Exam 3/Quizzes Review
Chapter 8: WAN/MAN
Dialed circuit services
Wide area telephone services
Dedicated circuit services
Wideband analog services
carrier circuits (E
Synchronous optical netw
Digital subscriber line (DSL)
Basic rate interface (2B+D, 128k+16k)
Primary rate interface (23B+D, about 1.544M)
Broadband ISDN (155.52Mbps/622.08Mbps)
Frame relay (operates only at the data link layer, encapsulate other packets, variable
packet length; no error checking, unreliable packet services; define committed
CIR and maximum allowable rate
abit Data Service (SMDS) (ATM
like cell, no error checking,
Ethernet/IP packet network. Started in 2000
MPLS (work with IP, frame relay and ATM network; fast switching for working at
layer 2; easy to manage a network for
a kind of VAN
ATM vs. frame relay
All data are packet
no error control at the intermediate computers within the network;
CIR and MAR (which ATM calls available burst rate (ABR)) can be negotiated
circuits are established.
ATM uses fixed
length packets of 53 bytes (5 bytes of overhead and 48 bytes of user
data), while frame relay's packet size is variable.
ATM provides extensive quality of service information that enables the setting
very precise priorities among different types of transmissions. Quality of service is
now being implemented in many frame relay and SMDS services, so this difference
ATM is scaleable; it is easy to multiplex basic ATM circuits into much
circuits. Most common carriers offer ATM circuits that provide the same data
transmission rates as SONET:
51.84 Mbps, 466.56 Mbps, 622.08 Mbps, and so on.
New versions called T
1 ATM (1.544 Mbps) and T
3 ATM (45 Mbps) are also
unreliable packet service.
SMDS encapsulates incoming packets from the user's network with ATM
byte cells, although the address is different than an ATM address. The user's data
link layer address is mapped to the SMD
S address, which is used for transmission
through the SMDS network. The SMDS cell is stripped off at the destination and the
user's data link layer packet reassembled.
Like ATM and frame relay, SMDS does not perform error checking; the user is
for error checking.
: SMDS provides only a connectionless datagram service.
Advantage and Disadvantage of Dedicated Circuit, Switching Services
Comparison and Contrast circuit switching, packet switching technologies
and contrast virtual circuit and datagram.
What is VPN? Why is VPN getting popular? How is VPN implemented?
What is MPLS? What are main benefits of MPLS?
Chapter 10: Network Security Management
Controlling security threats: 1) disruption, destr
uction & disaster; 2) unauthorized access
Approaches to presenting unauthorized access
Firewall techniques and proxy server
Application case: DMZ
Digital signature and CA
Web security: SSL, and S
Disruption, destruction & disast
Computer virus vs. worm
Packet level firewall
Application level firewall
Proxy server (NAT feature)
Symmetric key encryption, e.g. DES (data encryption standard)
Public key encryption, e.g. RSA
d authenticity features with public key encryption
To reduce computational overhead, the following process is then used:
Prepare a message.
Encrypt that message using conventional encryption wit
h a one
Encrypt the session key using public
key encryption with recipient’s public key.
Attach the encrypted session key to the message and send it.
Four key features in secure transmissions:
, integrity, non
Secure network layer protocol
Transport layer protocols: SSL, TLS
Application layer protocols: SET, s
Digital cash and digital wallet
Detection of unauthorized access:
Intruder Detection Syst
List the approaches to presenting unauthorized access.
Six approaches to presenting unauthorized access:
Developing a security policy
Developing user profiles
Mending up security holes
Securing network acc
ess points (using firewalls, etc)
What are the differences between the different types of firewalls?
A packet level firewall examines the source and destination address of every network
packet that passes through
it. It only allows packets into or out of the organization’s
networks that have acceptable source and destination addresses. Each packet is
examined individually, so the firewall has no knowledge of what the user is
attempting to do. It simply chooses to p
ermit entry or exit based on the contents of the
packet itself. This type of firewall is the simplest and least secure because it does not
monitor the contents of the packets or why they are being transmitted, and typically
does not log the packets for lat
An application level firewall acts as an intermediate host computer or gateway
between the Internet and the rest of the organization’s networks. Anyone wishing to
access the organization’s networks from the Internet must login to this firewall
can only access the information they are authorized for based on the firewall account
profile they access. This places an additional burden on users who must now
remember an additional set of passwords. With application level firewalls, any access
at has not been explicitly authorized is prohibited. In contrast, with a packet level
firewall, any access that has not been disabled is permitted.
How authentication works.
Public key encryption permits authentication (or digital signatures). When one use
sends a message to another, it is difficult to legally prove who actually sent the message.
Legal proof is important in many communications, such as bank transfers and buy/sell
orders in currency and stock trading, which normally require legal signatures
. Thus a
digital signature or authentication sequence is used as a legal signature on many
financial transactions. This signature and the other key
contents are encrypted by the
sender using the private key. The receiver uses the sender’s public key to dec
signature block and compares the result to the name and other key contents in the rest of
the message to ensure a match.
What is a certificate authority?
A certificate authority (CA) is a trusted organization who can vouch for the authenticity
the person or organization using authentication (e.g., VeriSign). A person wanting to
use a CA registers with the CA and must provide some proof of identify. The CA issues
a digital certificate that is the requestor's public key encrypted using the CA's p
as proof of identify. This certificate is then attached to the user's email or Web
transactions in addition to the authentication information. The receiver then verifies the
certificate by decrypting it with the CA's public key
and must also
contact the CA to
ensure that the user's certificate has not been revoked by the CA.
What is IP spoofing?
What is eavesdropping?
What are conventional encryption and public key encryption? How to tell the
difference between these two type
What is honey
What is forensics?
Explain how SSL work.
Three generations of mobile phone services
Wireless web technologies: WAP, WML
Which of the following is the main difference between the 1
and the 2
needs transceiver stations
AMPS stands for:
GSM stands for:
List three features that GSM is superior to AMPS.
CDMA is used by AMPS. True / False
Briefly list two advanced features
generation mobile telephony:
based question: explain how special allocation is done in mobile telephone systems
to make reuse of frequency spectra.
based question: How wireless web works?