Chapter 12- Secure Communications and Network Attacks Flashcards
1
Q
- List some protocols that provide security services for application specific communications i.e. secure communications protocols: Internet Protocol Security (IPSec)
A
- Kerberos
- Secure Shell
- Signal Protocol
- Secure Remote Procedure Call (S-RPC)
- Secure Socket Layer (SSL)
- Transport Layer Security (TLS)
2
Q
- Describe IPSec:
A
Internet Protocol Security (IPSec) uses public key cryptography to provide encryption, access control, non-repudiation and message authentication all using IP based protocols.
3
Q
- Describe Kerberos:
A
Kerberos offers a single sign on solution for users and provides protection for log on credentials.
4
Q
- What is Secure Remote Procedure Call (S-RPC)?
A
Secure Remote Procedure Call (S-RPC) is an authentication service and is simply a means to prevent unauthorised execution of code on remote systems.
5
Q
- What is Secure Socket Layer (SSL)?
A
Secure Socket Layer (SSL) is an encryption protocol to protect communications between web server and web browser.
• SSL can be used to secure web, email, File Transfer Protocol (FTP) or even Telnet
6
Q
- What is Transport Layer Security (TLS)?
A
Transport Layer Security uses stronger authentication and encryption protocols.
7
Q
- Similarities of TSL and SSL: both secure client server communications across insecure network
A
- Support one way authentication
- Support 2way authentication using digital certificates
- Implemented at the initial payload of a TCP package, alloing it to encapsulate higher payloads
- Can be implemented at lower levels (e.g. layer 3) i.e. open VPN
8
Q
- Advantages of TLS:
A
it can be used to encrypt User Datagram Protocol (UDP) and Session Initiation Protocol (SIP)
9
Q
- List some authentication protocols:
A
CHAP, PAP, EAP
10
Q
- Explain Challenge Handshake Authentication Protocol (CHAP):
A
Challenge Handhsake Authentication Protocol (CHAP) is on of the protocols uses over Point-to-Point Protocol (PPP)
• Encrypts user names and passwords
• This activity is transparent to the user.
11
Q
- What is Point-to-Point Protocol?
A
Point-to-Point Protocol is a data link 2 communication protocol between 2 routers directly without any host or any other networking in between.
12
Q
- What is Password Authentication Protocol (PAP)?
A
Password Authentication Protocol (PAP) is a standardised authentication protocol for PPP. PAP offers no encryption.
13
Q
- What is Extensible Authentication Protocol?
A
Extensible Authentication Protocol (EAP) is a framework for authentication rather thana protocol. It allows customised authentication security solutions e.g. tokens, biometrics etc.
14
Q
- PBX means
A
Private Branch Exchange
15
Q
- PSTN means
A
Public Switched Telephone Network (PSTN)
16
Q
- Vulnerabilities of Public Branch Exchange (PBX) and Public Switched Telephone Network (PSTN) are voice communications are vulnerable to
A
interception, eavesdropping, tapping etc.
17
Q
- Phreakers are:
A
Phreakers are malicious attackers that abuse phone systems. Phreakers may be able to gain unauthorized access to personal voice mailboxes, redirect messages, block access, and redirect inbound and outbound calls.
18
Q
- What is Instant Messaging (IM)?
A
Instant Messaging (IM) is a mechanism that allows for real time text based chat between 2 users located anywhere on the internet. E.g. Facebook, Skype, Google hangouts etc.
19
Q
- Use of Simple Mail Transfer Protocol (SMTP) are:
A
Simple Mail Transfer Protocol (SMTP) are used to accept messages from clients, transport those messages to servers and deposit them into user’s server based inbox transfer.
• Sender Policy Framework can be used to configure SMTP servers to protect against Spam and email spoofing
20
Q
- _________ is the most common SMTP server for Unix systems, and ________ is the most common SMTP server for Microsoft systems.:
A
Sendmail, Exchange
21
Q
- List some email security solutions:
A
Secure Multipurpose Internet Mail Extensions (S/MIME).
22
Q
- Describe Secure Multipurpose Internet Mail extension (S/MIME) messages:
A
: S/MIME Signed messages: provides integrity, sender authentication and nonrepudiation.
• An enveloped message provides integrity, sender authentication and confidentiality.
23
Q
- MOSS means
A
MIME Object Security Services (MOSS)
• *MIME means Multipurpose Internet Mail Extensions
• MOSS used RC4, MD2, MD 5, RSA and DES
24
Q
- MIME Object Security Services (MOSS) can provide ____,____,____and ____ for email messages.
A
authentication, confidentiality, integrity, and nonrepudiation
25
23. Explain Simple Multipurpose Internet Mail Extensions S/MIME) messages:
S/MIME Signed messages: provides integrity, sender authentication and nonrepudiation.
• An enveloped message provides integrity, sender authentication and confidentiality.
26
26. What is Privacy Enhanced Mail (PEM)?
Privacy Enhanced Mail is an email encryption mechanism that provides authentication, integrity, confidentiality and non-repudiation.
PEM uses X.509, RSA, DES
27
27. What is Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) is a public-private key system that uses a variety of encryption algorithms to encrypt files and email messages. It uses RSA, IDEA
28
28. List 2 types of dial up protocols:
Point to Point Protocol (PPP) and Serial Line Internet Protocol (SLIP)
29
29. List 2 Centralised Remote Authentication Services:
Remote Authentication Dial In User Service (RADIUS)
| Terminal Access Controller Access Control System (TACACS+)
30
30. What is VPN?
A virtual private network (VPN) is a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an intermediary untrusted network.
31
31. What is tunnelling?
Tunnelling is the network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol.
32
32. Disadvantages of tunnelling are?
Tunnelling creates larger packets
| • Is a point to point communication and is not designed to handle broadcast traffic.
33
35. Point to Point Tunnelling Protocol is supported by?
• Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)
• Challenge Handshake Authentication Protocol (CHAP)
• Password Authentication Protocol (PAP)
• Extensible Authentication Protocol (EAP)
• Shiva Password Authentication Protocol (SPAP)
The initial tunnel negotiation process used by PPTP is not encrypted.
34
33. List some common VPN protocols:
: L2TP, PPP, L2F, IPsec
35
34. What is Point to Point Tunnelling Protocol (PPTP)?
Point to Point Tunnelling Protocol (PPTP) is an encapsulation protocol developed from the dial up Point to Point Protocol. It operates at Data Layer (Layer 2)
36
36. What is L2F?
Layer 2 Forwarding (L2F) is a mutual authentication tunnelling mechanism. It does not offer encryption
37
37. What is Layer 2 Tunnelling Protocol (L2TP):
Layer 2 Tunnelling Protocol is derived from PPTP AND L2F. It lacks built in encryption but relies on IPsec as its security mechanism. It also supports RADIUS and TACACS+
38
38. Describe IPsec Protocol
Is both a standalone VPN and part of the L2TP security mechanism. It has security elements of IPv6 crafted into an add on package for IPv4. It has 2 primary components:
• Authentication Header provides authentication, integrity and non-repudiation
• Encapsulating payload provides for encryption to protect the confidentiality of transmitted data, but it also provides limited authentication. It operates at Network Layer (Layer 3)
• It can be used in transport mode or tunnel mode.
• In transport mode, the IP packet data is encrypted but the header of the packet is not
• In tunnel mode, the entire IP packet is encrypted, and a new header is added to the packet to govern transmission through the tunnel.
39
39. What is Virtual LAN?
A Virtual Local Area Network (VLAN) is a hardware imposed network segmentation created by switches.
• VLANs can also be assigned or created based on device MAC address, mirroring the IP subnetting, around specified protocols, or based on authentication.
• VLANs let you control and restrict broadcast traffic and reduce a network’s vulnerability to sniffers because a switch treats each VLAN as a separate network division
• VLANs operate at layer 2
• VLANs work like subnets, but keep in mind that they are not actual subnets. VLANs are created by switches at layer 2. Subnets are created by IP address and subnet mask assignments at layer 3.
40
40. What is virtualisation?
Virtualisation is the technology that is used to host one or more operating systems within the memory of a single host computer. E.g. VMware, Hyper-V etc
41
41. Advantages of virtualisation:
real time scalability, easier and faster backups, malicious code compromise hardly affect host OS, allows safe testing and experimentation
42
42. What is VM escaping?
VM escaping occurs when software within a guest OS is able to breach isolation protection provided by the hypervisor in order to violate the container of other OSs
43
43. How to control VM escaping:
keep highly sensitive systems and data on a separate physical machine, regularly patch hypervisor software, monitor attack and exposure.
44
44. What is virtual application?
Virtual application is a software product deployed in such a way that is fooled to believing that it is interacting with a full host OS.
45
45. Virtual desktop refer to:
Virtual desktop refers to remote access tool that grants the user access to a distant computer.
• Extension of virtual application concept encapsulating multiple applications and some form of portability or cross OS function
• Extended desktop larger than display that allows user to employ multiple application layouts.
46
46. What is network virtualisation
A virtualized network or network virtualization is the combination of hardware and software networking components into a single integrated entity.
47
47. What is Network Address Translation (NAT)?
The goals of hiding the identity of internal clients, masking the design of your private network, and keeping public IP address leasing costs to a minimum.
• NAT is a mechanism for converting the internal IP addresses found in packet headers into public IP addresses for transmission over the internet.
48
48. What is stateful NAT?
Network Address Translation (NAT) operates by maintaining mapping requests made by internal clients.
• A client’s internal IP address
• And the IP address of the internet service contacted
• Mapping address of the internal service contacted.
49
49. What is PAT?
Port Address Translation (PAT) is the multiplexing form of NAT. NAT is also known as NAT overloading.
50
50. Explain the 2 modes of Network Address Translation:
Network Address Translation occurs as: static NAT or Dynamic NAT
Static NAT: this occurs when a specific internal client’s IP address is assigned a permanent mapping to a specific external public IP address
Dynamic NAT: uses to grant multiple internal clients access to a few leased public IP addresses.
51
51. Is NAT directly compatible with IPsec?
Network Address Translation (NAT) is not directly compatible with IPsec because it modifies packet headers, which IPsec relies on to prevent security violations. NAT transversal (RFC 3947) was designed to support IPsec VPNs.
52
52. What is Automatic Private IP Addressing?
Automatic Private IP Addressing (APIPA) aka local link local address assignment assigns an IP address to a system in the event of Dynamic Host Configuration Protocol (DHCP) assignment failure.
53
53. What is circuit switching?
Circuit switching involves a dedicated physical pathway created between 2 communicating parties.
54
54. What is Packet switching:
Packet switching occurs when the message or communications is broken up into small segments and sent across intermediary networks to the destination.
55
55. Difference between packet switching and circuit switching are:
Circuit Switching: Constant traffic. fixed known delays, connection oriented, sensitive to connection loss, used primarily for voice.
Packet Switching: Bursty traffic, variable delays, connectionless, sensitive to data loss, used for any type of traffic.
56
57. What is Permanent Virtual Circuit (PVC)?
Permanent Virtual Circuit (PVC) is like a dedicated leased line, logical circuit always exists and is waiting for customer to send data.,
57
58. What is Switched Virtual Circuit:
Switched Virtual Circuit is like a dial up connection because virtual circuit has to be created using the best paths currently available before it can be used and then disassembled after the transmission is complete.
58
59. What are the 2 types of virtual circuit within a packet switching circuit:
Permanent Virtual Circuit (PVC) and Switched Virtual Circuit (SVC).
59
60. Describe Wide Area Network (WAN)?
Wide Area Network (WAN) is used to connect distant network nodes and individual devices together.
60
61. What is a dedicated line?
Dedicated Line is one that is hard to define and is continually reserved for use by a customer. A dedicated line is always on and waiting for traffic to be transmitted over it.
61
62. What is a nondedicated line?
Nondedicated line requires connection to be established before data transmission can occur e.g. Digital Subscriber Line (DSL), standard modems and Integrated Services Digital Network (ISDN).
62
63. What is Integrated Services Digital Network (ISDN)?
Integrated Services Digital Network is a fully digital telephone network that supports both voice and high speed data communications.
63
64. What are the 2 standard types of ISDN?
Basic Rate Interface (BRI) and Primary Rate Interface (PRI)
64
65. What is Basic Rate Interface?
Basic Rate Interface (BRI) offers customers a connection between 2 B channels and 1 D channel. B channels are used for data transmission. D channels are used for call management, establishment and deardown.
65
66. What are Channel Service Unit?
Channel Service Unit convert LAN signals into format used by WAN carrier network and vice versa. It is also known as Data Service Unit (DSU).
66
67. What is X.25 WAN?
X.25 WAN uses Permanent Virtual Switching (PVS) to establish specific point-to-point connections between two networks. It has low performance and throughput compared to Frame Relay.
67
68. What are Frame Relay Connections?
Frame Relay is a layer 2 connection mechanism that uses packet switching technology to establish virtual circuits between communication endpoints.
68
69. What is Committed Information Rate (CIR)?
Committed Information Rate (CIR) is the minimum bandwidth a service provider grants to its customers.
• It is significantly less than the actual maximum capability of the provider network.
• The service network provider may allow customers to exceed their CIR over short intervals when additional bandwidth is available.
69
70. What is Asynchronous Transfer Mode (ATM)?
Asynchronous Transfer Mode it fragments communications into fixed length 53 byte cells. These fixed lengths allows ATM to be very efficient and offer high throughputs.
• ATMs can use either PVCs or SVCs
70
71. What is Switched Multimegabit Data Service (SMDS):
this is a connectionless packet switching technology. SMDS is used to connect multiple LANs to form a Metropolitan Area Network (MAN)
71
72. SDH means____ and SONET means :
SDH Synchronous Digital Hierarchy, SONET- Synchronous Optical Network.
72
73. What are Synchronous Digital Hierarchy (SDH) and Synchronous Optical Network (SONET
Synchronous Digital Hierarchy (SDH) and Synchronous Optical Network (SONET) are hardware or physical layer standards defining infrastructure and line speed requirements.
• SDDH and SONET support both mesh and ring topologies
73
74. List 3 Specialised Protocols:
Synchronous Data Link Control (SDLC), High-Level Data Link Control (HDLC) and HSSI
74
75. What is Synchronous Data Link Control (SDLC)?
Synchronous Data Link Control is used on permanent physical connections of dedicated leased lines to provide connectivity for mainframes.
• Uses polling
• It operates in Data Layer (Layer 2)
75
76. What is High-Level Data Link Control (HDLC)?
High- Level Data link control is a refined version of the Serial Level Data Link designed specifically for serial synchronous connections.
• It supports full duplex communications and supports both point to point and multipoint connections.
• Operates on OSI layer 2 (Data Link Layer)
• Offers flow control and includes error detection.
76
77. What is transparency as a security control characteristic?
Transparency is a characteristic of a service, service control or access mechanism that ensures that is unseen by users.
77
78. What do you do to verify the integrity of a transmission?
use a checksum or hash. The hash total obtained is added to the end of the message and is called the message digest.
78
79. what is transmission logging?
transmission logging records the particulars about the source, destination and time stamps etc this information can be useful in troubleshooting problems and tracking down unauthorised communications.
79
80. what is security boundary?
security boundary is the line of intersection between 2 areas, subnets or environments that have different security requirements or needs.
80
81. what are logical security boundaries?
Logical security boundaries are the points where electronic communications interface with devices or services for which your organization is legally responsible.
81
82. what is a security perimeter?
The security perimeter in the physical environment is often a reflection of the security perimeter of the logical environment.
82
83. what is Denial of Service (DoS)?
Attacks on exploiting a vulnerability in the system.
83
84. Explain the basic forms of Denial of Service (DoS):
Attacks on exploiting a vulnerability in the system.
| Attacks that flood the victim’s communication pipeline with garbage network traffic
84
85. What is Distributed Denial of Service (DDoS)?
Distributed Denial of Service attacks involves the deployment of remote control tools e.g. bots, zombies etc.
85
86. What are botnets?
Botnets is a network of computers infected by malware that are under the control of a single attacking party. Botnets is the deployments of numerous bots or zombies across numerous unsuspecting victims.
86
87. What is eavesdropping?
Eavesdropping is simply listening to communication traffic for the purpose of duplicating it. The duplication can take the form of recording data to a storage device or using an extraction program that dynamically attempts to extract the original content from the traffic stream. they are difficult to detect and are known as passive attacks.
• When eavesdropping or wiretapping is transformed into altering or injecting communications, the attack is considered an active attack.
87
88. How to prevent eavesdropping?
physical access control to prevent unauthorised personnel from accessing out IT infrastructure.
• one time pads or tokens
• encryption e.g. IPsec, SSH
88
89. What is impersonation or masquerading?
Impersonation or masquerading is the act of pretending to be someone or something you are not to gain unauthorized access to a system. e.g. authentication credentials may have been stolen
89
90. How to prevent impersonation?
use onetime pads and token authentication systems
• use Kerberos
• use encryption
90
91. What are replay attacks?
Replay Attacks attempt to re-establish a communication session by replaying captured traffic against a system.
91
92. How to prevent replay attacks:
use onetime authentication mechanisms and sequenced session identification.
92
93. What are modification attacks?
Modification attacks is a process where captured packets are altered and then played against a system. The modified packets are designed to bypass the restriction of improved authentication mechanisms and session sequencing.
93
94. What are address resolution protocol spoofing?
Address Resolution Protocol (ARP) is used to discover the MAC address of a system by polling using its IP address. ARP attacks are often an element in man-in-the-middle attacks. Such attacks involve an intruder’s system spoofing its MAC address against the destination’s IP address into the source’s ARP cache.
94
95. List 2 examples of resolution attacks:
Domain Name Systems (DNS) poisoning and DNS Spoofing
95
96. What is Domain Name System poisoning?
Domain Name System poisoning occurs when an attacker alters the Domain name to IP address mapping in a DNS system to redirect traffic to a rogue system or simply perform a denial of service against the system.
96
97. What is Domain Name System (DNS) Spoofing?
Domain Name System (DNS) Spoofing occurs when an attacker sends false replies to a requesting system, beating the real reply from a valid DNS server.
• This is also technically an exploitation of race conditions
97
98. How to protect against DNS spoofing and poisoning?
allow only authorised changes to DNS.
• restrict zone transfers
• log all privileged DNS activity.
98
99. How to prevent DNS Hijacking vulnerability:
upgrade DNS to Domain Name System Security Extensions (DNSSEC)
99
100. What is Hyperlink Spoofing?
Hyperlink Spoofing is used to redirect traffic to a rogue or imposter system or to simply divert traffic away from the intended destination.
• It can take the form of DNS spoofing or simply divert traffic from its intended destination.
• Phishing is another attack that commonly involves hyperlink spoofing. The term means fishing for information. Phishing attacks can take many forms, including the use of false URLs.
100
101. what is pretexting:
this is a social engineering technique that manipulates victims into divulging information. A pretext is a made-up scenario developed by threat actors for the purpose of stealing victim’s personal data. it is related to phishing.
101
102. What is phishing?
Phishing involves impersonating a trusted entity in communications like emails or text messages in order to obtain sensitive information like payment card details and passwords.
102
a
a
103
a
a
104
a
a
105
a
a
106
a
a
107
a
a
