Network Essentials

Questions and Answers

Which of the following is a fundamental element of a computer network?

• Physical medium for data transmission
• Network devices like computers, printers, and routers
• Protocols governing data flow
• All of the above (correct)

What is the primary function of a Network Interface Card (NIC)?

• To establish communication protocols
• To filter network traffic
• To manage IP addresses
• To enable device access to a network (correct)

Which of the following is a characteristic of a MAC address?

• It is used for routing network traffic.
• It is assigned by the network administrator.
• It is a unique physical address burned on the NIC. (correct)
• It is a logical address that can be changed.

Which network device operates at a higher layer of the OSI model and allows different networks to communicate?

Router (D)

How does a repeater enhance network communication?

By regenerating signals to prevent signal degradation (C)

Which of the following is a key difference between a LAN and a WAN?

LANs typically have higher communication speeds than WANs. (D)

What is a key characteristic of the Internet regarding ownership?

It is a decentralized network with various organizations owning parts of the infrastructure. (C)

In a client/server network model, what role do dedicated servers play?

They provide dedicated resources or services to other nodes. (A)

What is the primary reason for using protocols in computer networks?

To communicate efficiently and ensure proper data flow (D)

In the TCP/IP model, which layer is responsible for routing data packets across different networks??

Network Layer (C)

What is the purpose Direct access to the Internet in the TCP/IP protocol suite?

Enables devices to communicate over the Internet (C)

Which layer in the TCP/IP model is responsible for breaking data into packets and ensuring reliable end-to-end delivery?

Transport Layer (A)

What functions does the Data Link Layer perform in the TCP/IP model?

Physical addressing and error detection (A)

What is the length of an IPv4 address, and how many octets does it consist of?

32 bits, 4 octets (D)

Which of the following IP addresses falls within the private IP address range?

10.1.1.1 (C)

What is the purpose of Network Address Translation (NAT)?

To translate private IP addresses to public IP addresses (B)

What is the advantage of using IPv6 over IPv4?

IPv6 provides a larger address space. (A)

Which of these best describes the 'Internet of Things' (IoT)?

A network of interconnected devices embedded with sensors that collect and exchange data. (A)

Which of the following is a characteristic of UDP (User Datagram Protocol)?

It is connectionless and offers best-effort delivery. (A)

What is the purpose of port numbers in the transport layer?

To identify specific processes or applications on a device (A)

Which protocol is commonly used for file transfer over the internet?

FTP (D)

What is the purpose of the Domain Name System (DNS)?

To translate domain names to IP addresses (D)

Which statement is true about Telnet and SSH?

SSH encrypts data, providing a secure connection, whereas Telnet does not. (C)

What is a key function of SMTP (Simple Mail Transfer Protocol)?

Sending email between mail servers (C)

Which of the following is considered an information security goal?

Confidentiality (A)

What does 'Integrity' mean in the context of cyber security?

Maintaining the consistency and accuracy of data (D)

In the context of security risks, what is the relationship between threat and vulnerability?

Risk = Threat x Vulnerability (A)

What is the primary characteristic of a Passive Attack?

It is difficult to detect because the attacker does not actively send traffic. (B)

What is the goal of social engineering attacks?

To manipulate individuals into divulging sensitive information (C)

What makes a phishing attack effective?

It presents a fake webpage that mimics a legitimate one to steal credentials. (C)

Which type of attack involves an attacker taking over a session between two parties without either party's knowledge?

Session Hijacking (A)

What is the primary goal of a password attack?

To crack passwords stored in a system or database (C)

Which type of malware disguises itself as a legitimate program?

Trojan Horse (A)

How does a worm typically spread?

By replicating itself across a network (D)

What does ransomware do?

It encrypts a victim's files and demands payment for the decryption key. (D)

Which type of attack involves overwhelming a system with traffic to disrupt services?

Denial of Service (DoS) (A)

Which security tool is primarily used to protect internal networks users from external threats?

Firewall (A)

What is the main purpose of a VPN (Virtual Private Network)?

To create a secure, encrypted connection over a less secure network (D)

Which security system monitors network traffic for malicious activities and alerts administrators?

Intrusion Detection System (IDS) (C)

The same key is used for encryption and decryption. Which type of encryption is this?

Symmetric Key (C)

In a 3-tier architecture, what is the role of the middle tier?

Processing and decision-making (B)

What is virtualization?

A technology that allows running multiple operating systems on a single machine (A)

Which of the following is a key characteristic of cloud computing?

On-demand resource provisioning (A)

Flashcards

Computer Network

A collection of computers and other devices connected to perform tasks such as sharing resources.

NIC (Network Interface Card)

Hardware that enables a device to directly access a network.

MAC Address

A unique physical address burned on the NIC that identifies a device.

IP Address

A logical address to identify each device on an IP network layer.

Protocols

Communication rules that all entities must agree on (e.g., HTTP, HTTPS, FTP).

Hub

Allows different nodes to communicate within the same network, but can slow it down.

Repeater

Regenerates the signal over the same network to prevent signal degradation.

Access Point (AP)

Allows Wi-Fi devices to connect to a wired network.

Switch

Connects different networks; allows efficient communication without slowing down the network.

Router

Connects different networks, routing data between them.

Local Area Network (LAN)

Network in a small geographical area like an office or school.

Wide Area Network (WAN)

Network covering a large geographical area, like a country or the internet.

The Internet

A global mesh of interconnected networks; no single entity owns it.

Peer to Peer Networks

Networks where all nodes have equal capabilities and responsibilities

Client/Server Networks

Networks where some nodes (servers) are dedicated to providing services to other nodes (clients).

Protocols

A set of rules that standardize communication between network entities.

TCP/IP Protocol Suite

A suite of protocols used for internet communication that allows data to flow from one NIC to another.

OSI Reference Model

Divides data transmission into layers for standardized communication.

TCP/IP

TCP/IP is an open, cross-platform protocol for modern OSs that allows direct internet access.

Physical Layer

Handles movements of individual bits from one node to the next.

Data Link Layer

Provides logical interface between end system and network for error notification.

Internet / Network protocol Layer

Guarantees connectivity and path decision between two hosts.

Internet Protocol (IP V4)

Uniquely identifies each device on an IP network layer; can be the logical address.

Internet Protocol (IP V6)

The next-generation internet protocol providing many addresses.

Internet Of Things (IOT)

Connects physical devices to the internet to collect and send data.

Transport Layer - TCP

Ensures reliable data delivery.

Transport Layer - UDP

Used for fast but unreliable data transfer.

Well Known ports

Used for permanent addresses.

URL (Universal Resource Locator)

Used to identify internet resources.

DNS (Domain Name Servers)

Translates human-readable names to IP addresses.

FTP (File Transfer Protocol)

Protocol used for file transfer between hosts.

Telnet /SSH or RDP

Remote access protocols for accessing computers remotely.

Cyber Security

Used to secure internal network users from external threats. Confidentially, integrity, availability

Vulnerability

Degree of weakness in a network or device.

Attack

Attempts to destroy, expose, alter, disable, steal or break into a system.

Passive Attack

Difficult to detect, doesn't send traffic.

Phishing Attack

A fake web page looks like a popular, real website for collecting user information.

HIJACK ATTACK

Takes over a session between you and another individual.

PASSWORD ATTACK

An attempt to crack passwords.

Backdoor or Trapdoor

Secret entry point into a program.

Study Notes

Computer Networks and Cyber Security

Session 1: Network Essentials

• A computer network connects computers and peripherals through a connecting medium, enabling resource sharing.
• Resource sharing includes file sharing, device sharing, software sharing with multi-user licenses, voice and video calls, and shared internet access.
• The elements of a network include hardware (devices, medium) and software (messages, protocols).
• Devices include computers, printers, phones, routers, and switches.
• Communication mediums can be wired, wireless or satellite.
• Messages are the information that travels over the medium, and protocols govern how messages flow across the network.
• NIC (Network Interface Card) or network adapter/LAN adapter is hardware that enables a device to directly access the network.
• Internal NICs plug directly into the motherboard, and external NICs can be wireless or USB-based.
• A MAC address is a physical, unique address burned on the NIC card.
• An IP address is a logical address that identifies each device on an IP network layer.
• Protocols are communication rules that all entities must agree on.
• A hub allows different nodes to communicate within the same network but it slows down that network.
• A repeater regenerates a signal over the same network before it becomes too weak or corrupted.
• An Access Point (AP) allows Wi-Fi devices to connect to a wired network and is a physical location with Wi-Fi access.
• A switch allows different nodes to communicate with each other at the same network and time without slowing each other.
• A router allows different networks to communicate with each other.
• LAN (Local Area Network) involves a group of computers connected in a small geographical area like a school or office building, typically 100-1000 meters.
• LANs allow users to share files and services, offer high-speed communications, and operate under administrative control.
• WAN (Wide Area Network) is a group of computers connected geographically in a large area such as a country.
• WANs can contain multiple smaller networks (LANs or MANs), have lower speeds, and operate under an ISP's administrative control; the internet is an example of a WAN.
• Internet consists of a global mesh of interconnected networks.
• Organizations, ISPs, companies, and governments own internet infrastructure pieces, but no one actually owns the internet.
• Internet Society (ISOC), Internet Engineering Task Force (IETF), and Internet Corporation for Assigned Names and Numbers (ICANN) are internet-related organizations.
• Peer-to-peer networks lack dedicated resources for specific services.
• Its easy to work with a peer-to-peer network and all nodes have equal access to resources.
• Client/Server networks have dedicated servers to present services to clients.
• Servers are more powerful in a Client/Server network.
• The Open Systems Interconnect (OSI) reference model was defined by ISO in 1983.
• The OSI reference model breaks down this approach into layers.
• Computer networks require protocols to communicate efficiently, enable data flow between NICs, and control messages and their volume.
• Transmission Control Protocol/Internet Protocol (TCP/IP) is an open standard, cross-platform protocol used by modern operating systems.
• Current internet use TCP/IP version 4, and the next version is TCP/IP v6.
• TCP/IP is routable and allows direct internet access.

Protocols in TCP/IP Suite

• Application protocols include SMTP, FTP, DNS, SNMP, and NFS.
• Transport protocols include TCP and UDP.
• Network protocols include ICMP, IGMP nad IP.
• The physical layer and data link protocols are defined by the underlying networks.
• A physical layer defines electrical and transmission medium aspects
• It involves movements of individual bits from one node to the next.
• A data link layer is a logical interface between end systems and the network including Error detection mechanisms.(FRAMES, MAC(Media Access Control))
• The data link layer carries out hop to hop addressing and error notification.
• An IP address uniquely identifies each device on an IP network layer.
• An IP address is sometimes called a logical address
• Every host must have a unique address on the network
• IP addresses are 32 bit divided into 4 octets each octet 8 bit representing from 0 to 255
• The address space of IPv4 is 2^32 or 4,294,967,296
• Class A private IP address range is 10.0.0.0 to 10.255.255.255.
• Class B private IP address range is 172.16.0.0 to 172.31.255.255.
• Class C private IP address range is 192.168.0.0 to 192.168.255.255
• NAT is used to translate the private IP address to public IP addresses.
• IP addresses can be manually or automatically assigned to a device.
• Automatic IP address are assigned via DHCP
• APIPA automatic IPs range from 169.254.X.X.
• The ICMP (Ping) tool tests connectivity between hosts
• IPv6 is a 128-bit address provides 340 billion billion billion billion addresses approximately
• IPv6 addresses are represented as eight groups, separated by colons, of four hexadecimal digits
• Internet of Things (IoT) connect all devices to the existing internet infrastructure.
• IoT devices sense, collect data, and send it to the internet, including coffee makers, ACs, washing machines, lights, etc.
• IoT has Practical applications like smart homes, smart cities, energy, environmental monitoring, and healthcare management.
• TCP provides reliable data delivery with acknowledgement, is connection-oriented and full duplex.
• UDP offers unreliable, best-effort delivery, is connectionless and full duplex.
• Well known ports are permanent used numbers ranging from 0 to 1,023
• Registered ports aren't assigned from 1,024 to 49,151
• Dynamic ports ranges from 49,152 to 65,535.
• The application layer facilitates communication between processes or applications
• Internet services include the World Wide Web(Http), naming service DNS, file transfer FTP, Telnet, and electronic mail service (IMAP, POP3, SMTP).
• A URL (Universal Resource Locator) includes the protocol(ex: HTTP, HTTPS, FTP), host, and pathname of the file where the information is located
• The domain name Servers (DNS) help translate human-readable names into IP addresses.
• FTP is a transmission protocol that provides reliable data transfer between hosts
• Telnet/SSH or RDP is a user command and an underlying TCP/IP protocol for accessing remote computers.
• Telnet/SSH facilitates remote access for administrators.
• Mail clients have Web based (Hotmail, Gmail)and Non web based interface (Microsoft Outlook)
• SMTP (send mail transfer Protocol) sends messages back and forth to other mail and email Clients
• POP3 "Post Office Protocol version 3" , the Email Client contacts the Mail Server to collect email messages, download messages and can work offline..
• IMAP4 “Internet Message Access Protocol version 4" retrieves only message header

Session 2: Cyber Security Essentials

• Cyber security protects systems, networks, programs, devices, and data from cyber attacks.
• Security involves shared responsibility that each person must accept when they connect to the network.
• Security goals include confidentiality (ensuring information is not revealed to unauthorized persons), integrity (ensuring consistency of data), and availability (ensuring legitimate users are not denied access to resources)
• Focus of security is risk equal threat x vulnerability.
• Threats are are a person, thing, event or idea which poses danger to an asset.
• Vulnerability is the degree of weakness that is found in the network.
• The goal is not to totally eliminate risk because there is no simple solution.
• An attack is any attempt to destroy, expose, alter, disable, steal, break into information, or gain unauthorized access to an asset.
• Passive attacks are difficult to detect.
• An example for passive attacks are capturing packets from the network and attempting to decrypt them.
• Active attacks are easier to detect cause the attacker is sending traffic.
• An example for active atttacks are to access information or modify data on a system.
• Social engineering refers to the ability to influence the behavior of a group of people.
• A phishing attack is a fake web page such as ( facebook, twitter, Gmail, paypal, bank page ) to persuade you to enter information identity such as username, passwords and credit cards details
• A hijack attack is where the attacker takes over a session between you and another individual.
• Insider attacks are where someone from the inside, such as a disgruntled employee, attacks the network.
• A password attack is where the attacker tries to crack the passwords stored in a network account database or a password-protected file.
• A dictionary, brute-force and hybrid attacks are all examples of password attacks.
• A backdoor/trapdoor is a secret entry point embedded into a program during development.
• Viruses are malicious software that attaches to another program, propagates itself and carries a payload.
• Trojan horses are superficially attractive programs with hidden side-effects that can be used to propagate viruses/worms or install backdoors.
• Worms replicate by infecting other programs, system vulnerabilities, spread, and are often used to create zombie PCs.
• Zombie attacks are often used to launch distributed denial-of-service (DDoS) attacks.
• Ransomware is malware that locks a computer or device or encrypts data and the data unusable until the victim pays a ransom (usually cryptocurrency, such as Bitcoin).
• Dos attack is defined by denial of service about without permission knocking off services
• This kind of attacks are easy to launch and it is hard to protect a system against them.
• Consume host resources such as memory and processor cycles
• Consume host resources such as bandwidth.
• DDoS attacks is where the distributed denial of uses multiple machines to prevent the legitimate use of a service.
• TCP SYN are a type of DDos attack.
• Spam is a network threat that overloads ISPs, email server, and end-user systems.
• Spyware gathers personal information from your computer without your permission.
• Tracking cookies are a form of spyware but can also be benign which are used to record information about an Internet user when they visit websites
• A firewall is an effective tool for protecting internal network users from external threats and controlling traffic between networks to prevent unauthorized access.
• Static Packet Filtering (stateless firewall) prevents or allows access based on IP or MAC addresses.
• Dynamic Packet Filtering (state full firewall) allows legitimate responses.
• A proxy server is a computer system or application program that intercepts internal user requests and processes them.
• The goal of the proxy server is to conceal the IP address of client systems inside the secure network
• VPN tunnels traffic between two sides of the network.
• Reomte Access VPN and Site to Site VPNs are two types of VPN's.
• NIDS: Watches the Network Traffic and if there is Intrusion and it detects if there is bad traffic Flow
• NIDS It send alarms and logs
• NIPS: Stops the traffic if it detects there is intrusion
• Signature-based detection: looks for the perfect match
• The next generation Firewall (NGFW) moves beyond the standard with "deep-packet inspection firewall" by inspection, intrusion prevention, and bringing intelligence from outside the firewall.”
• Encryption transforms the original representation of information, known as plaintext, into an alternative form known as ciphertext.
• in a symmetric encryption algorithm, the same key is also used for decryption.

Session 3: Distributed Systems

• Distributed systems is a group of computers working together as to appear as a single computer to the end-user.
• Centralized systems store state on a single computer, tend to be simpler, easier to understand, and faster for a single user.
• Distributed system: State divided over multiple computers
• Distributed systems are more robust, scalable, and complex.
• Distributed systems offer one interface to the end-user, performance, resources and information maximize and failure prevention
• Distributed systems offer reliability and ability to scale.
• Requirements of distributed system are Network. Messages, Reliability, and Scalability
• Centraliced Vs. Distributed systems: Simpler, easier to understan vs. Robust
• Client-server Architecture: a server distributes shared resources(printers, servers) to multiple tiers
• Three Tier: Clients No longer need to be intelligent. Most of the first Web applications fall under this category.
• Multi Tier (n-tier): Enterprises Web services and Google.com are in this category. n-tier interacts both with the tiers
• Peer-to-Peer: no centralized machines with split-up amongst all machines and Blockchain is a good example of one.
• Distributed systems are utilized by DNS, Facebook, and Google
• Email servers and Cloud Computing fall under Distributed systems
• Virtualization runs multiple operating systems and are completely isolated.
• Operating same or different ones the same
• Different between one and dual book
• Virtualization does not run only one or at the same time.
• Virtualization allows for consolidated management.
• Cloud computing is a pool of resources that can be rapidly provisioned in an automated, on-demand manner.
• Cloud computing offers economies of scale, elastic scaling, cost and operational benefits, and ease of access.
• Customers are provided access to an application running on a cloud infrastructure using a "Software as a service (SaaS)".
• Customers can deploy supported applications onto the provider's cloud infrastructure using "Platform as a service (PaaS)".
• Customers can provision processing, storage, networks using "Infrastucture as a Service (IaaS)".
• The Cloud can be Public on a premises and managed by a third party
• Community cloud infrastructure that is used exclusively by a specific group of organizations.
• Priveate cloud. Cloud infrastructure and managed solely by and organization or a third party
• Hybrid a cloud infrastructure combines 2 or more of the of cloud deployments, to enable that and application portability