Chapter 16 Network Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

DDoS Attack

A DDoS is similar to a DoS attack, but it originates from multiple, coordinated sources. Threat Actor uses other machines (Zombies) to help flood the server with requests that will eventually block valid users from getting access.

Threat Actor

A person or element that has the power to carry out a security exploit and posses a network security threat.

What three configuration steps must be performed to implement SSH access to a router? (Choose three.)

A user account An IP domain name A unique hostname

Which device is used by other network devices to authenticate and authorize management access?

AAA server

George needed to share a video with a co-worker. Because of the large size of the video file, he decided to run a simple FTP server on his workstation to serve the video file to his co-worker. To make things easier, George created an account with the simple password of "file" and provided it to his co-worker on Friday. Without the proper security measures or a strong password, the IT staff was not surprised to learn on Monday that George's workstation had been compromised and was trying to upload work related documents to the internet. What type of attack is described in this scenario?

Access attack

This zone is used to house servers that should be accessible to outside users.

DMZ

A computer is used as a print server for ACME Inc. The IT staff failed to apply security updates to this computer for over 60 days. Now the print server is operating slowly, and sending a high number of malicious packets to its NIC. What type of attack is described in this scenario?

Dos

Angela, an IT staff member at ACME Inc., notices that communication with the company's web server is very slow. After investigating, she determines that the cause of the slow response is a computer on the internet sending a very large number of malformed web requests to ACME'S web server. What type of attack is described in this scenario?

Dos attack

Operating System Weakness

Each operating system has security problems what must be addressed.UNIX, Linux, Mac OS, Mac OS X, Windows Server 2012, Windows 7, Windows 8They are documented in the Computer Emergency Response Team (CERT) archives at http://www.cert.org

Physical security threats

Hardware threats - This includes physical damage to servers, routers, switches, cabling plant, and workstations. Environmental threats - This includes temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry). Electrical threats - This includes voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss. Maintenance threats - This includes poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling.

TCP/IP Protocol Weakness

Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Internet Control Message Protocol (ICMP) are inherently insecure. Simple Network Management Protocol (SNMP) and Simple Mail Transfer Protocol (SMTP) are related to the inherently insecure structure upon which TCP was designed.

DoS Attack

Threat Actor sends so many requests to the victim machine that it is overloaded and unable to provide content to valid users.

Network Equipment Weakness

Various types of network equipment, such as routers, firewalls, and switches have security weaknesses that must be recognized and protected against. Their weaknesses include password protection, lack of authentication, routing protocols, and firewall holes.

Which is appropriate for providing endpoint security?

antivirus software

Access attacks

attacks on a system that can include snooping, eavesdropping, and interception; more commonly known as spying or illicitly gaining access to protected information

Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?

environmental

Which device controls traffic between two or more networks to help prevent unauthorized access?

firewall

What is one of the most effective security tools available for protecting users from external threats?

firewalls

Trojan Horses

looks like a normal legitimate software however it is actually a malicious software. Known to create a back door.

Arianna found a flash drive lying on the pavement of a mall parking lot. She asked around but could not find the owner. She decided to keep it and plugged it into her laptop, only to find a photo folder. Feeling curious, Arianna opened a few photos before formatting the flash drive for her own use. Afterwards, Arianna noticed that her laptop camera was active. What type of attack is described in this scenario?

malware

Jeremiah was browsing the internet from his personal computer when a random website offered a free program to clean his system. After the executable was downloaded and running, the operating system crashed. Crucial operating system related files had been corrupted and Jeremiah's computer required a full disk format and operating system re-installation. What type of attack is described in this scenario?

malware

Virus

prorogates on a computer and is spread to other computers.

Sharon, an IT intern at ACME Inc., noticed some strange packets while revising the security logs generated by the firewall. A handful of IP addresses on the internet were sending malformed packets to several different IP addresses, at several different random port numbers inside ACME Inc. What type of attack is described in this scenario?

reconnaissance attack

Show ip ports all

shows you all the ports that are open on your cisco router. Ensure you close all ports you do not intend to use for your network to reduce threat actors.

Information theft

taking information from a computer.

Identity theft

taking someone's personal information, identity for use for applying for credit cards, legal status or unauthorized online purchases.

What is the purpose of the network security accounting function?

to keep track of the actions of a user

worms

unlike a virus don't need an executable program to run. They can replicate and spread through the network unaided.

Which backup policy consideration is concerned with using strong passwords to protect the backups and for restoring data?

validation

Data Loss and Manipulation

virus or reformatting a hard drive are examples. changing information on a computer without permission and with the intent to cause harm on their system.

Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?

worm

Reconnaissance Attacks

Reconnaissance attacks - The discovery and mapping of systems, services, or vulnerabilities. Access attacks - The unauthorized manipulation of data, system access, or user privileges. Denial of service - The disabling or corruption of networks, systems, or services.

Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?

RouterA(config)# login block-for 30 attempts 2 within 10

Defense-in-Depth Approach

Security devices and services to protect an organization.

Malware

Short for Malicious software, it is software that is designed for damage, disrupt, steal or inflict illegitimated action on data.

Types of Firewalls

Packet filtering - Prevents or allows access based on IP or MAC addresses Application filtering - Prevents or allows access by specific application types based on port numbers URL filtering - Prevents or allows access to websites based on specific URLs or keywords Stateful packet inspection (SPI) - Incoming packets must be legitimate responses to requests from internal hosts. Unsolicited packets are blocked unless permitted specifically. SPI can also include the capability to recognize and filter out specific types of attacks, such as denial of service (DoS)

Disruption of Service

Preventing authorized users from being able to access their systems. DOS attack is an example of this.


Ensembles d'études connexes

Lesson 1: Management School of Thoughts

View Set

Computer Science Output Exercises 7

View Set