Securing Networks Flashcards

1
Q

RFI

A

Radio Frequency Interference:
A disturbance that can affect electrical circuits, devices, and cables due to AM/FM transmissions or cell towers

RFI causes more problems for wireless networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Crosstalk

A

Occurs when a signal transmitted on one copper wire creates an undesired effect on another wire

UTP is commonly used more often than STP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Data Emanation

A

The electromagnetic field generated by a network cable or device when transmitting

A Faraday cage can be installed to prevent a room from emanating

Split the wires of a twisted-pair connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

PDS

A

Protected Distribution System:
Secured system of cable management to ensure that the wired network remains free from eavesdropping, tapping, data emanations, and other threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SSID

A

Service Set Identifier:
Uniquely identifies the network and is the name of the WAP used by the clients
Disable the SSID broadcast in the exam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Rogue Access Point

A

An unauthorized WAP or Wireless Router that allows access to the secure network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Evil Twin

A

A rogue, counterfeit, and unauthorized WAP with the same SSID as your valid one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Pre-Shared Key

A

Same encryption key is used by the access point and the client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

WEP

A

Wired Equivalent Privacy:
Original 802.11 wireless security standard that claims to be as secure as a wired network

WEP’s weakness is its 24-bit IV (Initialization Vector)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

WPA

A

Wifi Protected Access:
Replacement for WEP which uses TKIP, Message Integrity Check (MIC), and RC4 encryption

WPA was flawed, so it was replaced by WPA2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

WPA2

A

802.11i standard to provide better wireless security featuring AES with a 128-bit key, CCMP, and integrity checking

WPA2 is considered the best wireless encryption available

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WPS

A

Wifi Protected Setup:
Automated encryption setup for wireless networks at a push of a button, but is severely flawed and vulnerable

Always disable WPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Wifi Jamming

A

Intentional radio frequency interference targeting your wireless network to cause a denial of service condition

Wireless site survey software and spectrum analyzers can help identify jamming and interference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

AP Isolation

A

Creates network segment for each client when it connects to prevent them from communicating with other clients on the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

War Driving

A

Act of searching for wireless networks by driving around until you find them

Attackers can use wireless survey or open source attack tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

War Chalking

A

Act of physically drawing symbols in public places to denote the open, closed, and protected networks in range

17
Q

IV Attack

A

Occurs when an attacker observes the operation of a cipher being used with several different keys and finds a mathematical relationship between those keys to determine the clear text data

This happened with WEP and makes it easy to crack

18
Q

Wifi Disassociation Attack

A

Attack that targets an individual client connected to a network, forces it offline by deauthenticating it, and then captures the handshake when it reconnects

Used as part of an attack on WPA/WPA2

19
Q

Brute Force Attack

A

Occurs when an attacker continually guesses a password until the correct one is found

Brute force will always find the password…eventually!

20
Q

WPA3

A

Wi-Fi Protected Access 3 (WPA3) was introduced in 2018 to strengthen WPA2
WPA3 has an equivalent cryptographic strength of 192-bits in WPA3 - Enterprise Mode

Largest improvement in WPA3 is the removal of the Pre-Shared Key (PSK) exchange

WPA3 Personal:
Uses CCMP-128 as the minimum encryption required for secure connectivity

WPA3 Enterprise:
Uses AES-256 encryption with a SHA-384 hash for integrity checking

21
Q

WPA3: SAE

A

Simultaneous Authentication of Equals:
A secure password-based authentication and password-authenticated key agreement method

Simultaneous Authentication of Equals (SAE) provides forward secrecy

22
Q

WPA3: Perfect Forward Secrecy (AKA: Forward Secrecy)

A

A feature of key agreement protocols (like SAE) that provides assurance that session keys will not be compromised even if long-term secrets used in the session key exchange are compromised

The AP and the client use a public key system to generate a pair of long-term keys

The AP and the client exchange a one-time use session key using a secure algorithm like Diffie-Hellman

The AP sends the client messages and encrypts them using the session key created in Step 2

Client decrypts the messages received using the same one-time use session key

The process repeats for every message being sent, starting at Step 2 to ensure forward secrecy

23
Q

Penetration Testing: Rules of Engagement

A

Important document:
Defines purpose & scope
Makes everyone aware of test parameters

Type of testing & schedule:
Physical breach, internal test, external test
Working hours, after 6PM, etc

Rules:
IP address ranges
Emergency contacts
How to handle sensitive info

24
Q

VPN: SSL VPN

A

Uses SSL/TLS
No big VPN clients
No digital cert requirement or shared passwords
Unlike IPsec
Very small client or within browser

25
Q

VPN: HTML5 VPN

A

Web cryptography API as part of browser (no software)

26
Q

VPN: Site-to-Site VPN

A

Almost always on
Firewalls act as concentrators communicating with one another

L2TP
Connecting sites over layer 3 network as if they were connected at layer 2
Used in conjunction with IPsec for encryption
L2TP over IPsec

27
Q

BPDU Guard

A

Defends the Layer 2 Spanning Tree Protocol (STP) topology against BPDU-related threats and is designed to protect the switching network

If a BPDU frame is seen on a PortFast configured interface, shutdown the device
Prevents looping

28
Q

FIM

A

File Integrity Monitoring:
Some files change all the time
Some should never change
Monitor important OS & application files

Windows: SFC
Linux: Tripwire

29
Q

Passive Monitoring

A

Examines copy of traffic (port mirror or tap)
No way to block traffic
Out-of-Band Response
Copy of traffic is sent to IPS

If identified as malicious, IPS sends TCP RST (reset) frame
Prevents subsequent malicious requests (but not initial)

30
Q

Inline Monitoring

A

IDS/IPS sits physically inline (all traffic passes through)

In-Band Response
Malicious traffic is immediately identified
Dropped at the IPS (does not get through network)

31
Q

NAT Gateway/VPC Gateway Endpoint

A

Instances in a private subnet can connect to services outside your VPC, but external services cannot initiate a connection with those instances

32
Q

WPA3: GCMP Block Cipher Mode

A

Galois/Counter Mode Protocol
Stronger encryption than WPA2
AES Encryption
MIC uses GMAC

33
Q

Privilege Escalation

A

Occurs when a user is able to gain the rights of another user or administrator

Vertical Privilege Escalation = User to Admin
Horizontal Privilege Escalation = User to User