COURSE 4 – NETWORK SECURITY & DATABASE VULNERABILITIES

Module 1: TCP/IP Framework 

IBM CYBERSECURITY ANALYST PROFESSIONAL CERTIFICATE

Complete Coursera Study Guide

Enroll in Coursera IBM Cybersecurity Analyst Professional Certificate Here

TABLE OF CONTENT

INTRODUCTION – TCP/IP Framework 

This module offers an introduction to the TCP/IP Framework, Ethernet, LAN Networks, and foundational concepts in routing and switching. Additionally, you’ll gain insights into address translation and grasp the fundamental distinctions between Intrusion Detection and Intrusion Prevention Systems. Lastly, you’ll explore the intricacies of network packets.

Learning Objectives

  • Describe the use of routing tables in network routing
  • Describe how address resolution protocol (ARP) tables are used
  • Describe how broadcasting domains are used
  • Distinguish between an IP address and a MAC address
  • Describe various network devices
  • Identify the ways to segment broadcast domains
  • Differentiate between collision and broadcast domains
  • Distinguish between the Layer 2 and Layer 3 addressing schemes
  • Describe how Ethernet networks work
  • Distinguish between static and dynamic IP address translation
  • Define network address translation (NAT)
  • Contrast intrusion detection systems (IDSs) and intrusion prevention systems (IPSs)
  • Contrast stateful and stateless inspection

INTRODUCTION TO THE TCP/IP PROTOCOL FRAMEWORK

1. Which four (4) factors does a stateless firewall look at to determine if a packet should be allowed pass?

  • if the packet belongs to an open session
  • the source IP address (CORRECT)
  • the destination port (CORRECT)
  • the service or protocol used (CORRECT)
  • the destination IP address (CORRECT)

Correct, this is one of the four factors.

2. Can a single firewall conduct both a stateless and stateful inspection?

  • Yes but not on the same packet. A decision is made which type of inspection will be most effective on a packet-by-packet bases.
  • Yes, the stateless inspection is conducted first and then a stateful inspection is done. (CORRECT)
  • No, the latency created by a double inspection is too great to be practical.
  • No, stateless and stateful firewalls are distinctly different and used for different purposes.

Correct, the stateless inspection is conducted first and then a stateful inspection is done.

3. True or False: An Intrusion Prevention System (IPS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?

  • True
  • False (CORRECT)

Correct, An Intrusion Detection System (IDS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected.

4. Network Address Translation (NAT) typically conducts which of the following translations?

  • An IP address to a physical address and vice versa.
  • A MAC address to an IP address and vice versa.
  • A private network IP address to a public network IP address and vice versa. (CORRECT)
  • An IP address to a domain name and vice versa.

Correct, a private network IP address to a public network IP address and vice versa.

5. Which type of NAT routing allows one-to-one mapping between local and global addresses?

  • Dynamic
  • Kinetic
  • Overload
  • Static (CORRECT)

Correct, static allows one-to-one mapping.

NETWORK PROTOCOLS OVER ETHERNET AND LOCAL AREA NETWORKS

1. Which network layer do IP addresses belong to?

  • The Physical Layer
  • The Network Layer (CORRECT)
  • The Data Link Layer
  • The Application Layer

Correct, the network layer.

2. Which address assures a packet is delivered to a computer on a different network segment from the sender?

  • The IP Address (CORRECT)
  • The MAC address.
  • The DHCP Address
  • The DNS Address

Correct, it is the IP Address.

3. A network device that is capable of sending and receiving data at the same time is referred to as which of the following?

  • Unidirectional
  • Monoplex
  • Half duplex
  • Full duplex (CORRECT)

Correct, it is full duplex.

4. True or False: Collision avoidance protocols are critical to the smooth operation of modern networks.

  • True
  • False (CORRECT)

Correct,  Collision avoidance protocols are not critical to the smooth operation of modern networks.

5. Comparing bridges with switches, which are three (3) characteristics specific to a bridge?

  • Full-duplex transmission.
  • End-user devices share bandwidth on each port. (CORRECT)
  • Virtual LANs are possible.
  • Each port is dedicated to a single device; bandwidth is not shared.
  • Virtual LANs are not possible. (CORRECT)
  • Half-duplex transmission. (CORRECT)

Partially correct, this is one characteristic specific to a bridge.

6. True or False: Switches solved the problem of network loops and improved performance of multicast/broadcast traffic.

  • True
  • False (CORRECT)

Correct, Switches do not solve the problem of network loops and improved performance of multicast/broadcast traffic.

BASICS OF ROUTING AND SWITCHING, NETWORK PACKETS AND STRUCTURES

1. If a network server has four (4) network interface cards, how many MAC addresses will be associated with that server?

  • 4 (CORRECT)
  • 2
  • 1
  • 0

Correct, 4 network interface cards

2. True or False: When you connect your laptop to a new network, a new IP address must be assigned, either automatically or manually.

  • True (CORRECT)
  • False

Correct, a new IP address will be assigned.

3. What does the Address Resolution Protocol (ARP) do when it needs to send a message to a location that is outside its broadcast domain?

  • ARP looks up the address in the ARP Table.
  • ARP drops the packet as undeliverable.
  • ARP sends the message to the MAC address of the default gateway. (CORRECT)
  • ARP sends a message to the destination IP address asking for its MAC address.

Correct, ARP sends the message to the MAC address of the default gateway.

4. Routing tables are maintained by which of the following devices?

  • Only on routers, switches, and hubs.
  • On any network connected device. (CORRECT)
  • Only on routers and network gateways.
  • Only on routers.

Correct, on any network connected device.

5. What is the purpose of a default gateway?

  • It translates IP addresses to MAC addresses and vice versa.
  • It manages all network traffic.
  • It forwards messages coming from, or going to, external networks. (CORRECT)
  • It manages network traffic on the local subnet only.

Correct, It forwards messages coming from, or going to, external networks.

6. If a message is being sent to a computer that is identified in the computer’s routing table, what type of connection would be established?

  • Static
  • Default
  • Direct (CORRECT)
  • Dynamic

Correct, direct connection.

TCP/IP FRAMEWORK

1. What is meant by “stateless” packet inspection?

  • It is a packet-by-packet inspection with no awareness of previous packets. (CORRECT)
  • It is the inspection of packets by non-state actors, such as private telecom companies.
  • It is the inspection of a packet’s source and destination IP addresses only.
  • It is the inspection of a packet’s service or protocols used only.

2. True or False: An Intrusion Detection System (IDS) is generally a passive device that listens to network traffic and alerts an administrator when a potential problem is detected?

  • True (CORRECT)
  • False

3. True or False: The primary difference between an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) is that an IDS is designed as a passive system that listens and alerts while an IPS is an active system that is designed to take action when a problem is detected?

  • True (CORRECT)
  • False

4. Which intrusion system does not add any delay to network traffic?

  • Intrusion Detection System (IDS). (CORRECT)
  • Intrusion Prevention System (IPS).

5. How does using Network Address Translation (NAT) provide an additional layer of security to your network?

  • By blocking traffic from known malware sites.
  • By hiding the real IP addresses of all the devices on your private network and exposing only a single public IP address. (CORRECT)
  • By requiring a certificate exchange to authenticate the source of external IP addresses before allowing them through the firewall.
  • By assigning a different false IP address to traffic leaving your network and translating it back to the real internal IP addresses on incoming traffic.

6. Which type of NAT routing maps unregistered IP addresses to a single registered IP address allowing thousands of users to be connected to the Internet using only a single global IP address?

  • Dynamic
  • Kinetic
  • Static
  • Overload (CORRECT)

7. Which network layer do MAC addresses belong to?

  • The Data Link Layer. (CORRECT)
  • The Physical Layer.
  • The Application Layer.
  • The Network Layer.

8. Which address assures a packet is delivered to a computer on the same network segment as the sender?

  • The Gateway address.
  • The IP address.
  • The DNS address.
  • The MAC address. (CORRECT)

9. A network device that cannot send and receive data at the same time is referred to as which of the following?

  • Full duplex
  • Unidirectional
  • Monoplex
  • Half duplex (CORRECT)

10. When a NIC reads a packet header and sees the destination address is not its own address, what does it do with the packet?

  • It returns the packet to the sender with a delivery error message.
  • It forwards the packet to the correct address if it is in the same network or the gateway if it is not.
  • It discards the packet. (CORRECT)
  • It reads the contents of the packet.

11. True or False: Switches can connect two geographically dispersed networks.

  • True
  • False (CORRECT)

12. What is the main function of the Address Resolution Protocol (ARP)?

  • To translate a MAC address to an IP address and vice versa. (CORRECT)
  • To translate a logical address to an IP address and vice versa.
  • To translate a physical address to an IP address and vice versa.
  • To translate a gateway address to an IP address and vice versa.

13. What does a router do when it needs to send a packet to an address that is not in its routing table?

  • It drops the packet as undeliverable.
  • It forwards the packet to the default gateway. (CORRECT)
  • It sends out a broadcast message looking for the correct system to reply with a confirmation message.
  • It returns the packet to the sender to deal with.

14. What happens to messages sent from a computer that has no gateway address specified?

  • Messages sent to other computers on the same subnet will not be delivered but those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet and those destined to computers on other networks will be delivered.
  • Messages sent to other computers on the same subnet will be delivered but those destined to computers on other networks will not be delivered. (CORRECT)
  • No messages will be delivered.

CONCLUSION – TCP/IP Framework 

To sum up, this module has provided a solid foundation in understanding key aspects of networking. From the TCP/IP Framework and Ethernet to LAN Networks, routing, and switching, you’ve gained valuable insights into building and managing networks effectively.

Moreover, you’ve learned about address translation and the nuances between Intrusion Detection and Intrusion Prevention Systems, essential for maintaining network security. By delving into network packets, you’ve deepened your understanding of how data flows across networks. Armed with this knowledge, you’re better equipped to navigate the complexities of networking and implement robust solutions to address various challenges.

Previous Course
Next Week

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe