Protecting Your NetworkChapter 19

Question 1

Define Hardening

Answer 1

Applying security hardware software and processes to your network to prevent bad things from happening.

Question 2

Define Network Segmentation

Answer 2

Separating network assets through various means such as with vlans or with a DMZ to protect against access by malicious actors.

Question 3

Define Amplification

Answer 3

AKA Amplified Dos Attack

Type of DOS attack that sends a small amount of traffic to a server which produces a much larger response from the server that is sent to a spoofed IP address overwhelming a victim machine.

Question 4

Define a De-authentication Attack

Answer 4

Type of DOS attack, targets wifi networks, specifically by sending out a frame that kicks a wireless client off its current WAP connection, a Rouge WAP prevents a stronger signal which the client will prefer. Rouge WAP connects to internet and monitors users traffic.

Question 5

What is another name for On-Path Attack?

Answer 5

Man in the Middle Attack

Question 6

Define Postering

Answer 6

Process by which a client presents its security characteristics via an agent or agentless interface to an access control server. Server checks characteristics and decides weather to grant a connection, deny a connection, or redirect the connection depending on the security compliance evoked.

Question 7

Define Reflection

Answer 7

Used in DDOS attacks, attacker sends request to normal servers with the targets IP address spoofed as the source. Normal servers responded to spoofed ip address (target system) overwhelming it with reflected traffic without identifying the true initiator