Cybersecurity Ch. 9+10 Review
Layer 2 Tunneling Protocol (L2TP)
tunneling protocol created by Cisco and provides more security than PPTP, but is not as fast
Point-to-Point Protocol (PPTP)
tunneling protocol that provides data confidentiality in the form of encryption, but does not support integrity
Secure Socket Tunneling Protocol (SSTP)
tunneling protocol that provides support for traffic over an SSL 3.0-encrypted connection
Traveling around searching for Wi-Fi networks is called _____.
wardriving
Which technology can detect interference with weather/military transmissions & shift the wireless frequency of a device?
DFS.
Which authentication protocol would be used by a user on a Windows computer with a username and password on a VPN?
MS-CHAP.
Network Design Techniques
DMZs are created by developing borders between the different networks using firewalls. Type of traffic and hosts that enter DMZ are filtered with the public-facing firewall. Another firewall borders the DMZ and company private network.
Unencrypted
Offers no protection at all, May be a business need (ex: business provides free Wi-Fi), Proper security policies must still be enacted for wireless network
Which of these statements about protecting routers is not a best practice?
Only update routers with security patches, not enhancement patches.
VPN Authentication
Password Authentication Protocol (PAP), Challenge Handshake, Authentication Protocol (CHAP), MS-CHAP, Extensible Authentication Protocol (EAP).
Long-Term Evolution (LTE)
Path used to provide 4G speeds, 5G expected to be deployed starting 2020.
Which term identifies network activity that deviates from normal activity?
Anomaly.
Wireless devices can be manually configured to attach to a wireless network.
Another option is Wi-Fi-protected setup (WPS) -PIN method:user enters PIN on router that is located on new device, Push method: user pushes button on new device and AP; devices discover each other.
Agent
software or code that searches for vulnerabilities in the client
Satellite communication (SATCOM)
space-based wireless network in which an orbital satellite provides the connection to the host. Used for many purposes. Satellite services can cover entire globe using multiple frequencies. ITU assigns radio frequencies. Most used are C, L, and Ku bands.
DNS local cache
temporary storage location on the local computer
Internet Key Exchange Protocol version 2 (IKEv2)
tunneling protocol that uses the IPSEC tunneling protocol over UDP on port 500.
Ad-hoc networking occurs when ____.
two devices communicate directly with each other.
Cellular network
type of wireless network in which transmissions are distributed over groups of geographic areas. Transmits data from multiple transmitters called base stations. Each base station is given a portion of the overall bandwidth
USB
user employs USB flash drive with data to copy information between devices
Enterprise Wi-Fi
users do not need to be given a passphrase for wireless access. Authenticated through their network login names and passwords. Access points pass the credentials and information between the client and authenticating server
Wired Equivalent Privacy (WEP)
very outdated encryption protocol for routers used with older, legacy wireless equipment
Attenuation
weakening of signal over distance from the access point
Captive portal
web page that the user is forced to view before being granted further network access
Piggybacking
when a user gains access to a wireless network without permission
DNS poisoning
when a valid DNS name is redirected to another site that is likely malicious
Data leakage
when data are intercepted and stolen. Intrusion-detection or packet-sniffing software can detect vulnerabilities. Ethical issue: personal information may be read by personnel. Benefits outweigh privacy concerns. If data is not protected, hackers will try to access it.
Bluejacking
when somebody sends an unsolicited message via Bluetooth, such as an advertisement
GETMAC command
will display MAC addresses embedded into the hardware of network commands in the Physical Address Column
Basic service set (BSS)
wireless network with a single access point
Extended service set (ESS)
wireless network with multiple APs
Wi-Fi
wireless networking technology that uses radio waves instead of wires or fiber optic cable. Runs on unlicensed bands of the radio frequency (RF) spectrum. Defined by IEEE 802.11 standard
A _____ is a device that allows connections to a wireless network and can send data to another network.
wireless router
In an enterprise Wi-Fi environment, the authentication server is usually ____.
A RADIUS Server.
Which channels do not overlap in a 2.4 GHz wireless network?
1, 6, and 11
MAC Address Format
12-digit hexadecimal number. Two numbers (an octet) separated by a hyphen/dash (-) or a colon (:). Consists of six octets. First three octets represent the organizationally unique identifier (OUI). Second three represent a unique address within the vendor's identifier.
Which of the following channels can overlap with another channel in the 2.4ghz frequency?
5.
What is a dead spot when discussing a wireless network?
A location in a business without access to Wi-Fi.
Which are the two methods that update a client's local DNS cache? (Choose 2)
A user requests a domain name, and it is resolved. Entries are made into the local host file that prepopulates the local cache.
Which of these is true about a rogue access point?
A wireless site survey could help find this potential threat.
____ is the weakening of a signal over distance from the access point.
Attenuation.
Landing Target Page
Can be used for marketing purposes, Educate users about acceptable use and terms of access, Collect payment for the service, Legal protection.
Before using Wi-Fi, there is a page where you must accept the AUP before you continue. This page is called a(n) _
Captive Portal.
Cellular Wireless Basics
Cellular networks operate in licenses areas of RF spectrum. Mobile carriers cannot transmit or receive data using the same frequencies in a given market. FCC tasked with trying to free up additional spectrum
Routers are not immune to flaws
Change default SSID and password information. Ensure firmware is up to date. Change security settings from default. Replace older routers with new models.
List the two most important steps in securing a router.
Changing default SSID and password information.
In an enterprise Wi-Fi environment, the supplicant is the ____.
Client trying to connect to Wi-Fi.
Options for securing switches
Configure switches so ports can only access specific MAC addresses. Configure access lists to control traffic in the switch. Establish secure passwords for console and remote access. Ensure switches are configured with options such as Spanning Tree protocol.
Routers manage traffic using Access Control Lists (ACLs)
Control what is allowed on the subnet, Security concern: IP spoofing, ACL can be configured to block any inbound traffic that originates from inside the network.
____ is a VPN tunneling protocol that uses SSL to encrypt the data.
SSTP.
Which configurations allow you to limit hosts and other devices in the network? (Choose 2)
DMZ, VLAN.
Bluetooth is a form of wireless networking
Devices must be physically much closer to each other to communicate
Wi-Fi Basics
Devices on a wireless network communicate through access points.
Other Peripheral Vulnerabilities
Devices that access wireless networks pose vulnerabilities-Wireless keyboard or mouse, Cameras, printers, microSD cards
Which is a true statement regarding cellular networks?
Different mobile carriers can't transmit in the same RF spectrum.
Which type of signal can disconnect a user from a wireless network?
Disassociation.
A configuration based on the IEEE 802.1X standard is known as which wireless concept?
Enterprise WiFi
Intranet
Essentially a private Internet environment for internal use only. Provides a secured environment for forms, information, and portals to other tools
A hacker has placed a router in a business using the same SSID as the business's wireless access point. What type of attack is this?
Evil twin or man-in-the-middle
Extranet
Extension of an intranet where specific third-party users can be allowed access to a secured intranet. Ex: vendor or partner needs to access company data
Which governmental agency manages the radio spectrum?
FCC
4G
G: generation, Specifications provided by International Telecommunication Union (ITU)
Keysniffer
Hack carried out with what looks like a USB charging device, Sniffs keystrokes and allows hackers to inject commands or steal information
Signatures
IDS identifies traffic or actions different from current known examples. Signatures are stored and must be frequently updated for comparison
Things to protect a system from DNS poisoning
Install antimalware programs on clients to help prevent DNS cache hijacking, If using Microsoft Server, store DNS database in Active Directory for additional security, Limit who has privileges to configure DNS environment and records. Consider not hosting local DNS client cache.
A private Internet for employees in a company is called a(n) ____.
Intranet.
Which of the following is true regarding a persistent agent that checks for vulnerabilities in a NAC environment?
It includes antimalware programs that are always running.
Tunneling protocol developed by Cisco to support confidentiality, integrity, and availability
L2TP.
Security best-practice notifications can be displayed on routers with a(n) ____.
Message of the day/MOTD.
MS-CHAP
Microsoft's version of CHAP, Challenge includes a session ID, Response from client includes session ID, user name, and user password.
Network Access Protection (NAP)
Microsoft's version of an NAC solution
Intrusion-detection system (IDS)
Monitors the system and sends an alert if there is a problem. Host Intrusion Detection System (HIDS). Network Intrusion Detection System (NIDS).
Another method of VLAN creation is using the host's MAC address
More secure than assigning by port, VLAN assignment can be physically changed, Does not affect traffic.
The range of ____ is very small.
NFC.
Extensible Authentication Protocol (EAP)
Needed to transport additional authentication data. Framework for transporting protocols
VPN
Needs of remote users need to be considered, but so does security
Anomalies
Network activity is collected. Establishes a baseline of normal activity. Remind users about security access and responsibilities with router banner.
Minimal Protection
Organization may choose to have protection that is not the strongest option available. Often done to support legacy equipment. Minimal protection is often easily breakable
Authentication protocol that fully encloses EAP and works with the TLS protocol
PEAP.
VPN Protocol
Point-to-Point Protocol (PPTP), Layer 2 Tunneling Protocol (L2TP), Secure Socket Tunneling Protocol (SSTP), Internet Key Exchange Protocol version 2 (IKEPv2). Key elements of IPSEC include-AH (authentication header), ESP (encapsulating security payload). Tunnel mode encrypts IP headers of original packet. Transport mode only encrypts data and ESP information
Several steps to keep routers safe
Regularly patch all router firmware and router's operating system, Secure routers with strong passwords, Back up all router configuration information, Ensure that only traffic that should be on subnet is allowed. Remind users about security access and responsibilities with router banner. Check for firmware updates and install only manufacturer patches.
A _ attack is a of a MITM attack and occurs when the hacker can nab login credentials and redeploy them at another time.
Replay.
Local DNS cache or DNS resolver cache is populated two ways
Requests made at the client and Entries in the local hosts file, Located c:\windows\system32\drivers\etc\hosts in Windows, Located /etc/hosts in Linux, Does not contain any information other than comments, Automatically loads in local DNS cache when operating system starts.
Which command syntax displays the local routing table on a computer?
Route Print.
Protecting Network Routers
Routers are an integral part of networking environment. Without them, data would be limited to traveling the local subnet. Play an active role in moving traffic and scanning the network. Must be protected against network hacks.
Which software agent runs on a client to verify if the client meets the standards for accessing a network?
SHA.
Which of the following terms refers to the name of the wireless network?
SSID.
Encryption
Security administrator must balance needs against protection. Three basic choices when protecting data on wireless network. Leave the network unencrypted. Offer minimal protection. Set standards at the highest possible standard
Demilitarized zone (DMZ)
Segment of a network that allows some public access and borders the private network where the public access is blocked
An ARP address that is permanently assigned to a table is called a ____ address.
Static.
A VLAN is created on a network ____.
Switch.
What is the primary purpose of a VPN?
To ensure data transmissions are encrypted over public networks.
CTIA
Trade association representing the wireless-communication industry, Supports wireless manufacturers and cellular carriers.
Behavior
Traffic or actions are examined to see if they are normal. Something not considered normal will be flagged as a potential risk.
Steps to take to protect Bluetooth devices and data
Turn off Bluetooth when not in use, User should be extra vigilant in public, crowded areas where the risk of data interception is high, Use security measures offered on the device
Setup
Typically runs in infrastructure-mode. Devices must send data to central device before moving on to destination. Requires specific hardware- Access point (AP), Wireless router, Wireless NIC, Wireless client (STA).
When using L2TP with Internet key exchange traffic, ____ must allow inbound traffic.
UDP port 500.
A ____ allows VLANS to be further secured by filtering traffic within the VLAN.
VACL.
With ____, the user does not need to provide any configuration information to connect a device.
WPS.
A wireless technique in which individuals search for open wireless networks is called ____.
Wardriving.
Which of the following does not use the 2.4ghz frequency?
Weather Stations.
Which of the following server types would likely be placed in a demilitarized zone? (Choose 2)
Web Server, FTP Server.
Recommendations
Wireless networks must meet the needs of intended audience but also be as secure as possible. Examples of best practices-Implement strong encryption, Change default settings, Limit the availability of the wireless network to posted working hours, Run scripts or other automated tools to discover potential unencrypted data or unauthorized access points, Use MAC filtering to prohibit access by unapproved devices or disable DHCP so devices must receive a static IP address for access. Set up a captive portal with a security agreement and policy statement before allowing access to the wireless network. Require confidentiality agreements from security staff. Restrict the websites that can be accessed via wireless networks. Create strong policies that clearly state acceptable use for users and security staff. Require administrators on the wireless network to hold industry certification, such as Certified Wireless Security Professional (CWSP), and to keep it current. Have clear procedures for reporting lost or stolen equipment. Do not allow use of older devices that do not support the latest in encryption technologies.
Interference
Wireless signals are impacted by many things- Surroundings, Configuration power capability, Nearby objects and antennae. Routers transmit power measured in two scales: milliwatt (mW) and decibel-milliwatt (dBm). Antenna may be omnidirectional or unidirectional. Less interference with unidirectional, but often not flexible enough for communication between transmitter and receiver
Wireless signal Basics
Wireless signals transmit on unlicensed frequencies. 802.11 workgroup uses five different frequency ranges- 2.4 GHz, 3.6 GHz, 4.9 GHz, 5.0 GHz, 5.9 GHz.
Review of Wireless Technologies
Wireless technology allows employees to work from anywhere, Increased productivity, Schools are adopting tablets, laptops, and Chromebooks in classes.
Authenticator
access point.
Wardriving
act of driving around trying to identify wireless networks. Network names, signal frequencies, and security encryption used. Can be done by walking, driving, and drones
Censorship
act of limiting access to information or removing information to prevent it from being seen
Honeynet
decoy network consisting of two or more honeypots
Honeypot
decoy server set up to attract hackers
Protected EAP (PEAP)
fully encloses EAP
Jamming
intentionally interfering with wireless signals to prevent the transmission from being usable. Illegal at the state and federal level. Jammers: RF transmitters that block or scramble other RF signals. Interferes with all signals
Which command syntax allows you to view the local DNS cache on a Windows system?
ipconfig /displaydns.
Password Authentication Protocol (PAP)
legacy protocol that is not encrypted and should not be used
MAC address filtering
limiting which MAC addresses are allowed to access the network
ARP poisoning
man-in-the-middle attack where a hacker intercepts an ARP request and changes its reply. Victim is pointed to hacker's computer not the real computer
Service set identifier (SSID)
name of a wireless network
Wireless NIC
network interface card used to connect the wireless network and may be integrated into a system board or can be added into a system internally or through a USB wireless NIC
Public hotspot
network open to the public
Domain Name System (DNS)
network service that resolves names on a network, such as web servers or host computer names, to their IP addresses
Which command syntax will reveal DNS resolution information?
nslookup.
Message of the day (MotD)
router banner displayed to user before log-in. Use MotD to provide information on security best practices.
Rogue router
router that is placed in a business to entice users to connect to it and thus have their credentials stolen
The coverage area of a base station in a cellular network is called
A cell.
What is the coverage area of a base station in a cellular network called?
A cell.
Which portion of the following MAC address represents the OUI? A0-E3-C1-51-E6-6B
A0-E3-C1.
The strongest possible encryption standard is _____.
AES
Security feature that authenticates the sender and determines if there are any changes to the data
AH.
Which of the following IPSEC features cannot be used if you are using NAT?
AH.
____ is a proprietary technology often used with wearable technology.
ANT.
Which protocol resolves IP addresses to MAC addresses?
ARP.
VLANs create virtual subnets
Allows the VLAN to be further secured, VLAN access control list (VACL): allows traffic to be filtered within the VLAN, Different VLANs can be configured with unique VACLs
Wireless Configuration Placement
Any device that transmits an electromagnetic signal can interfere with RF signals. Obstacles can affect signal's ability to reach destination. Weak signal may make people use less safe ways to communicate. Site surveys can also identify types of equipment in use, approximate locations of equipment, 802.11 standard used, vendor name, and MAC address. Site survey will find dead spots and indicate strength of signal beyond intended boundaries. Locate access points to provide best coverage of intended area with minimal extension out of building
A wireless network that uses a single access point is called a(n) ____.
BSS.
____ is done by blocking a computer from accessing a Wi-Fi network by using its MAC address.
Blacklisting.
What type of attack has occurred when unwanted text messages are received on your phone?
Bluejacking
Which of the following is not really an attack, but unsolicited messages, such as an advertisement?
Bluejacking.
A ____ attack could steal data from a Bluetooth-enabled smartphone.
Bluesnarfing.
Which of the following wireless-transmission types follows the 802.15 standard?
Bluetooth.
Which are two security justifications to create VLANs in a network? (Choose 2)
By limiting the hosts, the broadcasts of packets in the VLAN are also limited. Secure data would not travel on an insecure network.
____ occurs when the records are changed to point the domain name to an unauthorized IP address.
DNS poisoning.
Shared DNS Information
DNS servers get their information from other DNS servers, Validity of data is only as good as the data themselves, Corrupted DNS server can compromise unprotected systems, Ex: data retrieved from Chinese DNS servers temporarily blocked sites such as Facebook, Twitter, and YouTube.
Default Settings
Default settings are not unique or confidential, Change default settings on installation, Always use a strong password
If a user on a VPN has a fingerprint reader, the VPN connection must allow for ____.
EAP with PEAP.
Strongest Encryption
Encryption improved with introduction of Wi-Fi Protected Access (WPA). WPA has insecure versions. WPA encryption variations-TKIP,AES.
What are the first three sections of a MAC address called?
OUI
DMZs are created by developing borders with ____.
Firewalls.
Security protocol used to encrypt data traveling over computer networks using TCP/IP
IPSEC.
User Access Security
If user is connected to legitimate router, hacking tools can send disassociation signal
What happens if an Internet service provider has faulty DNS information?
It will share information to any requesting DNS server.
Which of the following best describes why an address of 0.0.0.0 would exist in a routing table?
It's a generic entry to identify all networks not specifically listed.
Reasons to set up a honeypot
Learn from hacking techniques used, Distract hackers.
LAN Security benefits
Limits the broadcast of packets to just that network , Allows traffic from different groups to be separated, Can separate voice traffic from data traffic
In a passive scanning environment, the client will ____.
Listen for a beacon from an AP.
Virtual local area network (LAN)
Logical grouping of hosts that treats them as if they were physically connected
Black listing
MAC addresses you do not want connecting to the network are filtered out and blocked from accessing the network
White listing
MAC addresses you want connecting to the network are filtered in and all other addresses are filtered out and blocked
Filtering by MAC Address
MAC filtering won't keep out a determined hacker. MAC addresses can be spoofed or faked to allow access
A ____ attack consists of a hacker poisoning the ARP table and changing the MAC address of the default gateway.
Man-in-the-middle.
Data Sniffing on Wireless Networks
Many free or open-source tools for data sniffing, Hacker may insert a rogue access point that has no encryption, When user connects to AP, requests are transmitted in clear text, Scripts developed to find unencrypted AP and alert administrators, IoT increased need for oversight of security issues on wireless networks.
Which would you place on a router to identify problems but take no action?
NIDS.
Local-Network DNS Cache
Network servers store DNS information for the local network, Also store DNS entries for websites to speed up subsequent requests.
Protecting Network Switches
Network switches manage traffic within the subnet. May be Layer 3 switches. Switches are internal to the network. May be overlooked in security configurations.
Intrusion-prevention system (IPS)
Not only detects malicious or suspicious behavior, it can take action to stop the problem. Extension of IDS. Host Intrusion Prevention System (HIPS). Network Intrusion Prevention System (NIPS). Host-based system protects the actual host where it is installed. Network-based solution scans subnet on which it is installed.
Searching for interference problems can be mitigated by ____.
Performing a site survey.
____ is when a user connects to their neighbor's Wi-Fi without permission.
Piggybacking.
Challenge Handshake Authentication Protocol (CHAP)
Protocol in which the server sends a challenge to the client after the client establishes a connection to the server. Client connection converts to value and sends to VPN server; must match server-calculated value.
Wireless router
same capability of an AP, but also adds the functionality of wireless connection to local area networks (LANs) or wide area networks (WANs)
Tunneling protocol that uses port 443 and works well with firewalls
SSTP.
WPS Setup methods
STA finds AP with active or passive scanning
Acceptable Use Policies
Set of rules that explain what is and is not allowed on the network. Employers can display an AUP on a captive portal. Public Wi-Fi usually requires user to acknowledge AUP before using service
Which is the best option for securing a wireless router?
Set up the encryption with WPA2-AES.
Which are the two configurations used with VPNs? (Choose 2)
Site to Site, Remote Access VPN.
If a hacker can edit the ____ file, the local DNS cache can be populated with invalid entries.
The Host File.
Unidirectional
send and receive from one specific direction
What is an SSID?
The name of a wireless network.
Omnidirectional
send and receive in all directions
An all-in-one security device is called a(n) ____.
UTM Appliance.
Which wireless security is most vulnerable to an initialization vector (IV) attack?
WEP (Again).
The original encryption standard for wireless networks is known as ____.
WEP.
Warchalking
act of publicly marking locations where network connections are found. Many tools available for locating networks and their settings. Hacker trick: use a high-powered antenna. Can extend physical range of network so hacker can be further away.
Initialization vector (IV)
adds random information to the key every time there is a transmission
System Health Agent (SHA)
agent that performs the self-check on the client
Site-to-site VPN
allows an organization to connect static or fixed sites to each other using the Internet as the communication platform
Near-field communication (NFC)
allows devices to communicate through electromagnetic radio fields as opposed to the radio transmissions used by Wi-Fi; user must bring new device close to AP
Remote-access VPN
allows user to connect to the network using the Internet from a remote client
Screened subnet or perimeter network
another name for a DMZ, Typically used for public-facing servers, Anything in the DMZ is exposed to the Internet.
Unified threat management (UTM)
appliance that is an all-in-one security device that allows the network to be managed from one location. Reduces number of devices that must be managed. Administrators do not have to learn how to use multiple systems. Can be a lower-cost solution. Disadvantage-single point of failure or attack.
Which command syntax reveals the local ARP cache on a Windows computer?
arp-a.
Access point (AP)
device that provides a central point of access to enable wireless devices to communicate with each other
Ad-hoc networking
devices talk directly to each other
Dual-band routers
devices that can be configured to run on multiple frequencies simultaneously
Disassociation
signal that deactivates the user from the access point. Stronger signal from evil twin will connect when device reconnects
Supplicant
computer trying to connect to the WLAN
Authoritative DNS server
controls the records in the database and provides answers that have configured by an original source
Cell
coverage provided by the base station
Wireless site survey
creates a map of the wireless signal, its strength, and its coverage. Steps can be taken in regard to placement and configuration. Should be done on frequent basis as a security measure
Service set identifier (SSID)
default network name for a router
Lightweight EAP (LEAP)
designed for wireless networking and is based on CHAP protocol
Dynamic frequency selection (DFS)
detects interference with military and weather radar and automatically shifts the frequency being used by the wireless device
VPN concentrator
device that adds support for many tunnels of traffic
Channels
each of the RF bands is subdivided into slices
Tunneling
encrypting data traveling across the remote connection with a VPN
Network access control (NAC)
environment in which standards are set that hosts must meet before they are able to connect to the network. Operating system has latest security patches installed. Antivrius signature files are up-to-date. Host firewall is turned off. Approved device.
Wireless client (STA)
fixed or mobile device that has the ability to communicate as a client using the 802.11 standard
WPA handshake
four-step authentication process used to pass information to and from the WAP and client to set up data encryption
Replay attack
hacker capturing login credentials during an initial attack, storing them, and retransmitting them at another time
Address resolution protocol (ARP)
handles the process of locating addresses in the MAC address table. Switches maintain a MAC address table. Used to map an IP address to the physical or MAC address.
Nonauthoritative DNS server
holds requests from clients for a period of time to speed up subsequent requests and does not contain copies of any domains, DNS cache can be compromised or poisoned.
Cantenna
homemade device used to amplify Wi-Fi signals
Research honeypot
honeypot set up with the intention of attracting hackers to learn from them and adjust the system.
A ____ is a decoy server set up to attract hackers.
honeypot.
If an organization's DNS server can resolve a DNS request from its own cache, the DNS server is said to be ____.
nonauthoritative.
Bluesnarfing
occurs when a hacker exploits the Bluetooth connection to steal data from a Bluetooth-enabled device
Man-in-the-middle (MITM) attack
occurs when a hacker intercepts the data transmitted between the client and the WAP. User is unaware of the attack. Hacker can gather information such as passwords and user names
Evil twin router
one that carries the same SSID as the legitimate server, but is a different ESS. Rogue router is physically placed near the target. Provides a stronger signal, so victim connects to the evil twin. Hacker can intercept and discover all data sent to and from target
What does the warchalking symbol )( mean?
open wireless network
ANT
personal area technology similar to Bluetooth that allows devices to communicate with each other wirelessly over short distances. Designed for low-bit, low-power transmissions of small packets. Used in sports, fitness, and health-care products
What is it called if you connect to Wi-Fi of a neighbor or nearby business?
piggybacking.
Dead spot
place where there is no Wi-Fi coverage from a nearby cell
Virtual private network (VPN)
provides a method to secure data traveling through other networks, such as the Internet
Consider configuring DNS Security Extensions (DNSSEC)
requires all responses from a DNS server are digitally signed to ensure they come from an authorized source.