Ans: It is a private network based on TCP/IP protocols accessible only by the company’s members or someone with authorization
Ans: Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.
Ans: VPN: Creating a secured tunnel of communication over internet to a remote host.
VLAN: Sub division of a network, generally done for mapping hosts of same department
Ans:
Ans: RIP stands for Routing Information Protocol, is a simple protocol used to exchange information between the routers.
Ans: Port blocking is stopping the source to not to access the destination node via ports as application works on the ports so ports are blocked to restricts the access filling up the security holes in the network infrastructure. blocking can be performed on the firewall & on a router itself via an ex. Acl.
Ans: Encoding: Basically encoding is used to protect the integrity of data as it crosses through communication network to keep its original message upon arriving. It is primarily an insecure function because it is easily reversible.
Encryption: Encryption is basically designed for confidentiality and data integrity and reversible only if you have the appropriate key
Hashing: With hashing the operation is one-way i.e. non-reversible. It takes an input (or ,message ) and returns a fixed-size string, which is called the hash value.
Ans:
Ans: Routed protocols are the protocols that used with mostly Application, Presentation layers .. etc in other words they deal with your os system and how your PC , Ip phone ... etc will receive the data.
Routing protocols are the protocols that are used by the routers to communicate with each others like OSOP, RIP , EIGRP , ISIS ... etc
Ans:
Ans: There are two types of errors:
Ans: Brute forcing is a mechanism which is used by an attacker to break the encryption of data by applying a set of various key. Cryptanalyst has a set of number of keys and apply them one by one to the encryption algorithm until he get the right key.
Example: http://www.abc.com/online/Displaymsg.asp?msgID=87951
Ans: The attacker is looking for the subnet/network mask of the victim. This would help the attacker to map the internal network.
Ans: RSA is a public key encryption algorithm. The RSA algorithms are based on the mathematical part that it is easy to find and multiply large prime numbers together, but it is extremely difficult to factor their product.For authentication: One can encrypt the hash (MD4/SHA) of the data with a private key. This is known as digital signature.
For Secrecy: Secrecy/confidentiality is achieved by encrypting the data with public key and decrypting with private key.
Ans: Port-Security feature can be used for the same. In a cam flooding attack, the attacker sends a storm of mac-addresses (frames) with different values. The goal of the attacker is to fill up the cam table. Port-Security can be used to limit the number of mac-addresses allowed on the port.
Ans: Basically Authentication Header protects IP header and provides the complete authenticity to the IP packets.AH may work in two ways: transport mode and tunnel mode.
In tunnel mode; AH protects the IP header using two IP header layers inner and outer. Inner IP header is used to contain the source and destination addresses, and the outer IP header is used to contain the security gateway information.
Ans: Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.
Ans: Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender
Ans: TCP
Ans: Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. The model is also sometimes referred to as the AIC triad (availability, integrity and confidentiality) to avoid confusion with the Central Intelligence Agency
Ans: A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS.
Ans: When a user initiates a connection with the FTP server, two TCP connections are established. The second TCP connection (FTP data connection) is initiated and established from the FTP server. When a firewall is between the FTP client and server, the firewall would block the connection initiated from the FTP server since it is a connection initiated from outside. To resolve this, Passive FTP can be used or the firewall rule can be modified to add the FTP server as trusted.
Ans: SID stands for Security Identifier and is an internal value used to uniquely identify a user or a group. A SID contain * User and group security descriptors * 48-bit ID authority * Revision level * Variable sub authority values
Ans: Administrator privileges allows the user full access to a program or network second only to the system account. If you don't have administrator privileges, you cannot do certain things You may be able use a program, but not upgrade it.
Ans: Sometimes-for example, if the user has a dynamic IP address, and their IP address changes within this system as usual, it can generally be tracked. If the user uses a proxy service to make their IP address appear as if it is located in some random other p
Ans: It was pretty simple- just passwords to protect one's computer. With the innovation of the internet, however, computers have increased security with firewalls and hundreds of anti-virus programs.