Network Security Flashcards
What is TAP
- Terminal access Point: all the traffic flows through this point on the network to monitor the traffic. Read network traffic
What is SPAN
- Switch Port ANalyzer: Switch has port for span and duplicates traffic and sends it out. Port mirroring. Can result in packet loss
What is a defensible network
a network that can be watched, inventoried, monitored, kept current.
What is a DoS attack
Denial-of-Service. Send lots of requests to a server. The server is overwhelmed with all the noise that it shuts down.
What are intrusion prevention systems
sees problem and makes changes to prevent it. Can be installed on your network to stop people from joining, prevents malicious activity
What are Intrusion Detection Systems
monitors your network and tells you when it thinks there is potential malicious activity
What are Man-in-the-Middle (on path) attacks
the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other.
Heartbleed
allows an attacker to read more memory from a server than they should be able to, which could potentially reveal sensitive data. Can request lots and lots
What are honey pots?
Decoy for the hackers. Notifies the company when the honey pot is hacked and helps them know that their system could be in danger
Session Hijacking
the attacker takes control of an active communication session between two parties, usually by stealing or guessing a session token or session ID.
Wireless security attacks
KRACK, Evil Twins, Rogue Aps
What is KRACK?
Key Reinstallation Attack
* The flaw in WPA2 occurs because the protocol reinstalls the same encryption key multiple times during the handshake process. An attacker can exploit this by forcing the client and router to reinstall the encryption key, which effectively resets the encryption process, allowing the attacker to intercept and manipulate the data being sent between the devices
What are Evil Twins
type of Wi-Fi hacking attack where an attacker sets up a rogue Wi-Fi access point (AP) that masquerades as a legitimate one in order to trick users into connecting to it. Once a device connects to the “evil twin” network, the attacker can intercept, monitor, and potentially manipulate the victim’s internet traffic
What are rogue APs
a Wi-Fi access point that has been set up without authorization or approval on a network. Rogue access points can pose a significant security risk because they allow unauthorized users or attackers to potentially gain access to a network and intercept or manipulate data.
What are ARP/DNS spoofing
two different types of man-in-the-middle (MITM) attacks that target communication protocols used in networking. These attacks aim to intercept, modify, or redirect network traffic between devices on a local network or the internet.
What is ARP spoofing
a technique where an attacker sends fake ARP messages onto the local network. The goal is to associate the attacker’s MAC address with the IP address of a legitimate device (e.g., the router or another computer on the network). Once the attacker’s MAC address is mapped to a trusted IP address, the attacker can intercept or manipulate traffic meant for that IP
What is DNS spoofing
Redirects users to malicious websites (e.g., phishing sites or malware distribution sites) by poisoning the DNS records.
Cloud security
Cloud Access Security B, third party manage cloud security, open buckets (see info people have on the cloud), shared responsibility
Some security professionals will deploy an unneeded server into their production environments that purposely includes security vulnerabilities so they can monitor potential attacks. This practice is know as implementing …?
Honeypot
The KRACK (Key Reinstallation Attack) vulnerability exploits an issue with the key exchange in which security standard? Which newer standard is not vulnerable (by design) to KRACK?
WPA2 is vulnerable to KRACK. WPA3 Fixes it with a new key exchange