Week 12 - Infrastructure, host and application security Flashcards

1
Q

network infrustructure?

A

various technologies, devices, services and interconnections to provide communication across a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

security of a network infrustructure?

A

installing preventative measure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cisco three layer model?

A

a hierarchical model to help understand the complexity of a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cisco three layer model access

A

entry point for end user devices.

security controlled via access control features and using policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cisco three layer model distribution

A

routers and switches, devices for filtering traffic and access to WAN features in core layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cisco three layer model core

A

the delivery of large volumes of traffic between distribution layer devices. aka the network backbone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is a switch?

A

an entry point for end users devices on to a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How many types of switch?

A

two, unmanaged - home - plugin an use without config

managed - businesses - allows config and control over traffic management and security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

security implications of a switch?

A

devices not being hardened - weak authentication.

MAC flooding - attack causes the switch to overload and reveal addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

whats a router?

A

routing packets between networks (WWW)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what are the two types of router function?

A

path determination builds a routing table - a database of known networks

packet forwarding accepts a packet then determines where it should be sent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

security implications of a router?

A

prone to attacks if not properly protected - routing tables are vulnerable -DoS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

main vulnerabilities of switches?

A

MAC address tables: flooding causes the switch to act as a hub revealing all devices on the network - prone to eavesdropping

VLAN
can be used to reveal and access devices on another network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

main vulnerabilities of routers?

A

attack on router services
manipulation of discovery protocols - reveal neighbouring networks

buffer overflows ICMP (ping) - echo request that are too large - buffer overflow - DoS

routing tables
manipulation of routing protocols - MITM or DoS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is network media?

A

all components to connect devices - circuitry, connectors and media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

three types of attacks?

A

volume based attack: saturates bandwidth with spoofed packets

protocol attack: consumes resources

application layer attack:
uses systems and device vulnerabilities to crash servers and devise

17
Q

How does a DDoS attack work?

A

master computer uses a number of other bots (botnets) to attack to overwhelm and disrupt

18
Q

techniques implemented in routers to mitigate DoS attacks:

A

blackholing
traffic from suspicious source is dropped into a black hole - packets dropped from network

limiting requests
allowing a server to receive no more than a certain number of requests

net diffusion
using load balancing techniques

19
Q

what is spoofing?

A

when traffic seems to be originating from a trusted source but is in fact originating from another source using falsified information.

20
Q

two categories of spoofing?

A

non-blind spoofing
attacker can see traffic on network

*blind spoofing**
attacker cannot see packets between source and destination (common DoS attack)

21
Q

IP spoofing?

A

IP has forged source source address - network layer (layer 3)

22
Q

DNS spoofing?

A

interception of DNS before actual DNS can respond. victim lead to a falsified website - application layer (layer 7)

23
Q

What is DNS?

A

domain name system

phonebook of the internet

24
Q

ARP spoofing?

A

aka address resolution protocol (ARP) poisoning. - used to determine MAC address where IP address is already known - modifies ARP cache then uses victims IP address

25
Q

Securing devices ; whats a firewall?

A

1s line of defence - barrier between network and users -

26
Q

what are the 3 types of firewall?

A

packet filter
looking at packets and comparing against firewall rules

stateful packet inspection
examines each packet and previous packets in the conversation - sniffs out DoS attacks

stateless inspection
monitors traffic based on source and destination information

27
Q

application filter, also known as?

A

proxy - filters specific types of application and protocol being used - added security features

28
Q

transparent proxy?

A

receives and forwards data - does not modify -o

29
Q

anonymous proxy

A

does not pass IP address details - identifies as proxy - keeps web browsing private - targeted for location based advertising

30
Q

high anonymous proxy?

A

source IP address periodically changes - making it difficult to keep track of location of IP

31
Q

whats honeypots?

A

diverts attackers away from real target - identifies new vulnerabilities to learn attackers identity or pattern of attack