pain points module 3 Flashcards
(27 cards)
What are we scanning for?
We’re scanning for vulnerable systems
Agent-Based Scanning: What it scans / How it works / Why it’s used / Advantages & drawbacks
Scans internal system data like OS version, patch status, installed apps.
Uses an installed software agent on each device that reports back to a central server.
Used when you need deep insight into individual system security states.
Advantage: Accurate. Disadvantage: Must install + manage agents on every endpoint.
Agentless Scanning: What it scans / How it works / Why it’s used / Advantages & drawbacks
Scans from the outside: uses network probing to detect devices, OS, open ports, and exposed services.
A physical or virtual scanning system is placed on the network. It connects to devices via IP.
Used for quick audits, rogue device discovery.
Advantage: Fast, no install. Disadvantage: Surface-level only; limited visibility.
What does “plug a scanner into your network” mean?
This usually means connecting a device (or running software on an existing device) that actively scans the local network for IP addresses and open services. It can be physical (e.g.
What is a port (in networking)?
A port is a virtual/software doorway that lets specific kinds of traffic reach a device. Each service (like a website or remote login) listens on a specific port (e.g.
What is a server (mid-level explanation)?
A server is any system that provides services or data to other devices (“clients”). This includes web servers
What is 802.1X authentication and do I need it for Security+?
802.1X is a port-based network access control protocol. It requires devices to authenticate (e.g.
What is WPA2? What is WPA3?
WPA2: Older wireless security standard using PSK (pre-shared key). Strong, but vulnerable to offline attacks.
WPA3: Newer standard. Uses SAE (Simultaneous Authentication of Equals) to block offline password cracking and improve public Wi-Fi safety.
WPA3 = better protection for modern devices.
What is segmented Wi-Fi?
Yes—like when you see “Walmart Guest” and “Walmart Employee.” Segmentation means different user types are put on different virtual networks (VLANs) to isolate their traffic and limit cross-access.
What is an FTP server?
An FTP server hosts files for upload or download using the File Transfer Protocol. Commonly used for website uploads
How do you close a port?
Disable the associated service on the system (e.g., stop the web server on port 80).
Use a firewall to block traffic to that port.
You can also configure systems to ignore unsolicited traffic on unused ports.
Is the firewall attached to ports?
Yes—firewalls monitor traffic going to and from specific ports.
You can configure rules that say, for example: ‘Block all inbound traffic on port 23 (Telnet)’ or ‘Allow only internal traffic on port 443 (HTTPS)’.
So yes, firewalls are port-aware and port-controlling.
What is a host (in networking)?
A host is any device that has an IP address and can send or receive network traffic. This includes servers
What does “hosting” mean?
Hosting means running a service or application on a device (the host) that other devices can access over a network. For example
What is a rogue access point?
A rogue AP is a wireless access point connected to a secure network without authorization. It can expose the internal network to anyone within range and is a major physical-layer vulnerability.
What is an evil twin access point?
An evil twin is a fake wireless network with the same name (SSID) as a legitimate one. It tricks users into connecting
What is a deauthentication (deauth) attack?
A deauth attack forcibly disconnects a user from a Wi-Fi network by sending fake “de-auth” frames. The goal is to force reconnection (possibly to an evil twin) or capture handshake data for password cracking.
What is WPA2?
WPA2 (Wi-Fi Protected Access 2) is a common wireless security protocol that uses pre-shared keys (PSK). It provides strong encryption but is vulnerable to offline brute-force attacks if weak passwords are used.
What is WPA3?
WPA3 is the newer wireless security protocol. It replaces PSK with SAE (Simultaneous Authentication of Equals)
What is Wi-Fi segmentation?
Wi-Fi segmentation means splitting a wireless network into separate virtual networks (e.g.
What is Bluetooth tracking?
Bluetooth devices constantly broadcast a unique ID. If that ID doesn’t change
What is BlueBorne?
BlueBorne is a vulnerability that allowed attackers to take control of Bluetooth-enabled devices without pairing or user interaction. It exploited weaknesses in how Bluetooth handled connections.
What does it mean when a host is “listening” on port 443?
It means the host is acting as a server.
It’s hosting a service (in this case, HTTPS web traffic) and is ready to accept connections from clients.
Listening = the service is “open for business” on that port.
What’s the difference between a host and a server?
A host is any device on a network.
A server is a host that’s currently providing a service to other devices.
All servers are hosts, but not all hosts are servers.
Hosting = the act of serving something on the network.
