Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

G53SEC > Lecture 11 - Network Security > Flashcards

Lecture 11 - Network Security Flashcards

1
Q

Two Threat Models

A

Passive Attack (Observing)

  • Eavesdropping/Sniffing
  • Traffic Analysis

Active Attack (Actually Attacking)

  • Spoofing attack
  • Squatting attack
  • Phishing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network Attack Example

A

Denial of Service by TCP Syn Flooding

  • Initiate a genuine connection but then immediately break it.
  • Never finish the 3-way request
  • Victim busy with timeout.
  • Amplify with botnets
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Open Systems Interconnection (OSI)

A

Framework for layering network protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TCP/IP

A 
Simplifies TCP/IP
Application Layer
Transport
Internet
Network Access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IP Security

A

IP is connectionless and stateless.
Security mechanism
- IP authentication header (AH)
- IP encapsulation security payload.(EPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Encapsulation Security Payload (ESP)

A

additional header within the IP packet that describes what encryption and authentication is in use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Security Parameter Index

A

a number, stores security parameter.

Uses DH KEX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Transport and Tunnel Mode

A

Transport Mode

  • Simply encrypt packets
  • Prevent content to be read but not traffic analysis

Tunnel Mode

  • Protect some segment of a channel with encryption
  • Prevent Traffic Analysis and manipulation of payload
  • Eg. VPN
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ARP

A
  • Protocol used in iPv4 to obtain physical MAC address for given IPs
  • To construct IP & TCP packets for communication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ARP cache Poisoning

A
  • Man-in-middle attack
  • By sending an requested ARP reply and overwrite the MAC address in a host ARP cache with our own.
    Prevent by:
    -Ignore unsolicited ARP request
    -Keep track who has what IP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DNS

A
  • Translate domain names into IP address.
  • Caches the new website.
  • DNS packets are UDP. Stateless, on transport layer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS Spoofing

A
  • Poison the cache of a nameserver people are using.
  • Replace a website lookup with our IP, the Phish.
  • Achieve through prior ARP cache poisoning, reply flod or kaminsky attack.

Protection

  • random query number protect spoof replies
  • DNSSEC certificate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Denial of Service

A
  • attempt to make a machine/network resource unavailable to its intended users.
  • Flooding a machine with request. eg ping flood.
  • Distributed Dos using more than one machine.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Amplification attacks

A

utilise an aspect of a network protocol to increase the bandwith of an attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Smurf Attack

A

broadcast an ICMP Ping request to a router but with a spoofed IP belonging to the victim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Fraggle Attack

A

Identical to smurf but using UDP echo packets

G53SEC (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions