Network Security Flashcards
Confidentiality
Prevents disclosure of information to unauthorized individuals
Integrity
Ensuring that data has not been modified
Availability
Information is accessible to authorized users
CVE
Common Vulnerabilities and Exposures - a database containing known vulnerabilities
Zero-Day Vulnerability
One that has never been detected or published
Least privilege
Giving people just enough privileges to do their jobs.
Role-based Access
Your access is based on your role in the organization. In Windows, use Groups to provide this type of access.
Zero Trust
Everything must be verified. Nobody is trusted until authentication is provided by the user. Systems are constantly monitored.
Network segmentation enforcement
Physical segmentation (using separate devices) or VLANs.
Screened subnet
Formerly a “DMZ” - a separate subnet containing assets that outside users need access to.
Separation of duties
Limit what a single person can do: split knowledge, etc.
Network access Control
IEEE 802.1X - Port-based Network Access Control (NAC). The physical ports require authentication.
Honeypot
Fake virtual systems put in place to lure attackers so they can be monitored.
Multifactor authentication
Something you are
Something you have
Something you know
Somewhere you are
Something you do
TACACS+
Remote authentication protocol. Released as an open standard in 1993.
SSO
RADIUS
Common AAA protocol; supported on wide variety of devices. Centralized authentication for users.
LDAP
Protocol for reading/writing directories over an IP network. Can be used as authentication protocol.
Kerberos
Network authentication protocol; authenticate once (SSO). Mutual authentication
Local authentication
Credentials are stored locally on the machine you’re trying to access.
802.1X
Port-based Network Access Control; no access to network until you authenticate.
EAP
Extensible Authentication Protocol; an authentication framework that integrates with other systems.
Threat Assessment
Research the threats and make decisions based on the information. Then invest in most appropriate protection.
Vulnerability Assessment
Minimally invasive process to identify potential vulnerabilities (vulnerability scanner); test from outside and inside
Penetration Testing
A simulated attack on a system.
Posture Assessment
Checks if a BYOD device is trusted, healthy, clean, etc., and has proper apps installed and settings enabled.
Risk Assessment
Identify assets that can be affected by an attack.
SIEM
Security Information and Event Management - a log of security events and information.
Denial of Service
When a particular service is forced to fail (usually by overloading it)
On-Path Attack
(Formerly Man-in-the-middle attack). An attacker redirects traffic (for monitoring) which then gets passed to the destination.
ARP Poisoning
An attacker can pretend to be a router by responding to ARP requests with its own MAC
Switch spoofing
Switch ports can be configured as access port or trunk port. Automatic config of these can lead to an attacker plugging in a laptop and negotating trunk access.
Double tagging
Packets are crafted with two VLAN tags. The first native VLAN tag is removed by one switch, and the second one is visible to a second switch. One-way traffic. To mitigate, don’t put devices on native VLAN.
Rogue DHCP server
Non-authorized DHCP server handing out IP addresses. DHCP snooping can prevent this.
Rogue access point
An unauthorized wireless access point can lead to unauthorized access to your network. 802.1X can prevent this.
Wireless evil twin
A rogue AP that looks legitimate but is actually malicious. Encryption can prevent these from stealing information.
Wireless deauthentication
Attackers can send specially crafted frames to disconnect clients, using 802.11 management frames.
802.11w encrypts management frames to mitigate this.
Secure SNMP
SNMPv3 encrypts traffic, but not all devices support it.
RA Guard
Router Advertisement (IPv6) Guard
Prevents attackers from pretending to be a router and sending RA messages.
DAI
Dynamic ARP Inspection - can prevent on-path attacks by using DHCP snooping.
Control plane policing
Can secure a device using the control plane by limiting the amount and type of traffic or preventing types of traffic (Telnet, for example) that is allowed.
Port Isolation
Limits the access between devices on different interfaces on a switch (even if they’re on the same VLAN).
MAC Filtering
Can block unwanted devices, but is easy to circumvent by spoofing MAC addresses.
Wireless client isolation
Devices connected to the network can get on the Internet but not see each other
EAP
Extensible Authentication Protocol - a framework that can be used for wireless authentication
VPN Concentrator
Device that VPN clients connect to (often integrated into a firewall)
Remote Desktop Protocols
RDP (Windows, but has clients for MacOS, Linux, etc.)
VNC
Out of band management
“Direct” connection (serial/USB), console connection, etc.
