Term
|
Definition
| a standard set of rules that determines how computers communicate with each other across networks despite their differences (PC, UNIC, Mac..) |
|
|
Term
|
Definition
Shows how communication should take place.
-Clarify the general functions of a communication process
-To break down complex networking processes into more manageable sublayers
-Using industry-standard interfaces enables interoperability
-To change the features of one layer without changing all of the code in every layer
-Easier troubleshooting |
|
|
Term
| OSI – Open Systems Interconnect Model |
|
Definition
Layer 7 - Application
Layer 6 - Presentation
Layer 5 - Session
Layer 4 - Transport
Layer 3 - Network
Layer 2 - Data Link
Layer 1 - Physical |
|
|
Term
|
Definition
| Responsible for the physical transmission of the binary digits through the physical medium. This layer includes things such as the physical cables, interfaces, and data rate specifications. User information maintained at this layer is called bits (the 1s and 0s). Layer 1 |
|
|
Term
|
Definition
| Responsible for the physical addressing of the network via MAC addresses. Ther are two sublevels to the Data-Link layer. MAC and LLC. The Data-Link layer has error detection, frame ordering, and flow control. User information maintained at this layer is called frames. Layer 2. |
|
|
Term
|
Definition
| Responsible for the routing of user data from one node to another through the network including the path selection. Logical addresses are used at this layer. User information maintained at this layer is called packets. |
|
|
Term
|
Definition
| Responsible for the guaranteed delivery of user information. It is also responsible for error detection, correction, and flow control. User information at this layer is called datagrams. |
|
|
Term
|
Definition
| Responsible for the setup of the links, maintaining of the link, and the link tear-down between applications. Layer 5 |
|
|
Term
|
Definition
| Responsible for the formatting of the data so that it is suitable for presentation. Responsible for character conversion (ASCII/EBCDIC), Encryption/Decryption, Compression, and Virtual Terminal Emulation. User information maintained at this layer is called messages. Layer 6 |
|
|
Term
|
Definition
| Responsible for all application-to-application communications. User information maintained at this layer is user data. Layer 7 |
|
|
Term
|
Definition
| FTP, SMB, TELNET, TFTP, SMTP, HTTP, NNTP, CDP, GOPHER, SNMP, NDS, AFP, SAP, NCP, SET |
|
|
Term
|
Definition
| Application - provides confidentiality, authentication, data integrity, non-repudiation. |
|
|
Term
|
Definition
| ASCII, EBCDIC, POSTSCRIPT, JPEG, MPEG, GIF |
|
|
Term
|
Definition
| Presentation - provides confidentiality, authentication, encryption |
|
|
Term
|
Definition
| Remote Procedure Calls (RPC) and SQL, RADIUS, DNS, ASP |
|
|
Term
|
Definition
| Session - provides no security |
|
|
Term
|
Definition
| TCP, UDP, SSL, SSH-2, SPX, NetBios, ATP |
|
|
Term
|
Definition
| Transport - provides confidentiality, authentication, integrity |
|
|
Term
|
Definition
| IP, IPX, ICMP, OSPF, IGRP, EIGRP, RIP, BOOTP, DHCP, ISIS, ZIP, DDP, X.25 |
|
|
Term
|
Definition
| Network - provides confidentiality, authentication, data integrity |
|
|
Term
|
Definition
| L2F, PPTP, L2TP, PPP, SLIP, ARP, RARP, SLARP, IARP, SNAP, BAP, CHAP, LCP, LZS, MLP, Frame Relay, Annex A, Annex D, HDLC, BPDU, LAPD, ISL, MAC, Ethernet, Token Ring, FDDI |
|
|
Term
|
Definition
| Data link provides confidentiality |
|
|
Term
|
Definition
| 10BaseT, 100BaseT, 1000BaseT, 10Base2, 10Base5, OC-3, OC-12, DS1, DS3, E1, E3, ATM, BRI, PRI, X.23 |
|
|
Term
|
Definition
| Physical - provides confidentiality |
|
|
Term
|
Definition
| Process in which information from one packet is wrapped around or attached to the data of another packet. In OSI model each layer encapsulates the layer immediately above it. |
|
|
Term
|
Definition
| Collection of security mechanisms, files, and procedures that help protect the network. |
|
|
Term
|
Definition
-Authentication
-Access control
-Data confidentiality
-Data integrity
-Non-repudiation
-Logging and monitoring |
|
|
Term
|
Definition
-Encipherment
-Digital signature
-Access Control
-Data Integrity
-Authentication
-Traffic Padding
-Routing Control
-Notarization |
|
|
Term
|
Definition
-Application Layer
-Host to Host Layer
-Internet Layer
-Network Access Layer |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Consists of routines for accessing physical networks and the electrical connection. Layer 1 of the TCP/IP model |
|
|
Term
|
Definition
| Defines the IP datagram and handles the routing of data across networks. Layer 2 of the TCP/IP model |
|
|
Term
|
Definition
| Provides end-to-end data delivery service to the Application Layer. Layer 3 of the TCP/IP model |
|
|
Term
|
Definition
| Consists of the applications and processes that use the network. Layer 4 of the TCP/IP model |
|
|
Term
| TCP – Transmission Control Protocol |
|
Definition
-Connection Oriented
-Sequenced Packets
-Acknowledgment is sent back for received packets
-If no acknowledgement then packet is resent
-Packets are re-sequenced
-Manageable data flow is maintained |
|
|
Term
| User Datagram Protocol (UDP) |
|
Definition
-Best effort
-Doesn’t care about sequence order
-Connectionless
-Less overhead and faster than TCP |
|
|
Term
|
Definition
Internet Layer Protocol
-All hosts on a network have an IP address
-Each data packet is assigned the IP address of the sender and receiver
-It provides an ‘unreliable datagram service’. Provides:
-No guarantees that the packet will be delivered
-No guarantee that the packet will be delivered only once
-No guarantee that it will be delivered in the order which it was sent |
|
|
Term
| ARP – Address Resolution Protocol |
|
Definition
Internet Layer Protocol
-Use the IP Address to get the MAC Address
-MAC address is 48 bit
-IP address is 32 bit
-Only broadcast to network first time, otherwise stores IP and MAC info in table |
|
|
Term
| RARP – Reverse Address Resolution Protocol |
|
Definition
Internet Layer protocol.
-Use the MAC Address to get the IP Address
-RARP Server tells diskless machines IP Address |
|
|
Term
| ICMP – Internet Control Message Protocol |
|
Definition
Internet Layer Protocol
-Management Protocol and messaging service provider for IP.
-Sends messages between network devices regarding the health of the network.
-Ping is ICMP packet
-Ping checks if a host is up and operational |
|
|
Term
|
Definition
-Telnet – Terminal Emulation (No File Transfer)
-FTP – File Transfer Protocol – (Can not execute files)
-TFTP – Trivial FTP – no directory browsing capabilities, no authentication (it is unsecure), can only send and receive files.
-Some sites choose not to implement TFTP due to the inherent security risks.
-TFTP is an UDP-based file transfer program that provides no security.
-NFS – Network File Sharing
-SMTP – Delivers emails
-LDP – Line Printer Daemon – with LPR enables print spooling
-X-Windows – for writing graphical interface application
-SNMP – Simple Network Management Protocol. Provides for the collection of network information by polling the devices on the network from a management station. Sends SNMP traps (notification) to MIBS Management Information Bases
-Bootstrap (BootP) protocol – Diskless boot up. BootP server hears the request and looks up the client’s MAC address in its BootP file. It’s an internet layer protocol. |
|
|
Term
| SET – Secure Electronic Transaction |
|
Definition
-Originated by Visa and MasterCard
-Being overtaken by SSL |
|
|
Term
|
Definition
-Early standard for encrypting HTTP documents
-Also being overtaken by SSL |
|
|
Term
|
Definition
-SSH has RSA Certificates
-Supports authentication, compression, confidentiality, and integrity
-DES Encryption
-Because Secure Shell (SSH-2) supports authentication, compression, confidentiality, and integrity, SSH is used frequently for Encrypted File Transfer |
|
|
Term
| SSL – Secure Socket Layer |
|
Definition
-Contains SSL record protocol and SSL Handshake Protocol
-Uses symmetric encryption and public key for authentication
-MAC – Message Authentication Code for Integrity |
|
|
Term
| SKIP – Simple Key Management for Internet Protocol |
|
Definition
| Similar to SSL – no prior communication required |
|
|
Term
| Packet Filtering Firewall |
|
Definition
First Generation
-Screening Router
-Operates at Network and Transport level
-Examines Source and Destination IP Address
-Can deny based on ACLs
-Can specify Port |
|
|
Term
| Application Level Firewall |
|
Definition
Second Generation
-Proxy Server
-Copies each packet from one network to the other
-Masks the origin of the data
-Operates at layer 7 (Application Layer)
-Reduces Network performance since it has do analyze each packet and decide what to do with it.
-Also Called Application Layer Gateway |
|
|
Term
| Stateful Inspection Firewalls |
|
Definition
Third Generation
-Packets Analyzed at all OSI layers
-Queued at the network level
-Faster than Application level Gateway |
|
|
Term
| Dynamic Packet Filtering Firewalls |
|
Definition
-Allows modification of security rules
-Mostly used for UDP
-Remembers all of the UDP packets that have crossed the network’s perimeter, and it decides whether to enable packets to pass through the firewall |
|
|
Term
|
Definition
-Runs in NT Kernel
-Uses dynamic and custom TCP/IP-based stacks to inspect the network packets and to enforce security policies. |
|
|
Term
|
Definition
-Sits between trusted and untrusted networks
-Uses ACLs
-ACLs can be manually intensive to maintain
-Lacks strong user authentication
-ACLs can degrade performance
-Minimal Auditing |
|
|
Term
|
Definition
-Employs packet filtering and Bastion Host
-Provides network layer (packet filtering) and application layer (proxy) services
-Penetration requires getting by external router (packet filtering) and Bastion Host (proxy). |
|
|
Term
|
Definition
-Contains two NICs
-One connected to the local “trusted” network
-One connected to the external “untrusted” network
-Blocks or filters traffic between the two.
-IP forwarding is disabled |
|
|
Term
|
Definition
-One of the most secure
-Two packet filtering routers and a Bastion Host
-Provides network layer (packet filtering) and application layer (proxy) services
-Provides DMZ
-Complex configuration |
|
|
Term
|
Definition
-Circuit level proxy server
-Requires SOCKS client on all machines
-Used to manage outbound Internet access
-IT Overhead intensive |
|
|
Term
|
Definition
| 10.0.0.0 to 10.255.255.255 |
|
|
Term
|
Definition
| 172.16.0.0 to 172.31.255.255 |
|
|
Term
|
Definition
| 192.168.0.0 to 192.168.255.255 |
|
|
Term
| Large networks with many devices. 1-127 |
|
Definition
|
|
Term
| Medium-sized networks. 128-191 |
|
Definition
|
|
Term
| Small networks (fewer than 256 devices). 192-223 |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
-Secure connection between two nodes using secret encapsulation method.
-Secure Encrypted Tunnel – encapsulated tunnel (encryption may or may not be used) |
|
|
Term
| 3 methods to create a Tunnel |
|
Definition
-Installing software or agents on client or network gateway.
-Implementing user or node authentication systems.
-Implementing key and certificate exchange systems. |
|
|
Term
| PPTP – Point-to-Point Tunneling Protocol |
|
Definition
-Works at the Data Link Layer
-Single point to point connection from client to server
-Common with asynchronous connections with NT and Win 95 |
|
|
Term
| L2TP - Layer 2 Tunneling Protocol |
|
Definition
-Combination of PPTP and earlier Layer 2 Forwarding Protocol (L2F)
-Multiple protocols can be encapsulated within the L2TP
-Single point to point connection from client to server
-Common with Dial up VPNs |
|
|
Term
|
Definition
-Operates at the network layer
-Allows multiple and simultaneous tunnels
-Encrypt and authenticate IP data
-Focuses more on Network to Network Connectivity |
|
|
Term
|
Definition
| Entire packet is encrypted and encases in IPSec packet |
|
|
Term
|
Definition
| Only datagram is encrypted leaving IP address visible. |
|
|
Term
|
Definition
| A self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination. |
|
|
Term
|
Definition
-Hardware and Software devices that utilize VPN Standards
-Two types: IPSec Compatible and Non-IPSec Compatible |
|
|
Term
| IPSec Compatible VPN Devices |
|
Definition
-Installed on a networks perimeter and encrypt traffic between the two
-Because IPSec only work with IP
-Operate at Network Layer
-Operate in Tunnel or Transport Mode |
|
|
Term
| Non-IPSec Compatible VPN Devices |
|
Definition
|
|
Term
|
Definition
| Not a traditional VPN protocol but is robust and operates at Application Layer. |
|
|
Term
|
Definition
Implemented in Win95 and NT
-Multiprotocol and uses PAP and CHAP user authentication.
-Compresses Data
-End-to-End encryption |
|
|
Term
|
Definition
| Not strictly a VPN but can be used as one with Terminal Session |
|
|
Term
|
Definition
-Frequently available with Third Generation (Stateful Inspection) Firewalls
-Operate at the Application layer
-Performance degradation is often a problem |
|
|
Term
|
Definition
-Local Area Network (LAN)
-Wide Area Network (WAN)
-Internet
-Intranet
-Extranet |
|
|
Term
| Local Area Networks – LAN |
|
Definition
| Discrete network for limited geographical area like a building or a single floor |
|
|
Term
| CAN - Campus Area Network |
|
Definition
| Connects multiple buildings with each other over switched backbone |
|
|
Term
| MAN – Metropolitan Area Network |
|
Definition
| LAN over a city wide metropolitan area. |
|
|
Term
|
Definition
-Network of sub networks that interconnect LANs over large geographic areas.
-WAN is basically everything outside of LAN |
|
|
Term
|
Definition
-Internet like logical network that uses a companies internal physical network structure
-More security and control than Internet
-Uses Internet tools like browsers. |
|
|
Term
|
Definition
-Extranet can be accessed by users outside of the company, (i.e. vendors and partners) but not the general public.
-Includes some type of authentication or encryption |
|
|
Term
|
Definition
| Basis of modems and dial up remote access. Must operate at same speed. |
|
|
Term
|
Definition
| Very high speed, governed by electronic clock timing signals |
|
|
Term
| Common Data Network services |
|
Definition
-File Services
-Mail Services
-Print Services
-Client/Server Services
-Domain Name Services |
|
|
Term
|
Definition
| Matches Internet Uniform Resource Locator (URL) with the actual IP address of the server providing the URL. Maps host names to IP Addresses. IT is a global network of servers that provide this service. |
|
|
Term
|
Definition
| Allocate computing resources among workstations |
|
|
Term
|
Definition
| send and receive mail internally and externally |
|
|
Term
|
Definition
| Share data files and subdirectories on file server |
|
|
Term
|
Definition
-Static routing
-Distance Vector Routing
-Link State |
|
|
Term
|
Definition
-uses only first hand information when building tables by maintaining every other router's Link State Protocol (LSP) Frame
-Open Shortest Path First (OPSF) protocol features least-cost routing, multipath routing, and load balancing |
|
|
Term
|
Definition
-Routing Information Protocol(RIP)used to maintian dynamic routing tables
-Best routing path determination by the fewest hops |
|
|
Term
|
Definition
-Specific route definitions
-No need for routers to exchange information dynamically |
|
|
Term
| Spanning Tree Protocol (STP) |
|
Definition
Developed by Digtial Equipment Corporation (DEC)is now the IEEE 802.1d standard
-Uses Spanning tree algorith (STA) to identify the best path to communicatie with a node and any alternative paths |
|
|
Term
|
Definition
| Allows a switch to learn information about the location of nodes on the network |
|
|
Term
| Steps of Transparent Bridging |
|
Definition
-learning
-flooding
-filtering
-forwarding
-aging |
|
|
Term
|
Definition
-Virsus
-Spware
-Trojan Horses
-Remote Access Trojans (RATS)
-Logic Bomb
-Worms |
|
|
Term
|
Definition
-Macro Viruses
-Polymorphic Viruses
-Stealth Viruses |
|
|
Term
|
Definition
|
|
Term
| Remote Access Trojans (RATs) |
|
Definition
| Program that allows access to a computer's resources without the owners knowledge |
|
|
Term
|
Definition
-Sobig
-IloveYou
-MyDoom
-Sasser |
|
|
Term
|
Definition
| Any technology that aids in gathering information about a person or organization without their knowledge or consent |
|
|
