Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
64 Cards in this Set
- Front
- Back
- 3rd side (hint)
What are the steps of a TCP three-way handshake? |
Client sends SYN. Server sends SYN ACK. Client sends ACK. |
Synchronize acknowledgement |
|
What are the steps to closing a TCP session? |
Client sends FIN. Server sends FIN ACK. Client sends ACK. |
Finish acknowledgement |
|
What are the advantages/disadvantages of TCP and UDP? |
TCP is connection oriented, allowing for detection of lost packets. UDP is connectionless, used when speed is more important than reliability - DHCP, e.g. |
|
|
What comprises a TCP Segment? |
Originating and destination port numbers; sequence number; ACK; data packet. |
|
|
What comprises a UDP Datagram? |
Originating and destination port numbers; data length; checksum; data packet. |
|
|
What is ICMP and how is it used? |
Internet Control Message Protocol. Works at the Internet layer of the TCP/IP model, used for quick communications - Ping, ARP, e.g. |
|
|
What is IGMP, and how is it used? |
Internet Group Management Protocol. Works at the Internet layer of the TCP/IP model. Used for creating multicasts, using 224.x.x.x IP addresses. |
|
|
What comprises an ICMP packet? |
Type value (Ping or ARP, e.g.); checksum. |
|
|
What comprises an IGMP packet? |
Type value; checksum; Group Address (224.x.x.x); Source Address (originating server IP). |
|
|
What is Wireshark? |
Packet/protocol analyzer |
|
|
What is netstat? |
Lists all open ports and connections on the local computer. |
|
|
What are some of the different switches for netstat and their purposes? |
-n: displays info in numerical form -b: displays executable involved in connection -o: displays process ID for connection -a: displays all active ports, irrelevant of connection -r: displays local routing table (same as 'route print') |
|
|
What are the particulars of HTTP? |
Hyper Text Transfer Protocol, used for Internet traffic. Uses port 80. No encryption. |
|
|
What are the particulars of HTTPS? |
HTTP with security (encryption). Uses port 443. Encrypts web data being transferred between server and client. |
|
|
What are the two most popular web server types? |
Microsoft's IIS (Internet Information Service) and Apache (open source).
|
|
|
What are the particulars of FTP? |
File Transfer Protocol. Used to transfer files over the Internet. Uses ports 21 (outgoing) and 20 (incoming). No encryption. |
|
|
What is the purpose of an anonymous account on an FTP server? |
Allows users without accounts on the system to download files. |
|
|
What are three ways to access an FTP server? |
Third-party FTP client; web browser (using FTP:// in Address field); command prompt (ftp command). |
|
|
What are common commands when using FTP at a command prompt? |
Open (connect to a server) Put (upload a file) Get (download a file) Disconnect (end a server session) |
|
|
What is the secure version of FTP? |
SFTP, using SSL and TLS. |
|
|
What is TFTP? |
Trivial FTP. Uses UDP, on port 69. Requires TFTP server and client software. |
|
|
What protocol is used to send email in a server-client environment? |
SMTP - Simple Mail Transfer Protocol, using TCP port 25. |
|
|
What protocols are used to receive mail? |
-POP3 (Post Office Protocol v3), using TCP port 110. -IMAP4 (Internet Message Access Protocol v4), using TCP port 143. |
|
|
What is required when configuring an email client? |
SMTP and POP3 or IMAP settings. |
|
|
What's the basic difference between POP and IMAP? |
IMAP allows for organization (folders, e.g.) on the server; POP handles this on the client only, meaning that any changes made on one client will not replicate to another on a different computer. |
|
|
What is Telnet? |
Remote server-client software via command prompt, using TCP port 23. No encryption, but requires login credentials. |
|
|
What is SSH? |
Secure Shell. Encrypted version of Telnet, using TCP port 22. |
|
|
What is rlogin? |
An old remote server-client software, using no encryption nor login credentials. |
|
|
What is DNS? |
Domain Name System. DNS servers resolve IP addresses based off of FQDNs (Fully Qualified Domain Names). |
|
|
What are the components of a FQDN?
|
-At the right, the top-level domain. (com, e.g.) -At the left, the computer name. (www, e.g.) -In between, the secondary domain. (google, e.g.) |
|
|
What are the limits of a FQDN? |
127 individual names (including top-level and computer); 256 characters. |
|
|
What two tasks do DNS servers perform? |
Create and respond to DNS queries. (Workstations do not create DNS queries.) |
|
|
What steps go into retrieving an IP address for an Internet FQDN? |
-Client computer requests IP from local DNS server. -DNS server uses Root Hints list to query a Root DNS Server. -Root DNS server responds with the IP for the top-level domain DNS server. -TLD DNS server responds with the IP for the secondary domainDNS server. -SD DNS server responds with the IP for the original request. |
|
|
What are forward lookup zones (FLZ) when relating to DNS? |
Used to resolve FQDNs to IP addresses. |
|
|
What are reverse lookup zones (RLZ) when relating to DNS? |
Used to resolve IP addresses to FQDNs. |
|
|
What is a Start of Authority (SOA) FLZ DNS record? |
The authoritative name server for a domain, or the primary DNS server. Only one per domain. |
|
|
What is a Name Server (NS) FLZ DNS record? |
Provides quick FQDN to IP address resolution. Several allowed per domain. |
|
|
What are host FLZ DNS records? |
Individual computer names on the domain.
|
|
|
What's the difference between A and AAAA host records? |
A is IPv4; AAAA is IPv6. |
|
|
What is an alias host record, and what's another name for it? |
Used for a secondary name for a server. (Fileserver vs. FS01, e.g.) CNAME, or canonical name. |
|
|
What is a Mail Exchanger (MX) DNS record? |
Directs mail to the mail server in the domain. |
|
|
What is a Service Location (SRV) DNS record? |
Directs to a particular service - FTP or Telnet, e.g. |
|
|
What is the purpose of the HOSTS file? |
Contains IP addresses and their associated FQDNs. Pre-dates and takes precedence over DNS. |
|
|
What is NBTSTAT and some of its switches? |
NetBIOS over IP. -c Show NBT cache of namessand IPs. -s Show sessions (current connections). |
|
|
What is DDNS? |
Dynamic DNS. Assigns a FQDN to a DHCP-assigned (changeable) external IP address. |
|
|
What's the fastest way to test for a DNS issue? |
Try accessing via IP address rather than FQDN. If reachable, DNS is the issue. |
|
|
What is NSLOOKUP? |
Name Saver Lookup. Used to see default DNS server information. Use 'server [IP address]' to verify DNS addresses. |
|
|
What is DIG? |
Domain Information Groper. (Third-party tool.) |
|
|
What two components are required to encrypt cleartext to cyphertext? |
An algorithm and a key. |
|
|
What is symmetric encryption? |
An algorithm that uses the same key to encrypt and decrypt data. |
|
|
What is asymmetric encryption? |
Requires a public key (shared between both ends of the encrypted conversation, and used to encrypt) and a private key (used only to decrypt). |
|
|
What is a hash? |
A one-way, fixed-length encryption, often used for data verification. Common hashes are MD5 and SHA-1. |
|
|
What's the difference between authentication vs. authorization? |
Authentication is the confirmation - access credentials, e.g. Authorization controls what resources can be accessed with those credentials. |
|
|
What are the three types of access controls? |
-Mandatory Access Control, using labels which define access. -Discretionary Access Control, allowing individualized access. -Role-based Access Control, using groups to define access. |
|
|
What is RADIUS? |
A form of AAA - Authentication/Authorization/Accountability - system, using a server, client, and supplicant, and database. (The supplicant - a laptop, e.g., requests authentication from the client.) |
|
|
What ports are utilized by RADIUS? |
UDP 1812-1813 or 1645-1646 |
|
|
What is TACACS+? |
A Cisco proprietary AAA system, using a server, client (router, e.g.), and user. Uses TCP port 49. |
|
|
What are the components of Kerberos? |
A Windows domain controller (which automatically becomes a Kerberos Key Distribution Center, which is also an Authentication Server and a Ticket Granting Service) and a client workstation. |
|
|
What happens during a Kerberos authentication process? |
Client sends hashed credentials; authentication server sends a Ticket Granting Ticket (TGT) to client (granting authentication). TGT is time-stamped and sent back to Ticket Granting Service, which time-stamps the TGT again, making it a Token. The Token is used for accessing domain resources. |
|
|
What is a drawback for Kerberos? |
Relies heavily on timestamps, therefore works best on wired networks. |
|
|
What is EAP? |
Extensible Authentication Protocol. Used to store several different types of AAA protocols, but can't be used with Kerberos. Used most frequently with wireless connectivity. |
|
|
What are some of the different types of EAP? |
-EAP PSK (Personal Shared Key) -EAP PEAP (Password Encrypted Authentication Protocol, i.e. credentials) -EAP MD5 (hashes) -EAP TLS (single certificate) -EAP TTLS (multiple certificates) |
|
|
What is the purpose of tunneling? |
Used to encrypt data from unencrypted protocols - FTP through SSH, e.g. |
Secrets |
|
What is NTP? |
Network Time Protocol, running on port 123, used for precise timing for programs requiring time functions - Kerberos, e.g. |
|