Firewall and Switch Protection Flashcards Preview

CompTIA Security+ SY0-501 > Firewall and Switch Protection > Flashcards

Flashcards in Firewall and Switch Protection Deck (9)
Loading flashcards...

What is a CAM table overflow attack?

Generating fake MAC addresses repeatedly sending frames into the switch to overload memory capacity


What is TTL?

Time to live (L3)
Decrements packet TTL value each hop, prevents loops


What is STP?

Spanning Tree Protocol (L2)
Prevents loops by blocking redundant paths


What are flood guards?

Limits specific protocol activity on network in case STP is disabled, i.e set the threshold for broadcast activity ideally based on baseline


Why would an administrator put an explicit deny rule despite the default implicit deny?

Implicit deny is not logged, so explicit deny can generate events based on deny rule


What is private, public vs hybrid cloud?

Private VMs have no connection to internet
Public VMs accessible over internet
Hybrid Combination of public and private


What is Community cloud?

Organisations striving for same objectives in a collaborative effort share cloud infrastructure


What is ARP poisoning?

Spoofing, i.e sending incorrect ARP of default gateway to rogue computer to do packet sniffing


What is DNS poisoning?

Changing DNS server to rogue computer to see DNS resolution of victim