Security Flashcards
What is NAC?
Network Admission Control
Agent that checks criteria in order to connect to network (persistent (on 24/7) / non-persistent)
What is smurfing?
DDoS where ICMP packets are sent with a spoofed address of the victim
What is Bluejacking vs Bluesnarfing?
Bluejacking - Sending data to device
Bluesnarfing - Stealing information
What is DHCP Snooping?
Untrusted ports for DHCP are blocked if DORA packets are sent from a rogue device
What is ARP inspection?
Makes sure no one is lying about L2 to L3 mapping
How would you stop MAC address spoofing on a switch?
Port security
With an ACL (Access Control List) is rule order important?
Yes
What piece of agent software is used in 802.1x between a computer and switch?
Supplicant
What is EAP?
Extensible Authentication Protocol
801.1x
What is PAP?
Password Authentication Protocol
Insecure clear text
What is an industry standard for authenticating on serial connections?
CHAP
MSCHAP
What is Kerberos?
Authenticates in Active Directory
What is stateful firewall inspection?
Remembers session of outbound packets on a socket and only permits inbound traffic to that socket
Socket - IP address + Port Number
What is an Application/Content aware firewall?
Can analyse and block specific content within a site
What is a virtual wire vs routed firewall?
Virtual wire is L2 and does not use IP address as a hop in network path
What is a quarantine VLAN also known as?
Remediation network
What is edge vs access control?
Access control determines which network resources can be accessed
What is the procedure for computer forensics?
First responder Secure the area (escalate when necessary) Document the scene eDiscovery Evidence/data collection Chain of custody Data transport Forensics report Legal hold
What is banner grabbing/OUI?
Getting information about a computer system
What is EAP-PEAP?
Authentication that works with RADIUS servers
What is EAP-TLS?
Supports client side digital certificates for authentication with APs
