DATACOMM Finals

• white noise

• impulse noise

• crosstalk

• echo

• jitter

• attenuation

these are the 6 kinds of noise in data transmissions

white noise (thermal noise/gaussian noise)

noise that’s always present to some degree in transmission media and electronic devices, dependent on temperature of the medium

the level of noise increases because of the increased activity of the electrons in the electronic device

in white noise, what happens when the temperature increases?

impulse noise (noise spike)

is a noncontinuous noise and one of the most difficult errors to detect

because they can occur randomly

why is impulse noise one of the most difficult errors to detect?

true

(T/F) impact noise is an analog burst of energy, so if the impulse spike interferes with an analog signal, removing it without affecting the original signal could be difficult

crosstalk

is an unwanted coupling between two different signal paths

between 2 sets of twisted pair wire (as in a phone line)

in crosstalk, unwanted coupling can be electrical, as might occur between what?

as when unwanted signals are picked up by microwave antennas

in crosstalk, unwanted coupling can also be electromagnetic, as might occur in what?

echo

is the reflective feedback of a transmitted signal as the signal moves through a medium

true

(T/F) it is usually a signal bouncing back from the end of a cable and creating an echo

jitter

is the result of small timing irregularities that become magnified during the transmission of digital signals as the signals are passed from one device to another

when a digital signal is being transmitted, the rises and falls of the signal can start to shift or become blurry, which produces jitter

what other way can can we explain jitter?

attenuation

is the continuous loss of a signal’s strength as it travels through a medium

not necessarily, but it can indirectly lead to an increase in errors affecting the transmitted signal

is attenuation a form of error?

interference

whenever bits flow from one point to another, they are subject to unpredictable changes because of what?

true

(T/F) interference can change the shape of the signal

single-bit error

indicates that only one bit of a given data unit (such as byte, character, or packet)is changed from 1 to 0 or from 0 to 1

burst error

indicates that two or more bits in the data unit have changed from 1 to 0 or from 0 to 1

yes, because the duration of the noise signal is normally longer than the duration of 1 but, meaning that when noise affects data, it affects set of bits

is a burst error more likely to occur than a single-bit error? why or why not?

redundancy

the central concept in detecting or correcting errors is ___

true

(T/F) in order to detect/correct errors, we need to send some extra bits with our data. these redundant bits are added by the sender, removed by receiver
their presence allows the receiver to detect or collect corrupted bits

data link layer

error detection can be performed in what layer?

some type of error detection code

when a device creates a frame of data at the data link layer, it inserts some type of what?

the receiver extracts the error detection code and applies it to the data frame, then it’s reconstructed and sent to the next device in the sequence

in error detection, what happens when the frame arrives at the next device in the transmission sequence?

• parity check

• two-dimensional parity

• arithmetic checksum

• cyclic redundancy checksum

these are the four types of error detection

parity check

a simple method of error detection that adds redundant bits (parity bits) to each character

vertical redundancy check

what is the other term for parity check?

for ASCII characters where 7 bits are used for the actual character encoding, and the 8th bit is for parity

the parity checking method is commonly used for what kind of characters?

even parity and odd parity

parity check comes in two basic forms, which are ___. the basic concept is that a bit is added to a string of bits to create either of these two

two-dimensional parity

in this error detection method, blocks of data are organized as a two-dimensional array, increasing the likelihood of detecting burst errors

true

(T/F) in two-dimensional parity, each row of the array is a data block that is to be transmitted, and a parity bit is appended to each column based on if even or odd parity is used

arithmetic checksum

this method entails checksum as a sequence of numbers and letters used to check data for errors, and the sum is added to the end of the message, which will be transmitted to the receiving end

true

(T/F) many higher level protocols used on the internet (such as TCP and IP) use a form of error detection in which the characters to be transmitted are summed together

• sender’s side (checksum creation)

• receiver’s side (checksum validation)

arithmetic checksum has two sides, which are?

cyclic redundancy checksum

this method treats the packet of data to be transmitted (the message) as large polynomial, which adds 8 to 32 check bits to large data packets and yields an error detection capability approaching 100%

• XOR function

• binary division

when doing cyclic redundancy checksum, what are the two things that need to be reviewed?

true

(T/F) in CRC, the remainder of the binary division is the CRC to be appended to the original message

true

(T/F) the number of errors and the size of the message are important factors in dealing with error correction. they deal with error correction by retransmission

• positive acknowledgment (ACK)

• negative acknowledgment (NAK)

when an error occurs, the receiver will detect it and inform the source, and it will have to retransmit the frame either on ___ or ____

automatic repeat request (ARQ)

three error control schemes based on the ___ are used depending on how retransmission is done when errors occur

• stop-and-wait ARQ

• go-back-N ARQ

• selective repeat ARQ

these are the three types of error correction

stop-and-wait ARQ

used to deal with errors that occur when the stop and wait flow control protocol is used

• frame was corrupted in transit when going from source to sink

• frame was OK, but ACK was corrupted in transit

• frame was lost in transit

• ACK was lost in transit

these are the four ways wherein errors can occur

the source sends a frame and waits for a response, which can be an ACK or a NAK that can also be in the form of a timeout

what happens under the stop and wait ARQ?

the source resends the frame and keeps resending it until it receives an ACK after the frame has bee correctly received at the destination

in stop-and-wait ARQ, what happens when a NAK is received?

yes, after the permission of retransmission is finished, the link is discarded and set to unusable

in stop-and-wait ARQ, do some protocols permit a fixed maximum number of retransmissions?

go-back-N ARQ

deals with errors that occur when the sliding window protocol is used

the source resends that frame and all the frames that have been transmitted since that frame was sent + any new frames

in go-back-N ARQ, what happens when a NAK is received for a particular frame?

true

(T/F) in go-back-N ARQ, the source resends the frames provided that the total number of frames being sent does not exceed N

selective repeat ARQ

under this scheme, only the frame in error is retransmitted

the receiver must provide enough buffer to store the frames that were transmitted after the erroneous frame until the frame has been retransmitted

what is the drawback of the selective repeat ARQ

the destination must resequence the frames and deliver them in the same order that they appear at the source

what is the reason for the drawback of the selective repeat?

true

(T/F) because of the drawback of selective repeat, until the errored frame has been retransmitted and correctly received, the frames that are not errored must be stored in the buffer at the receiver

confidentiality

the art of ensuring that data is kept private and accesses only by the intended recipient

true

(T/F) confidentiality does not only apply to the storage of information, but also to the transmission of information

encryption

confidentiality is accomplished through what?

integrity

is the art of ensuring that data is transmitted from source to destination without alteration

true

(T/F) in integrity, changes need to be done only by authorized entities and through authorized mechanisms

digital signature

integrity is accomplished with the use of what?

digital signature

is a way to know what an electronic document is legit and authentic

availability

is the information created and stored by an organization that needs to be available to authorized entities

true

(T/F) information is useless if not available, and it needs to be constantly changed. so it must be accessible to authorized entities

authentication

is the process of verifying that the user is exactly who he claims to be

single-factor authentication

authentication type that is usually done through the use of passwords or user IDS

two-factor authentication

is a two-step verification that provides an extra layer of security beyond user ID and password, usually with a software code generator or a hardware-based login key

network attacks

is an intrusion on network infrastructure

the attacker first analyzes the environment and collects information in order to exploit the existing open ports or vulnerabilities

what happens in network attacks?

true

(T/F) a network attack can be performed either from outside of the organization by an unauthorized entity or from within the company by an insider that already has some access to the network

• snooping

• traffic analysis

these are the two attacks threatening confidentiality

snooping

refers to unauthorized access to or interception of data

traffic analysis

in this, although encipherment of data may make it unintelligible for the interceptor, some other types of information can be obtained by monitoring online traffic

• modification

• masquerading

• replaying

• repudiation

these are the four attacks threatening integrity

modification

in this, after intercepting or accessing information, the attacker modifies the information to make it beneficial to themselves

masquerading

happens when the attacker impersonates somebody else

replaying

in this, the attacker obtains a copy of a message sent by a user and later tries to replay it

repudiation

this type of attack is different from others because it is performed by one of the two parties in the communication: the sender or the receiver

denial of service (DoS)

is an attack that threatens availability, may slow down or totally interrupt the service of a system

• network sniffing (packet sniffing)

• spoofing

• man-in-the-middle (MITM) attack

• denial of service (DoS)

• trojan horse

• session hijacking

• phishing

these are the 7 examples of network attacks

network sniffing (packet sniffing)

is a process of capturing the data packets traveling in the network, used by IT professionals to analyze and monitor the traffic to find such things as unexpected suspicious traffic

data sent in clear text that is easily readable

network sniffing is used by attackers to collect what kind of data?

to gather login names and passwords used to access the network

in network sniffing, the intent is to gather what?

spoofing

is a process by which an intruder masquerades as a trusted user in order to gain unauthorized access to a secure environment

to be able to conduct unauthorized business with another company’s clients

one of the purposes of spoofing in a corporate environment is?

• IP address spoofing

• ARP spoofing

• DNS spoofing

these are the three examples under spoofing

IP address spoofing

is a process of creating IP packets with forged source IP address to impersonate a legitimate system

true

(T/F) IP address spoofing is often used in DoS attacks

ARP spoofing

is a process of sending fake ARP messages in the network

to associate the MAC address with the IP address of another legitimate host, causing traffic redirection to the attacker’s system

what is the purpose of ARP spoofing?

DNS spoofing

is an attack where the wrong data is inserted into the DNS server cache, causing the DNS server to divert the traffic by returning wrong IP addresses as the results for client queries

man-in-the-middle (MITM) attack

is an attack that involves placing a software agent between the client and server ends before or during a communication session

the agent simply relays the data transmissions between client and server as though nothing is happening

in MITM, with neither party being aware of the malicious agent, what happens?

replay attack

is a variation of the MITM attack where an agent is placed within the client-server line of communication where it records the transaction data

to allow the data to be modified and replayed to the server at a later time for evil purposes

what is the purpose of a replay attack

denial of service (DoS)

is an attack that is aimed at preventing unauthorized users from accessing services on the network

a DoS attack can be in the form of flooding the network with invalid data until traffic from unauthorized network users cannot be processed

how does DoS disrupt the network?

true

(T/F) DoS can also be in the form of disrupting communication between hosts and clients through the modification of system configurations, and in the form of causing physical network destruction (crashing a server or router)

distributed denial of service (DDoS)

an attacker can initiate a DoS attack from multiple computers or systems. this type of attack is known as ___, which is more difficult to deal with

trojan horse

is a program that installs malicious software while under the guise of doing something else

true

(T/F) in trojan horse, the malicious code is hidden in a computer program or other computer file that may appear to be useful. once executed, it results in the installation of the malicious trojan horse program