Attacks And Response Flashcards
SQL Injection Attack
Leverage a reverse proxy system and scan incoming packets for malicious behavior
Man-in-the-middle attack
Mitigate by using an application-layer proxy or an IPS, and train users about fake security certificates
RPC attack
Mitigate with regular Os and application patching - Session Layer
Port Scanner
Mitigate by using a packet-filtering firewall - Transport Layer
Ping Sweep Attack
Mitigate by using a packet-filter firewall - Network Layer
VLAN hopping
Configure the VLAN tagging per the switch vendor’s recommendations - Data Link Layer
Wiretapping
Look for physical vulnerabilities, check the locks on doors, racks, and wiring closets
SQL Injection
Use reverse proxy system and scan incoming packets.
Use web-application firewall with rules to filter dangerous requests.
Buffer Overflow
Firewall to prevent suspicious data from being sent.
Man in the Middle
Intrusion Prevention systems and IPSec can help
VLAN Hopping
Configure the switch access control file - Data Link Layer
Ping of Death
Configure Web Application firewall to drop malformed packets.
Ping Flood
Configure firewall to disallow and use intrusion prevention systems - Network Layer
SMURF DDoS
Disable IP
Reconfigure your operating system to disallow ICMP responses to IP broadcast requests.
Reconfigure the perimeter firewall to disallow pings originating from outside your network.
Deauth Attack
WPA3 & WPA2