is responsible for path determination and logical addressing?
Network
What are the 7 layers of the OSI model?
Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer, Application Layer
What is an example of a social engineering attack? - Fake news - On-path attack - DoS - DDoS - Piggybacking
Piggybacking
Which of the following is a common Layer 2 protocol that could run over a dedicated leased line?
Point-to-Point Protocol (PPP) A common Layer 2 protocol that could run over a dedicated leased line is Point-to-Point Protocol (PPP); the others protocols are not Layer 2 protocols that could run over a dedicated line.
What type of an attack often seeks a payment in untraceable Bitcoin or other cryptocurrency?
Ransomware Ransomware is an attack that involves the demand of a ransom (often in cryptocurrency) for access to files or systems to be restored.
Flooding of ICMP traffic into a directed subnet to create a DoS attack using ping replies is known as ________.
Smurf attack
Which wiring standard is used on modern Ethernet connectors and jacks?
TIA/EIA-568-B
The proper alignment of the transmit and receive pairs in a CAT5/5e/6 UTP cable requires what?
The transmit (+) and (-) signals connected to the receivers (-) and (+) signals, respectively.
What is a RADIUS Server?
This is used for remote users to prevent unauthorized users from connecting to the network. Here's how it works. The client wireless computer, called a supplicant, contacts the WAP, called a Network Access Server (NAS), and requests permission to access the network. The NAS collects the supplicant's username and password and then contacts the RADIUS server to see if the supplicant appears in the RADIUS server's security database. If the supplicant appears and the username and password are correct, the RADIUS server sends a packet back to the supplicant, through the WAP, with an Access-Accept code and an Authenticator section that proves the packet actually came from the RADIUS server. Then the remote user gets access to the network resources.
What does the acronym TCP/IP stands for?
Transmission Control Protocol/Internet Protocol
Excessive amounts of broadcasts on a network are called a broadcast storm. True or False?
True
The hopping sequence in FHSS must be known by both the transmitting and receiving units. True or False?
True
The term "out of range" is also called a loss of association. True or False?
True
CSMA/CA is commonly used in wireless networks.
True CSMA/CD protocol is commonly used in Ethernet networks, where collisions are common due to the shared nature of the network media. "802.11 tries to avoid collisions with a protocol called CSMA/CA (CSMA with Collision Avoidance). This protocol is conceptually similar to Ethernet's CSMA/CD, with channel sensing before sending and exponential back off after collisions." - Tanenbaum
What wireless security technology replaces WEP as the main security mechanism?
WPA WEP The granddaddy of wireless security, Wired Equivalent Privacy (WEP), uses a 64- or 128-bit encryption algorithm to scramble data frames. WEP sounded great on paper, but in practice it proved to be a horrible failure. Even with the strongest encryption enabled, WEP isn't a particularly robust security solution. In fact, WEP can be cracked in under a minute with just a regular laptop and open source software. The bottom line with WEP? Don't ever use it today. WPA Needless to say, the Wi-Fi developers scrambled to find a fix for the flaws in WEP. A full replacement called 802.11i (discussed in the upcoming "WPA2" section) was designed to address the problems with WEP and to provide proper authentication. But the standard took a while to complete, so the wireless industry implemented an intermediate fix. They invented a sales term called Wi-Fi Protected Access (WPA) that adopted some features of the still-in-the-future 802.11i standard, fixing some of the weaknesses of WEP
Which standard developed by the Wi-Fi Alliance implements the requirements of IEEE 802.11i?
WPA2 The IEEE 802.11i requirements are found in WPA2. WPA2 WPA2 implemented the full IEEE 802.11i standard to add much-needed security features. I already discussed the 802.1X authentication measure using EAP to provide secure access to Wi-Fi networks. 802.11i also replaced TKIP-RC4 with the much more robust CCMP-AES, a 128-bit block cipher that's much tougher to crack. Images NOTE CCMP stands for Counter Mode Cipher Block Chaining Message Authentication Code Protocol. Whew! That's why we commonly just use the initials, CCMP. As you know from Chapter 10, AES stands for Advanced Encryption Standard. Implementing the full 802.11i standard took time because most of the installed Wi-Fi hardware couldn't be updated to handle AES encryption. WPA held the title of "most secure wireless option" for a number of years. Eventually, enough devices were made that could support AES that the full 802.11i standard was implemented under the sales term Wi-Fi Protected Access 2 (WPA2). A "WP
Which is NOT a security threat for WLANs?
War dialing Wardialing does not use wireless. When dial-up modems were popular, malicious users could run a program to call all phone numbers in a number range. Phone numbers that answered with modem tone became targets for later attacks.
When a wireless channel uses more than one frequency, the transmission method is called a ________ spectrum.
spread Spread spectrum refers to the ability to employ a set of frequencies to achieve better throughput. Long, multi, and broad are incorrect terms. pp. 71-75
