Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comptia A+ Core 2 > Spoofing/ Non-compliant Systems (Comptia Objective 2.5) > Flashcards

Spoofing/ Non-compliant Systems (Comptia Objective 2.5) Flashcards

1
Q

What does the term “Spoofing” mean? How does it work when it comes to security attacks?

A
  • You pretend to be something you aren’t. E.G. Fake web server, fake DNS server etc.
  • Email address spoofing( The sending address of an email isn’t really the sender)
  • Caller ID spoofing. The incoming call information is completely fake.
  • Spoofing is commonly used in Man-in-the-middle attacks. The person in the middle of a conversation pretends to be both endpoints.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is MAC spoofing how does it work?

A
  • Your Ethernet device has a MAC address
    A unique burned in address. Most drivers allow you to change this so the bad guys can spoof a MAC address to appear as a legitimate device on the network
  • Changing a MAC address however can be legitimate such as ISP’s expecting a certain MAC address, also certain applications require a particular MAC address.
  • Often however it might not be legitimate. Can be used to Circumvent MAC based ACL’s( Access Control Lists). Also can be used to fake out a wireless address filter.
  • Can be very difficult to detect. How do you know of if the device detected is the original device or a device that is spoofing the MAC address?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is IP address spoofing? How does it work?

A
  • Take someone else’s IP address( Pretend to be someone you’re not)
  • Can be legitimate( Used for things such as load balancing, load testing)
  • May not be legitimate such as when it’s used for ARP poisoning or for DNS amplification causing a Distributed Denial Of Service( DDoS). Using spoofed IP addresses to hide the original source of this traffic.
  • Easier to identify than MAC address spoofing as we can apply rules to prevent invalid traffic and enable switch security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Non-compliant systems? How are they regulated?

A
  • This is a constant challenge as there are always changes and updates
  • If a Third party system just connects to a internal private network before it has been approved and has all of the security patches and updates installed then it would be deemed to be non-compliant
  • Compliant Systems are commonly referred to as Standard Operating Environments(SOE) a set of tested and approved hardware/software systems. Often a standard operating system imag
  • Compliant systems must have Operating system and application updates. Must have patches to be in compliance, OS updates, anti-virus signatures etc. Can be checked and verified before access is given.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How can you go about protecting your network and making sure all devices remain in compliance?

A
  • Can control the Operating System itself. Apply policies that will prevent non-compliance software
  • Monitor the network for application traffic. Next generation firewalls with application visibility
  • Can perform periodic scans. Login systems can scan for non-compliance and require correction before the system is given access. To make sure all of the software on a system is up to date and all of the security updates and patches have been installed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Comptia A+ Core 2 (57 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions