Flashcards in CISA Refresher 1 Deck (31):
It is possible to break LAN security through the dail in route. Without dail up access controls, a caller can dial in and try passwords until they gain acces
A dial back modem may be used to prevent access by guessing passwords.
Twin line dial back modems
Dial back modems are available that are connected to two individual telephones. one is used for incoming calls and the second is used to call back the user on the known telephone number.
Router packet filtering firewalls
Packet header have information in them, including the IP address of the sender and receiver and the authorized port numbers allowed to use the information transmitted. Base onthat information the router know what kind of internet service, such as web based or FTP, is being used to send the date as well as the identitied of the sender and reciver of the data.
Possible attacks in packet filtering firewalls
IP spoofing, Source routing specification and miniature fragment attack.
Application firewall systems
Disadvantages are poor performance and scalability as internet usage grows
Stateful inspection firewall
It keeps track of the destination IP address of each packet that leaves the organizations internal network. whenever the response to the packet is received its record is referenced to ascertain and ensure that the incoming message is in response to the request that went out from the organization.
problem faced firewall
Most firewalls operate at network layer, therefore they do not stop any application base or input based attack
example of such attacks in application layer
SQL injection, buffer overflow attacks.
components of IDS
Sensors that are responsible for collecting data, Analyzer that receive input from sensors and determine intrusive activity, An administrative control, A user interface
Types of IDS
Signature based, statistical based, and Neural based
Neural based IDS
are similar to statistical model but with added self learning functionality
IDS cannot help following weakness
weakness in policy definition, application level vulnerabilities, back door in the applications, weakness in identification and athentication schemes
Two types of Honey pots
High interactionn , Low interaction
Heuristic scanning tools
are a type of virus scanning used to indicate possible infected codes
what is the most prevalent security risk when an organisation implements remote VPN access to its network
Malicious code could be spread across the network
Establishing controls to handle concurrent access problems is a preventive control
Implementing data backup and recovery procedure is a corrective control, because backup and recovery procedure can be used to rollback database errors
An ITF is considered a useful audit tool because it uses the same programs to compare processing using independently calculated data
A benefit of open system architecture is that it
Open system are those for which suppliers provied components whose interfaces aer defined by public standards, thus facilitating interoperability between systems made by different vendors
Prototyping is the development of a system through controlled trial and error
when using public key encryption to secure data being transmitted across a network
the key use to encrypt is public, but the key used to deycrypt the data is private
symmetric key systems use single, secret, bidirectional keys
In asymetric encryption process, two keys ork together as pair. One key is ued to encrypt data and other is used to decrypt data. Either key can be used to encrypt or decrypt but once the key has been used to encrypt data, only its partner can be used to decrypt the data
If asymmetric keys were used to encrypt bulk data
the proces would be very slow, this is the reason they are used to encrypt short messages such as digest or signatures
A common form of asymmetric encryption is RSA
common type of message digest algorithms are SHA1, MD2, MD4 and MD5
There algorithms are one way functions unlike private and public key encryption algoritms. This process of creating message digest cannot be reversed
digital signature is a cryptographic method that ensures
Data integrity, Authentication and Non repudiation
digital signatures and public\ Key encryption are vulnerable to man in the middle attacks wherein the senders digital signature private key and public key may be faked