Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
124 Cards in this Set
- Front
- Back
Seven layers of the OSI model
|
Physical, data link, network, transport, session, presentation, application
|
|
Security at layer seven.
|
Confidentiality, authentication, data integrity, non-repudiation
|
|
Technology at layer seven.
|
Gateways
|
|
Protocols at layer seven.
|
FTP, SNMP, SMTP, DNS, TFTP, NFS, S-HTTP
|
|
Security at layer six.
|
Confidentiality, authentication, encryption
|
|
Protocols at layer six.
|
None
|
|
Technology at layer six.
|
Gateways
|
|
Security at layer five.
|
None
|
|
Technology at layer five.
|
Gateways
|
|
Protocols at layer five.
|
RPC, SQL
|
|
Security at layer four.
|
Confidentiality, authentication, integrity
|
|
Technology at layer four.
|
Gateways
|
|
Protocols at layer four.
|
TCP, UDP, SSL, SSH-2
|
|
Security at layer three.
|
Confidentiality, authentication, data integrity
|
|
Technology at layer three.
|
Virtual circuits, routers
|
|
Protocols at layer three.
|
IP, IPSec, ARP, RARP, ICMP
|
|
Security at layer two.
|
Confidentiality
|
|
Technology at layer two.
|
Bridges, switches
|
|
Security at layer one.
|
Confidentiality
|
|
Technology at layer one.
|
ISDN, repeaters, hubs
|
|
Protocols at layer one.
|
IEEE 802, IEEE 802.2, X.21, HSSI
|
|
Four layers of the TCP/IP model.
|
Network access (link), internet, host-to-host, aplication
|
|
Protocols at the host-to-host-layer
|
TCP, UDP
|
|
Protocols at the internet layer
|
IP, ARP, RARP, ICMP
|
|
The process in which information from one packet is wrapped around or attached to the data of another packet.
|
Encapsulation
|
|
Five attributes of TCP.
|
Acknowledged, sequenced, connection oriented, reliable, high overhead
|
|
Five attributes of UDP.
|
Unacknowledged, subsequence, connectionless, unreliable, low overhead (faster)
|
|
Three steps of the TCP three way handshake.
|
SYN, SYN ACK, ACK
|
|
Three steps to tear down a TCP connection.
|
FIN, FIN ACK, ACK
|
|
Uniquely identifies a network destination.
|
IP address
|
|
Uniquely identifies a service on a destination system for a given protocol.
|
Port
|
|
Identifies one side of a network connection using an IP address and port.
|
Socket
|
|
Uniquely identifies a network connection.
|
Two sockets.
|
|
Well known ports.
|
0 - 1023
|
|
High numbered ports.
|
1024 - 65536
|
|
FTP port numbers.
|
20 and 21
|
|
SSH port number.
|
22
|
|
Telnet port number.
|
23
|
|
SMTP port number.
|
25
|
|
DNS port number.
|
53
|
|
TFTP port number.
|
69
|
|
HTTP port number.
|
80
|
|
POP3 port number.
|
110
|
|
SNMP port numbers.
|
161 and 162
|
|
HTTPS port number.
|
443
|
|
OSI layer that ARP operates at.
|
Data link layer
|
|
Resolves IP addresses to MAC addresses.
|
Address resolution protocol (ARP)
|
|
Resolves MAC addresses to IP addresses.
|
Reverse address resolution protocol (RARP)
|
|
Used to map private IP addresses to public IP addresses.
|
Network address translation (NAT)
|
|
Similar to NAT but all hosts share a small pool of public addresses.
|
Port address translation (PAT)
|
|
Occurs when conductors in close physical proximity interfere with each other.
|
Crosstalk
|
|
Occurs when a signal weakens when traveling across a long network segment,
|
Attenuation
|
|
Occurs when external sources of electromagnetic energy interfere with communication.
|
Electromagnetic interference (EMI)
|
|
Five network access techniques.
|
CSMA, CSMA/CA, CSMA/CD, token ring, polling
|
|
Systems check to see if a network is in use, if not they start transmitting.
|
Carrier sense multiple access (CSMA)
|
|
Networks require each host to ask for permission before transmitting.
|
Carrier sense multiple access with collision avoidance (CSMA/CA)
|
|
Hosts transmit when they believe the network is clear but continue monitoring for other hosts. If they detect another host transmitting the stop and wait for a random period of time to start again.
|
Carrier sense multiple access with collision detection (CSMA/CD)
|
|
Networks pass a logical token from host to host, A host may only transmit when it has the token.
|
Token ring
|
|
Network use a master/slave hierarchy. The master system polls each host to see if it has traffic. When a system is polled it may transmit any data in the queue.
|
Polling
|
|
Six types of data networks.
|
LANs, MANs, WANs, internet, intranet, extranet
|
|
Network covering a limited geographical area.
|
Local area network (LAN)
|
|
Network that connects LANs within a limited geographical area.
|
Metropolitan area network (MAN)
|
|
A global network connecting sites worldwide.
|
Internet
|
|
Private networks limited to a particular organization.
|
Intranet
|
|
Extensions of an intranet to outside organizations.
|
Extranets
|
|
Three methods of network communication in IPv4.
|
Broadcast, unicast, multicast
|
|
Communications from a single host directed to all hosts,
|
Broadcast
|
|
Communications between two individual hosts.
|
Unicast
|
|
Communications from a single host to many separate hosts.
|
Multicast
|
|
Five LAN topologies.
|
Bus, ring, star, tree, mesh
|
|
LAN topology where all hosts are connected to a single conductor.
|
Bus
|
|
LAN topology where each host is connected to two adjacent hosts, forming a ring.
|
Ring.
|
|
LAN topology where all hosts are connected to a central hub or other networking device.
|
Star
|
|
LAN topology where several busses or stars are connected together.
|
Tree
|
|
LAN topology where there are several links between hosts.
|
Mesh
|
|
Network devices that amplify signals and operate at OSI layer 1.
|
Repeaters
|
|
Network devices that are repeaters with multiple ports that operate at OSI layer 1.
|
Hubs
|
|
Network devices that connect similar networks and operate at OSI layer 2
|
Bridges
|
|
Network devices that block broadcasts, connect similar networks, and operate at OSI layer 2.
|
Switches
|
|
Network devices that clock broadcasts, connect similar networks, and operate at OSI layer 3.
|
Routers
|
|
Network devices that connect similar networks and operate at OSI layer 7.
|
Gateways
|
|
Five types of WAN technologies.
|
Dedicated lines, non-dedicated lines, X.25 networks, frame relay networks, ATM networks
|
|
Circuits such as T1, T3, E1, and E3 circuits which are point to point links between networks.
|
Dedicated lines
|
|
Circuits such as DSL and ISDN that operate over the telephone network.
|
Non-dedicated lines
|
|
Packet switching networks that have permanent virtual circuits (PVCs).
|
X.25
|
|
Networks that allow multiple private virtual circuits (PVCs) on one line.
|
Frame relay
|
|
Networks that use 53 byte cells and are able to allocate bandwidth on demand.
|
ATM
|
|
RAID type that uses disk striping and offers no added security.
|
RAID 0
|
|
RAID type that uses mirroring between two disks.
|
RAID 1
|
|
RAID type that uses interleave parity with a minimum of three physical disks and stripes data blocks and a parity block across the disks.
|
RAID 5
|
|
RAID type that uses two striped disk sets that are mirror images of each other.
|
RAID 10
|
|
Three different types of RAID drives.
|
Hot swappable, cold swappable, warm swappable
|
|
RAID drives that may be replaced while the server is running without any downtime.
|
Hot swappable
|
|
RAID drives that require a server shutdown for replacement and cause downtime.
|
Cold swappable
|
|
RAID drives that require disabling the RAID array and render it unavailable but do not require a complete server shutdown for replacement.
|
Warm swappable
|
|
Four types of firewall.
|
Packet filtering, Application level, Stateful packet inspection, dynamic packet filtering
|
|
Firewall that examines the source and destination address of an IP packet and can deny access to applications or services based on ACLs.
|
Packet filtering
|
|
First generation firewall.
|
Packet filtering
|
|
Second generation firewall.
|
Application level
|
|
Third generation firewall.
|
Stateful packet inspection
|
|
Fourth generation firewall.
|
Dynamic packet filtering
|
|
Firewall that captures packets with an inspection engine.
|
Stateful packet inspection
|
|
Four firewall architectures.
|
Packet filtering routers, screened host systems, dual homed host, screened subnets
|
|
Firewall that use ACLs to determine what type of traffic is permitted onto the protected network.
|
Packet filtering routers
|
|
Firewall that provides both network layer packet filtering and application layer proxy services.
|
Screened host
|
|
Firewall that consists of a single host with two NICs, one on the trusted network and one on the untrusted.
|
Dual homed host
|
|
Type of firewall that provides a demilitarized zone (DMZ)
|
Screened subnet
|
|
Network that creates secure communication links over inherently insecure networks such as the internet.
|
Virtual private network (VPN)
|
|
Five PPTP authentication techniques.
|
CHAP, MS-CHAP, PAP, EAP, SPAP
|
|
A proprietary VPN protocol developed by cisco that does not support encryption and is not commonly used.
|
Layer two forwarding (L2F)
|
|
VPN protocll that combines elements of PPTP and L2F. Typically uses IPSec for security.
|
Layer two tunneling protocol (L2TP)
|
|
The most common VPN protocol in use today.
|
IPSec
|
|
IPSec mode where the entire data packet is encrypted and encased in an IPSec packet.
|
Tunnel mode
|
|
IPSec mode where only the datagram is encrypted, not the header.
|
Transport mode
|
|
Two IPSec modes.
|
Tunnel, transport
|
|
Used to negotiate and establish security associations (SAs) between hosts for IPSec.
|
Internet security association and key management protocol (ISAKMP)
|
|
Protocol that provides authentication and integrity for IPSec.
|
Authentication header (AH)
|
|
Protocol that provides authentication, integrity, and confidentiality for IPSec.
|
Encapsulating security payload (ESP)
|
|
Five common attacks against networked communications.
|
Eavesdropping, masquerading, replay, session hijacking, man in the middle
|
|
Attack that occur when an intermediary is able to observe communications while in transit on a network.
|
Eavesdropping
|
|
Attacks that occur when one entity is able to successfully impersonate another entity.
|
Masquerading
|
|
Attacks that occur when one entity is able to eavesdrop on the authentication process used between two hosts and then reuse the captured packets to authenticate with one of the hosts.
|
Replay
|
|
Attacks that occur when one system is able to take over a connection being used by another system.
|
session hijacking
|
|
Attacks that occur when one host is able to successfully convince two other hosts that they are communicating with each other when they are really both communicating with the attacker who is relaying the messages.
|
Man in the middle.
|