Tags & Description
All People Seem To Need Data Processing
Application, Presentation, Session, Transport, Network, Data Link, Physical
7 application layer
interface between the user's application and the network
types of communication: email, file transfer, client/server
6 presentation layer
provides a context for communication between layers
handles encryption, data conversion
5 session layer
controls the dialogs between computers; also controls duplexing, termination, and restarts
maintains order
4 transport layer
provides end to end communication control
ensures delivery of entire file/message
3 network layer
provides connections between hosts on different networks
routes data to different LANs and WANs based on network address
2 data link layer
provides connections between hosts on the same network
transmits packets from node to node based on station address
1 physical layer
describes electrical and physical specifications on devices
electrical signals or cabling
subnet mask
A 32-bit number assigned to each host for dividing the 32-bit binary IP address into network and node portions. (ex. 255.255.255.255)
default gateway
address that tells computer where the router is and allows computer to access the internet
internal/private ip address
usually starts with a 10 or a 192 (class b and c addresses)
routers give these ip addresses to private end users so that they can connect to the internet
ex: ipad, laptops, computers, etc.
external/public ip address
the ip address that is given to the router by the isp
allows router to communicate w/ all other publicly available routers
central area for internet, allows the internet to identify the router
common ports
25/2525/465/587 (STMP)
80/443 (HTTP)
110/995 (POP3)
143/993 (IMAP4)
23 (Telnet)
20, 21 (FTP)
53 (DNS)
389 (Lightweight Directory Access Protocol)
well known port
port number reserved for use by a particular application. allows a client to send a TCP or UDP segment to a server, to the correct destination port for that application.
registered port
port that can be used by network users and processes that are not considered standard processes. Default assignments of these ports must be registered with IANA.
dynamic (private) port
port number that can be assigned by a client or server as the need arises
inbound port
port for when a connection was initiated from outside of your computer and traffic flows inward
ex: a server that you own gets requests from people
outbound port
port for when a connection was initiated from your computer and the traffic flows outward to the destination intended
ex: connecting to a server
switch
a computer networking device that connects network segments
occurs at layer 2 (Data Link)
router
a device that transfers data from one network to another in an intelligent way
occurs at layer 3 (Network)
hub
a device that uses its ports to connect devices (computers, printers, etc.) together
outdated
occurs at layer 1 (Physical)
dhcp server
automatically provides and assigns ip addresses, default gateways, and subnet masks to devices
handles having to find your own ip address, default gateway, and subnet masks every time you connect
Some People Fear Birthdays
Segments, Packets, Frames, Bits.
segment
data in the transport layer
packet
data in the network layer
frame
data in the data link layer
bits
data in the physical layer
ipv4
the dominant protocol for routing traffic on the Internet
32 bit PROS
simple prefixes
system handling is good CONS
running out of addresses
ipv6
a new protocol developed to replace IPv4, addressing the issue of IP address exhaustion
128 bit PROS
unique addresses
no subnetting issues CONS
long addresses that can be hard to type
computer routing issues
threat environment
the types of attackers and attacks that companies face
Sony data breach
2014 incident where malware installed on a company computer allowed hackers to steal scripts, emails, and personal information of employees and customers
hacking
unauthorized access, modification, or use of an electronic device or some element of a computer system
social engineering
technique for breaching a system's security by exploiting human nature
uses standard techniques to get users to give up info needed to gain access to a target system by getting preliminary info about a target organization and leveraging it to obtain additional info from system users
denial of service attack (dos)
when hackers flood a website with so many requests for service that it slows down or crashes the site
cyberwarfare
State-sponsored activity designed to cripple and defeat another state or nation by damaging or disrupting its computers or networks
Cyberterrorism
politically motivated attacks on information systems
hacktivism
hacking that is intended as political activism
cybercriminal
Someone who attacks a computer system or network for financial gain
cryptography
the art of protecting information by transforming it into an unreadable format, called cipher text
initial authentication
authentication at the beginning of a communication session, before the two sides exchange working data.
public key encryption (asymmetric)
one key (public key) is used to encrypt a message, and another (private key) is used to decrypt the message
Kerckhoff's Law
law that says that in order to have confidentiality, communication partners only need to keep the key secret, not the cipher.
birthday attack
an attack that searches for any two digests that are the same.
data in transit
Any data sent over a network. It's common to encrypt sensitive data-in-transit.
data in use
Any data currently being used by a computer. Because the computer needs to process the data, it is not encrypted while in use.
data at rest
Data that is stored on electronic media.
worm
A destructive computer program that bores its way through a computer's files or through a computer's network.
virus
A program that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data
malware
software that is intended to damage or disable computers and computer systems.
phising
an identity theft tool that appears in the form of an E-mail or pop-up message; usually looks like it's from a legitimate financial institution and prompts you to provide your personal infromation in order to fix a problem with your account
spearfishing
Phishing expedition that targets groups
trojan horse
a program that appears desirable but actually contains something harmful
payload
Malware delivered by social engineering and/or by exploiting vulnerability in software.
threat surface
The total set of penetrations of a boundary or perimeter that surrounds or contains systems elements.
logic bomb
A computer program or part of a program that lies dormant until it is triggered by a specific logical event.
shoulder surfing
Watching an authorized user enter a security code on a keypad.
eavesdropping
listening secretly to a conversation for the purpose of getting sensitive information
dumpster diving
combing through trash to identify valuable assets
baiting
When a malicious individual leaves malware-infected removable media, such as a USB drive or optical disc, lying around in plain view.
piggybacking
The process of connecting to a wireless network without the permission of the owner of the network.
wateringhole attack
A malicious attack that is directed toward a small group of specific individuals who visit the same website.
mantraps
pretexting
a form of social engineering in which the
privilege escalation
a network intrusion attack that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications
backdoor attack
An attack that exploits an unprotected access method or pathway.
boot sector
________ viruses are often transmitted by a flash drive left in a USB port.
session hijacking
An attack in which an attacker attempts to impersonate the user by using his session token.
session theft
When an attacker attempts to steal a user's session using the owner's cookie and authentication information
tcp hijacking
A form of man-in-the-middle attack whereby the attacker inserts himself into TCP/IP-based communications.
spyware
software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.
rootkits
a set of software tools that enable an unauthorized user to gain control of a computer system without being detected.
ransomware
a type of malicious software designed to block access to a computer system until a sum of money is paid.
adware
software that automatically displays or downloads advertising material (often unwanted) when a user is online.
grayware
software that isn't benign nor malicious and tends to behave improperly without serious consequences
teardrop attack
Attack that breaks apart packets into IP fragments, modifies them with overlapping and oversized payloads, and sends them to a victim machine to halt/freeze it
smurf attack
An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.
SYN flood attack
An attack that takes advantage of the 3 way handshake to flood servers
fraggle attack
Smurf attack variation that uses ports 7 & 19 to a broadcast address
ping flood attack
Ping utility used to send large number of echo request messages and overwhelms server
diversion theft
When a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location.
spear phising
a phishing method in which the emails are carefully designed to target a particular person or organization
whaling
A phishing attack that where the attacker attempts to compromise information about a specific highly valuable employee
vishing
a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information
malicious insider
An employee or contractor who attempts to gain financially and/or disrupt a company's information systems and business operations