OSI Model and Security Threats

Question 1

List Threats + Solutions to Layer 1 Security.

Answer 1

Threats: Wiretapping. Physical security of servers. Solutions: Security locks.

Question 2

List Threats + Solutions to Layer 2 Security.

Answer 2

Threats: VLAN Hopping Attack. Configuration of Ethernet Switches and VLAN can make the attack easier.

Configurations: Access - assigned to single VLAN. Trunk - interconnect with multi-switches w/ multi VLANS.

Solution: Configure in Access mode.

Question 3

List Threats + Solutions to Layer 3 Security.

Answer 3

Threats: DoS/DDoS. Ping sweep. Spoofing.

Solutions: Pocket filter firewall, IPS.

Question 4

List Threats + Solutions to Layer 4 Security.

Answer 4

Threats: Port scanner - scans victims comp for open ports.

Solution: Packet-filter firewall. Port redirection - redirects web requests to less known port. Not very effective.

Question 5

List Threats + Solutions to Layer 5 Security.

Answer 5

Threats: Attack on Remote Procedure Protocol (RPC). RPC used to execute procedures on other comps (like a printing job).

Solution: OS + App patches

Question 6

List Threats + Solutions to Layer 6 Security.

Answer 6

Threat: Man in the middle on TLS/SSL.

Solution: App-layer proxy or IPS.

Question 7

List Threats + Solutions to Layer 7 Security.

Answer 7

Threats: Attack on webservers or APIs. Another can access API without authorization.

Solution: MFA