Module 4 Flashcards
What is the edge router?
The last router between the internal network and an untrusted network, such as the internet
Three ways to implement the edge router
-Single router approach
-Defense-in-depth approach
-DMZ approach
What are the three primary layers of defense?
-Edge router
-Firewall
-Internal router that connects to eh protected LAN
What two routers can the DMZ be set up between?
An internal router connecting to the protected network and an external router connecting to the unprotected network
What are the three areas of router security that must be maintained?
Physical security, operating system security, and router hardening
How can a router be accessed for administrative purposes?
Locally or remotely
Why are routers a primary target for attacks?
Routers act like traffic police, which direct traffic into, out of, and between networks
What happens in the single router approach?
All security is configured on the router
When is single router approach used mostly?
Smaller sights such as SOHO sites
What happens in a defense-in-depth approach?
Defense-in-depth is more secure than the single router approach. It uses multiple layers of security prior to traffic entering the protected LAN
What security tools can be used as an addition to the three primary layers of defense?
-IPSs
-Web security appliances (proxy servers)
-Email security appliances (spam filtering)
What serves as the primary protection for all devices in the DMZ?
The firewall
What can you do to secure administrative access to prevent an unauthorized person from gaining access to an infrastructure device?
-Restricting device accessibility
-Logging and accounting for all access
-Authenticating access
-Authorizing actions
-Presenting legal notification
-Ensuring the confidentiality of data
Why are MD5 hashes no longer considered secure?
Attackers can reconstruct valid certificates
What does enabling a detection profile allow you to do?
It allows you to configure a network device to react to repeated failed login attempts by refusing further connection requests (or login blocking)