Flashcards in Firewall and Switch Protection Deck (9)
What is a CAM table overflow attack?
Generating fake MAC addresses repeatedly sending frames into the switch to overload memory capacity
What is TTL?
Time to live (L3)
Decrements packet TTL value each hop, prevents loops
What is STP?
Spanning Tree Protocol (L2)
Prevents loops by blocking redundant paths
What are flood guards?
Limits specific protocol activity on network in case STP is disabled, i.e set the threshold for broadcast activity ideally based on baseline
Why would an administrator put an explicit deny rule despite the default implicit deny?
Implicit deny is not logged, so explicit deny can generate events based on deny rule
What is private, public vs hybrid cloud?
Private VMs have no connection to internet
Public VMs accessible over internet
Hybrid Combination of public and private
What is Community cloud?
Organisations striving for same objectives in a collaborative effort share cloud infrastructure
What is ARP poisoning?
Spoofing, i.e sending incorrect ARP of default gateway to rogue computer to do packet sniffing