Chapter 4 Questions Flashcards
(34 cards)
What is the CVE list?
The Common Vulnerabilities and Exposures List.
It is a dictionary of publicly known security, Vulnerabilities and Exposures
What is a Zero Day Vulnerability exploit?
A vulnerability that is unknown to the vendor. Or one where the vendor has not released a patch. If attackers discover such vulnerabilities, they are eager to exploit them.
What is a false positive?
A false positive is an alert or alarm on an event that is non-threatening, benign, or harmless.
What is a false negative?
A false negative is when am attacker is actively attacking the network, but the system does not detect it.
What is a honey pot?
A honey pot is a sweet-looking server. One that is left open and appears to have been sloppily locked down, allowing an attacker relatively easy access.
Two goals of a honey pot?
- divert attackers from the live network
- allow observation of an attacker
What is a honey net?
A group of virtual servers contained within a single physical server, and the servers within this network are honeypots. Honey nets mimic the functionality of a live network.
Passive IDS vs Active IDS?
Passive IDS just note/log the activity and send an alert to admin. Active IDS do all that AND change the environment of the network to stop and prevent the attack. An ACTIVE IDS IS BASICALLY AN IPS.
What is an Isotropic antenna?
An Isotropic antenna is a theoretical concept where an antenna has a perfect three-dimensional radiation pattern of 360 degrees vertically and horizontally.
What is a dipole antenna?
A dipole antenna is an actual antenna. Assuming it is standing vertically, it has a radiation pattern of 360 degrees horizontally and about 75 degrees vertically.
What is a Yagi/ directional antenna?
A Yagi antenna is a common type of directional antenna. The typically use a dipole, folded dipole or half wave dipole combined with additional elements such as a reflector or director elements. These additional elements focus the antenna in a single direction while also increasing the gain and refusing the radiation pattern.
What is a wireless site survey?
A wireless site survey is the process of examining the wireless environment to identify potential issues. Administrators perform a site survey while planning and developing a WLAN.
What is WPA2 encrypted with?
AES
What is 802.1x?
802.1x server is inter grated with a database of accounts and it provides port-based Authentication by requiring users and devices to authenticate before granting them access to a network. When systems connect, the 802.1x server challenges them to authenticate and prevents full network access until it receives valid credentials.
You can implement 802.1x as a RADIUS (remote Authentication dial-in user service) server.
What is a captive portal?
A captive portal is a technical solution that forces clients using web browsers to complete a specific process before it allows them to access the network.
(They tell you to acknowledge that you know what their connection may be unsafe. Check the boxes)
Give three common examples of captive portals.
1- Free Internet Access
(Such as given by hospitals, and other medical centers…users have to acknowledge and agree to abide by acceptable use policy. Usually by checking a box, and click a button to continue.
2- Paid Internet Access
( such as given by hotels, resorts….on a pay as you go basis. Users a redirected to a captive portal where they have to log on with pre-created account or credit card information to pay for access)
3- alternative to 802.1x
(Since it requires users to authenticate before granting access)
Why is changing the default administrator password important?
If the default password isn’t changed, anyone who can access your WAP can log on and modify the configuration. An attacker can easily bypass an otherwise secure wireless network of the administrator password is not changed. The attacker can log on and simply turn off security.
*enable MAC filtering as well to address other security concerns
What is war driving?
War driving is the practice of looking for a wireless network. Although more commonly down in cars, it can also be done just by walking around a large city.
What is a Rogue Access Point?
A Rogue Access Point is a WAP placed within a Network by someone with some type of attack in mind.
These are also known as counterfeit Access points.
What is Data Exfiltration?
Data Exfiltration is the unauthorized transfer of data from an organization to a location controlled by an attacker.
What is Jamming (and interference)?
A type of DoS attack that prevents all users from connecting to a wireless network by interfering with the transmissions of the network.
What is NFC? (Near Field Communication)
Near Filed Communication is a group of standards used on mobile devices that allow them to communicate with other mobile devices when they are close to them.
Name some other forms is NFCc
Card reader technologies ( being able to make a purchase in some places just by placing your phone close to a credit card reader).
What is Remote Access?
Remote Access is the group is technologies that allow users to access an internal network from remote locations.
RAS provide access through dial up or VPNS.
