Topic 8 - Implementing Network Security

Question 1

What are two advantages of RBAC

Answer 1

Easier to implement, low security cost

Question 2

Explain Secure Boot

Answer 2

Feature ensures that a computer boots using only software that is trusted by the computer manufacturer

Question 3

Explain Measured Boot

Answer 3

This feature sends a log of components loaded prior to the anti-malware software so that the anti-malware software can detect if there is malware on the computer

Question 4

What does Unicast Reverse Path Forwarding do and what are the modes?

Answer 4

It protects against spoofing attacks by ensuring the router confirms the address to which a packet is being forwarded is reachable.

Loose - The address of the packet must appear in the routing table
Strict - The packet must originate on the same interface that the router would use for the return

Question 5

What is a bastion host?

Answer 5

A system that is hardened to resist attacks

Question 6

What is war driving?

Answer 6

A method of discovering 802.11 wireless networks by driving around with a laptop and looking for open wireless networks.

Question 7

List the common criteria (CC) seven levels

Answer 7

EAL1 - Functionally tested
EAL2 - Structurally tested
EAL3 - Methodically tested and checked
EAL4 - Methodically designed, tested and reviewed
EAL5 - Semi-formally designed and tested
EAL6 - Semi-formally verified design and is tested
EAL7 - Formally verified design and is tested

Question 8

What is “flaw hypothesis methodology” used for?

Answer 8

Used to analyze OS vulnerabilities in a penetration testing project