12 - Network Security Flashcards
Question 12 has been omitted for redundancy. Analyze, assess, and implement appropriate tools to secure applications and mitigate network attacks
What does an SSL stripping attack look for to perform an on-path attack?
An unencrypted HTTP connection
Ben wants to observe malicious behavior targeted at multiple systems on a network. He sets up a variety of systems and instruments to allow him to capture copies of attack tools and to document all the attacks that are conducted. What attractant has he set up?
A Honeypot
Valerie wants to replace the telnet access that she found still in use in her org. Which protocol should she use to replace it, and what port will it run on?
SSH, on Port 22
James is concerned about preventing broadcast storms on his network. What are some useful solutions he can implement to prevent this?
Spanning Tree Protocols, Loop Prevention Features, and limited VLAN sizes can all reduce the potential for a broadcast storm.
Chuck wants to provide route security for his org, and he wants to secure the BGP traffic that his routers rely on for route information. What should Chuck do?
Unfortunately, BGP does not have native security methods. Two solutions (SIDR and RPLS) have not been broadly adopted.
Connor believes that there is an issue between his org’s network and a remote web server, and he wants to verify this by checking each hop along the route. Which tool should he use if he is testing from a Windows 10 system?
pathping
Nick wants to display the ARP cache for a Windows system. What command should he run to display the cache?
arp /a
Bart needs to asses whether a three-way TCP handshake is occurring between a Linux server and a Windows workstation. He believes that the workstation is sending a SYN but is not sure what’s occurring next. If he want to monitor traffic, and he knows that the Linux system doesn’t provide a GUI, what tool should he use to view the traffic from the workstation?
tcpdump
What protocol is used to securely wrap many otherwise insecure protocols?
Transport Layer Security (TLS)
Bonita has discovered that her org is running a service on TCP port 636. What secure protocol is most likely in use?
LDAPS
Randy want to prevent DHCP attacks on his network. What secure protocol should he implement to have the greatest impact?
Unfortunately, there is no secure way to transmit across DHCP
True or False: IPv6’s NAT implementation is insecure.
False
Madhuri is designing a load-balancing configuration for her company and wants to keep a single node from being overloaded. What type of design will meet this need?
Active/active (it will spread the wealth to every node, thus ensuring that a singular node won’t be overloaded)
What type of NAC will provide Isaac with the greatest amount of info about the systems that are connecting while also giving him the most amount of control of systems and their potential impact on other systems that are connected to the network?
Agent-based, pre-admission NAC
Danielle wants to capture traffic from a network so that she can analyze a VoIP conversation. Which of the following tools will allow her to review the conversation most effectively?
- A network SIPper
- tcpdump
- Wireshark
- netcat
Wireshark
