CMSC 426 Lecture 5

What is a computer network?

A group of interconnected devices that communicate and share resources.

What is the TCP/IP 5 Layer Model?

A framework that organizes network protocols into five layers: Physical, Data Link, Network, Transport, and Application.

What is the Internet Protocol Suite (TCP/IP)?

A set of standards and protocols that dictate how data is formatted, transmitted, routed, and received over the Internet and other networks.

What does the Physical Layer encompass?

Responsible for transmitting raw bits over a physical medium, such as Ethernet cables or wireless signals.

What is the role of the Data Link Layer?

Manages how data is formatted for transmission and ensures reliable delivery and error detection/correction.

How do Ethernet switches function at the Data Link Layer?

Connect devices on a LAN using MAC addresses to forward traffic only to the intended destination.

What is the primary function of the Network Layer?

Routes packets between different networks and handles addressing but does not guarantee reliable delivery.

What is a router?

A device that forwards packets between networks, determining the best path for data and acting as a default gateway.

What defines an IPv4 address?

A unique 32-bit numerical label for a host on a network, typically written as four decimal numbers separated by dots.

How is a subnet mask used in networking?

Distinguishes the network portion from the host portion of an IP address, helping to identify the network address.

What is CIDR notation?

A shorthand way to represent an IP address and its subnet mask, written as an IP address followed by a slash and the number of network bits.

How do IPv6 addresses differ from IPv4 addresses?

IPv6 addresses are 128 bits long and expressed in hexadecimal separated by colons, offering a larger address space.

What is the purpose of the Transport Layer?

Ensures end-to-end communication by segmenting data and managing reliability.

What is TCP?

Transmission Control Protocol that establishes reliable, ordered connections and guarantees data delivery.

What are the steps of the TCP three-way handshake?

A client sends a SYN packet, the server replies with SYN/ACK, and the client responds with an ACK.

How does UDP differ from TCP?

UDP is connectionless, providing fast delivery without reliability guarantees, suitable for streaming.

What is the Application Layer responsible for?

Interfaces directly with end-user applications, providing protocols for services and data exchange.

What is the role of DHCP in the Application Layer?

Automatically assigns IP addresses and configuration settings to devices on a network.

What does DNS do?

Translates domain names into IP addresses, allowing access to websites by names rather than numbers.

What is HTTP?

Hypertext Transfer Protocol used to transfer web pages and resources over the Internet.

What distinguishes HTTPS from HTTP?

HTTPS is HTTP secured with SSL/TLS encryption for data confidentiality and integrity.

What is FTP used for?

File Transfer Protocol used to transfer files between computers over a network.

What role does SMTP play in networking?

Standard protocol for sending emails across networks.

How does the OSI model compare to the TCP/IP model?

OSI is a 7-layer framework for network communication; TCP/IP is a practical 5-layer framework for the Internet.

What is a firewall?

A device or software that filters network traffic to block unauthorized access.

What types of filtering capabilities can firewalls use?

Filtering based on IP addresses, protocols, port numbers, application data, and user identity.

What are the main types of firewalls?

Network-based, host-based, packet filtering, stateful inspection, and application-level gateway firewalls.

What is a packet filtering firewall?

Inspects individual packets based on header information to allow or block traffic.

How does a stateful inspection firewall enhance security?

Monitors the state of connections, making filtering decisions based on session context.

What is an application-level gateway firewall?

A proxy firewall that relays traffic for specific applications and enforces security policies.

What characterizes a 'next-generation' firewall?

Integrates packet filtering with features like deep packet inspection and intrusion prevention.

What is a Virtual Private Network (VPN)?

Creates a secure, encrypted tunnel over the Internet for remote users or networks.

What is a remote access VPN?

Connects a single remote device securely to a network.

What is a site-to-site VPN?

Links entire networks together securely over the Internet.

What is IPSec and why is it used?

A suite of protocols for encrypting and authenticating IP packets to secure communication.

What does the Authentication Header (AH) protocol do in IPSec?

Provides integrity and authentication for IP packets but does not encrypt data.

What is the function of the Encapsulating Security Payload (ESP) protocol?

Encrypts the payload of IP packets for confidentiality and can provide authentication.

What is the difference between IPSec Transport Mode and Tunnel Mode?

Transport Mode encrypts only the payload; Tunnel Mode encrypts the entire IP packet.

What are VPN services?

Allow users to connect securely to a VPN provider's network, encrypting their internet traffic.

What is virtualization in computing?

Creation of virtual instances of computing resources on a single physical machine.

What are the two main types of hypervisors?

Type 1 hypervisors run on hardware; Type 2 hypervisors run on top of an existing OS.

What benefits does virtualization provide?

Enables resource consolidation, isolation, flexible network segmentation, and efficient backup.

What are some security benefits of virtualization?

Enhances security through isolation, improved incident response, and streamlined patch management.

What are common risks associated with virtualization?

Includes hypervisor vulnerabilities, virtual machine escape, and insider threats.