Chapter 4 Questions

Question 1

What is the CVE list?

Answer 1

The Common Vulnerabilities and Exposures List.

It is a dictionary of publicly known security, Vulnerabilities and Exposures

Question 2

What is a Zero Day Vulnerability exploit?

Answer 2

A vulnerability that is unknown to the vendor. Or one where the vendor has not released a patch. If attackers discover such vulnerabilities, they are eager to exploit them.

Question 3

What is a false positive?

Answer 3

A false positive is an alert or alarm on an event that is non-threatening, benign, or harmless.

Question 4

What is a false negative?

Answer 4

A false negative is when am attacker is actively attacking the network, but the system does not detect it.

Question 5

What is a honey pot?

Answer 5

A honey pot is a sweet-looking server. One that is left open and appears to have been sloppily locked down, allowing an attacker relatively easy access.

Question 6

Two goals of a honey pot?

Answer 6

• divert attackers from the live network

- allow observation of an attacker

Question 7

What is a honey net?

Answer 7

A group of virtual servers contained within a single physical server, and the servers within this network are honeypots. Honey nets mimic the functionality of a live network.

Question 8

Passive IDS vs Active IDS?

Answer 8

Passive IDS just note/log the activity and send an alert to admin. Active IDS do all that AND change the environment of the network to stop and prevent the attack. An ACTIVE IDS IS BASICALLY AN IPS.

Question 9

What is an Isotropic antenna?

Answer 9

An Isotropic antenna is a theoretical concept where an antenna has a perfect three-dimensional radiation pattern of 360 degrees vertically and horizontally.

Question 10

What is a dipole antenna?

Answer 10

A dipole antenna is an actual antenna. Assuming it is standing vertically, it has a radiation pattern of 360 degrees horizontally and about 75 degrees vertically.

Question 11

What is a Yagi/ directional antenna?

Answer 11

A Yagi antenna is a common type of directional antenna. The typically use a dipole, folded dipole or half wave dipole combined with additional elements such as a reflector or director elements. These additional elements focus the antenna in a single direction while also increasing the gain and refusing the radiation pattern.

Question 12

What is a wireless site survey?

Answer 12

A wireless site survey is the process of examining the wireless environment to identify potential issues. Administrators perform a site survey while planning and developing a WLAN.

Question 13

What is WPA2 encrypted with?

Answer 13

AES

Question 14

What is 802.1x?

Answer 14

802.1x server is inter grated with a database of accounts and it provides port-based Authentication by requiring users and devices to authenticate before granting them access to a network. When systems connect, the 802.1x server challenges them to authenticate and prevents full network access until it receives valid credentials.
You can implement 802.1x as a RADIUS (remote Authentication dial-in user service) server.

Question 15

What is a captive portal?

Answer 15

A captive portal is a technical solution that forces clients using web browsers to complete a specific process before it allows them to access the network.

(They tell you to acknowledge that you know what their connection may be unsafe. Check the boxes)

Question 16

Give three common examples of captive portals.

Answer 16

1- Free Internet Access
(Such as given by hospitals, and other medical centers…users have to acknowledge and agree to abide by acceptable use policy. Usually by checking a box, and click a button to continue.
2- Paid Internet Access
( such as given by hotels, resorts….on a pay as you go basis. Users a redirected to a captive portal where they have to log on with pre-created account or credit card information to pay for access)
3- alternative to 802.1x
(Since it requires users to authenticate before granting access)

Question 17

Why is changing the default administrator password important?

Answer 17

If the default password isn’t changed, anyone who can access your WAP can log on and modify the configuration. An attacker can easily bypass an otherwise secure wireless network of the administrator password is not changed. The attacker can log on and simply turn off security.

*enable MAC filtering as well to address other security concerns

Question 18

What is war driving?

Answer 18

War driving is the practice of looking for a wireless network. Although more commonly down in cars, it can also be done just by walking around a large city.

Question 19

What is a Rogue Access Point?

Answer 19

A Rogue Access Point is a WAP placed within a Network by someone with some type of attack in mind.
These are also known as counterfeit Access points.

Question 20

What is Data Exfiltration?

Answer 20

Data Exfiltration is the unauthorized transfer of data from an organization to a location controlled by an attacker.

Question 21

What is Jamming (and interference)?

Answer 21

A type of DoS attack that prevents all users from connecting to a wireless network by interfering with the transmissions of the network.

Question 22

What is NFC? (Near Field Communication)

Answer 22

Near Filed Communication is a group of standards used on mobile devices that allow them to communicate with other mobile devices when they are close to them.

Question 23

Name some other forms is NFCc

Answer 23

Card reader technologies ( being able to make a purchase in some places just by placing your phone close to a credit card reader).

Question 24

What is Remote Access?

Answer 24

Remote Access is the group is technologies that allow users to access an internal network from remote locations.
RAS provide access through dial up or VPNS.

Question 25

What is Telephony?

Answer 25

Telephony is the use of telephone technologies to connect computers.

Question 26

What is a VPN?

Answer 26

A VPN allows a connection to a private network over a public network. (That public network tends to be the internet, but can also be leased lines from telecommunications companies).

Question 27

And what is the importance of a VPN Concentrator?

Answer 27

A VPN concentrator includes all services needed by a VPN server, including strong encryption and authentication techniques and supports large number of clients.

Question 28

Explain IPSec and a Tunneling Protocol

Answer 28

IPSec supports tunnel mode, which encrypts the entire IP packet. The mode used is VPN.

Question 29

Explain the two ways in which IPSec provides security.

Answer 29

1- Authentication
Includes AH (Authentication header) to allow each of the hosts in the IPSec conversation authenticate with each other before exchanging data. AH provides authentication and integrity. 

2- Encryption
IPSec includes Encapsulating Security Payload (ESP) to encrypt the data and provide confidentiality. ESP includes AH so it provides Authentication, integrity, and confidentiality.

Question 30

What is a Site to Site VPN? Benefit?

Answer 30

A site-to-site VPN includes two VPN servers that act as gateways for two Networks separated geographically.

**A benefit of the site-to-Site model is that it connects both networks without requiring additional steps on the part of the user. Users in a remote office can connect to servers in the headquarters location as easily as if the server were in the remote office.

Question 31

What is Access Control?

Answer 31

Access Control = restricting access to a Networks resources from unauthorized users.

Question 32

What does NAC (network access control) do?

Answer 32

NAC provides a measure of control for computers outside of the network. It ensures that clients meet predetermined characteristics prior to accessing a network. NAC systems often use ‘health’ as a metaphor, indicating that a client meets the predetermined characteristics (such as having up-to-date anti virus software installed, applying current patches, enabled fire walls, etc)

Question 33

What are common health conditions checked by NACs?

Answer 33

having up-to-date anti virus software installed, applying current patches, enabled fire walls, etc.

Question 34

What is a remediation Network?

Answer 34

*Also called a quarantine network
** if a client does not meet all ‘health’ requirements, the NAC does not allow then to join the network. Instead they are redirected to Remediation Network which include resources the client can use to get ‘healthy’. (Such as updating anti virus software, patches, updating virus signatures, etc).
The client can use these resources to improve its health and then try to access the network again.