Flashcards in Chapter 3 Understanding Devices and Infrastructure Deck (38)
What are the four layers of TCP/IP?
TCP/IP Application layer
Gives applications access to services or protocols that can be used to exchange data. Common protocols would be:
Host-To-Host (Transport) Layer
Gives the Application Layer a session and datagram communication services. Common protocols are:
Responsible for IP addressing, routing, and packaging.
-Accomplishes all the behind-the-scenes information exchange work. Common protocols are:
Network Access (Interface) Layer
Placing and removig packets on the physical network through communication with a computer that has a NIC
Allows a transport proocol to be sent across the network and utilized
How Can You View Active TCP/UDP Ports?
Application Programming interface
Allows programmers to more easily create an interface to the TCP/IP suite
-The default Microsoft one is Windows Sockets (Winsocks)
Allows data storage and transfers across an existing network. Allows for Storage Area Networks to exist
Ports 860, 3260
Like iSCSI, but it was originally designed for fiber only. It's also not routable at the IP layer, so it's not very popular.
-Makes a public server that's isolated from the rest of your network
-You can do this using a firewall that can transmit to the internal network, the external world, and the public information you're sharing.
Allows you to make groups of users and devices and segment them on the network. You can then hide these network segments from other segments and even control paths the data will take to get from A to B.
Point-to-Point Tunneling Protocol
-Encapsulates and encrypts PPP packets
-The data itself is encrypted, but the negotiation between the two ends is not. It's not foolproof.
Layer 2 Forwarding
-Created by Cisco for dial-up connections. it's a lot like PPP
-offers authentication, but not encryption, so it's not really secure
-Originally designed for Unix, it gives security to common clear text applications, like Telnet.
Not a tunneling protocol, but it's often used in conjunction with them.
-Tunneling mode: Data and message headers are encrypted
-Transport mode: Only data is encrypted
Remote Access Service
Any service that allows you to connect remote systems
Network Address Translation
-Translates all your internal IPs to one single external IP
-Effectively hides the information of your network from the outside world
Telephone technology and network technology together. The most common is VoIP
-VoIP is susceptible to DoS attacks and sniffing.
Network Access Control
A set of standards that clients on the network must abide by
Packet Filter Firewall
Blocks traffic or lets it pass based on the type of application. It doesn't analyze the packet, just goes based on addressing information. You can set different rules for different IPs.
An intermediary between your network and another one. Routes all traffic request through itself, and can offer caching.
-Usually uses two NICs
Stateful Inspection Firewall
Records network traffic and stores it in a state table. Provides some additional security.
Provides a path between networks. Stores information about the networks for intelligent routing decisions
-can be used as packet-filter firewalls
Routing based on physical addresses
enhances efficiency and security
Balances the load between devices, usually servers. If one goes down, the rest will continue running
Web Security Gateway
Proxy server with web protection software built in. Can range from a virus scanner on incoming packets to monitoring outgoing traffic for red flags
Intrusion Detection System
Monitors network activity, alerts if it sees anything weird.
It can be a separate network device or it can run on a workstation
In an emergency, it can disable systems, end sessions, or shut down the network.
IDS Data Source
The information IDS uses to detect suspicious activity