Podcast
Questions and Answers
Which protocol uses port 80?
Which protocol uses port 80?
A MAC address is a unique hardware identifier crucial for LAN communication.
A MAC address is a unique hardware identifier crucial for LAN communication.
True
What is the purpose of ARP?
What is the purpose of ARP?
To translate IP addresses into MAC addresses.
____ is a process that checks a host's ports to see which are open.
____ is a process that checks a host's ports to see which are open.
Signup and view all the answers
What is a common risk associated with port scanning?
What is a common risk associated with port scanning?
Signup and view all the answers
Match the following components with their definitions:
Match the following components with their definitions:
Signup and view all the answers
War driving refers to a legitimate method of accessing a wireless network.
War driving refers to a legitimate method of accessing a wireless network.
Signup and view all the answers
What is a recommended measure to secure a router?
What is a recommended measure to secure a router?
Signup and view all the answers
Which type of denial of service attack sends excessive requests to overwhelm a server's ability to handle them?
Which type of denial of service attack sends excessive requests to overwhelm a server's ability to handle them?
Signup and view all the answers
A replay attack involves capturing communication and sending it again to gain unauthorized access.
A replay attack involves capturing communication and sending it again to gain unauthorized access.
Signup and view all the answers
What is the primary purpose of encryption in a VPN?
What is the primary purpose of encryption in a VPN?
Signup and view all the answers
What are the three main types of VPNs mentioned?
What are the three main types of VPNs mentioned?
Signup and view all the answers
An attacker can monitor and log network traffic using a ______.
An attacker can monitor and log network traffic using a ______.
Signup and view all the answers
Digital certificates are used to verify the identity of clients connecting to a server.
Digital certificates are used to verify the identity of clients connecting to a server.
Signup and view all the answers
What is the role of a Certificate Authority (CA)?
What is the role of a Certificate Authority (CA)?
Signup and view all the answers
Match the denial of service attack with its description.
Match the denial of service attack with its description.
Signup and view all the answers
What is a characteristic of a secure VPN?
What is a characteristic of a secure VPN?
Signup and view all the answers
The main process in TLS involves a __________ between the client and server.
The main process in TLS involves a __________ between the client and server.
Signup and view all the answers
In a hub-based network, packet sniffing is more difficult compared to a switch-based network.
In a hub-based network, packet sniffing is more difficult compared to a switch-based network.
Signup and view all the answers
Which of the following encryption standards is commonly used in VPNs?
Which of the following encryption standards is commonly used in VPNs?
Signup and view all the answers
What could be the result of an overloaded switch in a network?
What could be the result of an overloaded switch in a network?
Signup and view all the answers
Match the TLS version with its key properties:
Match the TLS version with its key properties:
Signup and view all the answers
TLS 1.3 includes support for weaker protocols from previous versions.
TLS 1.3 includes support for weaker protocols from previous versions.
Signup and view all the answers
What is the significance of Forward Secrecy in TLS 1.3?
What is the significance of Forward Secrecy in TLS 1.3?
Signup and view all the answers
Study Notes
Ports
- Ports are virtual start and end points for network communication.
- Each port has a unique number.
- Specific ports are assigned protocols to differentiate traffic types (e.g., HTTP uses port 80).
Key Hardware Components
- Network Interface Card (NIC): Converts data into electrical signals for communication.
- Media Access Control (MAC) Address: Unique hardware ID for devices crucial for LAN communication.
- Hubs and Switches: Connect devices in a network; switches route data only to intended devices using MAC addresses.
Key Internet Components
- HTTP (Hyper Text Transfer Protocol): Controls data communication over the internet (e.g., retrieving web pages).
- IP Address: Unique device identifier on the internet; can change.
- URL (Uniform Resource Locator): Readable way to access an IP address; translated by Domain Name Servers (DNS).
- ARP (Address Resolution Protocol): Translates IP addresses to MAC addresses for local communication.
Port and Router Vulnerabilities
- Port Scanning: Checks open ports and listens for data. Attackers can exploit open ports to send malicious data or identify vulnerabilities.
- Port scanning tools (e.g., Nmap) can be used to identify vulnerabilities or applications.
- Vanilla scans check all ports sequentially, strobe scans target specific services.
- Stealth scanning (e.g., fragmented packets) makes probes harder to detect.
- Router vulnerabilities: War driving (unauthorized wireless network access), lack of password, malicious network activities.
Server Vulnerabilities
- Denial-of-Service (DoS) Attacks: Can happen unintentionally due to high server traffic (e.g., website crashes, university registration).
- Service Request Flood: Overloads a server with too many requests, causing it to shut down.
- Bandwidth Flood: Sends requests exceeding the server's bandwidth capacity, causing denial of service.
- SYN Flood: Exploits TCP/IP handshake; overwhelms the server with open connections.
- Security Operation Centers (SOCs): Use tools (firewalls, DMZs, etc.) to monitor and prevent attacks.
Packet Sniffing
- Passive attack; monitors and logs network traffic.
- Packet sniffers capture unencrypted data (e.g., passwords, financial information).
- Hub-based networks make sniffing easier than switch-based networks, although switch-based sniffing is possible with overloaded or promiscuous mode switches.
Spoofing
- Address Resolution Protocol (ARP) spoofing: ARP maps IP addresses to MAC addresses. Attackers can change the IP-to-MAC mapping to reroute traffic to them; tools such as Ettercap can do this.
- DNS spoofing: On the internet, an attacker can use DNS protocol spoofing.
Replay Attacks
- Attackers capture communication (e.g., login credentials), and later replay it to gain unauthorized access.
- Even encrypted data can be vulnerable in replay attacks.
VPNs
- Trusted VPN: Older type, relying on private lines.
- Secure VPN: Most common, using encryption protocols.
- Hybrid VPN: Combination of trusted and secure VPNs.
- VPNs encrypt data packets to prevent unauthorized access.
Encryption
- VPNs encrypt data in transit (transport mode) or as created (tunnel mode).
- Different VPNs use various encryption standards (e.g., AES).
Digital Certificates
- Verifies server identities in TLS (Transport Layer Security).
- Links a server's public key to its identity.
- Issued by a Certificate Authority (CA).
- The CA verifies the server's identity and digitally signs the certificate.
- Servers submit Certificate Signing Requests (CSRs) to the CA.
Transport Layer Security (TLS)
- Foundation of secure internet connections (e.g., HTTPS).
- TLS handshake involves:
- Client sending "Client Hello."
- Server replying with "Server Hello" and digital certificate.
- Both agreeing on encryption key.
- TLS 1.3: Faster and more secure version, uses forward secrecy and stronger cipher suites, removing weaker protocols.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Test your knowledge on the fundamentals of networking, including ports, hardware components, and internet protocols. This quiz covers essential concepts like IP addresses, MAC addresses, and the roles of various devices in a network.
