Network Security - Objective 4 Flashcards

Common concepts, attack types, network hardening, remote access methods, physical security

1
Q

Type of encryption used by WPA

A

RC4 (Rivest Cipher 4)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Geofencing

A

Uses GPS or RFID to define real-world boundaries where barriers can be active or passive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

NAC

A

Network Access Control

Permits or denies access to the network based on a device’s characteristics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Difference between active & passive geofencing

A

Whether an alert is sent or only a log created

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Wireless client isolation a.k.a. AP isolation

A

Devices on a wireless network can’t communicate with each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Guest network isolation

A

The guest network does not have access to other networks on the access point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Encryption protocol used by SNMP3

A

DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

CRAM-MD5

A

MD5 variant used in email systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

DAC

A

Discretionary Access Control

An access control method where access is determined by the owner of the resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

MAC
(not the address)

A

Mandatory Access Control

An access control policy where the computer system gets to decide who gets access to what objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

RBAC

A

Role-based Access Control

Access model that is controlled by the system but focuses on a set of permissions versus an individuals permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Zero-Trust

A

A security framework that requires users to be authenticated and authorized before being granted access to applications or data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Transport layer protocols used by RADIUS & TACACS+, respectively

A

UDP & TCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

802.1x

A

A standardized framework that’s used for port-based network access control (NAC) on both wired and wireless networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

3-roles in 802.1x authentication

A
  • supplicant
  • Authenticator
  • authentication server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

3 examples of devices that can act as an authenticator in an 802.1X network

A
  • Switch
  • WAP
  • VPN concentrator
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

EAP

A

Extensible Authentication Protocol [actually a series of them]

Allows for numerous different mechanisms of authentication performed using 802.1x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

EAP-MD5

A

Utilizes simple passwords and the challenge handshake
authentication process to provide remote access
authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

EAP-TLS

A

Uses public key infrastructure with a digital certificate
being installed on both the client and the server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

EAP-TTLS

A

Requires a digital certificate on the server and a password
on the client for its authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

EAP-FAST

A

EAP Flexible Authentication via Secure Tunneling

Uses a protected access credential to establish mutual
authentication between devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

PEAP

A

Protected EAP

Uses server certificates and Microsoft’s Active Directory
databases to authenticate a client’s password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Reason to disable dynamic switchport mode on your switchports

A

To prevent switch spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

RD Gateway

A

Remote Desktop Gateway

A server role that uses RDP over HTTPS & port 443 to provide a connection using the SSL/TLS protocols for remote users accessing an internal network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

3 things an RD gateway does for remote access

A
  • create an encrypted connection
  • control access to network resources based on permissions and group policies
  • Monitor the status of the gateway and any RDP connection passing through the gateway
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

4 remote access authentication protocols

A
  • PAP unencrypted, not used
  • CHAP
  • MS-CHAP
  • EAP can use more than just UN/PW (Use EAP/TLS in conjunction with a RADIUS or TACACS+ server)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

VNC

A

Virtual Network Computing

Designed for thin client architecture and things like virtual desktop infrastructure (VDI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

2 ways of accessing a virtual desktop

A
  • web browser
  • specialized thin client device that uses a PXE network boot image that loads up a specialized client that can connect to the centralized server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Difference between full tunnel & split tunnel VPN

A

Full tunnel routes & encrypts all traffic & split only does the traffic bound for the headquarters. Which you use determines which network you are logically a part of & therefore can access the resources of.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

When not to use a split tunnel VPN

A

On an untrusted Wi-Fi network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Clientless VPN

A

VPN in a web browser (https)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Protocol used instead of SSL or TLS for streaming or VoIP data in a VPN

A

DTLS datagram transport layer security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

L2TP

A

Layer 2 Tunneling Protocol

Early tunneling protocol - no native encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

L2F

A

Layer 2 Forwarding

Unused now (Cisco tunneling protocol for the P2P protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

PPTP
A pro and a con

A

Point-to-Point Tunneling Protocol

Supports dial-up networks but also lacks native security features except when used with Microsoft Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

IPSec

A

IP Security

Provides authentication and encryption of packets to create a secure encrypted communication path between two computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

4 protocols used to establish VPN connection

A
  • L2TP
  • L2F
  • PPTP
  • IPSec
38
Q

What is a SIEM

A

Security Information and Event Management

Provides real-time or near-real-time analysis of security alerts generated by network hardware & applications

39
Q

When should log analysis occur?

A

Regularly

40
Q

5 functions performed by SIEM

A
  • Log collection
  • Normalization
  • Correlation
  • Aggregation
  • Reporting
41
Q

SIEM normalization

A

Maps log messages into a common data model, enabling the organization to connect and analyze related events

42
Q

SIEM correlation

A

Links the logs and events from different systems or
applications into a single data feed

43
Q

SIEM aggregation

A

Reduces the volume of event data by consolidating duplicate
event records and merging them into a single record

44
Q

X

A

Y

45
Q

How a SIEM takes data

A

Using the Syslog protocol (UDP 514 or TCP 1468), & with it classified on a scale of 0-7

46
Q

Port Security

A

Prevents unauthorized access to a switchport by identifying and limiting the MAC addresses of the hosts that are allowed. Can be done statically, dynamically, or both.

47
Q

2 Ways port security can create a list of authorized MAC addresses

A
  • static configuration
  • dynamic learning
48
Q

Port Security static configuration

A

Allows an administrator to define the static MAC addresses to use on a given switchport

49
Q

Port Security dynamic learning

A

Defines a maximum number of MAC addresses for a port and blocks new devices that are not on the learned list

A.k.a. Sticky MAC

50
Q

DAI

A

Dynamic ARP Inspection

Validates the address resolution protocol, or ARP, packets in your network

51
Q

How an ARP database is built

A

From replies to ARP requests

52
Q

DHCP snooping

A

Provides security by
- inspecting DHCP traffic
- filtering untrusted DHCP messages
- building and maintaining a DHCP snooping binding table

53
Q

2 things to configure to allow DHCP snooping

A

Switches and VLANs

54
Q

RA-Guard

A

IPv6 Router Advertisement Guard

Mitigates attack vectors based on forged ICMPv6 router advertisement messages

55
Q

What OSI layer does RA-guard operate at?

A

Layer 2

56
Q

CPP

A

Control Plane Policing

Configures a QoS filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches

57
Q

2 types of attacks mitigated by SNMPv3

A
  • on-path/MITM
  • replay
58
Q

3 different types of VLANS

A
  • Primary
  • Secondary isolated
  • Secondary community
59
Q

Secondary isolated VLAN

A

Switchports can only reach
the primary VLAN

60
Q

Secondary community VLAN

A

Switchports can communicate with each other and the primary VLAN

61
Q

Promiscuous Port (P-Port)

A

Can communicate with anything connected to the primary or secondary VLANs

62
Q

Default VLAN is known as…

A

VLAN 1

63
Q

Native VLAN

A

VLAN where untagged traffic is put once it is received on a trunk port. It is also the default VLAN.

64
Q

9 things to secure SNMP

A
  1. Use v3
  2. Whitelist the MIB
  3. Use authPriv
  4. Strong passwords for admins
  5. Roll separation between polling/receiving traps (for reading)
  6. Users & groups (for writing)
  7. ACLs
  8. Patching
  9. Separate management network
65
Q

ACL line entry for an implicit deny

A

deny ip any any

66
Q

Is it better to use explicit allow or deny when configuring MAC filtering?

A

Allow

67
Q

9 things to help secure wireless networks

A
  1. MAC filtering
  2. Antenna placement
  3. Antenna power levels
  4. Pre-shared keys with strong passwords
  5. Guest network isolation
  6. Wireless client isolation
  7. EAP instead of pre-shared key
  8. Geofencing
  9. Captive portals
68
Q

7 considerations with IoT

A
  1. Understand your endpoints
  2. Track & manage your devices
  3. Patch vulnerabilities
  4. Conduct test & evaluation before adding to the production network
  5. Change default credentials
  6. Use encryption protocols
  7. Segment IoT devices
69
Q

2 things CPP helps protect a network from

A
  • Reconnaissance
  • DoS
70
Q

Geofencing

A

Uses GPS or RFID to define real-world boundaries where barriers can be active or passive

71
Q

CVE

A

Common Vulnerabilities Exposures

A list of publicly disclosed information, security, vulnerabilities, and exposures

72
Q

Remote Desktop Gateway

A

Provides a secure connection using the SSL/TLS protocols to the server via RDP

73
Q

In-Band Management

A

Technology that enables managed devices to be managed by any authorized host that is connected to a non-management network.

74
Q

Out-of-Band Management

A

Method to connect to and administer a managed device that does not use a standard user-network connected host as the administrative console.

E.g. computer connected to the consul port of a switch or use of a management network

75
Q

LDAP

A

Lightweight Directory Access Protocol

A database used to centralize information about your clients and your objects on your network

76
Q

How LDAP performs authentication

A

Validation of a username and password against an LDAP server

77
Q

Kerberos

A

Performs secure, mutual authentication and authorization within a Windows environment

78
Q

How 802.1x usually provides authentication

A

EAP provides authentication credentials which are checked against a Radius, LDAP, or TACACS+ server

79
Q

File transfer protocol that supports resuming interrupted transfers

A

SFTP

80
Q

Attacks stateless firewalls vulnerable to

A

DoS and IP spoofing

81
Q

Where stateless firewalls are best used

A

An internal network

82
Q

Biggest difference between RDP and VNC

A

RDP is a resource-sharing method. Multiple users can independently connect to the same device.
VNC is a screen-sharing method. A remote user can control a device while the local user can watch (and does not lose the ability to control the device). It is useful for tech support and education.

83
Q

TACACS+

A

Terminal Access Controller Access Control System
A network security protocol used for AAA services

84
Q

3 servers often placed in screened subnets

A

Email
Web
FTP

85
Q

4 ways IPSs identify intrusions

A
  • Signatures (exact)
  • Anomalies (compared to baseline)
  • Behaviors (not exact signatures but more general)
  • Heuristics (AI learning your network)
86
Q

Technique commonly used in man-in-the-middle attacks

A

ARP poisoning

87
Q

Private VLAN

A

A.K.A port isolation
A technique where a VLAN contains switch ports that are restricted to
using a single uplink
- Primary
- Secondary isolated
- Secondary community

88
Q

3 common methods of captive portal implementation

A
  • HTTP redirect
  • ICMP redirect
  • DNS redirect
89
Q

Authentication protocol designed to send data over insecure networks while using strong native encryption

A

Kerberos

90
Q

Discovery protocols

A

Protocols that can get detailed information such as the IP addresses, system version, and device information from supporting devices directly

91
Q

3 primary discovery protocols

A
  • Simple network management protocol (SNMP)
  • Link layer discovery protocol (LLDP)
  • Ping