WGU - MSCSIA - C700 - Secure Network Design - 2023

WGU - MSCSIA - C700 - Secure Network Design - 2023 What happened September 15th 2016? - Brian Krebs, (KrepsOnSecurity) was DDoS'd with Mirai On what day was Brian Krebs attacked? - September 15th 2016 What was Mirai? - The Botnet that was used against Brian Krebs on September 15th 2016 It sent 620 Gbps of traffic Was over 2x the amount Akamai had ever encountered It used the IoT such as DVRs, security cameras and home routers What is the IoT? - Internet of Things Connected devices aka smart devices Smart TVs, Smart Thermostats, Smart Fridges, Smart Speakers etc What is Dyn? - A DNS hosting service that was hit by Mirai. It was used by Netflix, Tumblr, Amazon, Twitter, Spotify and Tumblr When did the internet first become commercial? - 1995 Prior to that the "Internet's Acceptable Use Policy" prohibited commercial use because it was supported by the National Science Foundation (NSF). In 1995 NSF pulled out and the internet became commercial What is an ISP? - Internet Service Provider What are hosts? - All computers connected to a network that participate directly in network communication are classified as hosts. Hosts are also called end devices. What is e-commerce? - Conducting business on the internet (buying/selling on the internet) What accounts for 33% of the internet's traffic? - Netflix What network came before the internet? - ARPNET When was the internet created? - Late 1970s Who sets standards for the internet? - Internet Engineering Task Force (IETF) But standards are optional Who controls internet addresses? - Internet Assigned Name Authority (IANA) Word/Phrase - Definition 2.4 GHz Unlicensed Service Band - Unlicensed frequency band around 2.4 GHz. Used for Wi-Fi, Bluetooth, and other services. 4-Pair Unshielded Twisted Pair (UTP) - The type of wiring typically used in Ethernet networks. 4-pair UTP contains eight copper wires organized as four pairs. Each wire is covered with dielectric insulation, and an outer jacket encloses and protects the four pairs. 5 GHz Unlicensed Service Band - Unlicensed radio band around 5 GHz. Used for Wi-Fi and other services. 64-bit modified extended unique identifier (EUI-64) - In most IPv6 addresses, the interface ID that specifies a particular device on a subnet is 64 bits long. Typically the 64-bit address is derived from a 48-bit EUI-48 address (formerly called a MAC address). If so, it is a modified extended unique identifier (EUI-64). 802 LAN/MAN Standards Committee - The IEEE committee responsible for Ethernet standards. 802.11ac - In W-Fi, the fastest physical transmission standard for sale today. 802.11ad - 802.11 physical layer standard in the 60 Ghz unlicensed band. Has a theoretical top speed of 7 Gbps. 802.11ax - Planned successor to the 802.11ac standard. Will be able to accommodate a substantial increase in density—the number of wireless hosts that can be served by an access point. 802.11ay - In the 60 GHz band, the Wi-Fi successor to 802.11ad. Adds MU-MIMO and other improvements, should raise the basic speed to 20 to 30 Gbps and is likely to allow bonding for even higher speeds. Under development. 802.11i - An advanced form of 802.11 wireless LAN security. 802.11n - Version of the 802.11 WLAN standard that uses MIMO and sometimes doubled bandwidth to achieve a rated speed of 100 Mbps or more and longer range than earlier speed standards. 802.1X Authentication Server - Authentication server used in 802.1X initial authentication mode. 802.1X Authenticator - In Wi-Fi transmission, the wireless access point. 802.1X Initial Authentication Mode - An initial authentication mode used in 802.11i. Requires the use of an authentication server. Called enterprise mode by the Wi-Fi Alliance. 802.1X Port-Based Network Access Control - In Ethernet, a standard for access control on switch ports. 802.3 MAC Layer Standard - The data link layer standard for Ethernet. 802.3 Working Group - Working group in the IEEE 802 LAN/MAN Standards Committee that creates Ethernet standards. Absorptive Attenuation - In wireless transmission, the attenuation of a signal but water along the way absorbing its signal power. In optical fiber, attenuation due to the absorption of signal strength as a signal propagates. Access Card - Small card with a magnetic stripe or microprocessor that gives you access to your computer or to a room. Access Control List (ACL) - An ordered list of pass/deny rules for a firewall or other device. Access Control - Limiting who may have access to each resource and limiting his or her permissions when using the resource. Access Link - In networks, a transmission line that connects a station to a switch. In telephony, the line used by the customer to reach the PSTN's central transport core. Acknowledgment (ACK) - An acknowledgment message, sent by the receiver when a message is received correctly. An acknowledgment frame, sent by the receiver whenever a frame is received; used in CSMA/CA+ACK in 802.11. Acknowledgment Number Field - In TCP, a header field that tells what TCP segment is being acknowledged in a segment. Ad-hoc wireless network - A self-organizing wireless network. ADSL Modem - Modem used in Asynchronous Digital Subscriber line service. Terminates the carrier's connection. Advanced Persistent Threat (APT) - Attack occurring over a long period of time. The user employs many advanced methods to get deeper and deeper into the target system. Advanced Research Projects Agency (ARPA) - An agency within the U.S. Department of Defense that funded the creation of the ARPANET and the Internet. Advertisement Message - Bluetooth LE clients periodically send this type of message to advertise their presence. Aggregate Throughput - Throughput shared by multiple users; individual users will get a fraction of this throughput. Agility - The ability to rapidly change how the network operates when conditions change. Alphanumeric - Strictly speaking, letters and numbers. However, often used to refer to all keyboard characters and, often, some control codes. Alternative States - In physical transmission, a change in a transmission medium that can signal one data pattern that represents a particular bit pattern. Different (alternative) states signal different bit patterns. Amazon Web Services (AWS) - A cloud service provided by Amazon. American Standard Code for Information Interchange (ASCII) - Code for representing all American keyboard characters plus some control codes. Amplitude - The maximum (or minimum) intensity of a wave. In sound, this corresponds to volume (loudness). Antenna - A physical structure that transmits radio signals. Antivirus (AV) Program - Program to remove malware from arriving messages and from the computer's disk drive. Application Architecture - The arrangement of how application layer functions are spread among computers to deliver service to users. Application Messages - A message sent from one networked application to another over a network. Application Program Interfaces (API) - A standardized interface between programs. Application-Aware Firewall - A firewall that can identify and manage the application that creates a stream of packets. Apps - Small applications created for mobile devices. ARP cache poisoning - Sending false information to a host to place in its ARP cache. This will cause it to send messages to a particular IP address to the wrong data link address and therefore the wrong destination host. ARP update - A command to tell a host to send messages to a particular IP address to a particular data link layer address. Useful if the data link address is the correct one. Causes the receiving host to send frames to the wrong host if the ARP update is false. ARPANET - A packet-switched network created by the Advanced Research Projects Agency. ASCII Code - A code for representing letters, numbers, and punctuation characters in 7-bit binary format. Asymmetric Digital Subscriber Line (ADSL) - The type of DSL designed to go into residential homes, offers high downstream speeds but limited upstream speeds. Asymmetric - Different in two directions. AT-101 - Created by the PCAOB (Public Company Accounting Oversight Board). SOC2 reports are based on AT-101 standard. Review reports from other companies to understand how partnering with them could introduce risk. Audit - Collecting data about events to examine actions after the fact. Authentication Header - In IPsec, a header that protects part or all of the packet with authentication. Authentication - The requirement that someone who requests to use a resource must prove his or her identity. Authoritative DNS Server - DNS server that manages host names for a particular domain. Authorizations - A rule that determines what an account owner can do to a particular resource (file or directory). Availability - The ability of a network to serve its users. Backward-Compatible - Able to work with all earlier versions of a standard or technology. Base Case - In a risk analysis, the case in which the organization does nothing. Baseline - The starting configuration for a system Baselining process - Understand the current state, identify anomalies, remediate/mitigate, update baseline Basic Printer Profile (BPP) - Bluetooth profile that allows a device to print wireless to a printer without needing to download a particular printer driver for that printer. Beacon - Bluetooth LE advertising message that transmits potentially useful information. Beamforming - In radio transmission, directing energy toward a wireless device without using a dish antenna. Binary Numbers - The base two counting system where 1s and 0s used in combination can represent whole numbers (integers). Biometrics - The use of bodily measurements to identify an applicant. Bits per Second (bps) - The measure of network transmission speed. Bluetooth Low Energy (LE) - New form of Bluetooth designed for low-energy devices such as Internet of Things devices. Bluetooth Profile - An application layer standard designed to allow devices to work together automatically, with little or no user intervention. Bluetooth Special Interest Group - The organization that creates Bluetooth standards. Bluetooth - A wireless networking standard created for personal area networks. Border Gateway Protocol (BGP) - The most common exterior routing protocol on the Internet. Recall that gateway is an old term for router. Border Router - A router that sits at the edge of a site to connect the site to the outside world through leased lines, PSDNs, and VPNs. Bot - A type of malware that can be upgraded remotely by an attacker to fix errors or to give the malware additional functionality. Botmaster - Attacker who control a botnet. Botnet - A large number of computers infected with bot malware. Breach - A successful attack. Broadband Channels - Strictly speaking, a radio channel with large bandwidth. This permits high-speed transmission. More broadly, the term is used for any fast transmission system. Broadband - Transmission where signals are sent in wide radio channels. Any high-speed transmission system. Cable Modem - Broadband data transmission service using cable television. The modem used in this service. Cable Modem Service - Asymmetrical cable data service offered by a cable television company. Cable Television - Form of television delivery that distributes signals to the home over coaxial cable. Cache - A limited amount of memory to hold data for a very short period of time until the device can deal with it. Caching - In general, storing very temporary information for retrieval. In routing, storing routing decisions for particular IP addresses that were very recently handled instead of going through the whole routing process again. Carriage Return - Takes the cursor back to the start of the current line. Carrier Ethernet - Ethernet service provided in a MAN or WAN by a carrier to user organizations. Carrier WAN - Wide area networking service offered by a carrier. Carrier - A transmission service company that has government rights of way. Cell - In cellular telephony, a small geographical region served by a cellsite. Cellphone - A cellular telephone, also called a mobile phone or mobile. Cellsite - In cellular telephony, equipment at a site near the middle of each cell, containing a transceiver and supervising each cellphone's operation. Certificate Authority (CA) - Organization that provides public key-private key pairs and digital certificates. Challenge Message - Message sent by a verifier to a supplicant. The supplicant is challenged to transform the message and return it. The transform will prove the supplicant's identity. Change management - The process of making sure changes are done in a controlled, documented fashion. Goal: to implement changes without increasing risk or decreasing security. Change request component of the change management process - Change approval, planned review, emergency procedures Channel Bandwidth - The range of frequencies in a channel; determined by subtracting the lowest frequency from the highest frequency. Channel Reuse - The ability to use each channel multiple times in different cells in the network. Channel - A small frequency range that is a subdivision of a service band. Cipher - An encryption method. Class 5 Switch - In telephony, the switch at the lowest level of the switching hierarchy. Subscribers connect to these switches. Classic Bluetooth - Early version of Bluetooth that operated at speeds of 2 to 3 Mbps. Clear Line of Sight - An unobstructed radio path between the sender and the receiver. Client Host - In client/server processing, a server program on a server host provides services to a client program on a client host. Client Program - Program that receives service from a server program on a server host. Client/Server Architecture - The form of client/server computing in which the work is done by programs on two machines. Clock Cycle - A period of time during which a transmission line's state is held constant. Cloud Service Provider (CSP) - A company that provides cloud computing services. Cloud - An image that indicates that the user does not need to know what goes on within the problem. A general name for services provided by companies over the Internet. Coaxial Cable - Copper transmission medium in which there is a central wire and a coaxial metal tube as the second connector. Co-channel Interference - In wireless transmission, interference between two devices transmitting simultaneous in the same channel. Coin Battery - Small round batter about the size of a coin. Produces little power but has a long battery life. Collision - When two simultaneous signals use the same shared transmission medium, the signals will add together and become scrambled (unintelligible). Command and Control Server - In a distributed denial of service attack, an intermediate server to which the botmaster sends commands. The command and control server sends commands to individual bots on compromised hosts. Command Line Interface (CLI) - Software interface in which the user types commands on a single line. Communication in both directions is limited to keyboard character. Command mode - In Cisco's Internet Operating System, an interaction mode in which the device gives the user a prompt and the user types a command. This is a primitive but efficient interaction mode that consumes few resources. However, commands usually have complex syntax. Components of the change management process - Change request, schedule change, implement change, document/sustain Comprehensive Security - Security in which all avenues of attack are closed off. Compression - Reducing the number of bits needed to be transmitted when the traffic has redundancy that can be removed. Compromise - A successful attack. Computing