10 Flashcards
(25 cards)
_____________ involves transmitting a large volume of TCP (SYN) connection requests to a target system and then does not complete the TCP three-way handshake; thus overwhelming the system.
How to mititagte?
TCP SYN Attack
permit tcp any any established line
TCP-Intercept
In _________ mode, the router acts as a proxy by handling the establishment of each TCP connection on behalf of both the client and server.
intercept
TCP-Intercept
in _________ mode, the software passively watches the connection requests flowing through the router. If a connection fails to get established in a configurable interval, the software sends a RST to the server to clear up its state
watch
A _____________ involve sending a a packet to the router with the same IP address in the source and destination fields
How do I mititgate?
land attack
_________ attacks send a large amount of ICMP Echo packets to a subnet’s broadcast address with a spoofed source IP address from that subnet
How do I mitigate?
Smurf
deny icmp any host “broadcast address”
_________ attacks are destined for a networks broadcast address and utilize udp
How do I mitigate?
How do I mitigate both fraggle and smurf?
fraggle
deny udp any host”broadcast address”
deny ip any host “broadcast address”
________ is used to describe when one network protocol, called the payload protocol, is encapsulated within a different delivery protocol
Tunneling
______________ is a suite of protocols for securing IP communications by authenticating and/or encrypting each IP packet in a data stream
IPsec
IPsec
In __________ mode, only the payload of the IP packet is encrypted and/or authenticated
transport
Ipsec
In __________ mode, the entire IP packet (data plus the message headers) is encrypted and/or authenticated
tunnel
The IP ___________ header provides integrity, authentication, and non-repudiation if the appropriate choice of cryptographic algorithms is made
Authentication
The IP _____________ provides confidentiality, along with optional (but strongly recommended) authentication and integrity protection
ESP
______ is the cisco default tunneling protocol designed to encapsulate a wide variety of Network Layer Packets inside IP tunneling packets
How can I tell if this tunneling protocol is being useed?
GRE
since its the default there wont be anything specifically telling you its this
________ is an __________ protocol that allows data exchange using a secure channel between two computers
SSH Application layer 7
___ and _____ are cryptographic protocols that provide secure communications on the internet for such things as web browsing, email, internet faxing, instant messaging, and other data transfers
TLS SSL
_______________ is a method of bypassing firewall or proxy restrictions. It works by creating a tunnel.
Http tunnel
_______________, also known as network masquerading or IP-masquerading, involves rewriting source and/or destination addresses of IP packets as they pass through a router or firewall.
NAT
Whihc of these terms are used to designate in what network a particular address appears in?
Local
Global
Inside
Outside
inside
outside
How can I find the global inside address for a tunnel?
within the run configuration the first ip address mentioned by that tunnel is the global in
__________ allows for a one-to-one translation of local to global addresses.
static
_________ is translating multiple local addresses to a pool of global addresses.
Dtnamic
_________, also referred to as Overloading in the router, is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports
PAT
______________ is an extension to static mapping which allows one global address to be mapped to multiple inside addresses for distributing conversions among multiple hosts
TCP Load Distribution
What nat command shows me active address translations occurring
show ip nat translations
