Configure appropriate security settings on small office/home office (SOHO) wireless and wired networks Flashcards
CompTIA A+ 220-1102 Exam Criteria
Where can I find the Home Router Settings?
Home routers are usually supplied by an Internet Service Provider (ISP) and allow you to connect your system in the home network to the Internet. The different settings that can be configured to improve security are discussed below.
Why do we needs to change the default passwords?
Usernames and passwords are two of the most commonly used methods for protecting our networks, computers, and data. Our equipment comes with default usernames and passwords from the manufacturer. As a best practice for security, these should be changed and should be done during the initial configuration. This is necessary because those usernames and passwords are typically easy to guess and remember. Default router passwords are written in manuals and are available online, so if you’re having trouble configuring your router, check the product manual for the default password.
Where can I change the default password?
The following is a general description of how to change the password on your router. This will change the password to access the router and make configurations. Because routers are manufacturer-created and not standardized, each one will have a slightly different setup.
Enter your router’s IP address into your favorite web browser. This is also known as the default gateway and can be located in the command line by typing ipconfig.
Log in with the default username and password.
Go to the settings or security tab.
Select Change Router Password or a similar option.
Enter the new password.
Save the new settings.
Why do we need to change a PSK ?
Another default password that should be changed is the pre-shared key that connects to the wireless access point and provides Wi-Fi access to devices. Similar to router configuration passwords, these passwords are simple to guess and easy to find. The password is frequently found on the bottom of the device itself. The following is a general description of how to change the password for your pre-shared key. Because routers are manufacturer-created and not standardized, each one will have a slightly different setup.
Where can I change the PSK default password?
Enter your router’s IP address into your favorite web browser. This is also known as the default gateway and can be located in the command line by typing ipconfig.
Log in with the default username and password unless you have changed it
Click the wireless tab.
In the name or SSID box, change the name of the network to the desired name.
Choose the highest security level possible. It should be WPA2-PSK (AES)
Enter a new passphrase into the text box.
Click Save.
Why do we need to use IP Filtering?
IP filtering, in conjunction with network address translation (NAT), can help protect your PC and network from malicious actors. Filtering IP addresses allows users to control what traffic enters and exits the network. Rules are created, and packets entering and leaving the network are inspected to ensure that they comply with the rules specified.
Filtering addresses helps to reserve our private address space as well. You can use NAT to conceal your unregistered private IP addresses behind a set of registered IP addresses. This aids in the protection of your internal network from outside networks.
What are the some of the common IP filtering techniques?
Route Filtering - This process helps filter out undesirable routes. Filters can be applied at the routers either before or after the routes are announced. In some cases, routers do not have enough main memory to store the entire global Border Gateway Protocol table. There is only so much space to store, and the local database is limited in size. Applying filters helps conserve memory. This practice is not recommended because it can result in suboptimal routing or even communication failures with small networks, as well as disrupt the normal flow of traffic.
Firewall Filtering - A firewall is a device or software application that allows or denies network transmissions based on a set of rules. Its purpose is to protect networks from unauthorized access while allowing legitimate traffic to pass through an access control list. Many routers that transfer data between networks include firewall components, and many firewalls can also perform basic routing functions.
Email Filtering - Email filters work by, among other things, matching a regular expression, a keyword, or the sender’s email address. More advanced solutions use IP blacklists, techniques for classifying documents, and complex image analysis algorithms to prevent messages from reaching protected mailboxes. Clean messages are delivered to the user’s mailbox, while tainted messages are routed to a quarantine application for review or even ignored. Email filtering can be very useful within an organization but can become a problem when an IP is improperly blacklisted.
What are the disadvantages of IP filtering?
Disadvantages of IP Filtering:
Malicious traffic is frequently routed through Botnets, allowing it to bypass the filter.
It can be easily circumvented by using IP spoofing, VPNs, or proxies.
When using NAT, IP addresses are frequently shared by multiple users.
Maintaining the Blacklist can become a tedious task.
What are the benefits of firmware updates?
Firmware Updates
Firmware is software that is embedded in hardware. Simply put, it is “software for hardware.” However, because software differs from firmware, the two terms should not be used interchangeably. Devices that you might consider to be strictly hardware, such as an optical drive, network card, programmable switches, and routers, all have software programmed into a special chip contained within the hardware itself. This tells the piece of hardware how to act and what to do. Firmware updates are released by equipment manufacturers to improve performance or add new features to their devices. You can get these updates by going to the manufacturer’s website.
Below are the common steps to updating your home router’s firmware:
Connect the router to your PC. You will need an Ethernet cable.
Open your browser, navigate to the manufacturer’s website, and locate the firmware update. Download it.
Files will usually be zipped. Unzip them.
Enter your router’s IP address into your web browser.
Log in with the default username and password unless you have changed it.
On the home page, select the downloaded firmware to update your router.
Select the firmware file previously downloaded and uploaded.
Reboot your router to finish the upgrade.
What is Content Filtering?
There are numerous reasons why users choose to restrict access to certain content, including online gambling, social networking sites, dating sites, intellectual property, child safety, and national security. Content filtering is not just enabled at the end user’s terminal, it is done throughout the data movement process. There are national mandates that are in place banning traffic and content from other specified countries.
ISP carriers may install blocking tools and filters to control traffic on the network. At the local network level, end users’ terminals are required to meet specifications in the network security policy. Enterprise environments will typically have a well-designed content filtering program, whereas SOHO environments will not.
Whare are the consideration of content filtering?
Who will be subject to the filtering?
How well defined will the policy be?
How will this affect the end-user, and what are the possible negative outcomes?
What are the common type of Content Filtering?
IP & Protocol Based Blocking - IP-based blocking entails installing network barriers such as firewalls that block all traffic to a specific set of IP addresses. Protocol-based blocking employs other low-level network identifiers, such as a TCP/IP port number that can identify a specific application on a server or a type of application protocol. These fundamental approaches to content blocking do not block content directly; rather, they block traffic to known IP addresses, TCP/IP ports, or protocols associated with some content or an application. IP and protocol-based blocking can also be performed on user computers by software, typically for network security reasons.
Firewall & Deep Packet Inspection (DPI) - Devices that sit between the end-user and the rest of the Internet and filter based on specific content, patterns, or application types are used. Because all content must be evaluated against a pre-defined set of rules, this type of network blocking is computationally intensive and thus considered expensive. DPI blocking can also be done by software on user computers, typically for network security reasons. DPI blocking requires some type of signature or information about the content to be effective. Keywords, traffic characteristics such as packet sizes or transmission rates, filenames, or other content-specific information may be included. DPI blocking is a powerful tool for blocking or throttling specific applications, such as peer-to-peer file-sharing or Voice over IP (VoIP) traffic and data file types.
URL Blocking - URL-based blocking is a popular blocking method that can occur on a single computer or in a network device that connects the computer to the rest of the Internet. URL blocking only works with web-based applications and is not intended to be used to block non-web applications. A URL blocking filter intercepts the flow of web traffic and compares the URL in the HTTP request to a local database or online service. The URL filter will allow or deny the requested connection to the webserver based on the response.
Platform Blocking - The most common type of platform blocking is search engine blocking. This technique is frequently considered for other platforms with user communities like entertainment or social media sites. It is extremely difficult to use network-based or URL-based techniques to block individual content elements, such as a specific news article. Access to the entire site would have to be blocked in order to block the content.
DNS-Based Content Blocking - DNS-based content blocking examines and controls DNS queries. A specialized DNS resolver performs two functions in DNS-based content blocking: in addition to performing DNS lookups, the resolver checks names against a block list. When a user’s computer attempts to use a blocked name, the special server returns erroneous information, such as the IP address of a server displaying a notice that the content has been blocked. As a result, the user can’t easily access the content.
Why is Physical Placement important in securing your SOHO network?
A SOHO router is designed and marketed specifically for small and home offices. It can handle more traffic because of enhanced equipment. A SOHO network can consist of both wired and wireless computers. Because these networks are also intended for business use, they may include printers as well as voice over IP (VoIP) and fax over IP technology. Where the router/access point is setup in a SOHO environment can play a big part in its ability to function at the highest level with wireless clients.
What are some suggestions you can apply in terms of Physical placement of a router?
Place the router/access point as close to the center of the environment as possible. Signal strength radiating from your wireless access point degrades the further out it goes. If placed in the center of the environment, the coverage space can be maximized.
Place the router/access point as high as possible so the signal radiates evenly and disperses throughout the SOHO environment.
Use additional access points or a repeater to extend the signal. If areas of the SOHO environment are getting signals, additional access points can be added, or repeaters can be used to extend the signal from the original router/access point.
Minimize the number of walls that can interfere with the signal. The wavelengths can have trouble penetrating through walls, especially in the 5GHZ range.
Do not place them inside cabinets. This degrades the signal because it bounces around in the cabinet.
Electronic and common household devices can be working on the same frequencies that our traffic is being carried and can create interference. Microwaves and remote controls are known for working within the 2.4 GHz range.
Disable the WPS button. This feature allows users to enter the network without having to enter the credentials. On the router, a button is pressed that broadcasts out a signal, which is then used to connect to the network. This is very problematic, and thus the WPS button should be disabled for best security practices.
What are the security concerns for small business in regards to a SOHO network?
There are some security concerns inherent within a SOHO network. Small businesses, unlike larger corporations, typically cannot afford to hire a professional staff to manage their networks. Because of their financial and community standing, small businesses are more likely to be targets of security attacks than households.
It can be difficult to know how much to invest in network infrastructure to meet a company’s future needs as it grows. Overinvesting too soon wastes money, while underinvesting can have a negative impact on business productivity. Monitoring network load and the responsiveness of the company’s top business applications can aid in the identification of bottlenecks before they become critical.
Why do we utilize DHCP Reservations?
In SOHO and enterprise environments, you are likely to be using a dynamic host configuration protocol to manage the IP space. DHCP is responsible for distributing IP addresses to the network. In a SOHO environment, this is likely built into the capability of the router. In an enterprise environment, this is likely to be a function of a server. DHCP will automatically distribute an IP address to a machine entering the network.
Would we want devices to have the same IP address all the time? The answer is yes. Some devices like printers and servers should be statically set in the network because they provide services and should be easily found. In order to set a device statically and ensure that DHCP is not going to give it to another machine, a DHCP reservation needs to be set.
