108 Networks

108.1 Define the following devices and their uses:

  1. Host/Client - describes the relationship between two computer programs in which one program, the client, makes a service request from another program, the host, which fulfills the request.
  2. Application Server - Provides remote application services to clients who request it in a network environment.
  3. Hub - A LAN device that provides a centralized connection point for Ethernet cabling, repeating any received electrical signal through all other ports, thereby creating a logical bus.
  4. Switch - A multi-port bridge network device that is used to connect segments of a LAN or multiple LANs and to filter and forward packets among them based on the destination address of each Ethernet frame.
  5. Router - A device that connects two or more networks and allows packets to be transmitted and received between them. A router determines the best path for data packets from source to destination.
  6. WAP (Wireless Application Protocol) - Specific set of communication protocols to standardize the way wireless devices can be used to access networks and the Internet.
  7. Proxy Server - A server that acts as an intermediary for clients requesting resources from servers.
  8. Firewall - A computer or device that is designed to block unauthorized protocols while allowing authorized protocols to pass through.
  9. VPN Concentrator - Hardware device built specifically for creating remote access virtual private networks. They provide high availability, high performance and scalability to include components called scalable encryption processing (SEP) modules.
  10. Back-up - A redundant data store created by archiving pre-defined files and volumes for the purpose of storage retrieval.
  11. Repeater - A network device used to regenerate or replicate wired, wireless, or optical signals that are weakened or distorted by transmission over long distances and through areas with high levels of electromagnetic interference (EMI).

108.2 Define the following layers of routing and common devices associated with each:

  1. Access - This layer (known as the desktop layer) includes hubs/switches and focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.
  2. Distribution - This layer includes LAN-based routers and layer 3 switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.
  3. Core - This layer is considered the backbone of the network and includes the high-end switches and high-speed cables such as fiber cables. This layer of the network does not route traffic at the LAN. In addition, no packet manipulation is done by devices in this layer. Rather, this layer is concerned with speed and ensures reliable delivery of packets.
  4. Layer Hierarchy 1

    Layer Hierarchy 2

108.3 Explain the following network terminology:

  1. Topology (Bus/Star/Ring/Mesh)
    • Bus - A network architecture in which a set of clients are connected via a shared communications line/cables, called a bus.

      Bus


    • Star - A network architecture in which all clients are connected via a hub, switch, or computer from a central point. Most common network type.

      Star


    • Ring - A network architecture in which all nodes are connected to other nodes, forming a ring.

      Ring


    • Mesh - A network architecture in which all nodes are connected directly to other nodes, forming a mesh.

      Mesh
  2. Local Area Network (LAN) - A computer network covering a small physical area (home, office, small group of buildings).
  3. Wide Area Network (WAN) - A computer network that covers a broad area (i.e. any network whose communications links cross metropolitan, reginal, or national boundaries).
  4. Metropolitan Area Network (MAN) - A large computer network that may span an entire city or large campus.
  5. Global Area Network (GAN) - A computer network that is composed of different interconnected computer networks and covers an unlimited geographic area.

108.4 Identify the functions, by layer, of the following models:

  1. Open Systems Interconnection (OSI) Model - is a conceptual model that characterizes and standardizes the internal functions of a communications system by partitioning it into abstraction layers.

    OSI Model

  2. TCP/IP Model - is the networking model and a set of communications protocols used for the Internet and similar networks. It is occasionally known as the DoD model due to the foundational influence of the ARPANET in the 1970s (operated by DARPA).

    TCP/IP Model

108.5 State the difference between IPv4 and IPv6.

  • The main reason for the redesign of the Internet Protocol version 4 IPv4, was the limitation on IP addresses.
  • IPv6 has a vastly larger address space in comparison to IPv4. This results from the use of a 128-bit address, whereas IPv4 uses only 32 bits.
  • IPv4 currently supports a maximum of approximately 4.3 billion unique IP addresses. IPv6 supports a theoretical maximum of 2 ^128 addresses.

108.6 Define the following and how they are used:

  1. NIPRNET - Non-classified Internet Protocol Router
    • This network provides access for unclassified combat support operation.
    • It is used to exchange sensitive but unclassified information between internal users as well as providing those users with internet access.
    • DOD owned and created by DISA.
  2. SIPRNET - Secret Internet Protocol Router
    • Secret level network that supports the DOD community, law enforcement agencies, Dept of Homeland Security and other Secret level entities.
    • It is deployed to every embassy and military command.
  3. JWICS - Joint Worldwide Intelligence Communications System
    • JWICS is operated by the Defense Intelligence Agency (DIA) as a secure global network designed to meet the requirements for TS/SCI multimedia intelligence communications worldwide.

108.7 Explain the following networks and where they are employed:

  1. DoDN (GIG) - Global Information Grid (GIG) defined as a Globally interconnected end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to the Warfighter, policy makers, and support personnel.
  2. DISN - Defense Information Systems Network is the DOD enterprise network for providing data, video, and voice services.
  3. NMCI - Navy/Marine Corps Intranet (NMCI) is a DON program where information Technology services have been outsourced to an outside contractor. Deployed throughout the Navy and Marine Corps.
  4. ONE-NET - Overseas Navy Enterprise Network is a Navy-wide initiative to install a common and secure IT infrastructure to OCONUS Navy locations. It is based on the NMCI architecture and is designed to be interoperable with IT-21, NMCI and the Global information Grid.
  5. IT-21 - An information transfer strategy that provides Network Connectivity capable of Voice, Data and Video for afloat units. It provides access to NIPRNET, SIPRNET and JWICS, and supports all tactical and non-tactical mission areas. IT-21 uses Commercial Off the Shelf (COTS) Technology to keep ships updated with the most modern equipment. The goal of IT-21 is to provide an integrated, coordinated, end-to-end warfighting capability.

108.8 Describe the following:

  1. Machine Language - Machine language is the “natural language” (instructions) of a particular computer, defined by the computer’s hardware design. Machine languages generally consist of strings of numbers (ultimately reduced to 1s and 0s) that instruct computers to perform their most elementary operations one at a time.
  2. Assembly Language - English-like abbreviations (abstractions) were designed to represent machine language instructions. These abbreviations formed the basis of assembly languages. Translator programs called assemblers were developed to convert assembly-language programs to machine language at computer speeds.
  3. High-Level Language - Computer usage increased rapidly with the advent of assembly languages, but programming in these languages still required many instructions to accomplish even the simplest tasks. To speed the programming process, high-level languages were developed in which single statements could be written to accomplish substantial tasks. The translator programs that convert high-level language programs into machine language are called compilers.
  4. Operating System - An operating system (OS) is software that controls a computer. It manages hardware, runs applications, provides an interface for users, and stores, retrieves, and manipulates files.
  5. Application - Any program designed to perform a specific function directly for the user or, in some cases, for another application.

108.9 Describe the following to include the risks associated:

  1. Virus - Malicious code written with an intention to damage the user’s computer. Viruses are parasitic and attach to other files or boot sectors.
  2. Worm - A malicious software application that is structured to spread through computer networks. These applications are self-propagating.
  3. Trojan - A program that seems to be useful or harmless but in fact contains hidden code embedded to take advantage of or damage the computer on which it’s run.
  4. Backdoor - A gap in the security of a computer system that’s purposely left open to permit access. Hackers may create backdoors to a system once it has been compromised.
  5. Phishing - Part of social engineering. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.

108.10 Describe function and risk associated with following activities:

  1. Network Enumeration - is a computing activity in which usernames, and info on groups, shares and services of networked computers are retrieved. This can expose vulnerabilities that lead to unauthorized access.
  2. Buffer Overflow - A situation where a program writes data beyond the buffer space allocated in memory. This can result in other valid memory being overwritten. Buffer overflows can occur as a consequence of bugs, improper configuration, and lack of bounds checking when receiving program input.
  3. SQL Injection - SQL injection is an attack in which malicioius code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution.
  4. Dictionary Attack - A method of breaking into a password-protected computer by systematically entering every word in the dictionary.
  5. Privilege Escalation - The act of exploiting a bug or design flaw in a software application to gain access to resources which normally would have been protected from an application or user.
  6. Brute Force Attack - A technique used to break an encryption or authentication system by trying all possibilities.
  7. Social Engineering - The practice of tricking a user into giving, or giving access, to sensitive information, thereby bypassing most or all protection.

108.11 Describe the functionality of PKI.

  • Public Key Infrastructure (PKI) - A system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity. The PKI creates digital certificates which map public keys to entities, securely stores these certificates in a central repository, and revokes them if needed.

108.12 State the purpose of DNS.

  • Domain Name System (DNS) - A hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates easily memorized domain names to the numerical IP addresses needed for the purpose of locating computer services and devices worldwide. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet.