Chapter 3 Understanding Devices and Infrastructure Flashcards Preview

CompTIA Security+ > Chapter 3 Understanding Devices and Infrastructure > Flashcards

Flashcards in Chapter 3 Understanding Devices and Infrastructure Deck (38)
Loading flashcards...
1

What are the four layers of TCP/IP?
(74)

Application
Host-to-Host
Internet
Network Access

2

TCP/IP Application layer
(75)

Gives applications access to services or protocols that can be used to exchange data. Common protocols would be:
-HTTP
-FTP
-SMTP
-Telnet
-DNS
-RDP
-SNMP
-POP
-IMAP

3

Host-To-Host (Transport) Layer
(77)

Gives the Application Layer a session and datagram communication services. Common protocols are:
-TCP
-UDP

4

Internet Layer
(77)

Responsible for IP addressing, routing, and packaging.
-Accomplishes all the behind-the-scenes information exchange work. Common protocols are:
-IP
-ARP
-ICMP

5

Network Access (Interface) Layer
(78)

Placing and removig packets on the physical network through communication with a computer that has a NIC

6

Encapsulation
(79)

Allows a transport proocol to be sent across the network and utilized

7

How Can You View Active TCP/UDP Ports?
(83)

Command Prompt
Netstat -a

8

Application Programming interface
(86)

Allows programmers to more easily create an interface to the TCP/IP suite
-The default Microsoft one is Windows Sockets (Winsocks)

9

iSCSI
(87)

Allows data storage and transfers across an existing network. Allows for Storage Area Networks to exist
Ports 860, 3260

10

Fibre Channel
(87)

Like iSCSI, but it was originally designed for fiber only. It's also not routable at the IP layer, so it's not very popular.

11

DMZ
(87)

Demilitarized Zone
-Makes a public server that's isolated from the rest of your network
-You can do this using a firewall that can transmit to the internal network, the external world, and the public information you're sharing.

12

VLAN
(89)

Allows you to make groups of users and devices and segment them on the network. You can then hide these network segments from other segments and even control paths the data will take to get from A to B.

13

PPTP
(90)

Point-to-Point Tunneling Protocol
-Encapsulates and encrypts PPP packets
-The data itself is encrypted, but the negotiation between the two ends is not. It's not foolproof.
1723, TCP

14

L2F
(91)

Layer 2 Forwarding
-Created by Cisco for dial-up connections. it's a lot like PPP
-offers authentication, but not encryption, so it's not really secure
1701, UDP

15

SSH
(91)

Secure Shell
-Originally designed for Unix, it gives security to common clear text applications, like Telnet.
22, TCP

16

IPSec
(91)

Not a tunneling protocol, but it's often used in conjunction with them.
-Tunneling mode: Data and message headers are encrypted
-Transport mode: Only data is encrypted

17

Remote Access Service
(92)

Any service that allows you to connect remote systems

18

NAT
(93)

Network Address Translation
-Translates all your internal IPs to one single external IP
-Effectively hides the information of your network from the outside world

19

Telephony
(94)

Telephone technology and network technology together. The most common is VoIP
-VoIP is susceptible to DoS attacks and sniffing.

20

Network Access Control
(95)

A set of standards that clients on the network must abide by

21

Packet Filter Firewall
(97)

Blocks traffic or lets it pass based on the type of application. It doesn't analyze the packet, just goes based on addressing information. You can set different rules for different IPs.

22

Proxy Firewall
(98)

An intermediary between your network and another one. Routes all traffic request through itself, and can offer caching.
-Usually uses two NICs

23

Stateful Inspection Firewall
(100)

Records network traffic and stores it in a state table. Provides some additional security.

24

Routers
(100)

Provides a path between networks. Stores information about the networks for intelligent routing decisions
-can be used as packet-filter firewalls

25

Switches
(102)

Routing based on physical addresses
enhances efficiency and security

26

Load Balancers
(103)

Balances the load between devices, usually servers. If one goes down, the rest will continue running

27

Web Security Gateway
(103)

Proxy server with web protection software built in. Can range from a virus scanner on incoming packets to monitoring outgoing traffic for red flags

28

IDS
(105)

Intrusion Detection System
Monitors network activity, alerts if it sees anything weird.
It can be a separate network device or it can run on a workstation
In an emergency, it can disable systems, end sessions, or shut down the network.

29

IDS Data Source
(107)

The information IDS uses to detect suspicious activity

30

Behavior-Based IDS
(109)

Looks for variations in behavior. This could be high traffic, policy violations, and more.