Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ SY0-501 > Router and Switch Security 2.1 > Flashcards

Router and Switch Security 2.1 Flashcards

1
Q

Routers

A

OSI layer 3 device. Routers can be combined into switches. Sometimes called layer 3 switches. Layer 2 is the switch, layer 3 is the router. Often connects diverse network types. LAN, WAN, copper, fiber. They are not designed to be security devices but they do have some features that help provide security. Access Control Lists for example can deny traffic like a firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access Control List (ACL)

A

Used to allow or deny traffic. Used to define what traffic can come in and go out. Can evaluate traffic based on criteria such as source IP, destination IP, TCP port numbers, UDP port numbers, Internet Control Message Protocol (ICMP). Do not filter any RFC 1918 addresses (Private Network Addresses)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Router Security Challenges

A

Spoofing attacks can trick routers into allowing traffic disguised as being safe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Switches

A

An OSI layer 2 device. Bridges traffic via hardware. Contains many ports, it is the core of an enterprise network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Switch Port Security

A

The inside of your network is relatively insecure. It is generally fairly easy to walk in a plug into a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Network Access Control (NAC)

A

IEEE 802.1x - Port based NAC. This requires that everyone must authenticate even if you are plugged into the switch. You can also close unused physical ports through administrative functions. Stop spoofing via duplicate MAC address checking. Make extensive use of Extensible Authentication Protocol (EAP) and Extensible Authentication Dial in User Service (RADIUS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Loop Prevention

A

Switches connected together can send traffic back and forth together causing the network to loop the traffic and quickly bring the network down. Switches do not “count” traffic so it wont recognize repeat traffic. Spanning Tree Protocol (IEEE 802.1d) prevents loops in bridged networks. (Widely used)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Flood Guard

A

Switch networks can be overflowed by MAC addresses. If you configure a maximum number of MAC addresses, you can prevent DDOS attacks. You can also configure specific MAC addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Layer 3 Switches

A

A switch (layer 2) and a router (layer 3) can be combined. They are still doing their respective jobs at each layer, the devices are just combined together.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ SY0-501 (134 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions