Lecture 8 Flashcards
1
Q
To ensure proper network security, you need to identify:
A
- Unobtrusive as possible (not aggressively asking you to re log in?)
- What must be protected
- From whom – threats within or outside the organization
- Cost of security breached – who does it affect, what is the impact of data being lost or stolen
- How likely is the treat going to happen – high profile business or threats from competition.
- Natural disasters / force majeure
- Lock down vs flexibility – overbearing security
2
Q
Physical Access security precautions
A
- Rooms that house servers should be locked and inaccessible to unauthorized persons.
- Such rooms should have key locks, coded locks or key cards and connected to a system that logs entry and exit.
- Wires from/to workstations and servers or active devices should be inaccessible to eavesdropping equipment. The use of cable raceways or other channeling devices should be encouraged.
- Server rooms should be well cooled and have redundant source of power.
- Where possible remove keyboards, mice, and screens/monitors from server rooms. Instead use remote access or KVM switches.
- Disable ports on devices, e.g., USB ports or CD/DVD drives
- Similar processes should be applied for active devices.
3
Q
Protecting Wireless Network
A
- Wireless Encryption: Prevents attackers who intercept wireless packets from interpreting the data.
4
Q
WPA2 (choose this one)
A
WiFi Protected Access 2 (WPA2) –
* most used standard
* Uses AES (Advanced Encryption Standard) algorithm
* Uses passphrase – password with no spaces.
5
Q
WPA3
A
- WiFi Protected Access 3 (WPA3) –
- improvement on WPA2.
- Uses 192-bit encryption
- Not yet widely used but backward compatible with WPA2
6
Q
WEP
A
- Wired Equivalent Privacy (WEP)
- Basic data encryption
- Discouraged because it is fairly easy to crack * Used on older devices
7
Q
MAC address filtering
A
- Only allow certain devices based on MAC address to be given an ip
- Best suited for small networks with fixed number of devices
- Not suitable for dynamic environment
8
Q
SSID
A
- Service Set Identifier (SSID) –
- Label for identifying an AP
- SSID should not be broadcasted, though not foolproof against experienced hackers
9
Q
Intrusion Detection Systems
A
- Monitor network traffic for malicious packets or patterns.
- They are passive, i.e., monitor only (and maybe raise alarm) but do not
filter/block.
10
Q
Intrusion Prevention Systems
A
- Unlike IDS, IPS take actions to filter or block malicious traffic.
- Disabling the port / link
- Dynamically setting rules to block traffic flow.
11
Q
Network Data
A
- Authentication and Authorization
- Encryption – making data unusable to unauthorized personnel.
- Use of special devices such as firewalls, intrusion detection and prevention systems, and content filters.
- Malware protection, e.g., Antivirus
- Wireless security: protection of wireless networks – range limiting, hidden SSID, strong passwords etc.
12
Q
Multi-factor authentication
A
- What the user knows – username + password
- What the user has or possesses – key card
- Who the user is – biometric: fingerprint, eye scans etc.
13
Q
Passwords should be
A
- Complex – mix of characters: alphanumeric, special symbols.
- Minimum character count
- Password aging – length of time before password must be changed
- Enforce password history – can’t use old / previous password
- Lock out after X attempts
14
Q
VPN
A
- Tunnelled connection between sites
- Allows multiple sites maintain secure connection via the Intern
et, instead of through dedicated WAN links. - Cost saving using the Internet instead of WAN
15
Q
Restricted Log in time and locations
A
- Authorize file and folder access, especially for shared resources.
- Read only
- Read + Write
- Delete + Change
- Full
