Computer Networking Final Exam Chapters 5-9
default gateway
(1)The gateway in a network that a computer will use to access another network if a gateway is not specified for use. (2) In a network using subnets, the router that forwards traffic to a destination outside of the subnet of the transmitting device.
channel partitioning
1 of 3 multiple access protocols
3G/4G
3G is an ITU specification for the third generation (analog cellular was the first generation, digital PCS the second) of mobile communications technology. 3G promises increased bandwidth, up to 384 Kbps when a device is stationary or moving at pedestrian speed, 128 Kbps in a car, and 2 Mbps in fixed applications.Short for fourth generation, 4G is an ITU specification that is currently being developed for broadband mobile capabilities. 4G technologies would enable IP-based voice, data and streaming multimedia at higher speeds and offer at least 100 Mbit/s with high mobility and up to 1GBit/s with low mobility (nomadic).
802.11
802.11 specifies an over-the-air interface between a wireless client and a base station or between two wireless clients.
cell towers
A cell site is a cellular telephone site where antennas and electronic communications equipment are placed, usually on a radio mast, tower or other high place, to create a cell (or adjacent cells) in a cellular network. The elevated structure typically supports antennas, and one or more sets of transmitter/receivers transceivers, digital signal processors, control electronics, a GPS receiver for timing (for CDMA2000/IS-95 or GSM systems), primary and backup electrical power sources, and sheltering.
hub
A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.
router
A device that forwards data packets along networks. A router is connected to at least two networks and are located at gateways.
digital signature
A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be.
Ethernet
A local-area network (LAN) architecture that uses a bus or star topology and supports data transfer rates of 10 Mbps.
modem
A modem (modulator-demodulator) is a device or program that enables a computer to transmit data over, for example, telephone or cable lines.
SSH
A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.
RC4
A series of symmetric encryption algorithms developed by RSA Security. RC4 -- a variable key-size stream cipher with byte-oriented operations.
proxy
A server that sits between a client application, such as a Web browser, and a real server that intercepts all requests to the real server.
ticket
A service ticket is created to track your issue.
CDN
A system of distributed servers that deliver webpages to a user based on the geographic locations of the user and the origin of the webpage.
traceroute
A utility that traces a packet from your computer to an Internet host, showing how many hops the packet requires to reach the host and how long each hop takes. If you're visiting a Web site and pages are appearing slowly, you can use traceroute to figure out where the longest delays are occurring.
ping
A utility to determine whether a specific IP address is accessible. It works by sending a packet to the specified address and waiting for a reply.
CA
Abbreviated as CA, a trusted organization or company that issues digital certificates used to create digital signatures and public-private key pairs.
man-in-the-middle attack
Abbreviated as MITM, a man-in-the-middle attack is an active Internet attack where the person attacking attempts to intercept, read or alter information moving between two computers. MITM attacks are associated with 802.11 security, as well as with wired communication systems.
PGP
Abbreviated as PGP, a technique developed by Philip Zimmerman for encrypting messages. PGP is one of the most common ways to protect messages on the Internet because it is effective, easy to use, and free.
ARP
Address Resolution Protocol - part of the TCP/IP protocol suite, determines the MAC address based on the IP address.
Mesh
Also called mesh topology or a mesh network, mesh is a network topology in which devices are connected with many redundant interconnections between network nodes. In a true mesh topology every node has a connection to every other node in the network.
application gateway
Also known as application proxy or application-level proxy, an application gateway is an application program that runs on a firewall system between two networks. When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy.
packet filtering
Also referred to as static packet filtering. Controlling access to a network by analyzing the incoming and outgoing packets and letting them pass or halting them based on the IP addresses of the source and destination.
WiMAX
Although the 802.16 family of standards is officially called WirelessMAN in IEEE, it has been commercialized under the name "WiMAX" (from "Worldwide Interoperability for Microwave Access") by the WiMAX Forum industry alliance. The Forum promotes and certifies compatibility and interoperability of products based on the IEEE 802.16 standards.
ad hoc
An ad hoc network might be formed when people with laptops get together, for example in a conference room, a train, or car, and want to exchange data in the absence of a centralized AP.
MD5
An algorithm created in 1991 by Professor Ronald Rivest that is used to create digital signatures. It is intended for use with 32 bit machines and is safer than the MD4 algorithm, which has been broken.
certificate
An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority (CA). The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet. The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply.
Kerberos
An authentication system developed at the Massachusetts Institute of Technology (MIT). Kerberos is designed to enable two parties to exchange private information across an otherwise open network.
IDS
An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.
RSA
An public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique.
AH
Authentication Header, a part of the IPsec protocol suite
best-effort
Best-effort delivery describes a network service in which the network does not provide any guarantees that data is delivered or that a user is given a guaranteed quality of service level or a certain priority. In a best-effort network all users obtain best-effort service, meaning that they obtain unspecified variable bit rate and delivery time, depending on the current traffic load.
diffserv
By using DiffServ, traffic is classified based on priority.
CSMA/CD/CA
Carrier Sense Multiple Access - (CD - collision detection) A set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision).
client/server
Client/server is a network architecture in which each computer or process on the network is either a client or a server. Also called two-tier architecture.
CDMA
Code Division Multiple Access, assigns a different code to each node, each node then uses it unique code to encode the data bits it sends.
multi/single-hop
Communication between base station and wireless host could occur over a single wireless hop or several.
unicasting
Communication that takes place over a network between a single sender and a single receiver.
CRC
Cyclic Redundancy Check, a common technique for detecting data transmission errors. Transmitted messages are divided into predetermined lengths that are divided by a fixed divisor.
DES
Data Encryption Standard, a popular symmetric-key encryption method developed in 1975 and standardized by ANSI in 1981 as ANSI X.3.92. DES uses a 56-bit key and uses the block cipher method, which breaks text into 64-bit blocks and then encrypts them.
DMZ
Demilitarized zone, a computer or small subnetwork that sits between a trusted internal network, such as a corporate private LAN, and an untrusted external network, such as the public Internet. Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers.
ESP
Estimated street price, ESP is a manufacturer or developer's estimated price for a product in a specific region or market sector. The estimated street price is not necessarily the same as the end -user's purchase price.
SHA
Find data file formats and file extensions that start with the letter S, or view thousands of file extensions and file formats in the complete list.
firewall
Firewall systems prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both.
FEC
Forward error correction, a method of communicating data that corrects errors in transmission on the receiving end. Prior to transmission, the data is put through a predetermined algorithm that adds extra bits specifically for error correction to any character or code block.
FDMA
Frequency Division Multiplexing, a multiplexing technique that uses different frequencies to combine multiple streams of data for transmission over a communications medium. FDM assigns a discrete carrier frequency to each data stream and then combines many modulated carrier frequencies for transmission.
infrastructure-based/less
Hosts associated with the base mode are often referred to as operating in infrastructure mode, since all traditional network services are provided by the network to which a host is connected via the base station.
802.15
IEEE 802.15 is a working group of the Institute of Electrical and Electronics Engineers (IEEE) IEEE 802 standards committee which specifies wireless personal area network (WPAN) standards. It includes seven task groups.
802.16
IEEE 802.16 is a series of wireless broadband standards written by the Institute of Electrical and Electronics Engineers (IEEE). The IEEE Standards Board established a working group in 1999 to develop standards for broadband for wireless metropolitan area networks. The Workgroup is a unit of the IEEE 802 local area network and metropolitan area network standards committee. Although the 802.16 family of standards is officially called WirelessMAN in IEEE, it has been commercialized under the name "WiMAX" (from "Worldwide Interoperability for Microwave Access") by the WiMAX Forum industry alliance. The Forum promotes and certifies compatibility and interoperability of products based on the IEEE 802.16 standards.
802.3
IEEE 802.3 Defines the MAC layer for bus networks that use CSMA/CD. This is the basis of the Ethernet standard. IEEE 802.3 is a working group and a collection of IEEE standards produced by the working group defining the physical layer and data link layer's media access control (MAC) of wired Ethernet. This is generally a local area network technology with some wide area network applications. Physical connections are made between nodes and/or infrastructure devices (hubs, switches, routers) by various types of copper or fiber cable.
802.5
IEEE 802.5: Defines the MAC layer for token-ring networks.
IPSec
IP Security, a set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs).
brute-force attack
In cryptography, a brute-force attack, or exhaustive key search, is a cryptanalytic attack that can, in theory, be used against any encrypted data[1] (except for data encrypted in an information-theoretically secure manner). Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It consists of systematically checking all possible keys or passwords until the correct one is found. In the worst case, this would involve traversing the entire search space. When password guessing, this method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attack are used because of the time a brute-force search takes.
switch
In networks, a device that filters and forwards packets between LAN segments.
intserv
IntServ model where a signaling protocol is required to tell the routers which flows of packets requires special QoS treatment.
IKE
Internet Key Exchange (IKE) protocol is a key management protocol standard that is used in conjunction with the IPSec standard. IKE enhances IPSec by providing additional features, flexibility, and ease of configuration for the IPSec standard.
IPS
Intrusion prevention system.
MIB
Management Information Base, a database of objects that can be monitored by a network management system. Both SNMP and RMON use standardized MIB formats that allows any SNMP and RMON tools to monitor any device defined by a MIB.
MAC
Media Access Control - In the seven-layer OSI model of computer networking, media access control (MAC) data communication protocol is a sub-layer of the data link layer, which itself is layer 2. The MAC sub-layer provides addressing and channel access control mechanisms that make it possible for several terminals or network nodes to communicate within a multiple access network that incorporates a shared medium, e.g. Ethernet.
NIC
Network Interface Card - A network interface card (NIC)is an expansion board you insert into a computer to connected to a network.
delay
Network delay is an important design and performance characteristic of a computer network or telecommunications network. The delay of a network specifies how long it takes for a bit of data to travel across the network from one node or endpoint to another.
p2p
Often referred to simply as peer-to-peer, or abbreviated P2P, a type of network in which each workstation has equivalent capabilities and responsibilities. This differs from client/server architectures, in which some computers are dedicated to serving the others.
content filtering
On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable.
packet loss
Packet - A piece of a message transmitted over a packet-switching network. Lost message.
piggybacking
Piggybacking on Internet access is the practice of establishing a wireless Internet connection by using another subscriber's wireless Internet access service without the subscriber's explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary by jurisdiction around the world. While completely outlawed or regulated in some places, it is permitted in others.
PPP
Point-to-Point Protocol, a method of connecting a computer to the Internet. PPP is more stable than the older SLIP protocol and provides error checking features.
hash
Producing hash values for accessing data or for security. A hash value (or simply hash) is a number generated from a string of text.
shared/public/private keys
Public Key and Private Keys The Public and Private key pair comprise of two uniquely related cryptographic keys (basically long random numbers). Below is an example of a Public Key: 3048 0241 00C9 18FA CF8D EB2D EFD5 FD37 89B9 E069 EA97 FC20 5E35 F577 EE31 C4FB C6E4 4811 7D86 BC8F BAFA 362F 922B F01B 2F40 C744 2654 C0DD 2881 D673 CA2B 4003 C266 E2CD CB02 0301 0001 The Public Key is what its name suggests - Public. It is made available to everyone via a publicly accessible repository or directory. On the other hand, the Private Key must remain confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a Public Key may only be decrypted by its corresponding Private Key and vice versa. For example, if Bob wants to send sensitive data to Alice, and wants to be sure that only Alice may be able to read it, he will encrypt the data with Alice's Public Key. Only Alice has access to her corresponding Private Key and as a result is the only person with the capability of decrypting the encrypted data back into its original form. As only Alice has access to her Private Key, it is possible that only Alice can decrypt the encrypted data. Even if someone else gains access to the encrypted data, it will remain confidential as they should not have access to Alice's Private Key. Public Key Cryptography can therefore achieve Confidentiality. However another important aspect of Public Key Cryptography is its ability to create a Digital Signature.
PKI
Public key infrastructure, a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI nor even a single agreed-upon standard for setting up a PKI.
RTCP
RTP control protocol or RTCP, forms part of the RTP protocol used to carry VoIP communications. RTCP monitors the quality of service (QoS) and to convey information about the participants in an on-going session.
RTSP
Real Time Streaming Protocol, a standard for controlling streaming data over the World Wide Web. Like H.323, RTSP uses RTP (Real-Time Transport Protocol) to format packets of multimedia content.
RTP
Real-Time Transport Protocol, an Internet protocol for transmitting real-time data such as audio and video. RTP itself does not guarantee real-time delivery of data, but it does provide mechanisms for the sending and receiving applications to support streaming data.
dial-up
Refers to connecting a device to a network via a modem and a public telephone network. Dial-up access is really just like a phone connection, except that the parties at the two ends are computer devices rather than people.
RSVP
Resource Reservation Setup Protocol, a new Internet protocol being developed to enable the Internet to support specified Qualities-of-Service (QoS's). Using RSVP, an application will be able to reserve resources along a route from source to destination.
SSL
Secure Sockets Layer (SSL) is a protocol for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data.
SIP
Session Initiation Protocol, it is an application-layer control protocol; a signaling protocol for Internet Telephony. SIP can establish sessions for features such as audio/videoconferencing, interactive gaming, and call forwarding to be deployed over IP networks, thus enabling service providers to integrate basic IP telephony services with Web, e-mail, and chat services.
AES
Short for Advanced Encryption Standard, a symmetric 128-bit block data encryption technique developed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The U.S government adopted the algorithm as its encryption technique in October 2000, replacing the DES encryption it used.
WPA
Short for Wi-Fi Protected Access, a Wi-Fi standard that was designed to improve upon the security features of WEP. The technology is designed to work with existing Wi-Fi products that have been enabled with WEP (i.e., as a software upgrade to existing hardware), but the technology includes two improvements over WEP: Improved data encryption through the temporal key integrity protocol (TKIP).
SNR
Signal-to-Noise Ratio, the ratio of the amplitude of a desired analog or digital data signal to the amplitude of noise in a transmission channel at a specific point in time. SNR is typically expressed logarithmically in decibels (dB).
SNMP
Simple Network Management Protocol, a set of protocols for managing complex networks. The first versions of SNMP were developed in the early 80s.
Skype
Skype is a computer program that can be used to make free voice calls over the Internet to anyone else who is also using Skype. It's free and considered easy to download and use, and works with most computers.
SMI
Storage Management Initiative Specification, an interface standard that enables interoperability in both hardware and software between storage products from different vendors that an enterprise would use in a SAN environment. The interface provides common protocols and data models that storage product vendors can use to ensure end user manageability of the SAN environment.
streaming
Streaming or media streaming is a technique for transferring data so that it can be processed as a steady and continuous stream.
symmetric/shared/asymmetric encryption
Symmetric Encryption Let's assume that Alice wants to talk to Bob. She wants to keep the message secret. Bob is the only one who should be able to read the message. The message is confidential, so Alice uses a key to encrypt the message. The original message is called a plaintext while the encrypted message is called a ciphertext. The ciphertext is sent to Bob, who knows the key and uses the same symmetric cipher (e.g., AES or 3DES). Thus Bob is able to decrypt the message. Alice and Bob share the key, which is called symmetric. They are the only ones who know the key and no one else is able to read the encrypted message. This way, confidentiality is achieved. Asymmetric Encryption Two keys are used in asymmetric cipher (e.g., RSA)—a public and a private one. The public one is available for everyone, but the private one is known only by the owner. When the message is encrypted with the public key, only the corresponding private key can decrypt it. Moreover, the private key can't be learned from the public one. Asymmetric cipher solves the problem of secure key distribution. Alice takes Bob's public key and uses it to encrypt the session key. Only Bob can then decrypt the encrypted session key, because he is the only one who knows the corresponding private key. Asymmetric ciphers are quite slow when compared with the symmetric ones, which is why asymmetric ciphers are used only to securely distribute the key. Then, Alice and Bob can use symmetric cipher and the session key to make the communication confidential. Use of an asymmetric cipher also solves the scalability problem. Everyone will need only one public key and one private key to communicate with other people.
session
The session of activity that a user with a unique IP address spends on a Web site during a specified period of time. The number of user sessions on a site is used in measuring the amount of traffic a Web site gets. The site administrator determines what the time frame of a user session will be (e.g., 30 minutes). If the visitor comes back to the site within that time period, it is still considered one user session because any number of visits within that 30 minutes will only count as one session. If the visitor returns to the site after the allotted time period has expired, say an hour from the initial visit, then it is counted as a separate user session.
TDMA
Time Division Multiple Access, a technology for delivering digital wireless service using time-division multiplexing (TDM). TDMA works by dividing a radio frequency into time slots and then allocating slots to multiple calls.
interleaving
To arrange data in a noncontiguous way to increase performance. When used to describe disk drives, it refers to the way sectors on a disk are organized.
multiplexing
To combine multiple signals (analog or digital) for transmission over a single line or media. A common type of multiplexing combines several low-speed signals for transmission over a single high-speed connection.
broadcasting
To simultaneously send the same message to multiple recipients. Broadcasting is a useful feature in e-mail systems.
multicasting
To transmit a single message to a select group of recipients. A simple example of multicasting is sending an e-mail message to a mailing list.
Token Ring
Token ring local area network technology is a protocol which resides at the data link layer of the OSI model. It used a special three-byte frame called a token that travels around the ring.
VPN
VPN is a network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company's network.
VoIP
Voice over IP.
Wi-Fi
Wi-Fi is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and network connections.
WEP
Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN.
access points
a hardware device or a computer's software that acts as a communication hub for users of a wireless device to connect to a wired LAN. APs are important for providing heightened wireless security and for extending the physical range of service a wireless user has access to.
packet/circuit switching
circuit switching: A type of communications in which a dedicated channel (or circuit) is established for the duration of a transmission. packet switching: A protocol in which messages are divided into packets before they are sent. Each packet is then transmitted individually.
jitter
jitter filter, a hardware device or software process that eliminates jitter caused by transmission delays in an Internet telephony (VoIP) network. As the jitter buffer receives voice packets, it adds small amounts of delay to the packets so that all of the packets appear to have been received without delays.
MANET
nodes may also be mobile, with connectivity changing among nodes - a class of networks known as mobile ad hoc networks.
