4.3 Network Hardening Techniques

Question 1

SNMP is used for?

Answer 1

a protocol used to manage network devices (mostly to query devices)

Question 2

What is the secured version of SNMP?

Answer 2

SNMP v1 and SNMP v2 = unencrypted
SNMP v3 is the encrypted version

Question 3

Footprinting allows a threat actor to discover the:

Answer 3

topology and general
configuration of the network and security systems

Question 4

Footprinting can be done by:

Answer 4

social engineering attacks—persuading users to give information or locating information that has been thrown out as trash, for instance.

Question 5

Port scanning specifically aims to enumerate the:

Answer 5

TCP or UDP application ports on which a host
will accept connections.

Question 6

Fingerprinting allow: s a threat actor to identify device and:

Answer 6

OS types and versions

Question 7

Spoofing Attacks

Descrbie what is spoofing?

Answer 7

attacker disguises his or her identity

The term spoofing covers a wide range of different attacks. Spoofing can include any type of attack where the attacker disguises his or her identity, or in which the source of network information is forged to appear legitimate.

Question 8

Spoofing Attacks

Which protocols are commonly exploited in spoofing attacks?

a) TCP and UDP
b) HTTP and HTTPS
c) ARP and DNS
d) FTP and SSH

Answer 8

c) ARP and DNS

Question 9

How DNS poisoning works?

Answer 9

Attacker change the IP address of a DNS