64 terms

EIDWS 108: Networks

Describes the relationship between two computer programs in which one programs, the client, makes a service request from another program, the server, which fulfills the request.
A software framework dedicated to the efficient execution of procedures (programs, routines, scripts) for supporting the construction of applications.
A common connection point for devices in a network.
- commonly used to connect segments of a LAN
- contains multiple ports; When a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.
- operates at Layer 1 (Physical Layer) of the OSI model.
A small hardware device that joins multiple computers together within one LAN.
- appear nearly identical to hubs, but a switch generally contains more intelligence than a hub.
- unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source & destination device of each packet, & forwarding them appropriately
- by delivering messages only to the connected device intended, a network switch conserves network bandwidth & offers generally better performance than a hub.
- Operates at Layer 2 (Data Link Layer) of the OSI model.
Device that forwards data packets between networks, creating an overlay inter network.
- connected to 2/more data lines from different networks
- when data comes in on one of the lines, the router reads the address information in the packet to determine its ultimate destination; then using information in its routing table/routing policy, it directs the packet to the next network on its journey or drops the packet.
- data packet is typically forwarded from one router to another through networks that constitute the inter-network until it gets to its destination node.
- Operates at Layer 3 (Network Layer) of the OSI model because the wired/wireless router connects multiple networks (as gateways do)
Describes a protocol suite allowing teh interoperability of WAP equipment & software with many different network technologies, thus allowing the building of a single platform for competing network technologies such as GSM & IS-95 (also known as CDMA) networks.
- allows mobile devices to interface into a network.
Acts as an intermediary for requests from clients seeking resources from other servers
- a client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server.
Device/set of devices designed to permit/deny network transmission based upon a set of rules & is frequently used to protect network from unauthorized access while permitting legitimate communications to pass.
Device that incorporates the most advanced encryption & authentication techniques available; and are built specifically for creating a remote-access or site-to-site VPN and ideally are deployed where the requirement is for a single device to handle a very large number of VPN tunnels.
Referes to making copies of data so that these additional copies may be used to restore the original after a data loss event.
Devices that regenerate incoming electrical, wireless or optical signals.
- with physical media like Ethernet/Wi-Fi, data transmissions can only span a limited distance before the quality of the signal degrades.
- repeaters attempt to preserve signal integrity & extend the distance over which data can safely travel
Access routers, including 'small office/home office' (SOHO) models, are located at customer sites such as branch offices that do not need hierarchical routing of their own.
Distribution routers aggregate traffic from multiple access routers, either at the same site, or to collect the data streams from multiple sites to a major enterprise location
- often responsible for enforcing quality of service across a WAN, so they may have considerable memory, multiple WAN interfaces, and substantial processing intelligence.
Core router may provide a "collapsed backbone" interconnecting the distribution tier routers from multiple buildings of a campus, or large enterprise locations
- tend to be optimized for high bandwidth
Explain the Following Network Terminology:
Architecture in which a set of clients are connected via a shared communications line, called a bus.
- simplest way to connect multiple clients, but may have problems when two clients want to transmit at the same time on the same bus.
- systems which use bus network normally have some scheme of collisions handling/collision avoidance form communication on the bus, quite often using Carrier Sense Multiple Access or the presence of a bus master which controls access to the shared bus resource.
Explain the Following Network Terminology:
One of the most common computer network topologies
- in simplest form, consists of one central switch, hub or computer, which acts as a conduit to transmit messages.
Explain the Following Network Terminology:
Each node connects to exactly 2 other nodes, forming a single continuous pathway for signals through each node - a ring. Data travels from node to node, with each node along the way handling every packet.
Provides only one pathway between any two nodes - ring networks may be disrupted by the failure of a single link.
- node failure/cable break might isolate every node attached to the ring
- FDDI networks overcome this vulnerability by sending data on a clockwise & a counterclockwise ring; in the event of break, data is wrapped back onto the complementary ring before it reaches the end of the cable, maintaining a path to every node along the resulting "C-Ring".
Explain the Following Network Terminology:
Each node in the network may act as an independent router, regardless of whether it is connected to another network or not.
- allows for continuous connections & reconfiguration around broken or blocked paths by "hopping" from node to node until the destination is reached.
- mesh network whose nodes are all connected to each other is a fully connected network
- mesh networks differ from other networks in that the component parts can all connect to each other via multiple hops, & they generally are not mobile.
Explain the Following Terminology:
Group of computers & associated devices that share a common communications line or wireless link.
- typically, connected devices share the resources of a single processor/server within a small geographic area (for example, within an office building)
Explain the Following Terminology:
Spans a large geographic area, such as a state, province or country.
- often connect multiple smaller networks, such as local area networks (LANs) or metro area networks (MANs)
- world's most popular WAN = Internet
Explain the Following Terminology:
Usually interconnects a number of LANs using a high-capacity backbone technology, such as fiber-optical links & provides up-link services to WANs & the internet.
- large computer network that usually spans a city or a large campus
Explain the Following Terminology:
Refers to any network that is composed of different interconnected computer networks (WANs) & also covers an unlimited geographical area.
Open Systems Interconnection (OSI)
A way of sub-dividing a communications system into smaller parts called layers. Similiar communications functions are grouped into logical layers.
- A layer provides services to its upper layer while receiving services from the layer below.
OSI Layer 1
- Media, signal and binary transmission
OSI Layer 2
- Physical addressing
OSI Layer 3
- Path determination & logical addressing
OSI Layer 4
- End-to-end connections & reliability, flow control
OSI Layer 5
- Interhost communication
OSI Layer 6
- Data representation, encryption & decryption, convert machine dependent data to machine independent data.
OSI Layer 7
- Network process to application
Transmission Control Protocol and Internet Protocol (TCP/IP)
Is the most used network protocol
- just one protocol, but a set of protocols (protocol stack)
- Protocol - language used to make 2 computers to talk to each other
TCP/IP Layer 1
- Receives packets from the network to be sent over the Internet Layer
- packets are called frames
TCP/IP Layer 2
- IP- gets the packets received from the Transport layer and adds virtual address information, i.e., adds the address of the computer that is sending data & the address of the computer that will receive this data
- packets are called datagrams
TCP/IP Layer 3
- Usually the TCP protocol
- In charge of getting data sent by the upper layer, dividing them into packets & sending them to the Internet layer.
- During data reception, in charge of putting the packets received from the network in order (because they can be received out-of-order) & also checking if the contents of the packets are intact.
TCP/IP Layer 4
- Programs talk to this layer
- Application protocols: SMTP (for e-mail), FTP (for file transfer) & HTTP (for web browsing)
- Each kind of program talks to a different Application protocol, depending on purpose of program
Internet Protocol version 4 (IPv4)
- Defined an IP address as a 32-bit number (consisting of 4 octets)
- Address consisting of 32 bits which limits the address space to 4294967296 (2^32) possible unique addresses.
- Reserves some addresses for special purposes such as private networks (~18 million addresses) or multicast addresses (~270 million addresses)
Internet Protocol version 6 (IPv6)
- Developed in 1995, defined an IP address as a 128-bit number (consisting of 16 octets)
- Mathematically, the new address space provides the potential for a max of 2^128, or about 3.403x10^38 unique addresses.
Unclassified but Sensitive Internet Protocol (IP) Router Network (NIPRNet)
A global long-haul IP based network to support unclass IP data communications services for combat support applications to the DoD, Joint Chiefs of Staff (JS), Military Departments (MILDEPS), and Combatant Commands (COCOM)
Secret IP Router Network (SIPRNet)
DoD's largest interoperable Command and Control (C2) data network, supporting:
- Global Command and Control System (GCCS)
- Defense Message System (DMS)
- Collaborative planning
- And numerous other classified warfighter applications
Joint Worldwide Intelligence Communications System (JWICS)
Operated by the DIA as a secure global network designed to meet the requirements for TS/SCI multimedia intelligence communications worldwide. Provides users an SCI-level high-speed multimedia network using high-capacity communications to handle data, voice, imagery & graphics
Department of Defense Network GIG
A globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to warfighters, policy makers, & support personnel.
Defense Information System Network (DISN)
The United States DoD's enterprise network for providing data, video & voice services.
- In September 1991, OSD directed DISA to implement the DISN.
Navy/Marine Corps Intranet (NMCI)
The major US-CONUS shore based Navy network providing SIPRNET & NIPRNET connectivity.
- DoN outsourcing program, in which an outside contractor provides a vast majority of information technology services for the entire Department, including Navy & Marine Corps.
OCONUS Navy Enterprise Network (ONE-NET)
A Navy-wide initiative to install a common & secure IT infrastructure to OCONUS Navy locations to access NIPRNET & SIPRNET.
Based on NMCI architecture & is designed to be interoperable with IT-21, NMCI, & GIG.
- Europe - Naples, London, Rota, Souda Bay, Signoella & La Maddalena.
- Pacific Far East - Yokosuka, Sasebo, Misawa, Atsugi, Okinawa, Korea, Guam, Singap0re, & Diego Garcia
- Middle East - Bahrain
IT-21 Network
An information transfer strategy that provides Network Connectivity capable of Voice, Data & Video for afloat units. It provides access to NIPRNET, SIPRNET & JWICS, supports all tactical & non-tactical mission areas. IT-21 uses Commercial Off the Shelf (COTS) Technology to keep ships updated with the most modern equipment.
- Goal is to provide an integrated, coordinated, end-to-end warfighting capability.
- Network is a GAN & managed by 4 Fleet NOCs positioned around the world for 24/7 operations.
Machine Language
A system of instructions & data executed directly by a computer's central processing unit.
Assembly Languages
A type of low-level language for programming computers, microprocessors, micro-controllers, & other integrated circuits. They implement a symbolic representation of the numeric machine codes & other constants needed to program a particular CPU architecture.
High-level Language
A programming language with strong abstraction from the details of the computer. It may use natural language elements, be easier to use or be more portable across platforms.
- Hides the details of CPU operations such as memory access models & management of scope.
Operating System:
A set of system software programs in a computer that regulate the ways application software programs use the computer hardware & the ways that users control the computer.
Computer software designed to help the user to perform singular or multiple related specific tasks.
Computer program that can copy itself and infect a computer.
Spreads from one computer to another (in some form of executable code) when its host is taken to the targeted infected computer.
Self-replicating malware computer programs.
They use a computer network to send copies of their selves to other nodes (computers on the network) and may do so without any user intervention.
Malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system.
In computer systems (or cryptosystem or algorithm) are a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected.
The criminally fraudulent process of attempting to acquire sensitive information by masquerading as a trustworthy entity in an electronic communication; information such as:
- Usernames
- Passwords
- And credit card details
Network Enumeration
Computing activity in which user names, and info on groups, shares and services of networked computers are retrieved.
Buffer Overflow
Anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory.
This may result in erratic program behavior, including memory access errors, incorrect results, program termination (a crash), or a breach of system security
SQL injection
A code injection technique that exploits a security vulnerability occurring in the database layer of an application. The idea is to convince the application to run SQL code that was not intended.
Dictionary Attack
Technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities
Privilege Escalation
Act of exploiting a bug or design flaw in a software application to gain access to resources which normally would have been protected from an application or user.
Brute Force Attack
Strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found (trying to "crack" a password).
Social Engineering
Act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques; essentially a fancier, more technical way of lying.
Public Key Infrastructure (PKI)
- Set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
- In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The binding is established through the registration and issuance process. The PKI role that assures this binding is called the Registration Authority (RA).
- For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgivable in public key certificates issued by the CA.
Domain Name System (DNS)
- Translates domain names (meaningful to humans) into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.