ISC2 CISSP Practice Test Questions-CISSP Exam Dumps | Exam4Help.com
LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course...
Transcript of LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course...
![Page 1: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/1.jpg)
![Page 2: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/2.jpg)
![Page 4: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/4.jpg)
4
• We are all IT people. IT people google stuff. When I ask a question, if you don’t know the answer, google it and share what you find. (What alternatives to google do you guys use?)
• I don’t know everything, but I try to act as if I do by attempting to portray modest confidence (does that even make sense?). Fact check what I say. If I am wrong, please correct me and let’s discuss. Please try to change my point of view.
• The true wise person has more questions than answers. Ask in this forum, get us all talking.
• Please, please, pretty please don’t allow me to talk at you for hours on a Saturday. Let’s talk about stuff and learn from each other.
• If you are non‐technical and have a different point of view, share it. We can all benefit from your perspective.
• Take notes of things you DON’T know or completely confuse you, then research those things.
• There will be areas of this domain that I just… don’t know well. Yet, I passed the exam.
![Page 5: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/5.jpg)
5
• Pearson Vue near LV Blvd & D.I.• Did not allow studying in the waiting room• Had me put all of my belongings in a locker• I’m really not sure how it would have worked if I needed to go to the
restroom• Computer‐based exam• Kiosk‐type screen• Eraseable dry erase notepad with dry erase marker• Could exchange the notepad for a new one, but only have one at a time• The test program had a built‐in calculator and a note section for each
question• There was a clock in the room, and an attendant who could see every
screen• There was a camera above that I guess could see everything I did• There were headphones for noise‐cancelation• Questions were multiple choice• Some questions were grouped together… i.e. 2‐3 question for one
scenario• They didn’t tell me whether or not I passed, just handed me a sheet,
and the sheet had the results. No score, just “pass”.
![Page 6: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/6.jpg)
The communication and network security domain encompasses the network architecture, transmission methods, transport protocols, control devices, and the security measures used to maintain the confidentiality, integrity and availability of information transmitted over both private and public communication networks
![Page 7: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/7.jpg)
• Upon completion of this review class– OSI & TCP/IP models– Network topologies– Basic Protocols– IP addressing & NAT– Firewall architectures– Wireless– Endpoint security– Network Attacks– Cryptology (SSL/TLS)
![Page 8: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/8.jpg)
• Structures– Personal Area Network– Wireless Personal Area network– Local Area Network– Metropolitan Area Network– Campus Area Network– Wide Area Network– Internet– Intranet– Extranet
![Page 9: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/9.jpg)
• Network Components– Servers, Mainframes– File Servers– Workstations– Network Interface card– Network Operating Systems (NOS)– Hub/Concentrator/Repeater, Bridges, Switches (Layer 2, 3,
4), Routers– Physical cabling– Wireless
![Page 10: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/10.jpg)
OSI and TCP/IP models Networking: Cables, Topology, LAN, WAN Remote Access, Wireless, Endpoint Firewall, NAT, VPN Disaster Prep, Security Issues LAB
![Page 11: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/11.jpg)
9
• Open System Interconnect (OSI)–7 Layers (4 Layers TCP/IP)–Provides guidelines–Data transfer is done by interacting
with the layer above or below–Data Encapsulation
![Page 12: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/12.jpg)
• ProtocolA Protocol is a standard set of
rules that determine how systems will communicate across networks. Two different systems can communicate and understand each other because they use the same protocols in spite of their differences.
* SHON HARRIS
![Page 13: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/13.jpg)
RFC 1149: Frame Format The IP datagram is printed, on a small scroll of paper, in hexadecimal, with each octet separated by whitestuff and blackstuff. The scroll of paper is wrapped around one leg of the avian carrier. A band of duct tape is used to secure the datagram's edges. The bandwidth is limited to the leg length. The MTU is variable, and paradoxically, generally increases with increased carrier age. A typical MTU is 256 milligrams. Some datagram padding may be needed. Upon receipt, the duct tape is removed and the paper copy of the datagram is optically scanned into a electronically transmittable form.
www.faqs.org/rfcs/rfc1149.html April 1, 1990
![Page 14: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/14.jpg)
aka Transport
http://tools.ietf.org/html/rfc1122
aka Link Layer
![Page 15: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/15.jpg)
13
![Page 16: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/16.jpg)
Reference: Miller, Lawrence, (2012), CISSP for Dummies, Wiley
![Page 17: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/17.jpg)
![Page 18: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/18.jpg)
• Examples of Layers– Application -WWW, FTP, TFTP, LPD, SMTP,
DNS– Presentation –HTTP, TIFF, JPEG, MPEG– Session –NFS, SQL, RPC– Transport –TCP, UDP, SPX– Network –IP, ICMP, RIP, OSPF– Data Link –ARP, SLIP, PPP,– Physical –EIA/TIA, X.21, High-Speed Serial
Interface (HSSI)
![Page 19: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/19.jpg)
* http://www.tcpipguide.com/free/t_TCPIPProtocols.htm
![Page 20: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/20.jpg)
• Application Layer– Similar to top three layers of OSI model
• Host-to-Host Layer (aka Transport)– TCP, UDP
• Internet Layer– IP, ARP, RARP, ICMP
• Network Access Layer (aka Link Layer)– Equivalent to OSI’s data and physical
layers
![Page 21: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/21.jpg)
• TCP (SURF PA)– Reliable– connection-oriented, full-duplex, virtual
circuit (3 way handshake)– Very costly and slower due to network
SA.ORG CISSP Training 21
![Page 22: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/22.jpg)
SV‐ISSA.ORG CISSPTraining 22
• UDP– “Best Effort” delivery
(unreliable).–Connectionless, no
sequence, no virtual circuit, does not contact destination before delivery data
–Faster than TCP due to low overhead
What’s the best part of a UDP joke?
![Page 23: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/23.jpg)
• TCP vs. UDP
![Page 24: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/24.jpg)
25
Layer Data
Application Data stream
Presentation Data stream
Session Data stream
Transport Segment (TCP) Datagram (UDP)
Network Packet
Data Link Frame
Physical Bits
![Page 25: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/25.jpg)
• Internet Layer Protocols– Internet Protocol (IP)
• Defines Packet (basic unit of transmission in the internet)• Logical ID called IP address (32 bit –IPv4, 128 bit –IPv6)
– Address Resolution Protocol (ARP)• Have IP address, want Ethernet (MAC) address
– Reverse Address Resolution Protocol (RARP)• Have MAC address, want IP address• Sometimes used to boot diskless machines onto the network
![Page 26: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/26.jpg)
• Other Protocols– Telnet– FTP– TFTP– SMTP– LPD– SNMP– BOOTP
![Page 27: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/27.jpg)
Dynamic Host Configuration Protocol• Distributes network config parameters such as IP
Address and DNS Servers
• Manages pool of addresses
• Extension to bootp
• DORA – discovery, offer, request, acknowledgement
• UDP 67 on server, UDP 68 on client
![Page 28: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/28.jpg)
• Maps domain names like example.com to ipaddresses like 192.168.1.3
• Hierarchical, TLD down
• UDP 53, TCP 53
• Caches results
• Many record types A, CNAME, MX, NS, PTR,TXT
Are all these record types handled by the same entity?Hint: PTR
SB1
![Page 29: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/29.jpg)
Slide 28
SB1 Steve Bonilla, 2/12/2017
![Page 30: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/30.jpg)
••
• SCADA Supervisory Control and Data AcquisitionNetwork Attacks, Vendor Backdoors, Modems
Modbus, Fieldbus ICS protocols, not designed with security.
![Page 31: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/31.jpg)
• Block storage data mng, Remote mng Biz centric data
• iSCSI Internet SCSI• Storage Consolidation
• Disaster Recovery
• FCIP Internet FC Protocol (iFCP)
• FCoE (10GbE) supports Data Center Bridging (DCB) protocols, layer 2, FC frames encapsulated in ethernet
![Page 32: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/32.jpg)
• Internet Layer Protocols– Internet Protocol (IP)
• Defines Packet (basic unit of transmission in the internet)• Logical ID called IP address (32 bit –IPv4, 128 bit –IPv6)
– Address Resolution Protocol (ARP)• Have IP address, want Ethernet (MAC) address
– Reverse Address Resolution Protocol (RARP)• Have MAC address, want IP address• Sometimes used to boot diskless machines onto the network
![Page 33: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/33.jpg)
• Security Focused– At Application layer
• Secure Electronic Transaction (SET)– By VISA and MasterCard
• Secure HTTPS (tcp port 443)
– At Transport Layer• Secure Socket Layer (SSL,TLS)• Secure Shell (SSH-2)
![Page 34: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/34.jpg)
OSI and TCP/IP models Networking: Cables, Topology, LAN, WAN Remote Access, Wireless, Endpoint Firewall, NAT, VPN Disaster Prep, Security Issues LAB
![Page 35: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/35.jpg)
• Types– Twisted Pair, Coaxial, Fiber Optic– Avoid excess lengths, why?
• UTP Category– Cat 1 –Used for phone NOT suitable for data– Cat 2 –Can handle up to 4 Mbps– Cat 3 –10BaseT networks, up to 10 Mbps– Cat 4 –Used in Token Rings, up to 16 Mbps– Cat 5 –Up to 100 Mbps– Cat 5e –Up to 1 Gbps– Cat 6 –Up to 1 Gbps
![Page 36: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/36.jpg)
• Coaxial Cable (Coax)Resistance50 Ohm for digital signaling, 75 Ohm for analog & high-speed digital signaling
Thinnet (10Base2) and Thicknet (10Base5) Transmission methodsBaseband (one Single channel)Broadband (several channels such as data, voice, video)
![Page 37: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/37.jpg)
• Fiber Optic Cable– Modulated light transmission– Higher speeds and greater
distances due to less attenuation– Difficult to tap due to high
resistance to Electro Magnetic Interference
– Most expensive to install andneed expertise to terminate
![Page 38: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/38.jpg)
• Emanations Security (EMSEC)
• Signals moving through a wire creates a magnetic field
Research• Tempest project from 1960s and 1970s. and standards on EMSEC
• Shielding• Faraday Cage – box or room encompassed with
metal sheathing
• Use of white noise to mask emanations
![Page 39: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/39.jpg)
Wireless No protection
UTP Benefit from twisting
STP Additional Benefit from shielding
Coax Grounded shielding provides
Fiber optics Signal carried by photons, not electrons, no emanationsconcern
Emanation protection, lowest to highest
![Page 40: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/40.jpg)
–Carrier Sense Multiple Access (CSMA)• CSMA/CA (Appletalk) nodes attempt to avoid collisions by transmitting only when the channel is sensed to be "idle".
• CSMA/CD (Ethernet Standard) uses a carrier sensing scheme in which a transmitting station detects collisions by sensing transmissions from other stations while transmitting a frame. When this collision condition is detected, the station stops transmitting that frame, transmits a jam signal, and then waits for a random time interval before trying to resend the frame.
![Page 41: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/41.jpg)
–Polling• Mostly used in Mainframe environments• In electronic communication, 'polling' is the
continuous checking of other programs or devices by one progam or device to see what state they are in, usually to see whether they are still connected or want to communicate.
– Token-Passing• Used in Token Ring, FDDI, ARCnet
![Page 42: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/42.jpg)
Transmission Methods– Unicast
• Packet is sent from single source to single destination
– Anycast• Packet is sent to nearest node of many
– Multicast• Packet is copied and sent to specific multiple destinations
For TCP/IP reserved multicast addresses are 224.0.0.1 to239.255.255.255
– Broadcast• Packet is copied and sent to all nodes on the network
![Page 43: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/43.jpg)
• Topologies– Bus– Tree– Ring– Star– Mesh
• Physical vs Logical
![Page 44: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/44.jpg)
![Page 45: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/45.jpg)
Media Access Methods– AppleTalk
• CSMA/CA
– Ethernet• CSMA/CD• Thinnet (10Base2, up to 185 meters)• Thicknet (10Base5, up to 500 meters)• UTP (10BaseT, 100BaseTX, 1000BaseT, all 100 meters)
– ARCnet• Provides predictable network performance
– Token Ring• IBM
– FDDI• Dual counter rotating rings
![Page 46: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/46.jpg)
• Devices–Repeater–Hubs–Bridges–Switches–Routers–Gateways
![Page 47: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/47.jpg)
Defines what is local and what is forwarded to gateway
255.255.255.0 aka11111111 1111111111111111 00000000 aka 192.168.1.0/24means if the first three numbers (octets) are the same, then it is on the same network (subnet, vlan)
![Page 48: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/48.jpg)
–Private Circuit• Dedicated analog or Digital point-to-point• Leased Line
– Type and speeds» Digital Signal 0 (DS-0) 64 kbps» DS-1 1.544 Mbps (T1, US), 2.108 Mbps (E1)» DS-3 44.736 (T3)» E3 34.368 Mbps
![Page 49: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/49.jpg)
• ISDN– Combination of digital telephony and data
transport services (data, music, video etc)• xDSL
– Uses existing twisted pair telephone lines• –ADSL (Asymmetric)
– Usually downstream speed is more than upstream• –SDSL (Symmetric)• –HDSL (High Rate)
– 1.544 Mbps each way over two copper twisted pairs• –VDSL (Very High Data Rate)
– Downstream 13 to 52 Mbps, Upstream 1.5 to 2.3 Mbps
![Page 50: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/50.jpg)
• Packet Switched Technologies– More cost effective– X.25
• First packet switching network• Defines communication between Data Terminal
Equipment (DTE), Data Circuit Equipment (DCE usually a modem) or a Channel Service Unit/Data Service Unit (CSU/DSU)
• Supports both Switched Virtual Circuits (SVC) andPermanent Virtual Circuits (PVC)
![Page 51: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/51.jpg)
• Frame Relay– High-performance packet switched, WAN protocol– Data Link Connection Identifiers (DLCIs) for addressing– Uses Permanent Virtual Circuits (PVC) and– Switched Virtual Circuits (SVC) (active only when in use)
• ATM– High-bandwidth, low delay– Uses fixed size (53 byte) cells instead of frames like Ethernet
• Wireless– Satellite, Microwave
![Page 52: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/52.jpg)
• SDLC (Synchronous Data Link Control)– Created by IBM for easier connection
between mainframes and remote offices– Based on dedicated, leased with
permanent physical connections• HDLC (High-Level Data Link Control)
– Based on SDLC– Created by ISO to support point-to-point
and multi-point configurations
![Page 53: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/53.jpg)
• MPLS – Multiprotocol Label Switching– Used MPLS cloud network– Packets assigned labels,
forwarded based on label– MPLS operates between
OSI layer 2 and 3– Much cheaper than
dedicated leased lines
![Page 54: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/54.jpg)
• Devices– Routers– Multiplexers
• Enables more than one signal to be sent out simultaneously over one physical circuit
– WAN Switches• Multiport networking devices that are used in carrier networks
– Access Servers• Provides dial-in and dial-out connections to the network
– Modems• A Device that converts digital to analog signals and analog to
digital signals
![Page 55: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/55.jpg)
What type of switching is this?
![Page 56: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/56.jpg)
• Staticip route 172.31.10.0 255.255.255.0 10.10.10.2
• Dynamic routing protocols• Distance Vector• Link State
![Page 57: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/57.jpg)
•
••
••
•
RIP - Routing Information Protocol, DV, hop count, regular updates
RIP v2 – DV, Added VLSM and CIDR
IGRP – Interior Gateway Routing Protocol, DV Cisco Proprietary
EIGRP – Enhanced IGRP, DV, improved performance
OSPF – Open Shortest Path First, LS, medium to largenetworks, event driven updates, divides network in toAutonomous Systems (AS) or areas
BGP – BorderGateway Protocol – LS, very large network, e.g.Internet uses Autonomous Systems (AS)
![Page 58: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/58.jpg)
VOIP – Voice over IP
IPT – Internet Protocol Telephony• Protocols Used
• RTP Real –time Transport Protocol
• SIP Session Initiation Protocol
• H.323
• SRTP Secure Real-time Transport Protocol
• Considerations• Lose redundant communication (separate phone line)
• Open to Network Attacks (sniffing, DOS, etc)
• Lower cost
• Integrated Services (voice mail, email, directories)
![Page 59: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/59.jpg)
SDN App
SDN Controller
SDN Datapath
SDN Control to Data-Plane Interface (CDPI)
SDN Northbound Interface (NBI)
https://www.opennetworking.org/sdn-resources/sdn-definition
![Page 60: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/60.jpg)
A variety of algorithms are used to route the request. These include Global Server Load Balancing, DNS-based request routing, Dynamic metafile generation, HTML rewriting, and anycasting.
"NCDN - CDN" by Kanoha - Own work. Licensed under CC BY-SA 3.0 viaWikimedia Commons - http://commons wikimedia org/wiki/File:NCDN -
![Page 61: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/61.jpg)
OSI and TCP/IP models Networking: Cables, Topology, LAN, WAN Remote Access, Wireless, Endpoint Firewall, NAT, VPN Disaster Prep, Security Issues LAB
![Page 62: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/62.jpg)
• Types– Asynchronous Dial-Up access– ISDN
• Two Interface types– –BRI (Basic Rate Interface)
» Two 64K B channels and one 16K D channel– –PRI (Primary Rate Interface) T1 total speed
» 23 64K B channels for voice or data and One 64 kbps D channel
– Cable modem– xDSL
![Page 63: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/63.jpg)
• Security Methods– Restricted Address– Caller ID– Callback
• Protocols– Password Authentication Protocol (PAP)
• Uses Static replayable password• No encryption of userid and password
– Challenge Handshake Authentication Protocol (CHAP)
• Uses non-replayable challenge/response dialog• Used for network-to-network communications
![Page 64: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/64.jpg)
• Authentication Systems– Must provide Authentication, Authorization
and Accountability– Types
• Remote Authentication Dial-in User Server (RADIUS) (UDP)
• Terminal Access Controller Access Control System (TACACS)
• TACACS+ (Cisco, TCP 49)• DIAMETER (Telecom industry)
![Page 65: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/65.jpg)
• Virtual Machine for Desktop• Users access with Thin Client• Desktops can be persistent or transient• Can be paired with BYOD
![Page 66: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/66.jpg)
• Remote Desktop – RDP Microsoft• VNC – Virtual Network Computing• GoToMyPC• LogMeIn• TeamViewer
![Page 67: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/67.jpg)
• Citrix XenApp (MetaFrame)• Program on endpoint• Publish apps from server
• Microsoft App-V (SoftGrid)• Program on endpoint• Sandboxes each app• Stream apps from server
![Page 68: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/68.jpg)
• Spread-Spectrum Technologies– Direct-Sequence Spread Spectrum (DSSS)
• Wideband• Spreads the signal over a wide frequency band
– Frequency-Hopping Spread Spectrum (FHSS)• Narrowband• Changes frequency in a known pattern• Spreads the signal by operating on one frequency for a short
period of time and then hopping to another.
– Orthogonal Frequency-Division Multiplexing (OFDM)
• Newer, allows simultaneous transmission using non interfering frequencies.
![Page 69: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/69.jpg)
• Standards– Bluetooth
• short distance, 2.4 GHz, Less than 1 Mbps, FHSS
– IEEE 802.11 (WLANs)• 802.11, 2.4 GHz, 2 Mbps• 802.11a, 5 GHz range, 54 Mbps,• 802.11b, 2.4 GHz, 11 Mbps, DSSS• 802.11g, 2.4 GHz, 54 Mbps, backward compatible with 802.11b• 802.11n, 2.4/5 GHz, 144Mbps, MIMO, 4 transmitters/receivers• 802.11ac, up to 8 transmitters/receivers
– IEEE 802.16 (WiMAX)• Associated with Wireless local loop (WLL)
![Page 70: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/70.jpg)
• Operational Modes– Ad Hoc Mode, Infrastructure
• WAP (Wireless Application Protocol)– Developed as a set of technologies related
to HTML for handhelds– Uses less resources and is simpler than
TCP/IP– Gateway gets full page and provides WAP
version
![Page 71: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/71.jpg)
• WEP (Wired Equivalent Privacy)Encryption
• WPA WiFi Protected Access–Uses RC4 and TKIP (temporal key
integrity protocol). No hardware upgrade required.
–WPA2–Uses AES encryption
![Page 72: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/72.jpg)
• Anti Virus – Core functionality is signature based detection of malicious files.
• HIDS/HIPS – Create a database of file hashes, monitor forchanges
• Application Whitelisting• Known good hash
• Signed by Trusted CA
• Trusted path and filename
• Trusted Install
• Removable Media Controls
• Endpoint encryption
![Page 73: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/73.jpg)
OSI and TCP/IP models Networking: Cables, Topology, LAN, WAN Remote Access, Wireless, Endpoint Firewall, NAT, VPN Disaster Prep, Security Issues LAB
![Page 74: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/74.jpg)
– Packet filtering (Static Filtering)• Inspects both source and destination
– Stateful Inspection (Dynamic Filtering)• Maintains a “State” table
– Proxy• Separate connections for client and server• Application (Application)• Circuit level (Session {layer 5}) SOCKS (socksify apps)
– Next Generation• Define policy based on users, not IP address• Define policy based on application, not port
![Page 75: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/75.jpg)
• Architectures• Bastion host• Screened host• Dual-homed host• DMZ/Screened-subnet
– 2 firewalls– 1 firewall (3 legged)
![Page 76: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/76.jpg)
• Very important concept in datanetworking
• Typically converts a private (aka RFC 1918, aka non-routable) address into real “ip address”– 10.0.0.0 –10.255.255.255– 172.16.0.0 –172.31.255.255– 192.168.0.0 –192.168.255.255
![Page 77: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/77.jpg)
Class First Oc Mask # Networks # Hosts/net
A 1-126 /8 126 16,777,216
127 /8 Loop back
B 128-191 /16 16,384 65,535
C 192-223 /24 2,097,152 256
D 224-239 N/A N/A N/A
E 240-255 N/A N/A N/A
![Page 78: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/78.jpg)
SV-ISSA.ORG CISSP Training 79
![Page 79: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/79.jpg)
Enabled by default in modern Operating Systems•
• Example:IPv6 address (128bits) 8 groups of 4 hex digits
2001:0db8:85a3:0000:0000:8a2e:0370:7334
• DNS uses AAAA record for IPv6 instead of A for IPv4C:\>nslookup
> set type=a> google.com
Non-authoritative answer: Name: google.com Addresses: 74.125.224.100
74.125.224.9874.125.224.105
C:\>nslookup
> set type=aaaa> google.com
Non-authoritative answer: Name: google.comAddress: 2001:4860:4001:803::1006
IPv4, 2^32 = 4.2e+9
IPv6, 2^128 = 3.4e+38
![Page 80: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/80.jpg)
• Secure communication link– Using software or hardware agents– User or node authentication– Key or certificate exchange– Encrypted connection
• Client VPN– Initiated by host to VPN device
• Site-to-Site VPN– Initiated between two similar
devices (routers)
![Page 81: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/81.jpg)
• SLIP (1988)Supports TCP/IP over low-speed serial interfaces in
Berkeley Unix computersNT computers can communicate with remote computers
using TCP/IP and SLIP• PPPUsed for transmitting data over dial-up and dedicated
networksImprovement over SLIP (Login, Password and error
correction)Uses CHAP and PAP
![Page 82: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/82.jpg)
• Common protocols– Point-to-Point Tunneling Protocol (PPTP)
• Tunnels PPP via IP• Uses native PPP authentication and encryption
– Layer 2 Forwarding (L2F)• Permits tunneling at Link layer• No encryption
![Page 83: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/83.jpg)
• Layer 2 Tunneling Protocol (L2TP)– Combination of L2F and PPTP– No encryption– Supports TACACS+ and RADIUS
• IPSec Protocol– Operates at Network Layer– Standard for encryption and authentication– Built into Ipv6
• SSL (TLS) VPN
– Clientless
– Network Client
![Page 84: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/84.jpg)
OSI and TCP/IP models Networking: Cables, Topology, LAN, WAN Remote Access, Wireless, Endpoint Firewall, NAT, VPN
Disaster Prep, Security Issues LAB
![Page 85: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/85.jpg)
• Single points of failure• Save configuration files• UPS• RAID• Redundant Servers• Clustering• Backups
– Tape Arrays, NAS, SAN, Online-backup
![Page 86: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/86.jpg)
Example: Shows redundancy in network components
![Page 87: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/87.jpg)
• Wireless–Detection, Eavesdropping,
Modification, Injection, Hijacking, War driving
• Traditional Voice Networks–PBX Private Branch Exchange–Modems
• War dialing
![Page 88: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/88.jpg)
• IP– IP fragmentation attacks
• Tiny fragment attack• Overlapping fragment attack
– IP address spoofing– Source routing– Smurf (icmp echo req to broadcast)– Fraggle (udp echo, port 7, broadcast)
Video!
![Page 89: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/89.jpg)
• IP– TCP SYN Flood– LAND Attack, spoof src IP to match dst– Teardrop Attack, multiple overlapping
fragments• DDOS Distributed Denial of Service
• Victim is attacked from multiple sources, for example an attacker controlled botnet
![Page 90: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/90.jpg)
• TCP– TCP sequence number attacks– Session hijacking
• UDP– Offers no error correction, no protection from lost or
duplicated packets– Easier to spoof since there is no session identifier
• ICMP– DoS (Ping of Death, 65,536 byte icmp request)– ICMP redirect (sent from router)
![Page 91: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/91.jpg)
• DNS–DNS Cache Poisoning–Brute force DNS mapping
• ARP–Poison the ARP table
![Page 92: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/92.jpg)
• IP Phones• Instant Messaging
• Peer to peer• Brokered commnications• Server oriented networks• Additional features, screen sharing, file transfer.• SPIM Spam over Instant Messaging
![Page 93: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/93.jpg)
Man In the Middle• Attacker can intercept communication
between two parties• Can alter communication, transaction• Man in the Browser – malware intercepts
browser communication
Video, Defeating SSL
![Page 94: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/94.jpg)
![Page 95: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/95.jpg)
• Any device connected to the external network– Step on e
• Map the target network using traceroute, ping, port scanning– Step two
• Analysis of the collected information– Step three
• Gain access to the target, social engineering– Step four
• Escalate privileges– Step five
• Complete the attack by installing backdoor mechanisms, create accounts, close the vulnerability so that no one can detect, erase the traces
![Page 96: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/96.jpg)
Hash aka Message Digest (md5, sha1)
MAC Message authentication Code
HMAC Hash based MAC
Symmetric (DES, AES)
Asymmetric (RSA)
SSL/TLS
Certificates, Certificate Authority
![Page 97: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/97.jpg)
Arbitrary size to fixed size
One Way
Small input change>large output change
Infeasible to find two messages w/ same hash
The quick brown fox jumped over the lazy dog.
5C6FFBDD40D9556B73A21E63C3E0E904
The quick brown fox jumped over the lazy dog!
EFC05C070367008ABB43 88B189AC2B1E
Full Text of War and Peace 4002D081551035B03E4979B0C94A08D8
![Page 98: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/98.jpg)
![Page 99: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/99.jpg)
Symmetric Asymmetric
Number of Keys One Key Two Key
Names Public Key Crypto
Key Names ‘The Key’ Public, Private
Speed Faster Slower
Key Size Smaller Larger
![Page 100: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/100.jpg)
SSL
https://www.sslshopper.com/ssl-details.html
![Page 101: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/101.jpg)
![Page 102: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/102.jpg)
Hernandez, Steven (2012) Official (ISC)2guide to the cissp exam 3rd Edition. (ISC)2 Press LLC
Harris, S. (2012) All in one cissp certification exam guide, 6th ed.McGraw-Hill/Osborne
Conrad, Eric (2012) CISSP Study Guide. 2nd ed. Syngress
Miller, David R. (2013) CISSP Training Kit, O’Reilly/Microsoft Press
Miller, Lawrence C. (2012) CISSP for Dummies, Wiley
![Page 103: LVISSA CISSP Course Winter 2017 Domain 4 - to sharelvissa.org/mentor_slides/LVISSA CISSP Course Winter 2017 Domain 4... · RFC 1149: Frame Format The IP datagram is printed, on a](https://reader033.fdocuments.in/reader033/viewer/2022042201/5ea1e97e146eeb6196678bea/html5/thumbnails/103.jpg)
121
Q & A