Network Security

Question 1

What is a network in the context of computer security?

Answer 1

A collection of communicating hosts.

Question 2

What are the key characteristics of a Local Area Network (LAN)?

Answer 2

Covers a small area (e.g., building), connects PCs, printers, file storage; allows data/program/device sharing; locally controlled, physically protected, limited scope (e.g., single department).

Question 3

What defines a Wide Area Network (WAN)?

Answer 3

Single organizational control, covers large distances, physically exposed.

Question 4

What are Campus Area Networks (CANs) and Metropolitan Area Networks (MANs)?

Answer 4

CANs connect multiple LANs in a campus; MANs cover a city.

Question 5

How does anonymity make networks vulnerable?

Answer 5

Attackers can operate remotely, hiding their origin by routing attacks through other hosts, complicating computer-to-computer authentication.

Question 6

Why do networks have many attack points?

Answer 6

Large networks offer multiple targets and origins; one host may enforce strict security, but remote hosts may not, creating vulnerabilities.

Question 7

How does resource sharing increase network vulnerability?

Answer 7

More sharing of resources/workload across systems makes single-machine access controls inadequate for network security.

Question 8

How does system complexity contribute to network vulnerabilities?

Answer 8

Networks combine different OSs/versions, requiring complex control systems. Modern desktops have more power, amplifying attacker capabilities.

Question 9

What is an unknown perimeter, and why is it a security issue?

Answer 9

Uncertainty about network boundaries; resources accessible across networks via shared nodes expose systems to uncontrolled malicious users.

Question 10

What is an unknown path in network security?

Answer 10

Multiple paths exist between hosts; users lack control over packet routes, and insecure hosts (e.g., Host D vs. secure Host C) create vulnerabilities.

Question 11

Who are network attackers, and what motivates them?

Answer 11

Motivated by power, money, fame, or intellectual challenge. Most repeat known attacks; few find new flaws.

Question 12

What is CryptoLocker, and how does it operate?

Answer 12

Released ~2013, encrypts files using RSA/AES, demands payment for decryption. Spread via fake customer support emails. System Restore may recover files.

Question 13

What is hacktivism, and how does it affect networks?

Answer 13

Hacking to disrupt normal operations without serious damage, e.g., virtual sit-ins flooding websites to support a cause.

Question 14

What is cyberterrorism, and why is it a concern?

Answer 14

Politically motivated hacking to cause grave harm (e.g., loss of life, economic damage). The internet is an increasing attack point.

Question 15

What is port scanning, and what information does it provide?

Answer 15

Scans IPs to identify open ports, running services, OS, and application versions, revealing vulnerabilities for potential attacks.

Question 16

How does social engineering exploit network security?

Answer 16

Attackers use social skills (e.g., posing as IT support) to extract internal network information through personal interaction.

Question 17

What is intelligence gathering in network security?

Answer 17

Collecting discrete information from sources like dumpster diving, eavesdropping, or forums to prepare for attacks.

Question 18

What is dumpster diving in the context of network attacks?

Answer 18

Searching discarded items in trash to find important documents for attack planning.

Question 19

What is OS and application fingerprinting?

Answer 19

Identifies OS/applications by analyzing responses to prompts, revealing manufacturer, version, and known vulnerabilities (e.g., via Nmap).

Question 20

How do attackers use forums and chats for network attacks?

Answer 20

Attackers post/read exploits or use vendor toolkits from forums to gather information for attacks, though reliability is not guaranteed.

Question 21

What is wardriving, and what risks does it pose?

Answer 21

Searching for open WiFi networks using a computer with a WiFi receiver. Open access points (228,537 reported) often lack encryption, risking sidejacking.

Question 22

How do rogue access points threaten network security?

Answer 22

Placed in public areas (e.g., coffee shops), they intercept sensitive data. SSL prevents some theft, but passwords/emails remain vulnerable.

Question 23

What is eavesdropping in network security?

Answer 23

Overhearing communications without effort, potentially legitimate (e.g., admins checking resource use) or malicious.

Question 24

What is the difference between passive and active wiretapping?

Answer 24

Passive: Listening to communications.
Active: Injecting into a conversation to manipulate or extract data.

Question 25

How does wiretapping occur in LANs?

Answer 25

Packet sniffers retrieve packets, or interface cards are reprogrammed to mimic another host’s address, intercepting packets. Rare due to friendly LAN environments.

Question 26

How can cable radiation be exploited for wiretapping?

Answer 26

Attackers use inductance to read radiated signals without physical contact, requiring close proximity to the cable.

Question 27

What is cable splicing in wiretapping?

Answer 27

Joining a secondary cable to receive copies of all signals, allowing interception of LAN communications.

Question 28

Why is wiretapping on WANs more difficult?

Answer 28

Data is heavily multiplexed, requiring attackers to intercept and extract specific communications, making it less common.

Question 29

How are microwave signals vulnerable to interception?

Answer 29

Broadcast over the air, they can be intercepted by interfering with the line of sight or using an antenna off-focus, detectable miles away.

Question 30

Why is wireless traffic interception a significant threat?

Answer 30

Wireless vulnerabilities enable passive/active wiretapping, exacerbated by 85% of users not using encryption or using weak WEP.

Question 31

Describe the telecom security flaw affecting mobile email.

Answer 31

A flaw in a telecom’s CDMA network allowed a second user to view the first user’s email if connected to the same port within 60 seconds due to unterminated WAP sessions.

Question 32

How does encryption protect network communications?

Answer 32

Encrypts LAN/WAN communications to ensure confidentiality. Strong physical/administrative security may be preferred for local LANs.

Question 33

How do protocol flaws create network vulnerabilities?

Answer 33

Despite scrutiny, protocols (identified by RFC numbers) may have issues like client impersonation via sequence number guessing, discovered post-standardization.

Question 34

Why is impersonation a significant network threat?

Answer 34

Easier than wiretapping, especially in WANs, attackers can guess credentials, intercept them, bypass authentication, or target unauthenticated systems.

Question 35

How do attackers exploit weak passwords for impersonation?

Answer 35

Users choose easy-to-guess passwords. Internet worms try username variations, common passwords, or dictionary words to gain access.

Question 36

Why are default passwords a security risk?

Answer 36

Systems/routers often have default accounts (e.g., GUEST, ADMIN) with known passwords (e.g., “guest”), often not disabled by admins.

Question 37

How do dead accounts pose a security risk?

Answer 37

Accounts of former users (e.g., sabbatical professors) remain active, vulnerable to social engineering or password guessing.

Question 38

How do attackers exploit password guessing limits?

Answer 38

Repeated guesses lock accounts, allowing attackers to use social engineering to unlock them via IT departments.

Question 39

How does wiretapping compromise authentication?

Answer 39

Attackers intercept plaintext authentication details from remote host access, reusing them to gain unauthorized access.

Question 40

How do secure protocols prevent authentication vulnerabilities?

Answer 40

Avoid transmitting passwords in plaintext, using cryptographic methods to protect authentication details.

Question 41

Why is the LAN Manager (LM) hash insecure?

Answer 41

Converts passwords to uppercase, pads to 14 characters, splits into two DES keys, producing a 16-byte hash. Limited character set and weak DES make it vulnerable to brute force (cracked in 23 hours in 1998).

Question 42

How do buffer overflow flaws bypass authentication?

Answer 42

Fixed-size password buffers count all input (including backspaces). Overflow bypasses password checks, granting access, especially in WANs.

Question 43

Why is non-existent authentication a vulnerability?

Answer 43

Systems assuming prior authentication (e.g., Unix .rhosts/.rlogin) allow access without re-authentication, trusting primary hosts incorrectly.

Question 44

What are examples of well-known authentication vulnerabilities?

Answer 44

Default BIOS passwords, SNMP community strings, or demo accounts with no passwords allow easy access if not disabled.

Question 45

How does trusted authentication create vulnerabilities?

Answer 45

Delegating identification (e.g., .rhosts) allows remote users access without proper checks, creating potential security holes.

Question 46

What is spoofing in network security?

Answer 46

An attacker falsely carries out one end of a networked interchange, e.g., masquerading, session hijacking, or man-in-the-middle attacks.

Question 47

What is an example of masquerading?

Answer 47

A host pretends to be another (e.g., Amazone.com vs. Amazon.com) to deceive users or systems.

Question 48

How does phishing relate to masquerading?

Answer 48

Fake emails posing as legitimate companies trick users into visiting fraudulent sites or sharing sensitive data. In 2018, 45,771 phishing sites were detected.

Question 49

How do attackers enhance phishing attacks?

Answer 49

Exploit website vulnerabilities to overwrite pages or create fake sites to collect sensitive information or induce real transactions without obvious signs.

Question 50

What is a man-in-the-middle (MITM) attack?

Answer 50

A third party intercepts communication from the start, eavesdropping, decrypting, modifying, and re-encrypting data, unlike session hijacking which occurs post-session.

Question 51

How does session hijacking differ from man-in-the-middle attacks?

Answer 51

Session hijacking occurs after a session is established; MITM involves interception from the start of the session.

Question 52

How is CryptoLocker typically delivered?

Answer 52

Spread via emails to company addresses, disguised as customer support, containing malicious attachments.

Question 53

What are the risks of open WiFi networks?

Answer 53

228,537 open access points, many without encryption or using weak WEP, risk sidejacking and data interception.

Question 54

What is WPA3, and when was it introduced?

Answer 54

WPA3, introduced in 2018, enhances WiFi security to protect against interception and vulnerabilities.

Question 55

Why is SSL critical for network security?

Answer 55

Encrypts communications to prevent interception of sensitive data (e.g., credit cards) on rogue access points, though passwords/emails may still be vulnerable.

Question 56

What is the best defence against attacker reconnaissance?

Answer 56

Silence—avoid sharing any network information to prevent attackers from gathering exploitable data.

Question 57

How can vendor information aid attackers?

Answer 57

Vendors posting toolkits or product details on forums/chats provide attackers with exploitable information or tools to target systems.

Question 58

How does packet sniffing work in LANs?

Answer 58

A sniffer retrieves packets, or a reprogrammed interface card mimics another host’s address to intercept packets, which are then returned to the network.

Question 59

Why are microwave signals a security concern?

Answer 59

Broadcast over the air, they are easily intercepted by interfering with the line of sight or using an offset antenna, enabling long-range monitoring.

Question 60

Why is expert oversight critical for network security cryptography?

Answer 60

Cryptography (e.g., LM hash, DES) requires precise design and monitoring to prevent vulnerabilities like brute force attacks or outdated algorithms.