Chapter 12- Secure Communications and Network Attacks

Question 1

1. List some protocols that provide security services for application specific communications i.e. secure communications protocols: Internet Protocol Security (IPSec)

Answer 1

• Kerberos
• Secure Shell
• Signal Protocol
• Secure Remote Procedure Call (S-RPC)
• Secure Socket Layer (SSL)
• Transport Layer Security (TLS)

Question 2

2. Describe IPSec:

Answer 2

Internet Protocol Security (IPSec) uses public key cryptography to provide encryption, access control, non-repudiation and message authentication all using IP based protocols.

Question 3

3. Describe Kerberos:

Answer 3

Kerberos offers a single sign on solution for users and provides protection for log on credentials.

Question 4

4. What is Secure Remote Procedure Call (S-RPC)?

Answer 4

Secure Remote Procedure Call (S-RPC) is an authentication service and is simply a means to prevent unauthorised execution of code on remote systems.

Question 5

5. What is Secure Socket Layer (SSL)?

Answer 5

Secure Socket Layer (SSL) is an encryption protocol to protect communications between web server and web browser.
• SSL can be used to secure web, email, File Transfer Protocol (FTP) or even Telnet

Question 6

6. What is Transport Layer Security (TLS)?

Answer 6

Transport Layer Security uses stronger authentication and encryption protocols.

Question 7

7. Similarities of TSL and SSL: both secure client server communications across insecure network

Answer 7

• Support one way authentication
• Support 2way authentication using digital certificates
• Implemented at the initial payload of a TCP package, alloing it to encapsulate higher payloads
• Can be implemented at lower levels (e.g. layer 3) i.e. open VPN

Question 8

8. Advantages of TLS:

Answer 8

it can be used to encrypt User Datagram Protocol (UDP) and Session Initiation Protocol (SIP)

Question 9

9. List some authentication protocols:

Answer 9

CHAP, PAP, EAP

Question 10

10. Explain Challenge Handshake Authentication Protocol (CHAP):

Answer 10

Challenge Handhsake Authentication Protocol (CHAP) is on of the protocols uses over Point-to-Point Protocol (PPP)
• Encrypts user names and passwords
• This activity is transparent to the user.

Question 11

11. What is Point-to-Point Protocol?

Answer 11

Point-to-Point Protocol is a data link 2 communication protocol between 2 routers directly without any host or any other networking in between.

Question 12

12. What is Password Authentication Protocol (PAP)?

Answer 12

Password Authentication Protocol (PAP) is a standardised authentication protocol for PPP. PAP offers no encryption.

Question 13

13. What is Extensible Authentication Protocol?

Answer 13

Extensible Authentication Protocol (EAP) is a framework for authentication rather thana protocol. It allows customised authentication security solutions e.g. tokens, biometrics etc.

Question 14

14. PBX means

Answer 14

Private Branch Exchange

Question 15

15. PSTN means

Answer 15

Public Switched Telephone Network (PSTN)

Question 16

16. Vulnerabilities of Public Branch Exchange (PBX) and Public Switched Telephone Network (PSTN) are voice communications are vulnerable to

Answer 16

interception, eavesdropping, tapping etc.

Question 17

17. Phreakers are:

Answer 17

Phreakers are malicious attackers that abuse phone systems. Phreakers may be able to gain unauthorized access to personal voice mailboxes, redirect messages, block access, and redirect inbound and outbound calls.

Question 18

18. What is Instant Messaging (IM)?

Answer 18

Instant Messaging (IM) is a mechanism that allows for real time text based chat between 2 users located anywhere on the internet. E.g. Facebook, Skype, Google hangouts etc.

Question 19

19. Use of Simple Mail Transfer Protocol (SMTP) are:

Answer 19

Simple Mail Transfer Protocol (SMTP) are used to accept messages from clients, transport those messages to servers and deposit them into user’s server based inbox transfer.
• Sender Policy Framework can be used to configure SMTP servers to protect against Spam and email spoofing

Question 20

20. _________ is the most common SMTP server for Unix systems, and ________ is the most common SMTP server for Microsoft systems.:

Answer 20

Sendmail, Exchange

Question 21

21. List some email security solutions:

Answer 21

Secure Multipurpose Internet Mail Extensions (S/MIME).

Question 22

22. Describe Secure Multipurpose Internet Mail extension (S/MIME) messages:

Answer 22

: S/MIME Signed messages: provides integrity, sender authentication and nonrepudiation.
• An enveloped message provides integrity, sender authentication and confidentiality.

Question 23

24. MOSS means

Answer 23

MIME Object Security Services (MOSS)
• *MIME means Multipurpose Internet Mail Extensions
• MOSS used RC4, MD2, MD 5, RSA and DES

Question 24

25. MIME Object Security Services (MOSS) can provide ____,____,____and ____ for email messages.

Answer 24

authentication, confidentiality, integrity, and nonrepudiation

Question 25

23. Explain Simple Multipurpose Internet Mail Extensions S/MIME) messages:

Answer 25

S/MIME Signed messages: provides integrity, sender authentication and nonrepudiation.
• An enveloped message provides integrity, sender authentication and confidentiality.

Question 26

26. What is Privacy Enhanced Mail (PEM)?

Answer 26

Privacy Enhanced Mail is an email encryption mechanism that provides authentication, integrity, confidentiality and non-repudiation.
PEM uses X.509, RSA, DES

Question 27

27. What is Pretty Good Privacy (PGP)

Answer 27

Pretty Good Privacy (PGP) is a public-private key system that uses a variety of encryption algorithms to encrypt files and email messages. It uses RSA, IDEA

Question 28

28. List 2 types of dial up protocols:

Answer 28

Point to Point Protocol (PPP) and Serial Line Internet Protocol (SLIP)

Question 29

29. List 2 Centralised Remote Authentication Services:

Answer 29

Remote Authentication Dial In User Service (RADIUS)

Terminal Access Controller Access Control System (TACACS+)

Question 30

30. What is VPN?

Answer 30

A virtual private network (VPN) is a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an intermediary untrusted network.

Question 31

31. What is tunnelling?

Answer 31

Tunnelling is the network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol.

Question 32

32. Disadvantages of tunnelling are?

Answer 32

Tunnelling creates larger packets

• Is a point to point communication and is not designed to handle broadcast traffic.

Question 33

35. Point to Point Tunnelling Protocol is supported by?

Answer 33

• Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
• Challenge Handshake Authentication Protocol (CHAP)
• Password Authentication Protocol (PAP)
• Extensible Authentication Protocol (EAP)
• Shiva Password Authentication Protocol (SPAP)
The initial tunnel negotiation process used by PPTP is not encrypted.

Question 34

33. List some common VPN protocols:

Answer 34

: L2TP, PPP, L2F, IPsec

Question 35

34. What is Point to Point Tunnelling Protocol (PPTP)?

Answer 35

Point to Point Tunnelling Protocol (PPTP) is an encapsulation protocol developed from the dial up Point to Point Protocol. It operates at Data Layer (Layer 2)

Question 36

36. What is L2F?

Answer 36

Layer 2 Forwarding (L2F) is a mutual authentication tunnelling mechanism. It does not offer encryption

Question 37

37. What is Layer 2 Tunnelling Protocol (L2TP):

Answer 37

Layer 2 Tunnelling Protocol is derived from PPTP AND L2F. It lacks built in encryption but relies on IPsec as its security mechanism. It also supports RADIUS and TACACS+

Question 38

38. Describe IPsec Protocol

Answer 38

Is both a standalone VPN and part of the L2TP security mechanism. It has security elements of IPv6 crafted into an add on package for IPv4. It has 2 primary components:
• Authentication Header provides authentication, integrity and non-repudiation
• Encapsulating payload provides for encryption to protect the confidentiality of transmitted data, but it also provides limited authentication. It operates at Network Layer (Layer 3)
• It can be used in transport mode or tunnel mode.
• In transport mode, the IP packet data is encrypted but the header of the packet is not
• In tunnel mode, the entire IP packet is encrypted, and a new header is added to the packet to govern transmission through the tunnel.

Question 39

39. What is Virtual LAN?

Answer 39

A Virtual Local Area Network (VLAN) is a hardware imposed network segmentation created by switches.
• VLANs can also be assigned or created based on device MAC address, mirroring the IP subnetting, around specified protocols, or based on authentication.
• VLANs let you control and restrict broadcast traffic and reduce a network’s vulnerability to sniffers because a switch treats each VLAN as a separate network division
• VLANs operate at layer 2
• VLANs work like subnets, but keep in mind that they are not actual subnets. VLANs are created by switches at layer 2. Subnets are created by IP address and subnet mask assignments at layer 3.

Question 40

40. What is virtualisation?

Answer 40

Virtualisation is the technology that is used to host one or more operating systems within the memory of a single host computer. E.g. VMware, Hyper-V etc

Question 41

41. Advantages of virtualisation:

Answer 41

real time scalability, easier and faster backups, malicious code compromise hardly affect host OS, allows safe testing and experimentation

Question 42

42. What is VM escaping?

Answer 42

VM escaping occurs when software within a guest OS is able to breach isolation protection provided by the hypervisor in order to violate the container of other OSs

Question 43

43. How to control VM escaping:

Answer 43

keep highly sensitive systems and data on a separate physical machine, regularly patch hypervisor software, monitor attack and exposure.

Question 44

44. What is virtual application?

Answer 44

Virtual application is a software product deployed in such a way that is fooled to believing that it is interacting with a full host OS.

Question 45

45. Virtual desktop refer to:

Answer 45

Virtual desktop refers to remote access tool that grants the user access to a distant computer.
• Extension of virtual application concept encapsulating multiple applications and some form of portability or cross OS function
• Extended desktop larger than display that allows user to employ multiple application layouts.

Question 46

46. What is network virtualisation

Answer 46

A virtualized network or network virtualization is the combination of hardware and software networking components into a single integrated entity.

Question 47

47. What is Network Address Translation (NAT)?

Answer 47

The goals of hiding the identity of internal clients, masking the design of your private network, and keeping public IP address leasing costs to a minimum.
• NAT is a mechanism for converting the internal IP addresses found in packet headers into public IP addresses for transmission over the internet.

Question 48

48. What is stateful NAT?

Answer 48

Network Address Translation (NAT) operates by maintaining mapping requests made by internal clients.
• A client’s internal IP address
• And the IP address of the internet service contacted
• Mapping address of the internal service contacted.

Question 49

49. What is PAT?

Answer 49

Port Address Translation (PAT) is the multiplexing form of NAT. NAT is also known as NAT overloading.

Question 50

50. Explain the 2 modes of Network Address Translation:

Answer 50

Network Address Translation occurs as: static NAT or Dynamic NAT
Static NAT: this occurs when a specific internal client’s IP address is assigned a permanent mapping to a specific external public IP address
Dynamic NAT: uses to grant multiple internal clients access to a few leased public IP addresses.

Question 51

51. Is NAT directly compatible with IPsec?

Answer 51

Network Address Translation (NAT) is not directly compatible with IPsec because it modifies packet headers, which IPsec relies on to prevent security violations. NAT transversal (RFC 3947) was designed to support IPsec VPNs.

Question 52

52. What is Automatic Private IP Addressing?

Answer 52

Automatic Private IP Addressing (APIPA) aka local link local address assignment assigns an IP address to a system in the event of Dynamic Host Configuration Protocol (DHCP) assignment failure.

Question 53

53. What is circuit switching?

Answer 53

Circuit switching involves a dedicated physical pathway created between 2 communicating parties.

Question 54

54. What is Packet switching:

Answer 54

Packet switching occurs when the message or communications is broken up into small segments and sent across intermediary networks to the destination.

Question 55

55. Difference between packet switching and circuit switching are:

Answer 55

Circuit Switching: Constant traffic. fixed known delays, connection oriented, sensitive to connection loss, used primarily for voice.

Packet Switching: Bursty traffic, variable delays, connectionless, sensitive to data loss, used for any type of traffic.

Question 56

57. What is Permanent Virtual Circuit (PVC)?

Answer 56

Permanent Virtual Circuit (PVC) is like a dedicated leased line, logical circuit always exists and is waiting for customer to send data.,

Question 57

58. What is Switched Virtual Circuit:

Answer 57

Switched Virtual Circuit is like a dial up connection because virtual circuit has to be created using the best paths currently available before it can be used and then disassembled after the transmission is complete.

Question 58

59. What are the 2 types of virtual circuit within a packet switching circuit:

Answer 58

Permanent Virtual Circuit (PVC) and Switched Virtual Circuit (SVC).

Question 59

60. Describe Wide Area Network (WAN)?

Answer 59

Wide Area Network (WAN) is used to connect distant network nodes and individual devices together.

Question 60

61. What is a dedicated line?

Answer 60

Dedicated Line is one that is hard to define and is continually reserved for use by a customer. A dedicated line is always on and waiting for traffic to be transmitted over it.

Question 61

62. What is a nondedicated line?

Answer 61

Nondedicated line requires connection to be established before data transmission can occur e.g. Digital Subscriber Line (DSL), standard modems and Integrated Services Digital Network (ISDN).

Question 62

63. What is Integrated Services Digital Network (ISDN)?

Answer 62

Integrated Services Digital Network is a fully digital telephone network that supports both voice and high speed data communications.

Question 63

64. What are the 2 standard types of ISDN?

Answer 63

Basic Rate Interface (BRI) and Primary Rate Interface (PRI)

Question 64

65. What is Basic Rate Interface?

Answer 64

Basic Rate Interface (BRI) offers customers a connection between 2 B channels and 1 D channel. B channels are used for data transmission. D channels are used for call management, establishment and deardown.

Question 65

66. What are Channel Service Unit?

Answer 65

Channel Service Unit convert LAN signals into format used by WAN carrier network and vice versa. It is also known as Data Service Unit (DSU).

Question 66

67. What is X.25 WAN?

Answer 66

X.25 WAN uses Permanent Virtual Switching (PVS) to establish specific point-to-point connections between two networks. It has low performance and throughput compared to Frame Relay.

Question 67

68. What are Frame Relay Connections?

Answer 67

Frame Relay is a layer 2 connection mechanism that uses packet switching technology to establish virtual circuits between communication endpoints.

Question 68

69. What is Committed Information Rate (CIR)?

Answer 68

Committed Information Rate (CIR) is the minimum bandwidth a service provider grants to its customers.
• It is significantly less than the actual maximum capability of the provider network.
• The service network provider may allow customers to exceed their CIR over short intervals when additional bandwidth is available.

Question 69

70. What is Asynchronous Transfer Mode (ATM)?

Answer 69

Asynchronous Transfer Mode it fragments communications into fixed length 53 byte cells. These fixed lengths allows ATM to be very efficient and offer high throughputs.
• ATMs can use either PVCs or SVCs

Question 70

71. What is Switched Multimegabit Data Service (SMDS):

Answer 70

this is a connectionless packet switching technology. SMDS is used to connect multiple LANs to form a Metropolitan Area Network (MAN)

Question 71

72. SDH means____ and SONET means :

Answer 71

SDH Synchronous Digital Hierarchy, SONET- Synchronous Optical Network.

Question 72

73. What are Synchronous Digital Hierarchy (SDH) and Synchronous Optical Network (SONET

Answer 72

Synchronous Digital Hierarchy (SDH) and Synchronous Optical Network (SONET) are hardware or physical layer standards defining infrastructure and line speed requirements.
• SDDH and SONET support both mesh and ring topologies

Question 73

74. List 3 Specialised Protocols:

Answer 73

Synchronous Data Link Control (SDLC), High-Level Data Link Control (HDLC) and HSSI

Question 74

75. What is Synchronous Data Link Control (SDLC)?

Answer 74

Synchronous Data Link Control is used on permanent physical connections of dedicated leased lines to provide connectivity for mainframes.
• Uses polling
• It operates in Data Layer (Layer 2)

Question 75

76. What is High-Level Data Link Control (HDLC)?

Answer 75

High- Level Data link control is a refined version of the Serial Level Data Link designed specifically for serial synchronous connections.
• It supports full duplex communications and supports both point to point and multipoint connections.
• Operates on OSI layer 2 (Data Link Layer)
• Offers flow control and includes error detection.

Question 76

77. What is transparency as a security control characteristic?

Answer 76

Transparency is a characteristic of a service, service control or access mechanism that ensures that is unseen by users.

Question 77

78. What do you do to verify the integrity of a transmission?

Answer 77

use a checksum or hash. The hash total obtained is added to the end of the message and is called the message digest.

Question 78

79. what is transmission logging?

Answer 78

transmission logging records the particulars about the source, destination and time stamps etc this information can be useful in troubleshooting problems and tracking down unauthorised communications.

Question 79

80. what is security boundary?

Answer 79

security boundary is the line of intersection between 2 areas, subnets or environments that have different security requirements or needs.

Question 80

81. what are logical security boundaries?

Answer 80

Logical security boundaries are the points where electronic communications interface with devices or services for which your organization is legally responsible.

Question 81

82. what is a security perimeter?

Answer 81

The security perimeter in the physical environment is often a reflection of the security perimeter of the logical environment.

Question 82

83. what is Denial of Service (DoS)?

Answer 82

Attacks on exploiting a vulnerability in the system.

Question 83

84. Explain the basic forms of Denial of Service (DoS):

Answer 83

Attacks on exploiting a vulnerability in the system.

Attacks that flood the victim’s communication pipeline with garbage network traffic

Question 84

85. What is Distributed Denial of Service (DDoS)?

Answer 84

Distributed Denial of Service attacks involves the deployment of remote control tools e.g. bots, zombies etc.

Question 85

86. What are botnets?

Answer 85

Botnets is a network of computers infected by malware that are under the control of a single attacking party. Botnets is the deployments of numerous bots or zombies across numerous unsuspecting victims.

Question 86

87. What is eavesdropping?

Answer 86

Eavesdropping is simply listening to communication traffic for the purpose of duplicating it. The duplication can take the form of recording data to a storage device or using an extraction program that dynamically attempts to extract the original content from the traffic stream. they are difficult to detect and are known as passive attacks.
• When eavesdropping or wiretapping is transformed into altering or injecting communications, the attack is considered an active attack.

Question 87

88. How to prevent eavesdropping?

Answer 87

physical access control to prevent unauthorised personnel from accessing out IT infrastructure.
• one time pads or tokens
• encryption e.g. IPsec, SSH

Question 88

89. What is impersonation or masquerading?

Answer 88

Impersonation or masquerading is the act of pretending to be someone or something you are not to gain unauthorized access to a system. e.g. authentication credentials may have been stolen

Question 89

90. How to prevent impersonation?

Answer 89

use onetime pads and token authentication systems
• use Kerberos
• use encryption

Question 90

91. What are replay attacks?

Answer 90

Replay Attacks attempt to re-establish a communication session by replaying captured traffic against a system.

Question 91

92. How to prevent replay attacks:

Answer 91

use onetime authentication mechanisms and sequenced session identification.

Question 92

93. What are modification attacks?

Answer 92

Modification attacks is a process where captured packets are altered and then played against a system. The modified packets are designed to bypass the restriction of improved authentication mechanisms and session sequencing.

Question 93

94. What are address resolution protocol spoofing?

Answer 93

Address Resolution Protocol (ARP) is used to discover the MAC address of a system by polling using its IP address. ARP attacks are often an element in man-in-the-middle attacks. Such attacks involve an intruder’s system spoofing its MAC address against the destination’s IP address into the source’s ARP cache.

Question 94

95. List 2 examples of resolution attacks:

Answer 94

Domain Name Systems (DNS) poisoning and DNS Spoofing

Question 95

96. What is Domain Name System poisoning?

Answer 95

Domain Name System poisoning occurs when an attacker alters the Domain name to IP address mapping in a DNS system to redirect traffic to a rogue system or simply perform a denial of service against the system.

Question 96

97. What is Domain Name System (DNS) Spoofing?

Answer 96

Domain Name System (DNS) Spoofing occurs when an attacker sends false replies to a requesting system, beating the real reply from a valid DNS server.
• This is also technically an exploitation of race conditions

Question 97

98. How to protect against DNS spoofing and poisoning?

Answer 97

allow only authorised changes to DNS.
• restrict zone transfers
• log all privileged DNS activity.

Question 98

99. How to prevent DNS Hijacking vulnerability:

Answer 98

upgrade DNS to Domain Name System Security Extensions (DNSSEC)

Question 99

100. What is Hyperlink Spoofing?

Answer 99

Hyperlink Spoofing is used to redirect traffic to a rogue or imposter system or to simply divert traffic away from the intended destination.
• It can take the form of DNS spoofing or simply divert traffic from its intended destination.
• Phishing is another attack that commonly involves hyperlink spoofing. The term means fishing for information. Phishing attacks can take many forms, including the use of false URLs.

Question 100

101. what is pretexting:

Answer 100

this is a social engineering technique that manipulates victims into divulging information. A pretext is a made-up scenario developed by threat actors for the purpose of stealing victim’s personal data. it is related to phishing.

Question 101

102. What is phishing?

Answer 101

Phishing involves impersonating a trusted entity in communications like emails or text messages in order to obtain sensitive information like payment card details and passwords.

Question 102

a

Answer 102

a

Question 103

a

Answer 103

a

Question 104

a

Answer 104

a

Question 105

a

Answer 105

a

Question 106

a

Answer 106

a

Question 107

a

Answer 107

a