Harding the Network Flashcards
What is secure SNMP?
Secure SNMP: Using SNMPv3 for secure management of network devices.
What is Router Advertisement (RA) Guard?
Router Advertisement (RA) Guard: Protects against rogue RA messages in IPv6 networks.
What is port security?
Port security: Limits the devices that can connect to a network switch port.
What is dynamic ARP inspection?
Dynamic ARP inspection: Prevents ARP spoofing attacks by validating ARP packets.
What is control plane policing?
Control plane policing: Limits traffic to the control plane to protect router resources.
What are private VLANs?
Private VLANs: Isolate devices within the same VLAN for security.
Why should unneeded switchports be disabled?
Disable unneeded switchports: Reduces attack surface by deactivating unused ports.
Why should unneeded network services be disabled?
Disable unneeded network services: Minimizes vulnerabilities by turning off unused services.
Why should default passwords be changed?
Change default passwords: Prevents unauthorized access using well-known default credentials.
Why is password complexity/length important?
Password complexity/length: Increases security by making passwords harder to guess.
What is DHCP snooping?
DHCP snooping: Prevents rogue DHCP servers by monitoring DHCP traffic.
Why should the default VLAN be changed?
Change default VLAN: Reduces risk of VLAN hopping attacks.
What is patch and firmware management?
Patch and firmware management: Keeps devices secure with the latest updates and fixes.
What is an access control list (ACL)?
Access control list (ACL): Controls network traffic flow based on rules.
What is role-based access?
Role-based access: Limits access based on user roles to enhance security.
What are firewall rules?
Firewall rules: Define what traffic is allowed or blocked in a network.
What is explicit deny?
Explicit deny: Clearly specifies what traffic is not allowed.
What is implicit deny?
Implicit deny: Blocks all traffic by default unless explicitly allowed.
What is MAC filtering?
MAC filtering: Restricts network access to specific devices based on their MAC address.
Why is antenna placement important in wireless security?
Antenna placement: Optimizes wireless coverage and reduces interference.
Why are power levels important in wireless security?
Power levels: Adjusts signal strength to limit wireless coverage to the desired area.
What is wireless client isolation?
Wireless client isolation: Prevents wireless clients from communicating with each other.
What is guest network isolation?
Guest network isolation: Segregates guest network traffic from the main network.
What are preshared keys (PSKs)?
Preshared keys (PSKs): Shared passwords for securing wireless networks.
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP): A framework for various authentication methods.
What is geofencing?
Geofencing: Restricts network access based on geographic location.
What is a captive portal?
Captive portal: A web page that users must interact with before accessing a network.
What are IoT access considerations?
IoT access considerations: Implementing security measures specific to Internet of Things devices.
