Shared Flashcard Set

Details

F - SES-602 - Module 6 - Network Security
N/A
54
Computer Networking
Graduate
11/26/2011

Additional Computer Networking Flashcards

 


 

Cards

Term
Time Division (definition)
Definition

1. Data is transmitted inside fixed period frames, each circuit is allocated a fixed subset of the time slots in each frame. Connection ID and routing information is provided implicitely by the timeslotID that a datum is transmitted in.

 

2. The transmission capacity of a link is partition into a fixed number of circuits, each of them havin a fixed rate; unused capacity in one circuit cannot be used by other circuits.

Term
Time Division (pros and cons)
Definition

Pros: Simple.

 

Cons: wasteful in transmission capacity, especially when actual rate of connections varies widely with time.

Term
Packet Switching (definition)
Definition

Non-periodic multiplexing of packets, on a demand basis; each packet carries its own source and destination (connection) ID, and can be stored and forwarded at any later time.

 

Transmission capcity of a link is shared among all flows that pass through it, on a demand basis; any capacity that is not used by one flow can be used by another.

Term
Packet Switching (pros and cons)
Definition

Pros: No waste of transmission capacity.

 

Cons: More complicated. Dynamic control (per packet), rather than status (at connection setup) is needed. Unpredictability of traffic, leading to contention for resources.

Term

Open Systems Interconnection model (OSI model) (definition)

Definition

A prescription of characterizing and standardizing the functions of a communications system in terms of abstraction layers. Similar communication functions are grouped into logical layers. An instance of a layer provides services to its upper layer instances while receiving services from the layer below.

Term
Open Systems Interconnection model (OSI model) (layers)
Definition

7. Application - All

6. Presentation - people

5. Session - seem

4. Transport - to

3. Network - need

2. Data Link - data

1. Physical - processing

Term
OSI Model: Application Layer
Definition

Resonsible for User application services.

 

Data type: user data
Scope: application data

Examples: FTP; http; telnet; Simple Mail Transfer Protocol (SMTP)

Term
OSI Model: Presentation Layer
Definition

Responsible for data translation; compresion and encryption.

 

Data type: encoded user data
Scope: application data representations.

Example: SSL; shells and redirectors; Multipurpose Internet Mail Extensions (MIME)

Term
OSI Model: Session Layer
Definition

Session Establishment; management and termination.

 

Data type: sessions
Scope: sessions between local or remote devices.

Example: sockets; named pipes; remote procedure call (RPC)

Term
OSI Model: Transport Layer
Definition

Responsible for process-level addressing; multiplexing/demultiplexing; connections; segmentation and reassembly; acknowledgements and retransmissions; flow control.

 

Data type: datagrams/segments
Scope: communication between software processes.

Examples: TCP and User Datagram Protocol (UDP)

Term
OSI Model: Nework Layer
Definition

Logical addressing; routing; datagram encapsulation; fragmentation and reassembly; error handling and diagnostics.

 

Data type: datagrams/packets
Scope: message between local or remote devices.

Example: IP

Term
OSI Model: Data Link layer
Definition

Logical link control; media access control; data framing; addressing; error detection and handling; defining requirements of physical layer.

 

Data type: frames
Scope: low-level data messages between local devices.

Examples: IEEE standards; ethernet; Asynchronous Transfer Mode (ATM)

Term
OSI Model: Physical layer
Definition

Encoding and signaling; physical data transmission; hardware specifications; topology and design.

 

Data type: bits

Scope: electrical or light signals sent between local devices.

Examples: Physical layers of techs listed under data link layer.

 

Term
Transmission Control Protocol (TCP)
Definition

A communication service at an intermediate level between an application program and the Internet Protocol (IP). That is, when an application program desires to send a large chunk of data across the Internet using IP, instead of breaking the data into IP-sized pieces and issuing a series of IP requests, the software can issue a single request to this protocol and let it handle the IP details.

 

Note: It is optimized for accurate delivery rather than timely delivery.

Term
Internet Protocol (IP)
Definition
The principal communications protocol used for relaying datagrams (packets) across an internetwork. Responsible for routing packets across network boundaries, it is the primary protocol that establishes the Internet.
Term
Multiplexing
Definition
A method by which multiple analog message signals or digital data streams are combined into one signal over a shared medium.
Term
Internet Protocol Security (IPSec)
Definition
A protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. It also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
Term
IPSec Architecture
Definition

1. Authentication Headers (AH)

2. Encapsulating Security Payloads (ESP)

3. Security Associations (SA)

Term
IPSec Architecture: Authentication Header (AH)
Definition

Guarantees connectionless integrity and data origin authentication of IP packets. Further, it can optionally protect against replay attacks by using the sliding window technique and discarding old packets.

 

Note:  Operates directly on top of IP, using IP protocol number 51.

Term
IPSec Architecture: Encapsulating Security Payload (ESP)
Definition

Provides origin authenticity, integrity, and confidentiality protection of packets. It also supports encryption-only and authentication-only configurations, but using encryption without authentication is strongly discouraged because it is insecure.

 

Note: Operates directly on top of IP, using IP protocol number 50.

Term
IPSec: Transport Mode
Definition
Only the payload (the data you transfer) of the IP packet is usually encrypted and/or authenticated. The routing is intact, since the IP header is neither modified nor encrypted; however, when the authentication header is used, the IP addresses cannot be translated, as this will invalidate the hash value.
Term
IPSec: Tunnel Mode
Definition
The entire IP packet is encrypted and/or authenticated. It is then encapsulated into a new IP packet with a new IP header. It is used to create virtual private networks for network-to-network communications (e.g. between routers to link sites), host-to-network communications (e.g. remote user access), and host-to-host communications (e.g. private chat).
Term
IPv6
Definition
A version of the Internet Protocol (IP) designed to succeed the Internet Protocol version 4 (IPv4). The most important feature is a much larger address space than in IPv4, i.e., 128 bits, compared to 32 bits in IPv4. Additionally, IPsec support is mandatory.
Term
Packet Filter
Definition

Acts by inspecting the "packets" which transfer between computers on the Internet. If a packet matches the packet filter's set of rules, the packet filter will drop (silently discard) the packet, or reject it (discard it, and send "error responses" to the source). Note: Filters each packet based only on information contained in the packet itself most commonly using a combination of the following information:

 

1. Source

2. Destination

3. Protocol

4. Port

Term
Input Route Filter
Definition
Routes advertised by neighboring
networks are purposely ignored (e.g.
internal or unregistered addresses).
Term
Output Route Filter
Definition
Routes internally generated are
purposely hidden (e.g. internal network
address translations for Internet-facing
interfaces).
Term
Stateful Filtering
Definition
A type of filter that regards the placement of each individual packet within the packet series. Also, it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection, a part of an existing connection, or is an invalid packet. Though there is still a set of static rules in such a firewall, the state of a connection can itself be one of the criteria which trigger specific rules. Furthermore, such filters can have intelligence for storing all related packets and search for any malicious code in data section of all packets when packets are combined.
Term
Application Layer Filtering
Definition
Works on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgment to the sender). In principle, they can can prevent all unwanted outside traffic from reaching protected machines.
Term
Network Zones
Definition
Networks are often devided up into smaller regions with different security policies. Zones map to system functions.
Term
Virtural Private Network (VPN)
Definition

A network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network. Note:  They typically require remote users of the network to be authenticated, and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties.

 

Can be implemented via the Tunneling mode of Internet Protocol Security (IPSec).

Term
Radio Frequency Identification (RFID)
Definition
A technology that uses radio waves to transfer data from an electronic tag, attached to an object, through a reader for the purpose of identifying and tracking the object. Some tags can be read from several meters away and beyond the line of sight of the reader.
Term
Wireless Intrusion Detection
Definition

1. Algorithms for detection of wireless energy

 

2. measurement of total signal power
appearing in small frequency sub-bands


3. algorithms to determine the geospatial
coordinates of the detected wireless device

Term
intrusion detection system (IDS)
Definition
A device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station.
Term
What transport layer protocol does VoIP use? Vulnerabilities?
Definition

User Datagram Protocol (UDP), so no concept of session, i.e., susceptible to flood attacks.

 

Note: Also, susceptible to eavesdropping,
reply, caller-id spoofing, and man-in-the
middle. Secured via isolation.

Term
Network Time Protocol (NTP)
Definition
A protocol and software implementation for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. Allows devices to synchronize time to central server so log entries match. Required for highspeed transaction tracing.
Term
Network File Systems
Definition

A file system that acts as a client for a remote file access protocol, providing access to files on a server.

 

- Host or storage device-based technology.

- Device sharing command usually allow permission at share level over and aboe file level.

 

Examples: UNIX Network File System (NFS); Windows File share; File Transfer Protocol (FTP)

Term
Host Lookup
Definition
• List-based configuration per host, converts
node names to network addresses
• Servers susceptible to impersonation via list
corruption or network redirection
Term
Wide Area Network (WAN)
Definition
A telecommunication network that covers a broad area (i.e., any network that links across metropolitan, regional, or national boundaries).
Term
Wide Area Network (WAN) Security Considerations
Definition
• Redundancy
• Alternative Routing
• Diverse Routing
• Long Haul Network Diversity
• “Last Mile” Circuit Protection
• Voice Recovery
Term
Netword Security Management considerations
Definition
• Zone Architecture
• Configuration Audit
• Segregation of Duties
• Monitor FCAP – Fault, Configuration,
Accounting, Performance
Term
Cload Networks: Infrastructure as a Service (IaaS) (definition)
Definition
Delivers computer infrastructure – typically a platform virtualisation environment – as a service, along with raw (block) storage and networking. Rather than purchasing servers, software, data-center space or network equipment, clients instead buy those resources as a fully outsourced service. Suppliers typically bill such services on a utility computing basis; the amount of resources consumed (and therefore the cost) will typically reflect the level of activity
Term
Infrastructure as a Service (Iaas): To Be Considered
Definition
Options to minimuze the impact if the cloud provider has a service interruption.
Term
Platform as a Service (Paas) (definition)
Definition

A category of cloud computing services that provide a computing platform and a solution stack as a service.  Facilitates the deployment of applications without the cost and complexity of buying and managing the underlying hardware and software and provisioning hosting capabilities, providing all of the facilities required to support the complete life cycle of building and delivering web applications and services entirely available from the Internet. 

 

Offerings may include facilities for application design, application development, testing, deployment and hosting as well as application services such as team collaboration, web service integration and marshalling, database integration, security, scalability, storage, persistence, state management, application versioning, application instrumentation and developer community facilitation.

Term
Platform as a Service (Paas) (To be Considered)
Definition

1. Availability.

2. Confidentiality.

3. Privacy and legal liability in the event of a security breach (as databases housing sensitive information will not be hosted offsite).

4. Data ownership.

5. concerns around e-discovery.

Term
Software as a Service (Saas) (definition)
Definition
A software delivery model in which software and its associated data are hosted centrally (typically in the (Internet) cloud) and are typically accessed by users using a thin client, normally using a web browser over the Internet.
Term
Software as a Service (Saas) (To Be Considered)
Definition

1. Who owns the applications?

2. Where do the applications reside?

Term
Private Cloud (description of infrastructure)
Definition

1. Operated solely for an organization

2. May be managed by the organization or a third party.

3. May exist on-premise or off-premise.

Term
Private Cloud (To Be Considered)
Definition

1. Provides Cloud services with minimum risk.

2. May not provide the scalability and agility of public cloud services.

Term
Community cloud (description of infrastructure)
Definition

1. Shared by several organizations.

2. Supports a specific community that has a shared mission or interest.

3. May be managed by the organizations or a third party.

4. May reside on-premise or off-premiss.

Term
Community Cloud (To Be Considered)
Definition

1. Same as private cloud, plus:

2. Data may be stored with the data of competitors.

Term
Public Cloud (description of infrastructure)
Definition

1. Made available to the general public or a large industry group.

2. Owned by an organization selling cloud services.

Term
Public Cloud (To Be Considered)
Definition

1. Same as community cloud, plus:

2. Data may be stored in unknown locations and may not be easily retrievable.

Term
Hybrid Cloud (Description of Infrastructure)
Definition
A composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardizaed or proprietary technology that enables data and applciations portability (e.g., cloud bursting for load balanacing between clouds).
Term
Hybrid Cloud (To Be Considered)
Definition

1. Aggregate risk of merging defferent deployment models.

2. Classification and labeling of data will be beneficial to the security manager to ensure that data are assigned to the correct cloud type.

Supporting users have an ad free experience!