CREST CPSA - Appendix B: Core Technical Skills Questions and Answers with complete solution

B1 IP Protocols - ️️B1 IP Protocols B1 (1) What are IP protocols? - ️️IP protocols are the set of rules and standards that govern the communication of data over a network using the Internet Protocol. The most commonly used IP protocols include IPv4 and IPv6, TCP, UDP and ICMP. B1 (2) What is IPv4 and IPv6? - ️️IPv4 is the fourth version of the Internet Protocol, it provides a unique 32-bit address to identify a device on a network. IPv6 is the sixth version of the Internet Protocol, it provides a unique 128-bit address to identify a device on a network, it also includes additional features and capabilities than IPv4. B1 (3) What is TCP and UDP? - ️️TCP (Transmission Control Protocol) is a transport layer protocol that provides a reliable, ordered delivery of data over a network. It establishes a connection between two devices before transmitting data and ensures that all data is received correctly. UDP (User Datagram Protocol) is also a transport layer protocol but it does not establish a connection before transmitting data and does not guarantee the delivery of data. B1 (4) What is ICMP? - ️️ICMP (Internet Control Message Protocol) is a networklayer protocol that is used to send error messages and operational information about network conditions. It is used to diagnose and troubleshoot network issues, such as network congestion and errors in IP addresses. B1 (5) Why is it important to be aware that other IP protocols exist? - ️️Being aware that other IP protocols exist is important because it allows for a deeper understanding of how networks operate and how different protocols interact with each other. It also allows for more effective troubleshooting and diagnosis of network issues, as well as the ability to identify and address security vulnerabilities. Additionally, new protocols are being developed and introduced, being aware of them can help to future-proof the security of the network. B1 (6) What are the all the other IP protocols that are important for a penetration tester to be aware of? - ️️While IPv4, IPv6, TCP, UDP, and ICMP are the most commonly used IP protocols, there are other IP protocols that are important for a penetration tester to be aware of, including: 1.) ARP (Address Resolution Protocol) - a protocol used to map an IP address to a physical (MAC) address on a local network. 2.) DNS (Domain Name System) - a system used to map domain names (e.g. ) to IP addresses.3.) FTP (File Transfer Protocol) - a protocol used to transfer files between computers on a network. 4.) HTTP (Hypertext Transfer Protocol) - a protocol used to transfer data over the web. 5.) HTTPS (HTTP Secure) - an extension of HTTP that provides an encrypted connection between a web browser and a server. 6.) SMTP (Simple Mail Transfer Protocol) - a protocol used to transfer email messages between servers. 7.) SSH (Secure Shell) - a protocol used to securely access and manage remote systems. 8.) SNMP (Simple Network Management Protocol) - a protocol used to manage and monitor network devices. 9.) VPN (Virtual Private Network) - a protocol used to create a secure, encrypted connection between two devices over a public network. Penetration testers should be familiar with these protocols and understand how they work, as well as the potential vulnerabilities associated with them, in order to effectively identify and exploit weaknesses in a target network. B2 Network Architectures - ️️B2 Network Architectures B2 (1) What are the varying network types that could be encountered during a penetration test? - ️️Varying network types that could be encountered during a penetration test include CAT 5 / Fibre, 10/100/1000baseT, Token ring, and Wireless (802.11). B2 (2) What is CAT 5 / Fibre? - ️️CAT 5 (Category 5) and Fibre are types of cables used to connect devices on a network. CAT 5 cables are copper cables that support Ethernet and Fast Ethernet (10/100Mbps) networks, while Fibre optic cables are glass or plastic cables that support high-speed data transfer over longer distances. B2 (3) What is 10/100/1000baseT? - ️️10/100/1000baseT is a standard for Ethernet networks that defines the speed of data transfer. 10baseT supports a data transfer rate of 10Mbps, 100baseT supports a data transfer rate of 100Mbps and 1000baseT supports a data transfer rate of 1Gbps.