108 terms

Security Plus

STUDY
PLAY

Terms in this set (...)

FTP
20, 21 TCP
SSH
22 TCP/UDP
Telnet
23 TCP
SMTP
25 TCP
DNS
53 UDP
DHCP
67, 68
TFTP
69 UDP
HTTP
80 TCP/UDP
POP3
110 TCP
NetBIOS
137-139 TCP/UDP
IMAP
143 TCP/UDP
SNMP
161 UDP
HTTPS
443 TCP
SMB
445
RDP
3389 TCP/UDP
H.323
1720
MGCP
2427/ 2727
RTP
5004/ 5005
SIP
5060/ 5061
10GB Ethernet SONET
10GBaseSW
IPSec
Network layer
SSL
Session Layer
TCP
Transport layer
Frame Relay
Data link layer
Network cable
Physical layer
DHCP
Application layer
MIME
Presentation layer
Up to 185m and 10 MBps RG-59
Thinnet
Up to 100m and 100 Mbps
Cat 5
Up to 40km and 10GBps
Single mode fiber
Up to 500M and 10Gbps RG-6
Thicknet
Up to 100m and 10Gbps
Cat 6
/29
6 hosts
/26
62 hosts
/25
126 hosts
/24
254 hosts
What layer is a segment?
Transport layer
What layer is a frame?
Data link layer
What layer is a packet?
Network layer
What layer is a bits?
Physical layer
192.168.0.0-192.128.255.255
Class C
10.0.0.0-10.255.255.255
Class A
172.16.0.0-172.31.255.255
Class B
128-191
Class B
1-126
Class A
192-223
Class C
169.254.0.1-169.254.255.254
APIPA
Mbps for T1?
1.544Mbps
Mbps for T3?
44.7
5GHz, 12 non-overlapping channels
802.11a
2.4/5GHz, MIMO, 250Mbps
802.11n
2.4GHz, 11Mbps, CSMA/CD, 3non-overlapping channels
802.11b
2.4GHz, 54Mbps, CSMA/CD, 3 non-overlapping channels
802.11g
ACL rules
Deny any address from your internal network
Deny any local host address (127.0.0.0/8)
Deny any reserved private address
Deny any address in the IP multicast address range (224.0.0.0/4)
802.1X
RADIUS
Reply from 204.153.163.2: bytes=32 time=1ms TTL=128
Reply from 204.153.163.2: bytes=32 time=1ms TTL=128
Reply from 204.153.163.2: bytes=32 time=1ms TTL=128
Reply from 204.153.163.2: bytes=32 time<10ms TTL=128
ping
Interface: 199.102.30.152
Internet Address Physical Address Type
199.102.30.152 A0-ee-00-5b-0e-ac dynamic
arp
Which switch for Windows nbstat utility will purge and reload the remote NetBIOS name table cache?
-R
Which switch for Windows nbstat utility will display all NetBIOS name-resolution statistics?
-r
Which windows utility could you use to find out whether a server is responding on TCP port 21?
telnet
Which command line tool would best be used to verify DNS functionality?
dig
Which command would you use at a workstation prompt to see the DNS servers that are configured to use?
nslookup
ipconfig /all
ifconfig
Which WAN protocol utilizes packet-switching technology?
Frame relay
Which WAN protocol utilizes cell-switching technology?
ATM
Hybrid
EIGRP/BGP
OC-1
51.84Mbps
OC-12
622Mbps
OC-3
155Mbps
OC-48
2.4Gbps
OC-192
9.9Gbps
AD 0
Connected interface
AD 120
RIP
AD 110
OSPF
AD 1
Static Route
What are the five WAN protocols?
ISDN, Frame relay, PPP, ATM, MPLS
Steps to see Active TCP/UDP Ports
1. CMD
2. netstat
3. netstat -a
Winsock (Windows Sockets)
API (application programming interface) to interface to the protocol suite. Microsoft
iSCSI (Internet Small Computer Systems Interface)
uses port 860 and 3260, by default, for allowing data storage and transfers across the existing network, enables the creation of storage area networks (SANs)
Fibre channel
same purpose as iSCSI only on fiber-based networks
FCoE
Protocol commonly used with Fibre channel
What protocol is used with ping?
ICMP
At which layer of TCP/IP would you find HTTP and SMTP?
Application layer
At which layer of TCP/IP would you find TCP and UDP?
Host-to-host layer
At which layer of TCP/IP would you find IP?
Internet layer
At which layer of TCP/IP would you find network topology?
Network access layer
What security protocol is an updated version of SSL?
TLS Transport Layer Security
What security protocol is used to establish a secure communication connection between two TCP-based machines?
SSL Secure Sockets Layer
What standard language does HTTP use?
HTML
What is the process used to pass messages between the layers in TCP/IP?
Encapsulation
Which application allows connections to servers for file uploads and downloads?
FTP File Transfer protocol
Which two protocols are more secure versions of FTP?
FTPS and SFTP
Which file transfer protocol should be avoided anywhere there are more secure alternative?
TFTP
Which protocol is used for receiving mail?
POP
Which email protocol was intended to store the email on the server and allow you to access it from there?
IMAP
Which protocol allows Windows-based terminal servers to run on port 3389?
RDP Remote Desktop Protocol
Which layer of the TCP/IP model is responsible for placing and removing packets on the physical network through communications with the network adapters in the host?
Network Access layer
What uses bits from the node portion of the host address to create the additional networks?
Subletting
What allows a transport protocol to be sent across the network and utilized by the equivalent service or protocol at the receiving host?
Encapsulation
What is nothing more than a bit of additional data added either to the TCP or UDP message?
port address
Which of the following utilities can be used in Linux to view a list of users' failed authentication attempts?
faillog
What is a network of hosts that acts as if a physical wire connects them on the network?
VLAN
What is an area you can place a public server for access by people you may not trust?
DMZ
In what three directions should the firewall on your DMZ transmit?
Internal, External, to public information your sharing
A host that exists outside the DMZ and is open to the public?
Bastion host
What is one way to divide a network into smaller components?
Subnetting
What are the two primary reasons for using subnetting?
To make the network more secure and manageable
To use IP addresses more effectively
What allows you to create groups of users and systems and segment them on a network?
VLAN
*What can increase security by allowing users with similar data sensitivity levels to be segmented together?
VLAN