2.4-3.1 Flashcards
ddos reflection amplification
sending many requests to protocols that require no authentication to take up bandwidth through a botnet
dns poison
send fake response to valid dns request, “on-path attack”
rf jamming
transmit interfering wireless signals
on path
redirects your traffic, arp poisonning is on path attack on the local IP subnet
how to prevent session hijacking
encrypt end to end using vpn
privilege escalation
gain higher level access to a system using a vulnerability
birthday attack
uses collisions which are same hash output for different plaintext
downgrade attack
force systems to downgrade their security
IOC
indicators of compromise
acl
access control list
allow or disallow traffic
app allow/deny
allow=strict only apps on allow can run
deny= anything except apps on deny can run
monitoring methods
info from devices
sensors- fw logs, ips, authentication logs
collectors- siem consoles, syslog servers
configuration enforcement
checking posture of devices, and updates
decommisioning
getting rid of a device. should have a formal policy
responsibility matrix
shows who is responsible for what depending on the service they provide
hybrid cloud considerations
mix public and private cloud which can have network protection mismatches, data leakage
FaaS
Function as a Service
doesn’t need os. applications are individual autonomous. event triggered and ephemeral
managed by third party security is done by third party
api architecture
also known as monolithich architechtrure is one big programmable app does it all
microservice architecture
scalable, resilient
sdn
software defined networking. data, control, mgmt. splits functions into separate logical units.
data plane
process the network frames and packets
control plane
manages the actions of the data plane
mgmt plane
api, configure and manage the device
centralized infrastructure
everything in one place. single point of failure
