Thursday, August 12, 2010

CISSP - Telecommunications and Network Security

WAN

ISDN BRI = 2 B and 1 D

Packet Switched = Frame Relay, X.25, ATM

Circuit Switched = DDS

Networking Models

OSI Model is an ISO Standard

TCP IP Model = Network Interface -> Inter networking -> Transport -> Application

SSL is between transport and session layers

802.15 = Wireless personal area - think bluetooth

IP

protocol field of packet -> 0x01 = ICMP, 0x06 = TCP, 0x11 = UDP, 0x58 = IGRP

determine Class
0xxxxxxx = <128 = A
10xxxxxx = <192 = B
110xxxxx = <224 = C
1110xxxx = <240 = D

private addresses
10.0.0.0/8
*127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.168.0.0/16


RAID

0 = Striping
1 = Mirroring
2 = bit level striping w/ parity
3 = byte level striping w / parity
4 = block level striping w/ parity
5 = block level striping w / distributed parity
6 = block level striping w/ double distributed parity (requires 4 disks but can tolerate 2 down disks)

VPN

PPTP (PPP w/ MPPE, MS-CHAP, EAP-TLS), L2TP, IPSEC, L2F

Authentication

EAP, RADIUS, TACACS, PAP, CHAP

Wireless Security

WEP, WAP, WPA, TKIP

WAP 1 = no authentication, 2 = server authentication, 3 = server and client authentication

Attacks

Wormhole - a shortcut(wormhole) is created between 2 networks tricking routing protocols into using the wormhole. Then all traffic can be monitored or disrupted.

Firewalls

Dual-homed / bastion = think pc w/ 2 nics filtering traffic

Screened host = separation is logical instead of physical - in other words - only one nic. I picture this as a router only allowing 80 traffic to a proxy server, and the proxy server being the screened host firewall - though dependent on the router.

Screened subnet = 3 nics - think DMZ

No comments:

Post a Comment