Firewall and Switch Protection Flashcards Preview

CompTIA Security+ SY0-501 > Firewall and Switch Protection > Flashcards

Flashcards in Firewall and Switch Protection Deck (9)
Loading flashcards...
1

What is a CAM table overflow attack?

Generating fake MAC addresses repeatedly sending frames into the switch to overload memory capacity

2

What is TTL?

Time to live (L3)
Decrements packet TTL value each hop, prevents loops

3

What is STP?

Spanning Tree Protocol (L2)
Prevents loops by blocking redundant paths

4

What are flood guards?

Limits specific protocol activity on network in case STP is disabled, i.e set the threshold for broadcast activity ideally based on baseline

5

Why would an administrator put an explicit deny rule despite the default implicit deny?

Implicit deny is not logged, so explicit deny can generate events based on deny rule

6

What is private, public vs hybrid cloud?

Private VMs have no connection to internet
Public VMs accessible over internet
Hybrid Combination of public and private

7

What is Community cloud?

Organisations striving for same objectives in a collaborative effort share cloud infrastructure

8

What is ARP poisoning?

Spoofing, i.e sending incorrect ARP of default gateway to rogue computer to do packet sniffing

9

What is DNS poisoning?

Changing DNS server to rogue computer to see DNS resolution of victim