Module 1: Introduction to Network Security

Question 1

What is a vulnerability?

Answer 1

Weakness in the network and/or its protocol.

Question 2

What is a threat?

Answer 2

A set of circumstances that has the potential to cause harm.

Question 3

What is intrusion?

Answer 3

Any act or event that compromises the information on a network.

Question 4

What is a breach?

Answer 4

Breakdown of security of the network

Question 5

What is an interruption intrusion and what is an example?

Answer 5

• Making access to a resource become unavailable

- Denial of service

Question 6

What is an interception intrusion and what is an example?

Answer 6

• Gaining unauthorized access to information
• Eaves dropping / sniffing
• Traffic analysis

Question 7

What is a modification intrusion and what is an example?

Answer 7

• Tampering with a resource or information and changing it.

- Man in the middle (MITM)

Question 8

What is a fabrication intrusion and what is an example?

Answer 8

• Insertion of counterfeit objects into a system

- Malware

Question 9

What is an invasion intrusion and what is an example?

Answer 9

• Taking control of a resource and steal information

- Session hijacking

Question 10

What is active eavesdropping?

Answer 10

Send data probes & collect info

Question 11

What is passive eavesdropping?

Answer 11

Silent eavesdropping - no probes

Question 12

What is a Level 0 intrusion?

Answer 12

Normal system users - no intrusion

Question 13

What is a Level 1 intrusion?

Answer 13

Intrusion occurs, but no evidence of damage and no trail is left.

Question 14

What is a Level 2 intrusion?

Answer 14

Intrusion occurs, but no evidence of damage but a trail is left.

Question 15

What is a Level 3 intrusion?

Answer 15

Files are damaged, programs and/or data are altered (e.g. Malware, MITM attack).

Question 16

What is a Level 4 intrusion?

Answer 16

Services disrupted (e.g. DoS)

Question 17

What is a Level 5 intrusion?

Answer 17

Valuable information is stolen - cyber espionage cyber felony is committed.

Question 18

What are the four steps for a hacker to commit an attack?

Answer 18

• Gather information
• Look for vulnerabilities
• Get access to the network
• Launch the attack

Question 19

What type of information is useful for a hacker to gather information?

Answer 19

• Domain names
• IP addresses
• Active ports
• OS/CPU
• Type of firewalls
• Social engineering

Question 20

What are NSLOOKUP and DIG? How are they used?

Answer 20

• IP Address finder

- Gather information

Question 21

What is Netcraft? How is it used? How are they used?

Answer 21

• Web server information gatherer

- Gather information

Question 22

What is traceroute, tracert and VisualRoute? How are they used?

Answer 22

• IP address tracers

- Gather information

Question 23

What is iplocation.net? How is it used?

Answer 23

• IP location finder (Geo location)

- Gather information

Question 24

What are nmap and zenmap? How are they used?

Answer 24

• Port scanner ++ (veru detailed information about the host: hosts available, OS, packet filters and firewalls etc)
• Gather information

Question 25

What is angry IP scanner? How is it used?

Answer 25

• Port scanner (light weight)

- Gather information

Question 26

What is Wireshark? How is it used?

Answer 26

• Traffic monitoring

- Gather information

Question 27

What is TCPDump? How is it used?

Answer 27

• Traffic monitoring

- Gather information

Question 28

What is Netstumbler? How it is used?

Answer 28

• Wireless network information gatherer // Active sniffer

- Gather information

Question 29

What is whois? How is it used?

Answer 29

• Get domain information

- Gather information

Question 30

What is Kismet? How is it used?

Answer 30

• Wireless network information gatherer // passive sniffer

- Gather information

Question 31

How can Google be used by hackers?

Answer 31

Social engineering tool used by hackers.

Question 32

What is Nessus? How is it used?

Answer 32

• Vulnerability scanning (compliance and malware)

- Vulnerability testing

Question 33

What is Nexpose? How is it used?

Answer 33

• For full cycle vulnerability assessment: detection, verification, risk calculation, impact analysis reporting and mitigation.
• Vulnerability testing

Question 34

What is GFILANguard Network Security Scanner? How is it used?

Answer 34

• Scans network IP by IP and alerts vulnerabilities.

- Vulnerability testing

Question 35

What is Nikto? How is it used?

Answer 35

• Web server scanner (scans with a database)

- Vulnerability testing

Question 36

What is Nipper Studio? How is it used?

Answer 36

• Vulnerability assessment scanner for switches, routers and firewalls.
• Vulnerability testing

Question 37

What are the four tools used by hackers for gaining access?

Answer 37

• Brute force
• Password Crackers
• Keyloggers
• Address spoofers

Question 38

What is a Denial of Service attack?

Answer 38

Bring down a network so that legitimate users are prevented from accessing the network

Question 39

What is a man-in-the-middle-attack?

Answer 39

• Secure position between a client and server
• Impersonates either or
• Data flows to attackers hose with no knowledge of the client or server

Question 40

What is data modification?

Answer 40

• MITM attack extended to perform data modification

Question 41

What is a replay attack?

Answer 41

Replay recorded packets at a later time fot the same server

Question 42

What is an injection of malicious code attack?

Answer 42

Viruses, worms, trojan horses and logic bombs.

Question 43

What is confidentiality? How is it achieved?

Answer 43

• No eavesdropping

- Cryptography

Question 44

What is integrity? How is it achieved?

Answer 44

• Message received = message sent

- Cryptography

Question 45

What is authentication? How is it achieved?

Answer 45

• Sender validation

- Cryptography

Question 46

What is non-repudiation? How is it achieved?

Answer 46

• Source must not be able to deny a transaction

- Cryptography

Question 47

What is certification? How is it achieved?

Answer 47

• Third party certifies the source as good

- Cryptography

Question 48

What is access control? How is it achieved?

Answer 48

• Who can access what and when

- Firewalls

Question 49

What is availability? How is it achieved?

Answer 49

• System resources are always available for legit users

- Firewalls