ACL
List at least 4 issues with the following ACL: Permit OUTBOUND All from Any to Any on Any
What is: No restrictions on ports, too general, no restrictions on protocol, no restrictions on destination, no restrictions on sender. Other valid answers are possible.
A hospital has a waiter in its cafeteria. However, in the yearly appraisal they started asking for too much hourly pay. So the management decided to automate the job and bid the waiter farewell. The requirements for the automatic system that is connected to the network is reliable to ensure that the food actually reaches the correct person. Which protocol would the hospital be better off using?
TCP, because it is reliable.
what does dns do and what is a consequence if it fails?
domain name system, makes it so that you are able to resolve addresses and not search anything up
Thierry bought a brand new Laptop, perfect for reading intellectual literature VERY LATE into the night. However, he notices that outside is very sunny, but his Laptop shows that it's 3 AM, making Thierry very confused on the perfect hour. What does Thierry need to configure (if any)?
NTP, Network Time Protocol, unless he just put in the wrong timezone
What is the Typical rule structure for an ACL?
Answer: What is: Action + Direction + Protocol + Source + Destination + Port / Service
What would cause online games to degrade?
UDP blocked, because online games don’t require secure connections.
What does RDP do?
Remote Desktop Protocol, makes it so you are able to connect remotely to a graphical interface to control another desktop.
Joey REALLY wants a pink matcha labubu, however the only seller is Sai, a sketchy seller that only sells through his website Labubus and Lamborghini. What should Joey configure before he visits this exclusive?
HTTPS
Bobby works at Bobby enterprises, His connections are experiencing various inconsistencies, they are meant to allow traffic on secure web browsing to the server, while blocking unsecure web traffic to the server, the following is his ACL:
Deny outbound TCP from Internal_Network to Web_Server on Port 443
Allow outbound TCP from Internal_Network to Web_Server on Port 80
Deny all
What could be changed about the order, ports or possible rule structure to make this work as intended?
What is changing the port on deny to 80 and on the allow to 443.
A student is trying to access their email. What happens if the secure connection fails?
When TCP is blocked, the connection fails to establish or abruptly terminates, typically resulting in a connection timeout, a “Connection Refused” error, or a dropped session. This is because a connection and the packets can’t be transported.
What happens if SSH fails? Give an example of the error
the user is unable to establish a secure connection? Connection Timed Out
Rohan likes to communicate by writing one word on each sticky note and sticking them on the wall so that Evan can read them when he looks over at the wall. However, Evan forgets to look at the wall, so some sticky notes fall off from the wall, making it so that the note is pretty vague. What is this an example of?
UDP
What is wrong with the following ACL?:
Allow Inbound TCP from Internal_Network to Web_Server on Port 53
Allow outbound TCP from Internal_Network to Web_Server on Port 443
Deny all
The first rule is using Inbound instead of Outbound for the DNS protocol, and Is using TCP instead of TCP.
In what layer do we establish connections for TCP and UDP.
Transport
What is the difference between the two FTP protocols on port 20 and 21?
20 transfers files during active FTP, 21 is sending commands to the server
Junjie is downloading massive amounts of song files off the internet, and occasionally he (always) sends them to Dev, which makes him angry because it clogs up his computer but he doesn’t wanna break JunJie’s heart. Write a single ACL rule that Dev can implement to (subtly) block Junjie’s massive file transfers.
Deny Inbound TCP from JunJies_computer to Sai_Computer on port 21
The following ACL was made by a Hospital to secure their online workspace:
Allow outbound UDP from Internal_Network to External_Internet on Port 53
Allow outbound TCP from Internal_Network to External_Internet on Port 443
Deny outbound TCP from Internal_Network to External_Internet on Port 80
Allow Inbound TCP from Admin_Server to Internal_Network on port 22
Deny Inbound Any from Any to Internal_Network on Any
Deny all
It works as intended for the Hospitals Intended purposes, describing the function of at least 3 lines.
First line, allows DNS from the internal to external network to Translate Domain names . Second line, allows Https from the internal to external on specifically port 443. Third Line Denys any attempts from the inside to connect to port 80 to the outside internet. Line 4 allows the admin server to access the rest of the internal network on a secure port 22. Line 5, denies any other attempt to connect to the internal network that isn't from admin. Line 6 Implicit deny.
Explain the Three Way Handshake
SYN flag means Synchronize. Connection is established.
ACK flag means Acknowledgement; there was a successful receipt of a packet
FIN flag means Finish. Connection is terminated.
SEQ flag is the sequence number—the unique number assigned to each segment.
3 way handshake uses SYN, SYN/ACK, ACK flags between client and server. Sequence numbers keep track of the segments and are incremented every byte is se
what port is ICMP on?
It does not operate on a specific port
After playing Roblox for 25 hours, Hannah’s browser shows "Connection timed out." After installing Wireshark due to Sphoorthi’s request, she notices that it was not a TCP issue, but an error message from this other protocol.
ICMP
Ms. Castillo is working on inputting the grades of her favorite, Cyber class. Meanwhile Sai and Dev, indulging in their usual horseplay, decide to start hacking. When hacking, they accidentally stumble upon Ms. Castillo’s network and infiltrate it. What should Ms. Castillo has in her network in order to prevent any damage.
DMZ