Wireless Security:
The 2 different radio frequencies used for wireless communication
What is: 2.4 and 5
Explanation: 2.4 is used for long range but has slower transfer speeds while 5 has shorter ranges but faster transfer speeds.
The network device that sits between the Internet and a private network
What is: DMZ
Explanation: DMZ(Demilitarized Zone) is public facing device that acts as a buffer between internal and external networks.
The port DNS corresponds to:
What is: 53
Explanation: DNS, Domain Name System, corresponds to port 53 and translates human domain names into IP addresses.
Evan is a millionaire and needs to access his desktop from the Bahamas. What port can he use, and what does the port stand for?
What is 3389, RDP Remote Desktop Protocol
Explanation: RDP operates on port 3389 and is used for remote access connections.
The attack below:
There are 2 wifi networks in the airport: one named Official Airport wifi and the other named OFFICIAL_AIRPORT_WIFI.
What is: Evil Twin
Explanation: An Evil Twin attack is when an attacker creates a rogue access point with an SSID very similar to the real SSID. This is used to trick people into connecting to the AP, allowing the attackers to intercept and steal data
Network segmentation preventing lateral movement corresponds to the _______ part of the CIA network triad.
What is: Confidentiality
Explanation: This prevents unauthorized attackers from gaining access to the rest of the network.
The port number for the secure version of port 80:
What is: Port 443
Explanation: Port 80 corresponds to HTTP, and the secure version of that is port 443, which is HTTPS.
Joey is on vacation and notices that his laptop time automatically syncs up with the new time zone. What port number and protocol is responsible for this?
What is: NTP, Port 123
Explanation: NTP(Network Time Protocol) synchronizes computer clocks over networks, ensuring accurate, consistent time. It operates on port 123
Man in the middle attack with an access point installed by a malicious person to intercept data transfer answer
What is: Rogue AP
Explanation: A Rogue Access Point is an unauthorized wireless device, such as a router, that connects to a network without permission, allowing attackers to gain unauthorized access to the network
The device used to create VLAN’s on layer 2 of the OSI model
What is: Switch
Explanation: A switch creates VLANs to logically segment a physical network, separating them into different broadcast domains. It also operates on layer 2 of the OSI model.
The function of port 3389:
What is: remote access of a device over a network.
Explanation: RDP, Remote Desktop Protocol, is largely used for remote desktop connection through the network so you don't have to physically be at the device.
How should an admin fix the following line on an access control list to allow access over SSH:
Permit INBOUND TCP from admin_pc to server over port 25
What is: Permit INBOUND TCP from admin_pc to server over port 22
Explanation: The port number is wrong for the first instruction and should be changed to port 22 to allow SSH access.
The latest Wi-Fi security protocol and what makes it more secure
What is: WPA3 with AES
Explanation: WPA3(Wifi Protected Access 3) had stronger encryption and protection using AES(Advanced Encryption Standard).
The number of usable host addresses for an IP subnet of /23
Answer: 510
Explanation: To find the usable host addresses, subtract the CIDR prefix length from the max number 32. Then use that as the square over 2. Subtract 2 from that number to factor out the unusable network and broadcast address to get the final answer. 2^(32-23) - 2 = 510
The difference between IMAP and POP3:
What is: IMAP syncs emails across devices, allowing access anywhere, while POP3 downloads emails onto a single device.
Explanation: Both work with retrieving email, but IMAP keeps the emails on the server, while POP3 deletes them from the server.
A server admin examines a specific port and sees traffic being used to assign ip addresses to devices on a network. Which port is this type of traffic reserved for?
What is: 67/68
Explanation: Assigning an IP address is done by DHCP(Dynamic Host Configuration Protocol). It operates on port 67/68
Most common form of wi-fi security protocol that is used for Personal (PSK) for home use and Enterprise (802.1X) for organizations
What is: WPA2
Explanation: WPA2 has two versions built into it PSK(Personal) and Enterprise. PSK is the standard and uses a shared key/password for everyone. Enterprise uses a central RADIUS server to authenticate users with unique credentials rather than a shared key.
What is the network address for the ip address 192.12.147.189/27
What is: 192.12.147.160
Explanation: /27 has a subnet mask of 11111111.1111111.11111111.11100000, we see that only the last 8 digits of binary matter, converting 189 to binary is 10111101, performing a bitwise AND operation on the last 8 digits for the subnet mask and the ip address will give us the network IP address of 10100000 for the last 8 digits which is 160. So our network IP address is 192.12.147.160.
Sai is shopping for some new labubus, but because he was using a vulnerable port, port 23, his traffic, which included his credit card information, was sent unencrypted in plain text and intercepted by an attacker. What was the protocol he was using, and what port and protocol should he have used?
What is: Sai was using Telnet, port 23, and should’ve been using SSH, port 22.
Explanation: Using Telnet is not recommended because it transmits data in plain text without encryption. It is outdated and has been largely replaced by SSH, which is secure and transmits data with encryption.
What is the Broadcast address for the ip address of 99.158.44.64/25
What is: 99.158.64.127
Explanation: The CIDR is /25, so the subnet mask is 11111111.11111111.11111111.10000000. The last 1 is how big the ranges will be, and since there is a 1 in the last quadrant, we only need to look at the last number of the IP address when determining the broadcast address. The last 1 represents the bit 128, so the range is 128. The first range starts at 0, so it ends at 127. The next range is 128 to 255. The last number of the IP address given is 64, which falls in the first range, so the broadcast address, the last address in the range, will be 99.158.64.127
A firewall blocks UDP port 53 but allows TCP port 53. Users report that websites randomly start failing. Which protocol and its behavior explain the problem, and which part of the CIA triad is affected?
What is: DNS, which relies on UDP and fast data transfer, but is blocked. Affects Availability.
Explanation: Having allowed TCP and blocked UDP, the firewall disrupts the port, which usually automatically relies on UDP for fast data transmission. As for the CIA Triad, Availability is most affected because people can’t access the website when the firewall blocks them.