Enterprise Networks CIT 383
Popular in Course
Popular in Computer Information Technology
This 5 page Study Guide was uploaded by Ulices Abbott on Tuesday September 8, 2015. The Study Guide belongs to CIT 383 at University of Oregon taught by Staff in Fall. Since its upload, it has received 68 views. For similar materials see /class/187222/cit-383-university-of-oregon in Computer Information Technology at University of Oregon.
Reviews for Enterprise Networks
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 09/08/15
CIT 383 Final Study Guide The midterm will be Monday June 6th at 1300 Like the midterm it will be quotobjectivequot multiple choice short answer llintheblank truefalse It will cover material related to the Internet from the last 5 weeks of class Chapters 8 9 14 and 18 The Chapter Summary and Chapter Review Questions in the teXt are a pretty good indication of what s important in each chapter The answers to all the chapter review questions are given in Appendix A but the more technical questions are not the sort of thing that will be on the test The emphasis in the test will be on things we talked about in class General Packet switched data networks vs circuit switched data networks Packet switched describes the type ofnetwork in which relatively small units ofdata called packets are routed through a network based on the destination address contained within each packet Breaking communication down intopackets allows the same data path to be shared among many users in the network In a circuit switched data network each connection established results in aphysical communication channel being setup through the networkfrom the calling to the called subscriber equipment This connection is then used exclusively by the two subscribersfor the duration ofthe call The mainfeature ofsuch a connection is that it provides afixed data rate channel and both subscribers must operate at this rate Fault tolerance The ability ofa system to respond gracefully to an unexpected hardware or software failure There are many levels offault tolerance the lowest being the ability to continue operation in the event ofapowerfailure Manyfault tolerant computer systems mirror all operations that is every operation is performed on two or more duplicate systems so one fails the other can take over Smart at the edge dumb in the core LAN hosts connected by switches Backbone routers connected by switches with LANS connected to routers Software complexity con guration complexity bugs The Internet What do IP routers do quotBest e rortquot IP delivery Best effort delivery describes a network service in which the network does not provide any special features that recover lost or corrupted packets These services are instead provided by end systems By removing the need to provide these services the network operates more ef ciently Sources of packet loss An error that occurs when data networks are overly congested When pieces of data packets Q are unable to be transmitted they are sometimes quotthrown out by the network Packet loss may or may not be disruptive to the recipient of the data depending on the severity of loss IPICMPUDPI CP What are they What are the characteristics of each What is encapsulation How are UDP and TCP transported Encapsulation describes the ability ofan object to hide its data and methodsfrom the rest ofthe world one ofthefundamentalprinciples ofOOP Object OrientedProgramming Unreliable UDP vs reliable T CP protocols TCP 3way handshake To establish a connection TCP uses the three way handshake SYN SYN ACK This three way handshake will only be completed in one direction even ifboth sides initialize connections at the same time TCP knows the state ofa connection by using the SYNchronize and ACKnowledge messages when establishing a connection TCP can break up a message transmit the pieces and reassemble them even ifthey are received out oforder Once connected TCP hands o to the applicationfor data transfer and communication TCP always knows the state of the connection What does TCP do to become reliable Why does it need to do anything What are TCP and UDP ports UDP is a connectionless protocol that runs on top of P UDP1P network systems use UDP primarilyfor broadcasting messages i e a one to many sending much like unsolicitedjunk email The most common UDP packetsiDNS registrations and name resolution queriesiare sent toport 53 TCP is a connection orientedprotocol that runs on top ofIP TCP1P TCP ports support only connection oriented protocols A connection oriented protocol requires that network endpoints establish a channel between them before they transmit messages What are wellknown ports Why are they important Internet Security Denial of Service ping of death smur ng Denial ofService Result of any action or series of actions that prevents any part of an information system from functioning Ping of Death millions of machines can be crashed by sending IP packets that exceed the maximum legal length 65535 octets Windows 98 machines Smur ng is a method of attacking of a network or Web site using a program called Smurf whereby the network is ooded with generated requests to the point that itbecomes unusable for actual tra ic Buffer over ow Distributed Denial of Service SYN ood zombies bot networks What is IP address spoo ng A technique used to gain unauthorized access to computers whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host To engage in IP spoo ng a hacker must rst use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host Secure HTTPS vs insecure HTTP protocols What do they do differently Internal vs external threats Firewalls packet filtering vs application proxies and DMZs Sanity checking vs session monitoring Encryption The translation of m into a secret code Encryption is the most efective way to achieve data security To read an encrypted file you must have access to a secret key or password that enables you to decrypt it Unencrypted data is called plain text encrypted data is referred to as cipher text There are two main types of encryption asymmetric encryption also called public key encryption and symmetric encryption Malware trojans Viruses worms spyware spamware backdoors Malware short for quotmalicious software 9 is any software developed for the purpose of doing harm to a computer system The threat of malicious software can easily be considered as the greatest threat to Internet security Earlier viruses were more or less the only form of malware Nowadays the threat has grown to include networkaware worms trojans spyware adware and so on There are many di erent types ofMalware I Viruses amp Worms Spread through email web pages or networks these can self replicate and spread to other computers They can often cause great damage to a computer I Trojan Horse A trojan horse program is a harmful piece of software that is disguised as legitimate software Trojan horses cannot replicate themselves in contrast to viruses or worms A trojan horse can be deliberately attached to otherwise useful software by a programmer or it can be spread by tricking users into believing that it is useful To complicate matters some trojan horses can spread or activate other malware such as viruses These programs are called droppers I BackDoor A backdoor is a piece of software that allows access to the computer system bypassing the normal authentication procedures Based on how they work and spread there are two groups of backdoors The first group works much like a Trojan i e they are manually inserted into another piece of software executed via their host software and spread by their host software being installed The second group works more like a worm in that they get executed as part of the boot process and are usually spread by worms carrying them as their payloa Spyware Spyware consists of computer software that gathers information about a computer user such as browsing patterns in the more benign case or credit card numbers in more serious ones and then transmits this information to an external entity without the knowledge or informed consent of the user Adware Adware or advertisingsupported software is any software application in which advertisements are displayed while the program is running These applications include additional code that displays the ads in popup windows or through a bar that appears on a computer screen Social engineering phishing Social engineering In the eld of computer security social engineering is the practice of conning people into revealing sensitive data on a computer system often on the Internet Phishing is the fraudulent acquisition through deception of sensitive personal information such as passwords and credit card details by masquerading as someone trustworthy with a real need for such information It is aform ofsocial engineering attac Virtual Private Networks VPNs encrypted tunnel What is packet sniffing A technique which uses network monitoring tools to eavesdrop on packets passing through a network This technique can be used as aform ofattack Sample Questions 1 What39s the main difference between a packet switched data network and a circuit switched data network Which is the Internet Equot Explain in general terms what a firewall is system designed to prevent unauthorized access to or from a private network Firewalls can be implemented in both hardware and software or a combination of both Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet especially intranets All messages entering or leaving the Intranet pass through the rewall which examines each message and blocks those that do not meet the specified security criteria 03 Explain in general terms the technique TCP uses to achieve reliability 5 What is a DMZ A computer or small subnetwork that sits between a trusted internal network such as a corporate private LAN and an untrusted external network such as the public Internet How can using a DMZ improve security It makes it easy to create multiple DMZ networks directly connected to the user s PC sfirewall Adding extra layer ofprotectionfor computers behind thefirewall 5 What is P address spoo ng What can routers do to prevent it F gt1 on 0 The term Internet Protocol spoofing 1P spoo ng is the creation of IP packets with a forged spoofed source IP address The header of every 1P packet contains its source address This is normally the address that the packet was sent from By forging the header so it contains a difkrent address an attacker can make it appear that the packet was sent by a difkrent machine This can be a method of attack used by network intruders to defeat network security measures such as authentication based on IP addresses Packet filtering is one defense against 1P spoo ng attacks The gateway to a network should perform ingress ltering blocking of packets from outside the network with a source address inside the network This prevents an outside attacker spoofing the address of an internal machine Ideally outgoing packets should also be ltered dropping packets from inside the network with a source address that is not inside egress ltering this prevents an attacker within the network performing filtering from launching 1P spoofing attacks against external machines TCP clients contact TCP servers using ports FTP is a secure le transfer protocol TF If an P router has more traf c than it can handle it may begin randomly discarding packets TF Which ofthe following is not an advantage of ber optic cabling over copper cabling in a LAN 1 Higher bandwidth 2 Greater distance 3 Not affected by electromagnetic noise 4 Lower Cast 5 None ofthe above
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'