2b - Understanding system vulnerabilities 1

Question 1

What is iptables firewall?

Answer 1

iptables is a software firewall for linux which accepts, rejects, or drops network traffic

Question 2

features of software firewalls

Answer 2

cheaper to install, require little space, easy to install, run on end devices

Question 3

features of hardware firewalls

Answer 3

control the traffic reaching the network, can be configured with different policies for different traffic, relieve the burden of software firewalls

Question 4

what is DPI

Answer 4

deep packet inspection examines a packets header, and contents, in detail to look for any preconfigured data

Question 5

list good password policies

Answer 5

must include uppercase letters, lowercase letters, numbers, and special characters, must be a minimum of 10 characters in length, and must be changed every 3 months

Question 6

define password entropy

Answer 6

how predictable a password is too guess, normally measured in bits

Question 7

what is a password history?

Answer 7

a password history defines how many unique passwords a user must use before they can reuse passwords

Question 8

define a few software vulnerabilities

Answer 8

0 day exploits, bugs, unupdated software may contain exploits, pirated software may contain edited code

Question 9

define SQL injection

Answer 9

typing in SQL code into an input field which will be read by a database and ran, can be used to delete or extract data from a database

Question 10

define some OS vulnerabilities

Answer 10

organisations using out of date or unsupported OS which contain vulnerabilities, 0 day exploits

Question 11

why does some orgs choose to work on out of date OS

Answer 11

cost of migration and installation against the specified benefits. called cost benefit analysis