quiz 10
ip dhcp snooping ip snooping dhcp global ip dhcp snooping global ip dhcp snooping vlan [vlan_id] ip snooping dhcp
ip dhcp snooping
-I port 443 -A port 443 -X port 443 -W port 443
-X port 443
Logic bomb APT Virus Trojan horse
APT
CFAA CAN-SPAM Act USA Patriot Act HIPAA
CAN-SPAM Act
Create static MAC addresses for each computer and associate it with a VLAN. Configure port security on the switch. Create a VLAN for each group of four computers. Remove the hub and place each library computer on its own access port.
Configure port security on the switch.
SYN flood Smurf attack Teardrop attack Fraggle attack
Fraggle attack
Integrity checking Scanning Heuristic analysis Code emulation
Integrity checking
Look through the event log for suspicious events. Isolate the system from the network immediately. Check for suspicious or unknown registry entries. Sanitize the system using updated anti-malware software.
Isolate the system from the network immediately.
Replay MAC flooding MAC spoofing ARP poisoning
MAC flooding
Man-in-the-middle Session hijacking DNS spoofing Cross-site scripting
Man-in-the-middle
Collects data about which files a user has accessed. Permits or denies access to the network resources a user needs to perform tasks. Documents a user's actions, such as how many resources are used. Identifies a network user by asking for a username and password.
Permits or denies access to the network resources a user needs to perform tasks.
Ransomware Spyware Scareware Adware
Scareware
Services can be set to throttle or even shut down. Add extra services, such as load balancing and excess bandwidth. Have more than one upstream connection to use as a failover. Include a checklist of all threat assessment tools.
Services can be set to throttle or even shut down.
Session fixation Packet filtering DNS spoofing Packet sniffing
Session fixation
watson p@ssw0rd St@y0ut!@ watson-p
St@y0ut!@
Enumeration Threat modeling Penetration testing Ethical hacking
Threat modeling
With the ICMP flood, ICMP packets are sent and received at a quicker rate than normal ICMP packets. The normal ICMP ping request only has one source address. With the flood, all packets come from the same source IP address in quick succession. The only difference is the number of packets that are sent.
With the flood, all packets come from the same source IP address in quick succession.