CISSP Cert Guide: Telecommunications and Network Security
Date: Dec 17, 2013
Exam Preparation Tasks
Review All Key Topics
Review the most important topics in this chapter, noted with the Key Topics icon in the outer margin of the page. Table 3-11 lists a reference of these key topics and the page numbers on which each is found.
Table 3-11 Key Topics
|
Key Topic Element |
Description |
Page Number |
|
Figure 3-1 |
Protocol Mappings |
70 |
|
Figure 3-2 |
TCP/IP and OSI models |
71 |
|
Figure 3-4 |
TCP three-way handshake |
74 |
|
Figure 3-6 |
Encapsulation and de-encapsulation |
76 |
|
Table 3-1 |
Common UDP and TCP ports |
77 |
|
Table 3-2 |
Classful IP addressing |
80 |
|
Table 3-3 |
Private IP address ranges |
81 |
|
Table 3-4 |
Twisted-pair categories |
89 |
|
Table 3-6 |
Ethernet implementations |
95 |
|
Ordered steps |
CSMA/CD |
99 |
|
Ordered steps |
CSMA/CA |
100 |
|
Section |
Cloud computing services |
117 |
|
Table 3-7 |
T carriers |
121 |
|
Table 3-8 |
E-carriers |
122 |
|
Table 3-9 |
Optical carriers |
122 |
|
Section |
WLAN Standards |
138 |
|
Table 3-10 |
WPA and WPA2 |
141 |
Define Key Terms
Define the following key terms from this chapter and check your answers in the glossary:
- Open Systems Interconnect (OSI) model
- Application layer
- Presentation layer
- Session layer
- Transport layer (layer 4)
- Network layer (layer 3)
- Data Link layer (layer 2)
- Physical layer (layer 1)
- TCP/IP model
- TCP three-way handshake
- Internet Protocol (IP)
- Internet Message Control Protocol (ICMP)
- Internet Group Messaging Protocol (IGMP)
- Address Resolution Protocol (ARP)
- Encapsulation
- Private IP addresses
- Media Access Control (MAC) addresses
- Digital
- Asynchronous transmission
- Synchronous transmission
- Baseband
- Time Division Multiplexing (TDM)
- Broadband
- Frequency Division Multiplexing (FDM)
- Unicast
- Multicast
- Broadcast
- Attenuation
- Coaxial
- Thicknet
- Thinnet
- Twisted Pair
- Radio Frequency Interference (RFI)
- EMI
- Fiberoptic
- Single mode
- Multi-mode
- Ring
- Bus
- Star
- Mesh
- Hybrid
- Ethernet
- Token Ring
- Fiber Distributed Data Interface (FDDI)
- Carrier Sense Multiple Access Collision Detection (CSMA/CD)
- Carrier Sense Multiple Access Collision Avoidance (CSMA/CA)
- token passing
- polling
- Dynamic Host Configuration Protocol (DHCP)
- DNS
- File Transfer Protocol (FTP)
- FTPS
- Secure File Transfer Protocol (SFTP)
- HTTP
- Hypertext Transfer Protocol Secure (HTTPS)
- SHTTP
- Internet Message Access Protocol (IMAP)
- Network Address Translation (NAT)
- Port Address Translation (PAT)
- Post Office Protocol (POP)
- Simple Mail Transfer Protocol (SMTP)
- Simple Network Management Protocol (SNMP)
- distance vector
- link state
- hybrid
- Routing Internet Protocol (RIP)
- Open Shortest Path First (OSPF)
- Interior Gateway Protocol
- Enhanced IGRP (EIGRP)
- Virtual Router Redundancy Protocol (VRRP)
- Intermediate System to Intermediate System (IS-IS)
- Border Gateway Protocol (BGP)
- patch panels
- multiplexer
- demultiplexer
- hub
- switches
- VLANs
- layer 3 switch
- layer 4 switches
- routers
- gateway
- Network Access Server (NAS)
- firewall
- packet filtering firewalls
- stateful firewalls
- proxy firewalls
- circuit level proxies
- SOCKS firewall
- application-level proxies
- dynamic packet filtering firewall
- kernel proxy firewall
- bastion host
- dual-homed firewall
- three legged firewall
- DMZ
- screened host
- screened subnet
- virtual firewalls
- proxy firewall
- private branch exchange (PBX)
- honeypots
- honeynets
- cloud computing
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- LAN
- intranet
- extranet
- Metropolitan Area Network (MAN)
- Metro Ethernet
- wide area networks (WANs)
- T carriers
- fractional T1
- E carriers
- Synchronous Optical Networks (SONET)
- Channel Service Unit/Data Service Unit (CSU/DSU)
- circuit-switching networks
- packet-switching networks
- Asynchronous Transfer Mode (ATM)
- X.25
- Switched Multimegabit Data Service (SMDS)
- Point-to-Point Protocol (PPP)
- HSSI
- PSTN
- VOIP
- Signaling System 7 (SS7)
- Session Initiation Protocol (SIP)
- dial-up
- SLIP
- Integrated Services Digital Network (ISDN)
- Basic Rate (BRI)
- Primary Rate (PRI)
- Digital Subscribers Line (DSL)
- Asymmetric DSL (ADSL)
- High Bit Data Rate DSL (HDSL)
- Very High Bit Data Rate DSL (VDSL)
- cable modems
- Data-Over-Cable Service Interface Specifications (DOCSIS)
- Virtual Private Network (VPN)
- PPTP
- L2TP
- IPsec
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
- Internet Security Association and Key Management Protocol (ISAKMP)
- Internet Key Exchange (IKE)
- TACACS+
- RADIUS
- supplicant
- authenticator
- authenticating server
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Extensible Authentication Protocol (EAP)
- Telnet
- Transport Layer Security/Secure Sockets Layer (TLS/SSL)
- Frequency Hopping Spread Spectrum (FHSS)
- Direct Sequence Spread Spectrum (DSSS)
- Orthogonal Frequency Division Multiplexing (OFDM)
- Frequency Division Multiple Access (FDMA)
- Code Division Multiple Access (CDMA)
- Global System Mobile (GSM)
- phone cloning
- access point
- Service Set Identifier (SSID)
- Infrastructure mode
- Ad Hoc mode
- 802.11a
- 802.11b
- 802.11f
- 802.11g
- 802.11n
- Multiple Input Multiple Output
- Bluetooth
- bluejacking
- bluesnarfing
- infrared
- Wired Equivalent Privacy (WEP)
- Wi-Fi Protected Access (WPA)
- WPA2
- noise
- attenuation
- crosstalk
- Ping of Death
- Distributed Denial of Service (DDOS)
- Smurf attack
- ping scanning
- DNS cache poisoning attack
- DNSSEC (DNS security)
- URL hiding
- domain grabbing
- cybersquatting
- email spoofing
- phishing
- spear phishing
- whaling
- spam
- wardriving
- warchalking
- SYN ACK attack
- session highjacking attack
- port scan
- teardrop
- IP address spoofing
Review Questions
At which layer of the OSI model does the encapsulation process begin?
- Transport
- Application
- Physical
- Session
Which two layers of the OSI model are represented by the Link layer of the TCP/IP model? (Choose two.)
- Data Link
- Physical
- Session
- Application
- Presentation
Which of the following represents the range of port numbers that are referred to as “well-known” port numbers?
- 49152–65535
- 0–1023
- 1024–49151
- all above 500
What is the port number for HTTP?
- 23
- 443
- 80
- 110
What protocol in the TCP/IP suite resolves IP addresses to MAC addresses?
- ARP
- TCP
- IP
- ICMP
How many bits are contained in an IPv4 IP address?
- 128
- 48
- 32
- 64
Which of the following is a Class C address?
- 172.16.5.6
- 192.168.5.54
- 10.6.5.8
- 224.6.6.6
Which of the following is a private IP address?
- 10.2.6.6
- 172.15.6.6
- 191.6.6.6
- 223.54.5.5
Which service converts private IP addresses to public IP addresses?
- DHCP
- DNS
- NAT
- WEP
Which type of transmission uses stop and start bits?
- Asynchronous
- Unicast
- Multicast
- Synchronous
Answers and Explanations
- b. The Application Layer (layer 7) is where the encapsulation process begins. This layer receives the raw data from the application in use and provides services such as file transfer and message exchange to the application (and thus the user).
- a, b. The Link layer of the TCP/IP model provides the services provided by both the Data Link and the Physical layers in the OSI model.
- b. System Ports, also called well-known ports, are assigned by the IETF for standards-track protocols, as per [RFC6335].
c. The listed ports numbers are as follows:
- 23–Telnet
- 443–HTTPS
- 80–HTTP
- 110–POP3
- a. Address Resolution Protocol (ARP) resolves IP addresses to MAC addresses.
- c. IPv4 addresses are 32 bits in length and can be represented in either binary or in dotted decimal format.
- b. The calls C range of addresses is from 192.0.0.0 -223.255.255.255.
a.
Here are the private IP address ranges:
Class
Range
Class A
10.0.0.0 – 10.255.255.255
Class B
172.16.0.0 – 172.31.255.255
Class C
192.168.0.0 – 192.168.255.255
- c. Network Address Translation (NAT) is a service that can be supplied by a router or by a server. The device that provides the service stands between the local LAN and the Internet. When packets need to go to the Internet, the packets go through the NAT service first. The NAT service changes the private IP address to a public address that is routable on the Internet. When the response is returned from the Web, the NAT service receives it and translates the address back to the original private IP address and sends it back to the originator.
- a. With asynchronous transmission, the systems use what are called start and stop bits to communicate when each byte is starting and stopping. This method also uses what are called parity bits to be used for the purpose of ensuring that each byte has not changed or been corrupted en route. This introduces additional overhead to the transmission.