Networking & Data Communications Final Study set

Open network

A wireless network with no encryption or authentication; any nearby device can join and eavesdrop

Man-in-the-middle attack

An attack where an adversary silently positions themselves between two communicating parties, relaying and possibly altering messages while both sides believe they talk directly

Drive-by hacker

An attacker outside a building who connects wirelessly to an internal AP to reach internal systems, bypassing the border firewall

802.11i

The IEEE security standard for WiFi that provides strong link-layer cryptographic protections; marketed as WPA2 by the WiFi Alliance

Link security

Security that protects traffic on a single hop between two directly connected devices (e.g., client ↔ AP)

End-to-end security

Security that protects traffic all the way from the original sender to the final receiver across multiple hops

WEP (Wired Equivalent Privacy)

The original 802.11 security mechanism; now considered fundamentally broken and unsafe

WPA (WiFi Protected Access)

An interim WiFi Alliance standard based on an early 802.11i draft; better than WEP but weaker than full 802.11i

WPA2

The WiFi Alliance name for the full 802.11i standard; currently the correct choice for WiFi security

Initial authentication

The one-time procedure at the start of a session where a client proves its identity and negotiates keys with the AP

Ongoing protection

The steady-state phase where each frame is protected using the negotiated encryption and integrity keys

PSK (Pre-Shared Key) mode

802.11i mode where all devices on an AP share a single secret key for initial authentication; intended for small sites; also called 'Personal Mode'

802.1X mode

802.11i mode that uses a central authentication server and per-user credentials; intended for enterprises; also called 'Enterprise Mode'

Pre-Shared Key (PSK)

A long secret derived from a passphrase that all devices on a given AP know and use only to authenticate initially

Pairwise session key

A unique, temporary key used between one client and the AP for encryption after authentication

Passphrase

A human-memorable string (at least 20 characters for strong security) that is converted into the PSK

Operational security

The human and procedural aspects of keeping keys, passwords, and configurations safe

Supplicant

The wireless client that wishes to connect and must prove its identity (in 802.1X)

Authenticator

The AP that mediates between the supplicant and the authentication server during 802.1X

Authentication server

The central server that validates credentials and decides whether to authorize the supplicant

Credentials

Evidence used to prove identity (e.g., username/password, certificates, biometrics)

Rogue access point

An unauthorized AP deployed inside an organization by an employee without central approval

Weakest link problem

A situation where overall security is limited by the least secure component in the system

Evil twin access point

A malicious AP (often a laptop) configured to impersonate a legitimate AP and lure clients into connecting

VPN (Virtual Private Network)

An encrypted logical tunnel across an untrusted network that provides confidentiality between endpoints

Site survey

A measurement exercise to assess signal strength, interference, and coverage to refine AP placement

Co-channel interference

Interference that occurs when multiple APs use the same channel and their coverage areas overlap

SNMP (Simple Network Management Protocol)

A protocol used to monitor and manage network devices from a central console

SNMP Get

An SNMP operation where the manager reads status information from a device

SNMP Set

An SNMP operation where the manager writes configuration changes to a device

SNMP Trap

An unsolicited alert a device sends to the manager when certain events occur

Decibel (dB)

A logarithmic unit expressing the ratio of two power levels

Attenuation

A negative change in power — signal loss

Amplification

A positive change in power — signal gain

IoT (Internet of Things)

An ecosystem of networked physical objects that communicate data and possibly act on it, often autonomously

Slow and close

IoT design principle: short distance + low speed = low energy consumption; suitable for coin-battery devices

Coin battery

A small, flat battery (e.g., CR2032) used in IoT devices with limited energy capacity

Bluetooth

A short-range radio technology for creating personal area networks (PANs) that replace cables between nearby devices

Personal Area Network (PAN)

A small set of devices (e.g., around a person or desk) connected wirelessly at short range

Bluetooth Low Energy (BLE/LE)

A Bluetooth variant designed for ultra-low power consumption, enabling years of operation on coin batteries; data rates 125-500 kbps

Dual-mode device

A Bluetooth device that supports both Classic Bluetooth and BLE (e.g., smartphones)

Single-mode device

A device that supports only BLE; typical for small IoT sensors

Master

In Bluetooth, the device that controls timing and communication in a connection

Slave

The Bluetooth device that follows the master's timing and instructions

Piconet

A Bluetooth network consisting of one master and up to seven active slaves

Bluetooth profile

An application-level specification defining how devices of a given type interoperate (e.g., printing, input devices)

Advertising message

A small, periodic BLE transmission that announces a device's presence and capabilities

Beacon

A specialized BLE advertising message that includes useful application information (e.g., coupons, indoor navigation)

NFC (Near Field Communication)

A very short-range wireless technology (a few centimeters) that uses the near field around an antenna to exchange small amounts of data; operates at 13.56 MHz

Passive RFID

An RFID tag that has no internal power source; harvests energy from the reader's field to communicate

WiFi Direct

An 802.11 mode that allows direct device-to-device communication without an AP; historically called ad hoc mode

Ad hoc mode

Older term for AP-less WiFi where stations communicate directly with each other

Zigbee

A low-power, low-data-rate mesh networking standard for IoT devices; operates in 2.4 GHz and 800-900 MHz ISM bands

Z-Wave

A competing IoT mesh protocol operating only in 800-900 MHz ISM bands; uses 128-bit AES encryption

Ad hoc mesh network

A self-organizing network where devices route for one another without centralized wiring or fixed topology

ISM band

Industrial, Scientific, and Medical radio band; license-free spectrum used by WiFi, Zigbee, Z-Wave, etc.

BYOD (Bring Your Own Device)

A corporate practice where employees use personal devices (phones, tablets, laptops) for work

Eavesdropping

Passively listening to communications to extract information

Impersonation

Pretending to be another device/user to gain unauthorized access

Firmware

Low-level software controlling hardware devices; often needs updates for security fixes

TCP/IP

The dominant protocol suite for internetworking; governs work at the Internet (Layer 3) and Transport (Layer 4) layers

IETF (Internet Engineering Task Force)

The standards body that creates TCP/IP standards

Routing

The process of routers forwarding incoming packets closer to their destination hosts

Interface

A router's connector/port and its electronics (routers use 'interfaces'; switches use 'ports')

Hierarchical IPv4 address

A 32-bit address consisting of three parts — network, subnet, and host — that locate a host in progressively smaller divisions of the Internet

Network part

The first group of bits in an IPv4 address; identifies the host's recognized organization on the Internet

Subnet part

The middle bits in an IPv4 address; identifies a particular subnet within the network

Host part

The remaining bits in an IPv4 address; identifies a specific host within a subnet

Subnet

A smaller organizational unit within a network; used for management, security, and traffic control

Border router

A router whose main job is connecting different networks belonging to different organizations

Internal router

A router that only connects different subnets within a single network (same organization)

Mask (IPv4)

A 32-bit string used to extract the network or subnet portion of an address; always a run of 1s followed by 0s

Network mask

A mask with 1s in the network part positions only; 0s in subnet and host positions

Subnet mask

A mask with 1s in both network AND subnet part positions; 0s only in the host part

Dotted decimal notation

Represents masks (or addresses) using four decimal numbers 0-255 separated by dots

Prefix notation

Shortcut for a mask using /N where N = number of initial 1s (e.g., /24 = 255.255.255.0)

Masking operation

Applying a mask to an IPv4 address to extract network or subnet info; where mask=1, keep bits; where mask=0, result=0

Routing table

A table each router uses to make routing decisions; rows represent routes, columns contain route info

Longest match rule

Best-match row selection rule: pick the row with the longest prefix (most specific route)

Metric

A value describing the desirability of a route (e.g., cost, speed, reliability) used as a tiebreaker

Default row

A routing table row with destination 0.0.0.0 and mask /0; matches every packet but always loses to any more specific route

Next-hop router

The router that should receive a packet next; it then decides what to do with it

Decision caching

A router optimization where it remembers and reuses routing decisions for repeat destinations (not part of the IP standard)

TTL (Time to Live)

An 8-bit IPv4 header field; each router decrements it by 1; packet is discarded when it reaches 0, preventing infinite loops

Protocol field

An IPv4 header field that identifies the content of the data field: 6=TCP, 17=UDP, 1=ICMP

ICMP (Internet Control Message Protocol)

TCP/IP's tool for carrying Internet layer supervisory and error messages

QoS (Quality of Service)

Mechanisms to prioritize certain traffic (e.g., low-latency for voice/video)

Differentiated Services (Diffserv)

An IPv4/IPv6 field used to specify traffic priority or service type

IPv6

IP version 6; uses 128-bit addresses to solve IPv4 address exhaustion

Hop Limit

IPv6's equivalent of IPv4's TTL field; decremented by each router, packet discarded at 0

Extension headers

IPv6's replacement for IPv4 Options; well-organized headers daisy-chained after the main header, most only processed by the destination

Next Header field

An IPv6 field that specifies what comes next (another extension header or upper-layer protocol)

Canonical text notation

The standardized rules (RFC 5952) for writing IPv6 addresses in simplified human-readable form

:: (double colon)

IPv6 shorthand for one group of consecutive all-zero fields; can only be used once in an address

TCP (Transmission Control Protocol)

A transport layer protocol that provides reliable, ordered, connection-oriented delivery on top of IP

Sequence number

A TCP field (32 bits) that gives a segment's position in the stream; used to reassemble messages in order

Acknowledgment number

A TCP field (32 bits) that indicates which segment is being acknowledged

ACK bit

A TCP flag; when set, the segment acknowledges a received segment

SYN bit

A TCP flag; when set, the segment requests a connection opening

FIN bit

A TCP flag; when set, the segment requests a normal connection closing