Security Fundamentals Flashcards
What are the four categories of physical threats
Administrative, electrical, environmental, hardware
Electrical threats
inadequate power, unconditioned power, and total loss of power
A ___ is a good line of defense against electrical threats
UPS generator
Hardware threats
physical damage, component damage
To prevent hardware threats
restrict physical access, log physical access
Environmental threats
temperature, and humidity
Environmental threats can be mitigated by climate control systems and ___
monitoring the environment
Administrative threats
maintenance errors, poorly labeled cables
Administrative threats can be mitigated by
using a clear labeling system, maintaining an adequate supply of of spare parts, proper handling of electrical equipment at all times
Reconnaissance attacks
passive attacks that are designed to gather information about a network or network device
Examples of reconnaissance attacks
packet sniffing, ping sweeps, port scans
Packet sniffing is limited to ___ networks
broadcast
Packet sniffing attacks rely on ___ mode operation
promiscuous
Packet sniffing attacks can identify
unencrypted passwords
Packet sniffing attacks can be mitigated by
switched networks, encrypted connections
Packet sniffers are commonly used to
extract clear text passwords from network traffic
Ping sweeps
are used to determine which IP addresses are active within a particular range
Ping sweeps rely on ___ protocol
ICMP
Ping sweeps can be mitigated by
disabling ICMP
Port scans
are used to discover active services, operating system revision, and configured network services
Port scans can be detected by
IDS
Access attacks
are used to gain unauthorized access to network systems
Common access attacks
password attacks, buffer overflow
Cisco password best practices
combination of upper and lower case letters
numbers and punctuation
five plus characters
no real words, slang, jargon
not based on personal information
Buffer overflow attacks
exploit software vulnerabilities to execute malicious code
A buffer overflow occurs when a
program writes data beyond the region of memory that has been allocated to that program
an attacker can use the BO to write arbitrary code into memory and have the code executed by the program
Mitigate buffer overflow attacks
host based IPS, (HIPS), executable space protection, safe programming libraries
___ are the most common form of logical access control
passwords
Local passwords are configured on
the device to which the user is authenticating
Local passwords are stored in the ___
startup configuration