4.0 Network Security Flashcards
what would you configure on a switch to segment traffic?
VLAN
what is the purpose of a network scan?
to gather information about hosts within a network
what is the purpose of banner grabbing?
to gain information about remote systems
what is the purpose of the spanning tree protocol?
prevents broadcast storms caused by two ports on a switch being connected to each other
what device uses an ACL to filter traffic
Firewall
where is IP filtering configured?
ACL in a firewall
what type of filter allows SMTP traffic through a firewall?
port filter (blocking TCP port 25)
what would you manipulate to block access to a network for a specific computer?
Firewall’s ACL
what is the name of bogus server with false data designed to lure attackers?
Honeypot
what technique is commonly done to identify open ports on a server?
port scanning
what is the general purpose of disabling unnecessary services on a server?
to harden the server
hardening a device makes it more secure than the default configuration
where should updates for production servers be applied first?
to a test server that mimics the production server
an attacker creates an evil twin and then collects data from anyone that connects to it. what type of attack is this?
MITM attack
an attacker connects to a switch and is then able to connect to existing VLANs on the same switch. what type of attack is this?
VLAN hopping
what kind of threat is possible from a disgruntled employee?
an insider threat
what type of attack is launched from a single host against a single host?
DoS attack
what is the name of an unauthorized wireless network with a different name than a legitimate wireless network?
Rogue access point
what type of attack floods a switch with traffic, with the goal of redirecting traffic to an attacker’s computer?
ARP poisoning
an attacker impersonates a service technician to gain access to a building. What is this called?
Social engineering
what type of attack is launched from several hosts against a single host?
DDoS attack
what is the name of a malicious wireless network with the same name as a legitimate wireless network?
Evil twin
what type of filtering on a router can restrict access based on a hardware address?
MAC filtering
what information is required by a user to access a WPA2 protected network?
Passphrase or pre-shared key
what is the strongest encryption wireless protocol (listed in the CompTIA objectives)?
WPA2