WGU D315 Network and Security Foundation

Which OSI layer is related to the IP protocol

Network 3

Which OSI layer is organizing the bits over the physical layer between devices in the same collision domain?

Data Link 2 - They are in the same Frame

Which OSI layer is a Switch at?

Data Link 2

Which OSI layer is a WAP (Wireless Access Point) at?

Data Link 2

Which OSI layer is a router at

Network (3)

TCP protocol is on what OSI layer

Transport (4)

OSI layer 1

Physical Layer (Cable, Hubs, Repeaters)

OSI layer 2

Data Link Layer (Frame, Switch, PPP, Ethernet)

OSI layer 3

Network Layer (Moves packets, IP)

OSI layer 4

Transport Layer (TCP, end to end connection)

OSI Layer 5

Session Layer (API, Sockets, Synch and send to port)

OSI layer 6

Presentation layer (Syntax and encryption layer, SSL, SSH, JPEG)

OSI layer 7

Application layer (end user layer, http, applications)

Network Typology point to point

Two devices connect directly

Network Typology bus

All devices connect to a central main line

Network Typology Ring

All devices have two connections and form an endless ring

Network Typology Star

All devices connect to a central point

Network Typology Tree

Multiple devices connect together (on a switch) and then the switches are connected with each other

Network Typology Mesh

All devices connect directly to each other

Network Typology Hybrid

Multiple Network Typology within the network

Cloud - where do I manage the OS Iaas or Paas?

Iaas

What do I manage on Paas (2)

Application and Data

Name the 3 CIA triades

Integrity, Availability and Confidentiality

What is the CIA Triade Integrity?

Detects alteration in storage, transit and process

What is the CIA Triade Availability?

Ensure Authorized Access, Performance and Backup

Keeping unauthorized users out is not in this triade.

What is the CIA Triade Confidentiality?

Protect from unauthorized access and use, protecting data access in storage, transit and process

100m long Cat 5 cable supports speeds up to

100 Mb/s

100m long Cat 5e cable supports speeds up to

1000 Mb/s or 1 Gb/s

100m long Cat 6 cable supports speeds up to

10 Gb/s

100m long Cat 6a cable supports speeds up to

10 Gb/s

Does a firewall provide two way protection?

Yes, it protects ingress and egress data

Firewall that only checks the address label

Packet Filter

On what OSI level is a Packet Filter operating

Transport (checks TCP/UDP prot numbers) and Network (checks source and destination IP)

What is a circuit level gateway

A firewall that conceals the true identity of the protected network (hides IP) on the transport (4) layer

What does state in stateful mean?

It refers to the connection state between two computers

Why do we need the 5th layer on a Stateful Inspection

In this connection, the firewall is creating temporary rules per session to permit communication (TCP) back to the sender.

What is a stateful inspection

It reduces the amount of firewall rules. Firewall vendors implemented a feature that only needs one rule to allow the initial communication.

How do we protect the application level with a firewall

With a proxy server, Middle man or Layer 7 firewall

Can a packet filter firewall scan the packet content?

No, a layer 7 or proxy is needed

What is a IDS

Intrusion Detection system. A system for detecting attempting intrusion. Related to intrusion prevention systems (IPS) that block suspected attacks

What is IPS

Intrusion Prevention System that can block traffic if a malicious anomaly is detected

Cyber Attack - Ransomware

Encrypts data. Attacker sells the key. Prevent with Virus scanner

Cyber Attack - Man in the Middle

Eaves dropping. The data flows thru the middle man. The attacker can stop/change the data

Cyber Attack - Zero Day exploit

New unheard vulnerability. Needs to be patched

Cyber Attack - DNS tunneling

An attacker creates a bad server and connects it to the attacked domain name system. If now a request comes to the attacked server, the attacker can tunnel into the client and since dns connections are rarely monitored, the attacker stays hidden.

Cyber Attack - XXS attack

Cross Site Scripting uses a web form to inject malicious code.

Cyber Attack - Social engineering

Convince someone to give a you access to sensitive information

Cyber Attack - DoS and DDos

Denial of Service attacks flood a server with too much traffic

Cyber Attack - SQL Injection

A technique to add a string of sql code to a query to gain access to the targeted database

Cyber Attack - ARP Poisoning / ARP Spoofing

LAN attack that sends malicious Address Resolution Protocol packets to a default gateway in order to change the IP to MAC pairings

Cyber Attack - Phishing

Malicious link that often spoofs a valid site

Cyber Attack - Malware

Software that is designed to disrupt, steal and open backdoors.

Virus

Software that can replicate itself. Can't be controlled remotely. Main goal is to modify information

Worm

Software that can replicate itself and can be controlled remotely. Main goal is to eat system resources

Trojan Horse

Malicious software inside desirable software. Can not replicate but can be controlled remotely. Main goal is to steal information

What is AES 256

Advanced Encryption Standard with a symmetric key used in most enterprise applications (i.e. banking). Fastest encryption method

What is SSL

Secure Sockets Layer encryption with an asymmetric key. Formerly used in https, but now replaced by TSL

What is TSL

Transport layer security, an asymmetric key that replaced SSL. used in https

What is IPsec

Internet Protocol Security used to encrypt data in flight with an asymmetric key commonly used in VPN's

Where are public keys used

Asymmetric encryption uses public and private keys

Private Cloud

Single Tenant use. Often in one data center and the owner holds the responsibility

Public Cloud

AWS or MS Azure that offer multiple solutions. Data owner often does not know where the data is stored (building, rack, disk)

Hybrid Cloud

Mix of different clouds

Community cloud

A cloud that is open only to specific organizations that have common concerns.

What is the highest WLAN security protocol commonly used

WAP2 encrypted with AES (WAP3 was released in 2018 but not yet widely adapted).

What is the risk on unsecured public WLAN

Fake Access. An attacker wants you to connect to their WLAN to gain access to the sent and received data. Always use a VPN on unsecured networks

What are the 3 AAA stand for

Authentication, Authorization and Accounting

AAA - Authentication

Process of confirming a users identity. i.e. Active Directory, MFA

AAA - Authorization

Once the Authentication process is completed, the Authorization determines what resources the user can access

AAA -Accounting

Accounting or Auditing is a constant check to make sure that the restrictions in place are working as expected and no attempt of breaching is made