Chapter 10

B. Presentation: The Open Systems Interconnection Reference Model Explanation: Encryption is a function of the Presentation layer of the OSI model. This layer also includes file formats and character representations.

A. Wide area network (WAN): Wide Area Networks Explanation: WANs connect systems over a very large geographic area. The most common example of a WAN is the Internet.

A. Wi-Fi: Connectivity Options Explanation: Wi-Fi networks generally provide much faster connectivity than the cellular connections possible over 3G and 4G networks. DSL is a wired networking technology.

C. Fibre Channel over Ethernet (FCoE): Ethernet Networks Explanation: Fibre channel was originally used in supercomputers to connect storage devices but has since spread into common use across many types of computers. The FCoE protocol makes it even easier to connect fibre channel-capable devices to an Ethernet network.

D. Switch: LAN Devices: Hubs and Switches Explanation: Switches are a much better alternative to hubs. A switch performs the same basic function as a hub: connecting multiple systems to the network. However, switches have one major added feature: They can perform intelligent filtering based upon MAC addresses.

B. Hub: LAN Devices: Hubs and Switches Explanation: A hub creates a lot of network congestion by retransmitting everything it hears. This reduces the network bandwidth for all devices. The network would benefit by replacing the hub with a switch.

B. Virtual LAN (VLAN): Virtual LANs Explanation: VLANs create separate broadcast domains that isolate systems from each other. This can be used to both reduce network traffic and increase security.

C. 255: IP Addressing Explanation: Each of the four octets in an IPv4 address may contain any integer value between 0 and 255.

A. Dynamic Host Configuration Protocol (DHCP) IP Addressing Explanation: DHCP allows each computer to get its configuration information dynamically from the network instead of the network administrator providing the configuration information to the computer. DHCP provides a computer with an IPv4 address, subnet mask, and other essential communication information.

B. 25: Common Protocols Explanation: Inbound email uses the Simple Mail Transfer Protocol (SMTP), which relies upon connections over Transmission Control Protocol (TCP) port 25.

C. 443: Common Protocols Explanation: Encrypted web traffic uses the Hypertext Transport Protocol over TLS/SSL (HTTPS) protocol, which runs over Transmission Control Protocol (TCP) port 443.

D. 3389: Common Protocols Explanation: Windows Terminal Services uses the Remote Desktop Protocol (RDP) to communicate over TCP port 3389.

C. Smurf: Common Protocols Explanation: Smurf attacks use ICMP to create a denial of service attack against a network. They work by sending spoofed ICMP echo request packets to a broadcast address on a network, hoping that the hosts on that network will all respond.

D. Flood guard: Firewalls Explanation: Flood guard rules can limit traffic bandwidth from hosts, reducing the ability for any one host to flood a network.

B. Application proxying: Firewall Types Explanation: An application proxy firewall goes further than a stateful inspection firewall. It doesn't actually allow packets to travel directly between systems on opposite sides of the firewall. The firewall opens separate connections with each of the two communicating systems and then acts as a broker (or proxy) between the two.

C. Screened subnet: Firewall-Deployment Techniques Explanation: In a screened subnet approach, the firewall has three network cards. Two are set up identically to a border firewall, with one connected to the Internet and another connected to the private network. The third card connects to a special network known as the screened subnet, or DMZ.

B. Wireless network access: Unified Threat Management Explanation: UTM devices offer URL filtering, content inspection, and malware inspection.

D. VPN concentrator: Virtual Private Networks and Remote Access Explanation: VPNs require your gateway equipment to have a lot of processing power to handle encryption algorithms. You can offload this processing power to another device by using a dedicated VPN concentrator rather than having your router or firewall terminate the VPN.

A. Wired Equivalent Privacy (WEP): Wireless Encryption Explanation: Since its release, security analysts have discovered significant flaws in WEP that make it insecure. With software freely available on the Internet, it is simple to break the encryption on a WEP network in a matter of seconds. In fact, using WEP on a wireless network is probably worse than using no encryption at all because it provides a false sense of security.

C. Captive portal: Additional Wireless Security Techniques Explanation: A captive portal is a webpage that is displayed for all new connections. Your wireless device can redirect all traffic to the captive portal until the connection is authenticated. The most common use of a captive portal is to provide a logon page for your wireless network.