INMT 441 Final Exam
Two kind of networks: - answer1. computer
2. social
A (computer) network - answera group of computers and other devices (such as
printers, storage devices, and smart devices) that use a set of common protocols over
digital media for the purpose of sharing resources.
Components of a computer network - answer1. Computers and other devices (printers,
etc)
2. Transmission media (cables, signals, telephone lines)
3. Rules/protocols for communication (TCP/IP -transmission, POP3, SMTP - email,
HTTP/HTTPS - websites)
Servers - answerHost and serve up databases, applications, Web sites, audio and
video, and other content for access over the network
Clients - answerConsume hosted resources
Client/Server Architecture - answerother type of computers on a network
Peers (Peer-to-Peer or P2P network) - answerServe and consume resources, as both a
server and a client interacting with similar computers
Types of networks - answer1. Local Area Network (LAN)
2. Wide Area Network (WAN)
3. Personal Area Network (PAN)
The Internet - answera large worldwide collection of networks that use a common
protocol to communicate with each other
The World Wide Web - answera system of interlinked documents on the Internet
How does a Router work? - answerA router is a networking device that forwards data
packets between computer networks
Computer action - answerTest your connections: Ping and Tracert.
Try these commands in command windows:
Øping youtube.com
Øtracert youtube.com
,IP address, or Internet Protocol address - answera numerical label assigned to each
device connected to a computer network that uses the Internet Protocol (IP) for
communication.
Check IP address(es) of your computer - answerCommand line: ipconfig (or ipconfig/all)
Network & Internet Settings
ipconfig
Or go to network and internet settings (right click wifi symbol on taskbar) -> go to
properties
Domain name - answerIP address expressed in natural language, such as www.utk.edu
Domain name system (DNS) - answer1. Allows numeric IP addresses to be expressed
in natural language
2. A DNS server converts domain names to IP addresses
Uniform resource locator (URL) - answerAddress used by Web browser to identify
location of content on the Web
Intranet - answerpassword-protected Web site designed for sharing within the company
E.g., myutk.utk.edu
Extranet - answerpassword-protected Web site designed for sharing with select external
partners
E.g., vendor/supplier portals
How is data and communication protected? - answerData and communication are
protected via firewalls and virtual private networks (VPNs)
Common threats - answer1.Malware attack
2. Phishing attack
3. Denial of Service (DOS) attack
4. Man-in-the-middle attack
Threats to Web applications - answer1. SQL injection attack
2. Cross-Site Scripting (XSS) attack
3. Buffer overflow attack
Phishing - answerthe fraudulent attempt to obtain sensitive information such as
usernames, passwords and credit card details by impersonating oneself as a
trustworthy entity in a digital communication.
can be done through emails, websites
, companies may apply technological measure like email filter and training
Denial-of-service (DoS) attacks - answerwhen intruders deliberately attempt to prevent
legitimate users of a service (e.g., customers accessing a website) from using that
service, often by using up all of a system's resources (such as its bandwidth).
Man-in-the-Middle Attack (MITM) - answerA cyberattack where the attacker secretly
relays and possibly alters the communications between two parties who believe that
they are directly communicating with each other.
Includes: wifi hacking, dns spoofing, ip spoofing
SQL injection - answera code injection technique, used to attack data-driven
applications, in which malicious SQL statements are inserted into an entry field for
execution.
Cross-Site Scripting (XSS) Attack - answerattacks enable attackers to inject client-side
scripts into web pages viewed by other users.
How XSS works - answer1. Attackers compromise a web site that is trusted by users.
2. They fold malicious content into the trusted content (such as dynamic content script)
being delivered from the site.
3. When the resulting, combined content arrives at the client-side web browser, it
operates under the permissions granted to that system.
4. Consequently, the attackers gain elevated access-privileges to sensitive information
on the client's computer.
Buffer - answera region in a computer memory that temporally stores data to be moved
from one place to another (for input, output, or further processing).
Buffer overflow - answerhappens when a program, while writing data to a buffer,
overruns the buffer's boundary and overwrites adjacent memory locations.
Typically happen to older programs.
Data Execution Prevention - answera built-in mechanism in popular OS that minimizes
buffer overflow risks.
Protecting Networks - answer1. Firewall
2. Proxy servers (proxies)
3. IDS and intrusion prevention
4. Securing your browsers
Firewall - answerany device that prevents a specific type of information from moving
between the outside world, known as the untrusted network (e.g., the Internet), and the
inside world, known as the trusted network
Two kind of networks: - answer1. computer
2. social
A (computer) network - answera group of computers and other devices (such as
printers, storage devices, and smart devices) that use a set of common protocols over
digital media for the purpose of sharing resources.
Components of a computer network - answer1. Computers and other devices (printers,
etc)
2. Transmission media (cables, signals, telephone lines)
3. Rules/protocols for communication (TCP/IP -transmission, POP3, SMTP - email,
HTTP/HTTPS - websites)
Servers - answerHost and serve up databases, applications, Web sites, audio and
video, and other content for access over the network
Clients - answerConsume hosted resources
Client/Server Architecture - answerother type of computers on a network
Peers (Peer-to-Peer or P2P network) - answerServe and consume resources, as both a
server and a client interacting with similar computers
Types of networks - answer1. Local Area Network (LAN)
2. Wide Area Network (WAN)
3. Personal Area Network (PAN)
The Internet - answera large worldwide collection of networks that use a common
protocol to communicate with each other
The World Wide Web - answera system of interlinked documents on the Internet
How does a Router work? - answerA router is a networking device that forwards data
packets between computer networks
Computer action - answerTest your connections: Ping and Tracert.
Try these commands in command windows:
Øping youtube.com
Øtracert youtube.com
,IP address, or Internet Protocol address - answera numerical label assigned to each
device connected to a computer network that uses the Internet Protocol (IP) for
communication.
Check IP address(es) of your computer - answerCommand line: ipconfig (or ipconfig/all)
Network & Internet Settings
ipconfig
Or go to network and internet settings (right click wifi symbol on taskbar) -> go to
properties
Domain name - answerIP address expressed in natural language, such as www.utk.edu
Domain name system (DNS) - answer1. Allows numeric IP addresses to be expressed
in natural language
2. A DNS server converts domain names to IP addresses
Uniform resource locator (URL) - answerAddress used by Web browser to identify
location of content on the Web
Intranet - answerpassword-protected Web site designed for sharing within the company
E.g., myutk.utk.edu
Extranet - answerpassword-protected Web site designed for sharing with select external
partners
E.g., vendor/supplier portals
How is data and communication protected? - answerData and communication are
protected via firewalls and virtual private networks (VPNs)
Common threats - answer1.Malware attack
2. Phishing attack
3. Denial of Service (DOS) attack
4. Man-in-the-middle attack
Threats to Web applications - answer1. SQL injection attack
2. Cross-Site Scripting (XSS) attack
3. Buffer overflow attack
Phishing - answerthe fraudulent attempt to obtain sensitive information such as
usernames, passwords and credit card details by impersonating oneself as a
trustworthy entity in a digital communication.
can be done through emails, websites
, companies may apply technological measure like email filter and training
Denial-of-service (DoS) attacks - answerwhen intruders deliberately attempt to prevent
legitimate users of a service (e.g., customers accessing a website) from using that
service, often by using up all of a system's resources (such as its bandwidth).
Man-in-the-Middle Attack (MITM) - answerA cyberattack where the attacker secretly
relays and possibly alters the communications between two parties who believe that
they are directly communicating with each other.
Includes: wifi hacking, dns spoofing, ip spoofing
SQL injection - answera code injection technique, used to attack data-driven
applications, in which malicious SQL statements are inserted into an entry field for
execution.
Cross-Site Scripting (XSS) Attack - answerattacks enable attackers to inject client-side
scripts into web pages viewed by other users.
How XSS works - answer1. Attackers compromise a web site that is trusted by users.
2. They fold malicious content into the trusted content (such as dynamic content script)
being delivered from the site.
3. When the resulting, combined content arrives at the client-side web browser, it
operates under the permissions granted to that system.
4. Consequently, the attackers gain elevated access-privileges to sensitive information
on the client's computer.
Buffer - answera region in a computer memory that temporally stores data to be moved
from one place to another (for input, output, or further processing).
Buffer overflow - answerhappens when a program, while writing data to a buffer,
overruns the buffer's boundary and overwrites adjacent memory locations.
Typically happen to older programs.
Data Execution Prevention - answera built-in mechanism in popular OS that minimizes
buffer overflow risks.
Protecting Networks - answer1. Firewall
2. Proxy servers (proxies)
3. IDS and intrusion prevention
4. Securing your browsers
Firewall - answerany device that prevents a specific type of information from moving
between the outside world, known as the untrusted network (e.g., the Internet), and the
inside world, known as the trusted network
