18. Network Hardening Techniques Flashcards
- Which of the following is a web page to which users are directed when they attempt to connect the WLAN?
a. Captive portal
b. Evil twin
c. PSK
d. LBS
a. A captive portal web page may ask for network credentials, or in the case of a guest network, it may only ask for agreement to the usage policy of the guest network.
- Which of the following defines the area in which an operation can be performed?
a. Captive portal
b. Geofencing
c. VLAN
d. API
b Geofencing is the process of defining an area in which an operation can be performed by using a global positioning system (GPS) or Radio Frequency Identification (RFID) to define a geographic boundary.
- Which of the following is a role that an IoT device can play in a botnet?
a. Command and control
b. Handler
c. Zombie
d. Broker
c. IoT devices are easy recruits to a botnet, which is a group of systems that an attacker controls and directs to foist a DoS attack.
- Which of the following creates two WLANs in one?
a. VLAN
b. Client isolation
c. Evil twin
d. Guest network isolation
d. When enabled, guest network isolation creates two networks in one. One, the guest network, has client isolation in effect and has access only to the internet. The second serves as the regular WLAN.
- Which of the following provides the best way to shape a broadcast cell?
a. Antennas
b. Power setting
c. Repeaters
d. Multiple APs
a. When you need to reshape the cell, you use antennas to accomplish this. For example, you may want to send the signal down a long hallway, while not transmitting outside the hallway into the parking lot. That could be done with a directional antenna.
- Which of the following can be defeated with a wireless sniffer?
a. VLAN hopping
b. MAC address filters
c. ARP poisoning
d. RBAC
b. All MAC layer information must be sent in the clear - anyone equipped with a free wireless packet sniffer can just read the client packets sent to the access point and spoof their MAC address.
- Which of the following is also called whitelisting?
a. Implicit allow
b. Least privilege
c. Implicit deny
d. Need to know
c. Using this approach, all traffic is denied unless it is specifically allowed by a rule. This is also called whitelisting or allow listing in that you are creating a whitelist or allow list of allowed traffic with the denial of all other traffic.
- In which of the following are users organised by job into security groups, which are then granted the rights and permissions required to perform that job?
a. RBAC
b. MAC
c. DAC
d. BBAC
a. Role-based access control (RBAC) is commonly used in networks to simplify the process of assigning new users the permissions required to perform a job role. In this arrangement, users are organised by job role into security groups, which are then granted the rights and permissions required to perform that job.
- When configuring ACLs between the internet and your private network to mitigate security problems, it’s a good idea to include all but which of the following?
a. Deny any public addresses
b. Deny any addresses from your internal networks.
c. Deny any local host addresses (127.0.0.1/8).
d. Deny any reserved private addresses.
a. You should not deny all public addresses. That would prevent all traffic from the Internet. When configuring ACLs between the internet and your private network to mitigate security problems, it’s a good idea to include these four conditions:
1. Deny any address from your internal networks
2. Deny any local host addresses (127.0.0.0/8
3. Deny any reserved private addresses
4. Deny any addresses in the IP multicast address range (224.0.0.0/4)
- Where should you start your search for driver updates?
a. Drivers.com
b. Website of the manufacturer
c. Windows update
d. Doesn’t matter
b. You should always start your search on the website of the manufacturer. Drivers found elsewhere may be problematic and, in some cases, may introduce malware.
