• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/28

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

28 Cards in this Set

  • Front
  • Back
vulnerability
degree of weakness which is inherent in every network and device.
Include routers switches, desktops, servers and security devices
primrary vulnerability
- technological weakness
- configuration weakness
-security policy weakness
technolgoy
HTTP, FTP and ICMP are insecure
-snmp, smtp and sync floods are some weakness areas of TCP
-operating systems have to be protected
-network equipments such as routers and switches need password protection and lack authentication. They have firewall loopholes and routing protocols that are not secure.
configuration
-unsecure user accounts
-easy passwords
-misconfigured internet services
-unsecured default settings
-misconfigured network equipment.
policy
lack of written policy
-
reconnaissance
- unauthorized discovery and mapping of systems, services or vulnerability.
Information gathering
access
ability for an intruder to gain access to a device
dos
disables or corrupts networks systems or services with the intent to deny services to users.
worms, virus and trojan horse
malitious sofware inserted on a host to damage or corrupt system, replicate itself or deny access.
reconnaisance
-internet information query
-ping sweeps
-port scans
-packet sniffers
information query
-nslookup
-whois
ping sweep
-fping
gping
port scanner
software such as nmap or superscan
eavesdropping
network snooping and packet sniffing
uses:
information gathering
information theft
password attacks
can be prevented by educating users to use complex passwords and specifying minimum password lengths.
Restrict the number of failed login attempts
trust exploitation
can be prevented by light constraints on trust levels within a network.
-private VLANs can be deployed in public service segments where multiple public servers are available.
port redirection
mitigated through network specific trust models.
MIM
-mitigated by using VPN tunnels which allow the attacker to see only the encrypted text.
LAN MIIM (use ettercap and ARP poisoning) can be prevented only by configuring port security on LAN switches
Dos and DDos
can be mitigated by implementing anti-spoof and ani-dos access control ists.
-limit ICMP traffic allowed on a network.
worm attack
can be mitigated by these steps:
-containment - contain the spread of worms in and within the network.
-inoculation - start patching all systems and scan for vulnerable systems
-quarantine - track down each affected machine inside the network.
-treatment - clean and patch each affected system.
general techniques
-host and server based security
-change default user and passwords
-access to system resources shoudl be restricted to individuals authorized
-any unnecessar services and applications should be turned off and uninstalled.
-antivirus software
-personal firewall
intrusion detection and prevention
host based intrusion detection system
called passive technology sends logs to a management console after the attack occured and the damage is done.
inline technology is a host based intrusion prevention system stops the attack prevents damage and blocks the propogation
security wheel
secure
monitor
test
improve
to enable ssh on the router
-hostname
-domain name
-asymmetrical keys
-local authentication
configure ssh
-hostname <hostname>
-ip domain-name <domain>
-crypto key generate rsa
-username <username> secret <passwd>
- line vty 0 4
- transport input ssh
- login local

ip ssh timeout
ip ssh authentication-retries
management services with holes
SNMP
NTP
DNS
securing RIPv2
-prevent RIP routing update propogation
-prevent unauthorized reception of RIP updates
-verify the operation of RIP routing
disable routing advertisements on all interfaces
passive-interface dafault