Networking Fundamentals
The 7-layer conceptual framework that standardizes network communication, including layers like Physical, Data Link, and Network.
What is the OSI Model?
This connection-oriented protocol uses a three-way handshake to guarantee reliable data delivery.
What is TCP?
This pillar of the CIA Triad ensures that data is trustworthy and has not been tampered with.
What is Integrity?
The Nmap switch used to perform a "ping scan" for host discovery only, without doing a port scan.
What is -sn?
The industry-standard command-line tool for network scanning and host discovery.
What is Nmap?
The permanent, 48-bit hardware address burned into a network card, used for communication on a local network.
What is a MAC Address?
The public name of a Wi-Fi network that you see when you try to connect your device.
What is an SSID?
A threat actor whose primary motivation is to promote a political or social cause, often through website defacement or DDoS attacks.
Who is a Hacktivist?
The process of actively querying a discovered service to get specific details like usernames or software versions.
What is Enumeration?
Common tool to lookup dns records from your primary DNS server.
What is nslookup?
The process of dividing a large IP network into smaller, more manageable networks for security and performance.
What is Subnetting?
The four-step process of Discover, Offer, Request, and Acknowledge used by this protocol to automatically assign IP addresses.
What is DHCP?
The first stage of the Cyber Kill Chain, focused on gathering information about a target without directly interacting with it.
What is Reconnaissance?
The unique identifier for a publicly known security flaw, such as CVE-2017-0144.
What is a CVE?
This tool is used to lookup domain registration and find contacts for technical and registry ownership.
What is Whois?
The three private IP address ranges are 10.0.0.0/8, 172.16.0.0/12, and this /16 range.
What is 192.168.0.0/16?
The most secure and modern Wi-Fi encryption standard.
What is WPA3?
The framework developed by MITRE that provides a detailed knowledge base of adversary tactics, techniques, and procedures.
What is the ATT&CK framework?
A type of vulnerability scan where the scanner has login credentials, allowing it to perform more accurate, in-depth checks.
What is an Authenticated (or Credentialed) Scan?
This command can be ran on your Windows machine to see current IP, Subnet, and Gateway information assigned to any networking device.
What is ipconfig?
The service, typically on a router, that translates between a single public IP address and many private IP addresses.
What is NAT (Network Address Translation)?
The type of DNS record that specifies the mail servers for a domain.
What is an MX record?
This type of threat actor is considered the most sophisticated and well-resourced, often using zero-day exploits for espionage or sabotage.
Who is a Nation-State Actor?
The Nmap switch that enables "aggressive" mode, turning on OS detection, version detection, script scanning, and traceroute.
What is -A?
The industry-leading commercial vulnerability scanner developed by Tenable.
What is Nessus?