Chapter 11: It's a network Flashcards
What are 4 types of security threats?
11.2.1.2
Hardware threats
Environmental threats
Electrical threats
Maintenance threats
What is a Hardware Threat?
11.2.1.2
physical damage to servers, routers, switches, cabling plant, and workstations
What is a Environmental Threat?
11.2.1.2
Temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
What is a Electrical threats Threat?
11.2.1.2
Voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
What is a Maintenance Threat?
11.2.1.2
Poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
What are Network Security Factors?
11.2.1.3
vulnerability
threat
attack.
What are 3 types of attacks?
11.2.2.1
viruses
Trojan horses
worms.
What are 3 stages of anatomy of a worm attack
11.2.2.1
The enabling vulnerability
Propagation mechanism
Payload
What are 3 types of malicious code attacks
11.2.2.2
Reconnaissance attacks
Access attacks
Denial of service
What is a Reconnaissance attacks
11.2.2.2
The unauthorized discovery and mapping of systems, services, or vulnerabilities
What is an Access attacks
11.2.2.2
The unauthorized manipulation of data, system access, or user privileges
What is an Denial of service
11.2.2.2
The disabling or corruption of networks, systems, or services
What are the 4 steps to mitigate a worm attack (must be in correct order)
11.2.3.1
Containment
Inoculation
Quarantine
Treatment
What is Containment in a worm attack
11.2.3.1
Contain the spread of the worm within the network. Compartmentalize uninfected parts of the network.
What is Inoculation in a worm attack
11.2.3.1
Start patching all systems and, if possible, scanning for vulnerable systems.
What is Quarantine in a worm attack
11.2.3.1
Track down each infected machine inside the network. Disconnect, remove, or block infected machines from the network.
What is Treatment in a worm attack
11.2.3.1
Clean and patch each infected system. Some worms may require complete core system reinstallations to clean the system.
What is the most effective way to mitigate a worm attack?
11.2.3.1
download security updates from the operating system vendor
What is AAA stand for?
11.2.3.2
Authentication, Authorization, and Accounting
What are the 2 most popular option for external authentication?
11.2.3.2
RADIUS and TACACS+
What does RADIUS do?
11.2.3.2
Is an open standard with low use of CPU resources and memory. It is used by a range of network devices, such as switches, routers, and wireless devices.
What does TACACS+ do?
11.2.3.2
Is a security mechanism that enables modular authentication, authorization, and accounting services. It uses a TACACS+ daemon running on a security server.
What are 4 firewall techniques?
11.2.3.3
Packet Filtering
Application filtering
URL filtering
Stateful packet inspection (SPI)
What are 4 types of firewalls?
11.2.3.3
Appliance-based firewalls
Server-based firewalls
Integrated firewalls
Personal firewalls
What is a Appliance-based firewall?
11.2.3.3.
An appliance-based firewall is a firewall that is built-in to a dedicated hardware device known as a security appliance.
What is a Server-based firewall?
11.2.3.3
A server-based firewall consists of a firewall application that runs on a network operating system (NOS) such as UNIX or Windows.
What is a Integrated firewall?
11.2.3.3
An integrated firewall is implemented by adding firewall functionality to an existing device, such as a router.
What is a personal firewall?
11.2.3.3
Personal firewalls reside on host computers and are not designed for LAN implementations. They may be available by default from the OS or may come from an outside vendor.
What is the recommended length for a password?
11.2.4.2
At least 8 characters, preferably 10 or more characters
What is the command line on a switch or router to enable password length and lockout attempts
11.2.4.3
router (config)# service password-encryption
router (config)# security password min-length 8
router (config)# login block-for 120 attempts 2 within 60
What is the command line to “time out” a terminal connection after 10min?
11.2.4.3
router (config)#line vty 0 4
router (config-vty)#exec-timeout 10
router (config-vty)#end
In the ping command what does the ! (exclamation mark) indicate?
11.3.1.1
Indicates receipt of an ICMP echo reply message
In the ping command what does the . (period) indicate?
11.3.1.1
indicates a time expired while waiting for an ICMP echo reply message
In the ping command what does the U indicate?
11.3.1.1
an ICMP unreachable message was received
What are the 5 CDP neighbors information display?
11.3.4.3
Device identifiers Address list Port identifier Capabilities list Platform
What is the command to verify router interface?
11.3.4.4
show ip interface brief
What is the command to view the file system on a switch?
11.4.1.2
show file systems
What does TFTP stand for?
11.4.2.2
Trivial File Transfer Protocol