Chapter 3 - Understanding Devices & Infrastructure Flashcards Preview

Security + > Chapter 3 - Understanding Devices & Infrastructure > Flashcards

Flashcards in Chapter 3 - Understanding Devices & Infrastructure Deck (52)
Loading flashcards...
1

Any device connected to the network that runs a TCP/IP protocol suite is called a what?

3-74

host

2

Tell me the 4 layers of the TCP/IP model, bottom up.

3-74

network access
internet
transport (host to host)
application

3

Tell me the default ports for HTTP and HTTPS.

What does HTTPS use for encryption?

3-75

80 and 443

SSL (Secure Socket Layer)

4

Tell me the ports used by File Transfer Protocol.
Simple Mail Transfer Protocol.
Telnet
Domain Name System
Remote Desktop protocol
Simple Network Management Protocol
Post Office Protocol

Which layer do all of these protocols operate at?
3-76

20, 21
25
23
53
3389
161, 162 (trap)
110

Application Layer

5

True or False

Antiquated protocols are those that are no longer needed and should therefore be removed because they are leaving an opening for an attacker.

3-77

True

6

Which layer does TCP and UDP operate at?

What's the difference between them?

3-77

transport layer

tcp - connection oriented
udp - not connection oriented

7

The Internet layer is responsible for routing, IP addressing, and packaging. Tell me 3 standard protocols of the Internet layer.

3-77,78

Internet Protocol
Address Resolution Protocol
Internet Control Message Protocol

(IP, ARP, ICMP)

8

Network Access Layer. Tell me what it does.

3-78

Defines how you put data on the wire and defines what that wire is.

9

IPv6. How many bits in an IPv6 address?

What security does it employ?

3-79

128

IPSec, is mandatory

10

You have some data that needs to be sent from PC A to PC B. Your data is going to go through an encapsulation process. Tell me the headers that get attached, in sequence, and where they get attached.

3-79

A TCP header gets added to the front of your Application Data.
An IP header gets placed in front of the TCP header.
A Hardware header gets placed in front of the IP header.

11

There are well-known TCP ports and UDP ports that we need to pay particular attention to. What are they?

3-81,82

21 - FTP
22 - SSH
25 - SMTP
53 - DNS
80 - HTTP
110 - POP3
139 - NetBIOS
143 - IMAP
443 - HTTPS

12

Tell me the command you use to see which ports are active on your server.

3-83

netstat

13

Tell me the TCP three way handshake connection process by using acronyms.

3-86

1. PC A sends SYN to PC B
2. PC B sends SYN-ACK to PC A
3. PC A sends ACK to PC B

14

What is the thing that allows a server or client to interface to the TCP/IP protocol suite?

3-86

Windows Sockets Application Programming Interface

also known as Winsock

15

What is iSCSI?
What ports does it use?
What is it for?
What does it create?

3-87

Internet Small Computer Systems Interface
860 and 3260
data storage and data transfers
a SAN (storage area network)

16

You are designing the security topology of your network, so what 3 things must you be concerned with?

3-87

access methods
security
technologies used

17

Tell me a common protocol used by Fibre Channel and tell me what is bad about it.

3-87

FCoE (Fibre Channel over Ethernet)

The problem with FCoE is that it is not routable at the IP layer and so it won't work on large networks.

18

What do you use to establish a DMZ for your server?

3-87

firewall

19

If a host exists outside the DMZ and is open to the public, what kind of host is that?

3-88

bastion host

20

What do you use to subnet a network?

3-89

subnet mask

21

What can you use to hide segments of your network and therefore control access?

3-89

VLANs

virtual local area networks

22

What is the key benefit of a VLAN from a security standpoint?

3-90

users with similar data sensitivity levels can be grouped together, and this helps to increase security

23

What is the weakness of PPTP?

3-91

The negotiation of the connection is not encrypted.

24

Layer 2 Forwarding.
What does it provide?
What does it not provide?
Where should you NOT use it?
What port does it use?
What transport protocol does it use?

3-91


authentication
encryption
WAN
1701
TCP

25

Layer 2 Tunneling Protocol.
Does it provide encryption?
What's its port?
What's its transport protocol?

3-91


no
1701, same as L2F
UDP

26

SSH.
What port does it use?
What's its transport protocol?

3-91


22
TCP

27

PPTP, L2F, L2TP, SSH, and IPSec. Which one doesn't belong and why?

3-91

IPSec, because unlike the others, it is NOT a tunneling protocol.

28

It is true that NAT can save IP addresses, but what else can it do?

3-93

act as a firewall, because its a proxy between your LAN and the hostile Internet

29

Tell me the 3 ranges of private IP addresses.

3-93

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

30

What's the difference between NAT and PAT?

3-94

NAT - more than one public IP address
PAT - only one public IP address