cs/is 190 final review final exam: wednesday, april 8
TRANSCRIPT
Final Overview
• Chapters 11 through 20• Multiple Choice• Similar to questions at the end of each chapter
and in the homeworks• 50 questions• You will have the full class time to complete
Chapter 11
• Security• Nonrepudiation• Encryption• Authentication• Authorization• Plaintext• Complete Algorithm• Ciphertext
Chapter 11
• symmetric-key algorithm– DES– RC4– AES
• Asymmetric-key algorithm– RSA
• Hash– MD5– SHA
Chapter 11
• Digital Signatures• Certificates• public-key infrastructure (PKI)• Authorization– access control list (ACL)– mandatory access control (MAC)– Discretionary access control (DAC)– Role-based access control (RBAC)
Chapter 11
• Authentication– Point-to-Point Protocol (PPP)– Password Authentication Protocol (PAP)– Challenge Handshake Authentication Protocol (CHAP)– MS-CHAP and MS-CHAPv2
• Authentication, Authorization, and Accounting (AAA)– RADIUS– Kerberos– Extensible Authentication Protocol (EAP)– 802.1X
Chapter 11
• Encryption• SSH• Tunneling• Secure Sockets Layer (SSL)• Transport Layer Security (TLS)• IPSec– Transport mode and Tunnel mode.
• HTTPS• SFTP, SNMP, NTP
Chapter 12
• Client / Server• Peer to Peer (P2P)• Virtual Private Network (VPN)– Point-to-Point Tunneling Protocol (PPTP)– Routing and Remote Access Service (RRAS)
• Layer 2 Tunneling Protocol (L2TP)• Virtual Local Area Network (VLAN)– Trunking : 802.1Q trunk standard– Static VLAN vs. Dynamic VLAN
Chapter 12
• Multilayer Switches• DNS Load Balancing• Quality of Service (QoS)• Traffic shaping• Intrusion detection system (IDS)• Intrusion prevention system (IPS)• Port Mirroring• Proxy Servers
Chapter 13
• IPV6• 128 Bits• How to write the address:• 8 groups of four hexadecimal characters• Leading zeros can be dropped from any group• Use double colon to show groups of zeroes• Link-Local Address (always starts with FE80:)
Chapter 13
• Subnet masks– No subnet is ever longer than /64
• Unicast• Multicast• Anycast• Global Unicast Address (Global Address)– Gets from router
• Aggregation
Chapter 14
• Remote Connectivity• Plain Old Telephone Service (POTS)• Multiplexers• Frequency Division Multiplexing (FDM)• DS0 (64 Kbps)• T1 Line– 24 DS0 channels– 1.544 Mbps
Chapter 14
• Fiber Carriers• SONET and OC• OC-1– 51.85 Mbps
• The rest of the OC multiply the number to get the speed :
• OC-3 is 51.85 * 3 = 155.52 Mbps
Chapter 14
• Packet Switching– Frame Relay– Asynchronous Transfer Mode (ATM)– Public Switched Telephone Network (PSTN)– Modems
• Universal Asynchronous Receiver/Transmitter (UART)• Baud vs. Bits Per second
– ISDN• Basic Rate Interface (BRI) = 128 Kbps• Primary Rate Interface (PRI) = 1.544 Mbps (T1 Line)
Chapter 14
• DSL– SDSL– ADSL– VDSL
• Cable Internet (DOCSIS protocol)• Satellite• Wireless• Fiber Optics• Powerline
Chapter 14
• Remote Access– Dial – up– Private Dial-up– VPNs– Dedicated Connections– Remote Terminals, Remote Desktop– Voice over IP (VoIP)
Chapter 15
• Wireless Networking• Modes:– Ad Hoc Mode (Peer to Peer mode)– Infrastructure Mode
• Service Set Identifier (SSID)– Called a network name
• Channels– 14 channels, only 11 allowed in U.S.A.
• CSMA/CA
Chapter 15
• 802.11b• 802.11a• 802.11g• 802.11n• Security– MAC address filtering– Wireless authentication• 802.1X• RADIUS
Chapter 15
• Data Encryption– Wired Equivalent Privacy (WEP)– Wi-Fi Protected Access (WPA)– WPA2
• Uses AES (Advanced Encryption Standard)
• Power Over Ethernet• Implementing Wi-Fi
– Placing access points– Configuration– Extending the Network
• Adding a WAP• Wireless Bridge
Chapter 16
• Threats– Crashes and Hardware Failures– Malware• Virus• Worm• Macro• Trojan• Rootkit• Adware/Spyware
Chapter 16
• Social Engineering• Phishing• Denial of Service (DoS)• Distributed DoS (DDos)• Physical Intrusion• Rogue Access Points• Securing user Accounts– Passwords– Least Privilege
Chapter 16
• Firewalls– Network based– Host Based
• Port Filtering• Packet Filtering (IP filtering)• MAC Filtering• Network Zones– Demilitarized Zone (DMZ)
Chapter 17
• Virtualization• Hypervisor• Virtual Machine Manager (VMM)• Emulation vs. Virtualization• Why?– Power Saving– Hardware Consolidation– System Recovery– System Duplication– Research
Chapter 18
• Configuration Management Documentation– Wiring Diagrams– Network Diagrams– Baselines– Policies, Procedures, and configurations– Regulations
• Monitoring Performance– Log Files
• Application Logs• Security Logs• System logs
Chapter 18• Performance Optimization
– Caching– Quality of Service (QoS)– Traffic Shaping
• High Availability– Data Backups
• Archive Bit• Normal (full) backup• Copy Backup• Incremental Backup• Differential Backup• Daily Backup
– Uninterruptible Power Supply (UPS)– Backup Generators– RAID and other redundant hardware– Cluster Servers and Load Balancing
Chapter 19
• Building a SOHO network– Define Network Needs– List of requirements– Network Design– Compatibility issues– Internal Connections– External Connections– Peripherals– Security
Chapter 19
• Structured Cabling• Electrical Limits• VLANs• IP address scheme• External Connections– Gateway router– Choose ISP
• Security
Chapter 20• Troubleshooting• Hardware Tools
– Cable Testers– TDR– OTDR– Certifiers– Voltage Recorders / Temp. Monitors– Protocol Analyzer – Cable Strippers / Snips– Multimeters– Toners– Butt Sets– Punchdown tools
Chapter 20• Software Tools• Traceroute• Ipconfig / Ifconfig• Ping and ARP Ping• NSLookup• Hostname• My Traceroute (MTR)• Route (Route Print)• NBTStat• Netstat• Packet Sniffers• Port Scanners
Chapter 20
• Troubleshooting Process:1. Gather information—identify symptoms and problems.2. Identify the affected areas of the network.3. Establish if anything has changed.4. Establish the most probable cause.5. Determine if escalation is necessary.6. Create an action plan and solution identifying potential effects.7. Implement and test the solution.8. Identify the results and effects of the solution.9. Document the solution and the entire process.