TCP/IP networking continued, networking devices

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/35

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

36 Terms

1
New cards
2
New cards

Internet Control Message Protocol (ICMP)

house keeping protocol of the internet

  • ping command- identifies live systems

  • traceroute command- identifies network paths

  • handles other functions such as destinitation unreachable messages, redirects, time exceeded messages, and addresses mask requests and replies

3
New cards

bus network topology

  • used in original ethernet design

  • inexpensive and easy to wire

  • allows only one system to transmit at same time

  • breaks with a single wire failure

  • allows eavesdropping

4
New cards

ring network topology

  • uses a circular pattern

  • connects every device to two other devices

  • survives single cable failure

  • allows only one system to communicate at a time

  • allows eavesdropping

5
New cards

Star network topology

  • connects every device directly to a switch

  • requires more wire and switches

  • allows every device to transmit simultaneously

  • prevents eavesdropping

6
New cards

mesh network topology

  • connects every device to several other devices

  • requires too much wire in a wired network

  • improves reliability of wireless networks

7
New cards

tree network topology

  • uses hierarchical design

  • interconnects star networfks in tree and star topology

8
New cards

servers

  • provide services to clients

  • typically perform a single dedicated function

  • some types include web servers, file servers, database servers, DNS/DHCP servers

9
New cards

peer-to-peer model

does away with traditional client/server model, instead every device acts as both a client and a server

10
New cards

What technology provides the translation that assigns public IP addresses to privately addressed systems that wish to communicate on the Internet?

network address translation (NAT)

11
New cards

Dennis would like to capture the DNS traffic on his network using Wireshark. What port should he use in his capture filter to restrict his capture to DNS queries and responses?

UDP 53

12
New cards

Which port is not normally used by email systems?

25, 139, 143, 110

139 is server message block (SMB)

13
New cards

switches

connect devices to the network, has many ports

  • wireless access points (WAPs) connect to switches and create WiFi networks

  • operate at layer 2, where they work with MAC address only

  • may function at layer 3, where they begin to function like routers

  • a switch is a layer 2 switch unless specified

14
New cards

routers

connect networks to each other, making intelligent packet routing decision

-layer 3 device

can perform stateless inspection using ACLs

15
New cards

bridges

layer 2 device that connects networks using simple forwarding

16
New cards

demilitarized zone (DMZ)

  • contains systems that must accept direct external connections

  • isolates those systems due to risk of compromise

  • protects internal network from compromised DMZ systems

17
New cards

stateless firewall

evaluates each connection independently

18
New cards

stateful inspection

modern firewalls use this, it tracks open connections

19
New cards

firewall rule contents

  • source system address

  • destination system address

  • destination port and protocol

  • action (allow or deny)

20
New cards

implicit deny

if the firewall receives traffic not explicitly allowwed by a firewall rule, then that traffic must be blocked

21
New cards

Next Generation Firewalls (NGFW)

incorporate contextual information into their decision making

22
New cards

other firewall roles

  • NAT gateway

  • content or URL filtering

  • web application firewall

23
New cards

firewall deployment options

  • network hardware vs host based software firewalls

  • open source vs. proprietary

  • hardware appliance vs. virtual appliance

24
New cards

forward proxy

proxy server that works on behalf of clients

25
New cards

reverse proxy

works on behalf of servers

26
New cards

transparent proxy

works without the client or server’s knowledge

27
New cards

load balancer

distribute workload among multiple servers

  • also provide security functions like SSL certificate management, URL filtering, and other web application security tasks

28
New cards

autoscaling

automatically adds and removes servers as needed

29
New cards

active-active load balancer topology

two or more load balancers actively handle network traffic and continue to function with diminished capacity if one device fails

30
New cards

active-passive load balancer topology

one load balancer handles all traffic while a second monitors activity and assumes responsibility if the primary load balancer fails

31
New cards

site to site VPN

connects remote offices to each other and headquarters

32
New cards

remote access VPN

provides remote access to corporate networks for mobile users

33
New cards

IPsec

  • works at network layer 3

  • supports the layer 2 tunneling protocol (L2TP)

  • provides secure transport

  • difficult to configure

34
New cards

SSL/TLS VPNs

  • most VPNs have shifted away from IPsec method, and instead use this at the application layer over TCP port 443

  • HTML5 VPNs work entirely within the web browser

35
New cards

full tunnel VPN

all network traffic leaving the connected device is routed through the VPN tunnel, regardless of its final destination

36
New cards

split tunnel VPN

only traffic destined for the corporate network is sent through the VPN tunnel, other traffic is routed directly over the internet