Lecture 2 - Network Security

Question 1

Basic Network Definition

Answer 1

Set of devices connected together.

Question 2

Four points of network security

Hint: SAMS

Answer 2

Scalability (grow in users)
Availability (continuous)
Manageability (Staff able to manage)
Security (Not after thought)

Question 3

Seven Domains of IT infra

Answer 3

• User
• Workstation
• LAN
• LAN to WAN
• WAN
• Remote Access
• System/App

Question 4

User domain

Answer 4

Any individual associated with the org, with or without logins.

Question 5

User Domain Threats

Answer 5

Social engineering/phishing

Question 6

Workstation domain

Answer 6

Workstations/standalone systems and home computers.

Question 7

Workstation domain threats

Answer 7

Malware, port scanning, default pass, unpatched OS

Question 8

LAN Domain

Answer 8

Hosts on private LANs

Question 9

LAN to WAN Domain

Answer 9

Routers/firewalls at LAN/WAN connection point

Question 10

2 LAN to WAN Domain threats

Answer 10

Port scanning
DOS

Question 11

LAN to WAN Domain vulnerabilities

Answer 11

Weak permeter security, default config, misconfig

Question 12

LAN to WAN domain risks

Answer 12

Instability and malicious traffic

Question 13

Remote Access Domain

Answer 13

Org resources via remote access

Question 14

Remote Access Domain Threats

Answer 14

Malware, rogue access point

Question 15

Remote Access Domain vulnerabilities

Answer 15

Unencrypted wireless, weak security controls

Question 16

Remote Access Domain Risks

Answer 16

Compromise of remote sys results in org compromise

Question 17

WAN Domain

Answer 17

Routers, switches and firewalls that ensure connectivity between LANs

Question 18

WAN Domain Threats (2 things)

Answer 18

Eavesdropping, Unpredictable availability

Question 19

WAN domain Vulnerability

Answer 19

DNS Poisoning

Question 20

WAN Domain Risks

Answer 20

Attacks on DNS root, clear text traffic intercepted, disaster

Question 21

Sys/ App Domain

Answer 21

Servers, apps, databases etc

Question 22

Sys/App domain Threats

Answer 22

SQL injection, XSS, DoS

Question 23

Sys/App domain vulnerabilities

Answer 23

Unpatched OS, misconfig, insecure code

Question 24

Sys/App Domain Risks

Answer 24

Instability, Data loss, loss of function

Question 25

Network Analysis Steps

Answer 25

1. Create network baseline using Nmap/Zenmap
2. Capture data at specific points on net
3. Analyse captured data
4. Investigate/resolve, update baseline,

Question 26

Security Controls 3 sections

Answer 26

Physical
Procedural
Technical

Question 27

Physical Controls

Answer 27

• Door locks, guards etc
• Fire detection and suppression, other environmental
• Electrical grounding etc

Question 28

Procedural Controls

Answer 28

• Policies/procedures
• Insurance
• Background and financial checks
• Data loss prevention
• Awareness training

Question 29

Technical Controls

Answer 29

• Login ID
• TImeouts
• Logs and audit trails
• Firewalls and routers
• Encryption/Public Key Infrastructure