NWIT 275 Final Flashcards (THE RIGHT SET)

you got it! (=

What is the most important file in Windows?

NTOSKRNL.exe, the kernel

Which file is considered the most important in Linux?

/boot (Kernel File)

What are distros?

Types of operating systems (OS).

Are applications themselves part of the OSI Model?

No, applications are not part of the OSI model. There are only protocols.

What protocols are part of the application layer?

HTTP, HTTPS, FTP, SSH, LDAP, SNMP, DNS, POP3, etc.

What does encapsulation refer to in networking?

The method of wrapping data with protocol information at each layer of the OSI or TCP/IP Models.

When does the OSI Reference Model (OSI RM) go into effect? Like when is it used?

It is used in any communication between two devices.

Which ports are commonly used by web browsers?

Ports 443 (HTTPS) and 80 (HTTP).

What does TCP/IP stand for?

Transmission Control Protocol/Internet Protocol.

What are the first two layers of the OSI model?

Physical and Data Link layers.

What is the Data Link layer responsible for?

MAC (physical) addresses

What does MAC stand for?

Media Access Control.

How many bits are in a MAC address?

48 bits.

What are the two parts of a MAC address?

OUI (Organizationally Unique Identifier) and SN (Serial Number).

What is name resolution?

Converting a MAC address number to its manufacturer's name, or converting an IP into a domain.

What layer are Access Points?

They are layer 1 (physical layer) technology.

What is the function of a Default Gateway?

It is typically a firewall right before your router on the packet journey.

What is the main function of routers in networking?

They look at IP addresses and determine the best route forward.

What does DHCP stand for?

Dynamic Host Configuration Protocol.

How do switches know how to route packets?

They look at MAC addresses at layer 2.

What is the main difference between TCP and UDP?

TCP is reliable and uses error checking; UDP does not ensure packet delivery.

What is the purpose of the Transport Layer?

To focus on issues related to the quality of data delivery, ensuring reliable and efficient transmission.

Which port is commonly associated with HTTPS?

443.

What does the Application layer consist of?

Only protocols, not end-user applications.

What does API stand for?

Application Programming Interface.

What is the purpose of TCP's three-way handshake?

To ensure reliable transmission.

What is the significance of Layer 7 in the OSI model?

Layer 7 (Application Layer) is where user applications and services interact with the network, handling protocols like HTTP, SMTP, and DNS that enable end-user communication and services.

What networking standard does 802.11 refer to?

Wireless local area networks (WLANs).

What does SSID stand for?

Service Set Identifier.

What are the two main types of Ethernet?

Shared Ethernet (hubbed) and Switched Ethernet.

What does NAT stand for?

Network Address Translation.

Which cable type is typically used for wired networks?

Category (CAT) cables, coax, twisted pair, and fiber optic.

What is the difference between unicast, multicast, and broadcast addresses?

Unicast is one device, multicast is a group, and broadcast is all devices.

What is CSMA/CA?

Carrier Sense Multiple Access with Collision Avoidance, a network protocol.

What does WEP stand for in wireless security?

Wired Equivalent Privacy, the original IEEE 802.11 standard for securing wireless networks.

What does it mean for a switch to operate in promiscuous mode?

It reads all packets, regardless of the MAC address.

What is the difference between active and passive recon in cybersecurity?

Active recon engages with the target, while passive recon does not.

What is an Evil Twin Attack?

An Evil Twin Attack occurs when a malicious actor convinces a device to connect to a fraudulent access point to intercept its traffic.

What tools can be used for packet capture analysis?

Wireshark and Ethereal.

What is the main purpose of encryption?

To verify confidentiality.

What does the term 'hashing' refer to in cybersecurity?

A process used to verify the integrity of data.

What do the two parts of an asymmetric encryption key pair consist of?

A public key and a private key.

What is the critical role of the DHCP server?

It assigns IP addresses to devices on the network.

What is the primary purpose of a firewall?

To filter traffic and protect networks.

In which layer of the OSI model does ARP operate?

Layer 2 - Data Link layer.

What is a Beacon Frame?

A Management Frame that advertises the presence of an Access Point and contains the WLAN’s SSID and channel.

What are the indicators of adjacent congestion in wireless networks?

Busy channels leading to interference.

Define rogue AP.

An access point set up by an employee without proper administration.

What is a man-in-the-middle attack?

An attack where the attacker secretly relays and possibly alters communication.

What is meant by network address translation (NAT)?

Changing the IP addresses of packets as they pass through a router.

What is significant about the WNIC in networks?

It holds the wireless network interface card, which connects wireless devices.

What is the minimum signal strength for a stable wireless connection?

-67 \text{ dBm}.

What does the shadow file in Linux contain?

Salted password hashes for user accounts.

What does the term 'digital signatures' refer to?

Hashes encrypted with a private key to verify authenticity.

What is the function of the Control frames in 802.11 protocols?

To manage the communication process (e.g., RTS, CTS).

What is the role of the acknowledgment (ACK) packet?

It signifies that a sent packet was received successfully.

What is the purpose of salts in password storage?

To protect against brute force attacks by adding randomness to stored hashes.

What does RAW data in packets represent?

The original byte structure of the packet being transmitted.

What does a management frame do in wireless networking?

It maintains connections between the access point and devices.

What is a common security protocol transitioning from SSL?

TLS (Transport Layer Security).

What is the relationship between a MAC address and a hardware device?

A MAC address is bound to the hardware (Network Interface Card).

What does the term 'flooding' refer to in networking attacks?

Sending excessive packets to overwhelm the target network.

What is the term for packets that confirm receipt?

ACK (Acknowledgement) packets.

What happens in a CSMA/CA environment when a collision is detected?

The station will wait before trying to send again.

What are the two types of cable material generally used?

Copper and Fiber Optic.

What is the main difference between hubs and switches?

Hubs send packets to all ports; switches send packets to specific MAC addresses.

What does patch management involve?

Updating software to fix vulnerabilities.

What does file encryption on Linux utilize?

gpg for command-line encryption.

What is a significant advantage of wireless networking?

Mobility of devices.

Which command shows the ARP cache in Windows?

arp -a.

Why is the network slow during peak hours like 8:00 AM?

High traffic due to many users accessing the network.

What is an Intrusion Detection System (IDS)?

A system that monitors network traffic for suspicious activity.

What is the importance of time-stamping in logs?

It helps in tracking events accurately during cybersecurity analysis.

What are the two main types of DoS attacks specifically for wireless networks?

Deauthentication and Beacon flooding.

What is the maximum length of a transmission segment in Ethernet?

100 meters for standard cabling.

What is layer 4 of the OSI model responsible for?

Layer 4, the transport layer, handles data segmentation.

What is the common port for FTP data transmission?

Port 20.

How can packet captures aid in troubleshooting?

They provide insights into data flow and potential issues.

What tools can be used to capture wireless traffic?

Wireshark and airodump-ng.

What acknowledgments do Layer 2 frames include? (fix me)

Data link layer acknowledgments for packet reception.

What does MAC address randomization do?

It replaces a Wi-Fi adapter's true MAC address with a random MAC address to enhance user privacy.

What does 'monitor mode' do in Wi-Fi devices?

Allows the capture of all packets in the air without connecting to an AP.

What role does Wireshark play in network analysis?

It captures and analyzes packet data across networks.

What cryptographic concept ensures data integrity?

Hashing.

What is the worst way to get a job according to the lecture notes?

Submitting a resume online.

What is considered the best way to get a job?

Meeting people.

The course primarily focuses on which type of networks?

LAN (Local Area Network).

What is NTOSKRNL.exe?

The Windows kernel name.

What does OSI stand for in networking?

Open Systems Interconnection.

What is the role of layering in the OSI model?

Aids in troubleshooting, accelerates technical evolution, and simplifies learning networking.

What are the first two layers of the OSI model focused on?

Physical (cables) and Data Link (chip).

What is the main purpose of the Network Layer in the OSI model?

Defines end-to-end delivery of data and logical addressing.

What is the significance of the Application layer in the OSI model?

End user applications are not part of the application layer; it provides an interface to the user.

What is the purpose of Promiscuous Mode in networking?

It allows network adapters to read all traffic on a network, even if it doesn't contain the adapter's MAC address.

What is the typical port for SSH?

Port 22.

What does TFTP stand for?

Trivial File Transfer Protocol.

What does the OSI model's layer 2 (Data Link) do?

Moves data on and off cabling in frame format.

What are some applications of promiscuous mode in networking?

Traffic analysis and network monitoring.

Which layer of the OSI model is focused on end user applications?

Layer seven (Application layer).

What security does HTTPS provide?

Transport Layer Security.