Exam 3/Quizzes Review

spongehousesΑσφάλεια

3 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

56 εμφανίσεις


1

Exam 3/Quizzes Review


Chapter 8: WAN/MAN


WAN Services:


Dialed circuit services

-

Direct dialing

-

Wide area telephone services


Dedicated circuit services

-

Voice
-
grade circuits

-

Wideband analog services

-

T
-
carrier circuits (E
-
carrier)

-

Synchronous optical netw
ork (SONET)

-

Digital subscriber line (DSL)

-

Cable modem


Circuit
-
switched services

-

Narrowband ISDN

-

Basic rate interface (2B+D, 128k+16k)

-

Primary rate interface (23B+D, about 1.544M)

-

Broadband ISDN (155.52Mbps/622.08Mbps)


Packet
-
switched services

-

X.25 (error

checking)

-

Frame relay (operates only at the data link layer, encapsulate other packets, variable
packet length; no error checking, unreliable packet services; define committed
information rate
-

CIR and maximum allowable rate
-

MAR)

-

ATM

-

Switched Multimeg
abit Data Service (SMDS) (ATM
-
like cell, no error checking,
connectionless, 56Kbps
-
44.376 Mbps)

-

Ethernet/IP packet network. Started in 2000

-

MPLS (work with IP, frame relay and ATM network; fast switching for working at
layer 2; easy to manage a network for

QoS)


VPN
-

a kind of VAN


Questions:


1.

ATM vs. frame relay

Similarities:

1)

All data are packet
-
switched,

2)

no error control at the intermediate computers within the network;


2

3)

CIR and MAR (which ATM calls available burst rate (ABR)) can be negotiated
when

circuits are established.

Differences:

1)

ATM uses fixed
-
length packets of 53 bytes (5 bytes of overhead and 48 bytes of user
data), while frame relay's packet size is variable.

2)

ATM provides extensive quality of service information that enables the setting

of
very precise priorities among different types of transmissions. Quality of service is
now being implemented in many frame relay and SMDS services, so this difference
may disappear.

3)

ATM is scaleable; it is easy to multiplex basic ATM circuits into much

faster ATM
circuits. Most common carriers offer ATM circuits that provide the same data
transmission rates as SONET:
51.84 Mbps, 466.56 Mbps, 622.08 Mbps, and so on.
New versions called T
-
1 ATM (1.544 Mbps) and T
-
3 ATM (45 Mbps) are also
available.

2.

SMDS v
s. ATM

Similarities:


1)

Both are

unreliable packet service.

2)

SMDS encapsulates incoming packets from the user's network with ATM
-
like 53
-
byte cells, although the address is different than an ATM address. The user's data
link layer address is mapped to the SMD
S address, which is used for transmission
through the SMDS network. The SMDS cell is stripped off at the destination and the
user's data link layer packet reassembled.

3)

Like ATM and frame relay, SMDS does not perform error checking; the user is
responsible

for error checking.

Difference
: SMDS provides only a connectionless datagram service.

More Questions
:

1.

Advantage and Disadvantage of Dedicated Circuit, Switching Services

2.

Comparison and Contrast circuit switching, packet switching technologies

3.

Comparison
and contrast virtual circuit and datagram.

4.

What is VPN? Why is VPN getting popular? How is VPN implemented?

5.

What is MPLS? What are main benefits of MPLS?


3

6.

Chapter 10: Network Security Management


Focuses:

Controlling security threats: 1) disruption, destr
uction & disaster; 2) unauthorized access

Approaches to presenting unauthorized access

Firewall techniques and proxy server

Application case: DMZ

Encryption
-

DES, RSA

Digital signature and CA

Web security: SSL, and S
-
HTTP


Disruption, destruction & disast
er


Computer virus vs. worm

DDoS attack


Firewall


Packet level firewall

Application level firewall

Proxy server (NAT feature)

DMZ


Encryption


Symmetric key encryption, e.g. DES (data encryption standard)

Public key encryption, e.g. RSA

Confidentiality an
d authenticity features with public key encryption


Digital signature

Digital certificate

Certificate authority


To reduce computational overhead, the following process is then used:



Prepare a message.



Encrypt that message using conventional encryption wit
h a one
-
time conventional
session key.



Encrypt the session key using public
-
key encryption with recipient’s public key.



Attach the encrypted session key to the message and send it.


Four key features in secure transmissions:

Confidentiality, authentication
, integrity, non
-
repudiation


Web security



4

1)

Secure network layer protocol


IPSec

2)

Transport layer protocols: SSL, TLS

3)

Application layer protocols: SET, s
-
http, PGP


Digital cash and digital wallet


Detection of unauthorized access:


Intruder Detection Syst
em (IDS)

Computer forensics

Honey
-
pot


Questions:


1.

List the approaches to presenting unauthorized access.

Six approaches to presenting unauthorized access:

1)

Developing a security policy

2)

Developing user profiles

3)

Mending up security holes

4)

Securing network acc
ess points (using firewalls, etc)

5)

Preventing eavesdropping

6)

Using encryption


2.

What are the differences between the different types of firewalls?

A packet level firewall examines the source and destination address of every network
packet that passes through
it. It only allows packets into or out of the organization’s
networks that have acceptable source and destination addresses. Each packet is
examined individually, so the firewall has no knowledge of what the user is
attempting to do. It simply chooses to p
ermit entry or exit based on the contents of the
packet itself. This type of firewall is the simplest and least secure because it does not
monitor the contents of the packets or why they are being transmitted, and typically
does not log the packets for lat
er analysis.

An application level firewall acts as an intermediate host computer or gateway
between the Internet and the rest of the organization’s networks. Anyone wishing to
access the organization’s networks from the Internet must login to this firewall
, and
can only access the information they are authorized for based on the firewall account
profile they access. This places an additional burden on users who must now
remember an additional set of passwords. With application level firewalls, any access
th
at has not been explicitly authorized is prohibited. In contrast, with a packet level
firewall, any access that has not been disabled is permitted.

3.

How authentication works.

Public key encryption permits authentication (or digital signatures). When one use
r
sends a message to another, it is difficult to legally prove who actually sent the message.

5

Legal proof is important in many communications, such as bank transfers and buy/sell
orders in currency and stock trading, which normally require legal signatures
. Thus a
digital signature or authentication sequence is used as a legal signature on many
financial transactions. This signature and the other key
-
contents are encrypted by the
sender using the private key. The receiver uses the sender’s public key to dec
rypt the
signature block and compares the result to the name and other key contents in the rest of
the message to ensure a match.

4.

What is a certificate authority?

A certificate authority (CA) is a trusted organization who can vouch for the authenticity
of

the person or organization using authentication (e.g., VeriSign). A person wanting to
use a CA registers with the CA and must provide some proof of identify. The CA issues
a digital certificate that is the requestor's public key encrypted using the CA's p
rivate key
as proof of identify. This certificate is then attached to the user's email or Web
transactions in addition to the authentication information. The receiver then verifies the
certificate by decrypting it with the CA's public key
--

and must also
contact the CA to
ensure that the user's certificate has not been revoked by the CA.

More questions:

1.

What is IP spoofing?

2.

What is eavesdropping?

3.

What are conventional encryption and public key encryption? How to tell the
difference between these two type
s?

4.

What is honey
-
pot?

5.

What is forensics?

6.

Explain how SSL work.


6

Wireless WAN

1.

Three generations of mobile phone services

2.

Wireless web technologies: WAP, WML

Questions:

1.

Which of the following is the main difference between the 1
st

and the 2
nd

generation
mobi
le telephony?

a.

Internet accessibility

b.

using SDMA

c.

using encryption

d.

roaming

e.

needs transceiver stations

2.

AMPS stands for:

3.

GSM stands for:

4.

List three features that GSM is superior to AMPS.

5.

CDMA is used by AMPS. True / False

6.

Briefly list two advanced features

of 3
rd

generation mobile telephony:

7.

Essay
-
based question: explain how special allocation is done in mobile telephone systems
to make reuse of frequency spectra.

8.

Essay
-
based question: How wireless web works?