Its been a little while since I posted something and its kind of a slow day at work, waiting on images to finalize and so forth. I would say I’ve been personally busy but really I’ve kind of been taking a small break. Test prep is coming along though. I think I should be good to test nov-dec hopefullly. Honestly there are a lot more questions than I assumed. So I guess, maybe I could try to be more lively in this blog. Perhaps thats what was holding me up. Not really sure. So anyway, heres some questions!
I think I sort of understand this but not really. I mean, the question is purely definitional so lets do that.
- VLAN Hopping – The idea is obvious but I’m not really sure how it works. However there are two methods for doing this, 1. In a switch spoofing attack, an attacking host imitates a trunking switch by speaking the tagging and trunking protocols (e.g. Multiple VLAN Registration Protocol, IEEE 802.1Q, Dynamic Trunking Protocol) used in maintaining a VLAN. Traffic for multiple VLANs is then accessible to the attacking host. 2. In a double tagging attack, an attacker connected to an 802.1Q-enabled port prepends two VLAN tags to a frame that it transmits. The frame (externally tagged with VLAN ID that the attacker’s port is really a member of) is forwarded without the first tag because it is the native VLAN of a trunk interface. The second tag is then visible to the second switch that the frame encounters. This second VLAN tag indicates that the frame is destined for a target host on a second switch. The frame is then sent to the target host as though it originated on the target VLAN, effectively bypassing the network mechanisms that logically isolate VLANs from one another. However, possible replies are not forwarded to the attacking host (unidirectional flow).
- Session Hijacking – In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
Now that I’ve actually done the research instead of memorizing the answer, this seems to be a running joke, I kind of understand whats going on with these two things now though. Honestly, there is always so much to learn and its an on going process that I love.
- CSMA/CD – Short for Carrier Sense Multiple Access / Collision Detection, a set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision). Standard Ethernet networks use CSMA/CD to physically monitor the traffic on the line at participating stations.
- CSMA/CA – is a protocol for carrier transmission in 802.11 networks. Unlike CSMA/CD (Carrier Sense Multiple Access/Collision Detect) which deals with transmissions after a collision has occurred, CSMA/CA acts to prevent collisions before they happen.
- MPLS – Multiprotocol Label Switching (MPLS) is a protocol-agnostic routing technique designed to speed up and shape traffic flows across enterprise wide area and service provider networks.
- OSPF – is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.
Learning that CD stands for collision detection
Ok, so this one is actually hard. By layer 1, I’ve figured out that they mean physical stuff. So, that’s a plus I suppose. However I have no idea what some of this stuff is and the more I look at it the more it looks like its kind of subject to interpretation. The old armchair coaching thing.
- Pinout Tester – this is basically an RJ45 cable tester, helpful link rj45 testing
- OTDR – An Optical Time Domain Reflectometer (OTDR) is an important instrument used by organizations to certify the performance of new fiber optics links and detect problems with existing fiber links.
- OC – Optical Carrier (fiber)
There are a few things going on here that I don’t know what they are so lets start with the first thing that it seems like I should have figured out by now.
So its like a thing that sends signals but its like small. Cool! The question, not completely convinced that it makes sense how however fiber jumper (cable) would seem to be the issue if it works at the point it comes in and then not at the next point. Why it would need to be single mode is beyond me. Maybe in the future I’ll figure that out.
What the hell is SNMPv3, assuming a dashboard? Honestly, this is one of those amazingly specific things that its not necessarily questionable but probably really hard to know unless you have seen this specific scenario.
- Trap message – SNMP Traps are alert messages sent from a remote SNMP-enabled device to a central collector, the “SNMP manager”. A Trap might tell you that a device is overheating, for example.
- SNMPv3 – Simple Network Management Protocol version 3 (SNMPv3) is an interoperable, standards-based protocol that is defined in RFCs 3413 to 3415. This module discusses the security features provided in SNMPv3 and describes how to configure the security mechanism to handle SNMP packets.
- Management information base – so that answer (i realize I’m miss formatting this) looks like its sending an error to a generic repository
That’s all for this afternoon. Going to the gym later and then will probably go through some questions.