Udemy Sections 9-11: Application Security, Secure Software Development, and Network Design Flashcards
1
Q
T/F: It is best practice to immediately upgrade to the newest browser when it comes out.
A
False
New browsers can have bugs and security issues. It is best practice to wait to upgrade until issues have been fixed.
2
Q
T/F: It is best practice to immediately download the newest patch when it comes out.
A
True
A patch means that there is a vulnerability that has been found and fixed through that patch.
3
Q
What two things should you take into consideration when choosing a browser?
A
Your OS
Your needs
4
Q
5 general security tips to secure your browser
A
Implement policies as an administrative control or technical control
Train your users
Use proxy servers to cache the website and reduce bandwidth usage
Use content filters to blacklist websites or categories of sites
Prevent malicious code by preventing ActiveX controls, Java applets, JavaScript, Flash, and other active content
5
Q
Text files placed on a client’s computer to store information about the user’s browsing habits, credentials, and other data
A
Cookies
6
Q
A type of cookie commonly used by spyware to gather details about users. Includes information about what websites the user goes to, for how long, and what types of things the users click on.
A
Tracking cookie
7
Q
A type of cookie used to keep track of users and their preferences, including what is in virtual shopping carts.
Being used as a way to maintain a connection and a session between the user and the server.
A
Session cookie
8
Q
Since the common populace doesn’t like cookies, what type of tracking are organizations switching to?
A
Server-side tracking
9
Q
A data file stored in your Windows user profile under the Flash folder inside of your AppData folder. It is created by visiting a website that runs a Flash application.
A
LSO (Locally Shared Object)
AKA Flash cookie
10
Q
What does LSO stand for?
A
Locally Shared Object
11
Q
What is replacing Adobe Flash?
A
HTML5
12
Q
Smaller browser extensions and plugins that provide additional functionality to the browser
A
Add-ons
13
Q
Why is it best practice to not use any additional extensions or add-ons with your browser?
A
More code always means more vulnerability risk.
14
Q
Browser configuration and settings for numerous options such as SSL/TLS settings, local storage/cache size, browsing history, etc.
A
Advanced security options
15
Q
Which version of SSL is deprecated?
A
SSL 3.0
16
Q
Which version of TLS is deprecated?
A
TLS 1.0
17
Q
The obvious first step to protect your documents from being viewed or modified. The Microsoft suite has this capability built-in.
A
Create a password for them
18
Q
What can you set your documents to if you want them to be viewed, but not modified by others?
A
Read only
19
Q
By default, should you enable or disable macros?
A
Disable
20
Q
What does MS Outlook use for email security?
A
Digital signatures
21
Q
The file type for a Microsoft Outlook data file (including archived emails)
A
.pst
22
Q
A Windows security component that prevents unauthorized access and avoids user error in the form of accidental changes.
It keeps every user besides the actual administrator account in a standard user mode. When an administrative action is taken, this triggers a pop-up to ask for credentials.
A
UAC (User Account Control)
23
Q
UAC stands for
A
User Account Control
24
Q
A cookie with this attribute is only sent to the server with an encrypted request over the HTTPS protocol. This keeps the contents of the cookie safe from MITM attacks.
A
Secure
25
A cookie with this attribute is inaccessible to the JavaScript API; it's only sent to the server.
HttpOnly
26
This cookie attribute specify which hosts can receive a cookie.
Domain
27
This cookie attribute indicates a URL path that must exist in the requested URL in order to send the cookie header.
Path
28
This cookie attribute lets the servers specify whether/when cookies are sent with cross-site requests. This provides protection against CSRF attacks. This attribute has 2 variations: Strict and Lax.
SameSite
29
SDLC stands for
Software Development Life Cycle
30
An organized process of developing a secure application throughout the life of the project. Based on the Waterfall Model.
SDLC (Software Development Life Cycle)
31
Phase 1 of the SDLC
Planning and analysis
The goals are determined, stakeholder needs are assessed, requirements are gathered, high-level planning is conducted.
32
Phase 2 of the SDLC
Software/systems design
Application/system is defined, outlined, and diagramed in detail. Focus on the overarching inputs and outputs of each function that makes up the finalized software.
33
Phase 3 of the SDLC
Implementation
Programmers code functions needed for the final product. Programmers perform basic debugging and testing to ensure it is functional.
34
Phase 4 of the SDLC
Testing
The code is tested through a myriad of testing methodologies
35
Phase 5 of the SDLC
Integration
The application/system is integrated into the larger network environment. This ensures that all the parts can interact effectively and correctly.
36
Phase 6 of the SDLC
Deployment
Application/system is moved into the production environment where customers and end users can utilize it to perform their work.
37
Phase 7 of the SDLC
Maintenance
Bugs and vulnerabilities are always found. Programmers roll out patches and updates. Also includes end user training on the new software/system.
38
The 7 phases of the SDLC
Planning and analysis
Software/systems design
Implementation
Testing
Integration
Deployment
Maintenance
39
The SDLC phase where programmers roll out patches and updates. Also includes end user training on the new software/system.
Phase 7: Maintenance
40
The SDLC phase where the application/system is moved into the production environment where customers and end users can utilize it to perform their work.
Phase 6: Deployment
41
The SDLC phase where the application/system is integrated into the larger network environment. This ensures that all the parts can interact effectively and correctly.
Phase 5: Integration
42
The SDLC phase where the code is tested through a myriad of testing methodologies
Phase 4: Testing
43
The SDLC phase where programmers code functions needed for the final product. Programmers perform basic debugging and testing to ensure it is functional.
Phase 3: Implementation
44
The SDLC phase where the application/system is defined, outlined, and diagramed in detail. Focus on the overarching inputs and outputs of each function that makes up the finalized software.
Phase 2: Software/systems design
45
The SDLC phase where the goals are determined, stakeholder needs are assessed, requirements are gathered, high-level planning is conducted.
Phase 1: Planning and analysis
46
PSITIDM is an acronym (I created) for...
The 7 SDLC phases.
Planning and analysis
Software/systems design
Implementation
Testing
Integration
Deployment
Maintenance
47
In the version Windows 10 v10.0.12425, which number is the major number?
10
48
In the version Windows 10 v10.0.12425, which number is the minor number?
0
49
In the version Windows 10 v10.0.12425, which number is the build number?
12425
50
What is the additional phase that is only sometimes mentioned of the SDLC?
Phase 8: Retirement
Usually included with Phase 7: Maintenance, but not always
51
Software development that is performed in time-boxed or small increments to allow more adaptivity to change
Agile
52
DevOps stands for
Software development and IT operations
53
A way of conducting business where software developers and IT operations personnel work closely together to speed up development and deployment of applications to deliver to the end user quicker.
It is best to include security personnel as well to ensure good security despite the quick deadline.
DevOps
54
CIA stands for
Confidentiality
Integrity
Availability
55
Most common way of ensuring Confidentiality
Encryption
56
2 main ways of ensuring Integrity
Hash algorithms
Journaling and logging
57
Most common way of ensuring Availability
Redundancy in the overall system design
58
A structured representation of all the information that affects the security of an application. Involves using hypothetical scenarios, system diagrams, and testing to help secure systems and data.
Threat modeling
59
What practice helps prioritize vulnerability identification and patching?
Threat modeling
60
In the SDLC, when should you begin to think about security?
From the beginning: Planning and analysis and Implementation phases
61
Users and processes should be run using the least amount of access necessary to perform a given function
Lease privilege
62
The layering of security controls that is more effective and secure than relying on a single control
Defense in depth
63
The idea that any input received from a user should undergo input validation prior to allowing it to be utilized by an application
Never trust user input
64
Reducing the amount of code used by a program, eliminating unneeded functionality, and requiring authentication prior to running additional plugins is all called...
(Hint: It's not hardening.)
Minimizing attack surface
65
The idea that default installations should include secure configurations instead of requiring an administrator or user to add in additional security
Secure defaults
66
Applications should be deployed using _____ to ensure the program is not changed prior to delivery to an end user
Code signing
67
Code signing enables what?
Authenticity and integrity
68
The idea that applications should be coded to properly conduct error handling for exceptions in order to fail securely instead of crashing
Fail securely
69
SDK stands for
Software Development Kit
70
This allows a programmer to reuse code from other programmers to save time and effort.
SDK (Software Development Kit)
71
T/F: You should make sure SDKs come from trusted sources to ensure no malicious code is being added.
True
72
Black-box, white-box, and gray-box testing are all forms of what kind of testing?
System testing
73
Occurs when a tester is not provided with any information about the system/program prior to conducting the test
Black-box testing
74
Occurs when a tester is provided full details of a system including the source code, diagrams, and user credentials in order to conduct the test
White-box testing
75
Occurs when a tester is given some information of a system that they are going to test.
Gray-box testing
76
An error that occurs while the computer is running
Run-time error
77
An error that causes the computer to cease running due to a coding error
Syntax error
78
Another word for error is
Exception
79
An exception handling mechanism that provides control over what the application should do when faced with a runtime or syntax error.
SEH (Structured Exception Handling)
80
SEH stands for
Structured Exception Handling
81
A method used to verify that information received from a user matches a specific format or range of values
Input validation
82
A type of code analysis where the source code of an application is reviewed manually or with automatic tools without running the code
Static analysis
83
A type of code analysis that occurs when a program is tested while it is being executed or run
Dynamic analysis
84
Injection of randomized data into a software program in an attempt to find system failures, memory leaks, error handling issues, and improper input validation
Fuzzing
AKA fuzz test
85
Code placed in computer programs to bypass normal authentication and other security mechanisms
Backdoors
86
T/F: Backdoors are part of security best practice.
False
Backdoors are never good to use. They provide a vulnerability for an attacker to exploit.
87
A method of accessing unauthorized directories by moving through the directory structure on a remote server.
Directory traversal
88
Anytime you see ../ in a URL, what type of exploit is it?
Directory traversal
89
Occurs when an attacker is able to execute or run commands on a victim computer
Arbitrary code execution
90
Occurs when an attacker is able to execute or run commands on a remote computer
RCE (Remote Code Execution)
91
RCE stands for
Remote Code Execution
92
A vulnerability that allows RCE to occur has what classification under the CVSS?
Critical
93
An attack against a vulnerability that is unknown to the original developer/manufacturer.
Zero-day attack
94
Occurs when a process stores outside the memory range allocated by the devleoper
Buffer overflow
95
A temporary storage area that a program uses to store data
Buffer
96
T/F: Over 85% of data breaches were caused by a buffer overflow
True
97
Reserved area of memory where the program saves the return address when a function call instruction is received
Stack
98
Occurs when an attacker places too much information into a stack or changes the value of the Return Pointer to overwrite the return address of the Pointer so it will point to a different place in a stack where they have placed their malicious code.
Buffer overflow
99
Occurs when an attacker fills up a buffer with NOP so that the return address may hit a NOP and continue on until it finds the attacker's code to run
Smash the Stack
100
NOP stands for
Non-Operation Instruction
101
A piece of code that tells a program to do nothing and to go to the next piece of instruction
NOP (Non-Operation Instruction)
102
Occurs when a program goes from NOP to NOP until it hits a final return pointer, usually to malicious code.
NOP slide
103
ASLR stands for
Address Space Layout Randomization
104
A method used by programmers to randomly arrange the different address spaces used by a program or process to prevent buffer overflow exploits. The attacker has difficulty guessing where the Return Pointer is in a stack.
ASLR (Address Space Layout Randomization)
105
A security exploit that attempts to extract secrets from a chip or a system. This can be achieved by measuring or analyzing various physical parameters. Examples include supply current, execution time, and electromagnetic emission.
Side-channel attack
106
An attack where the attacker attempts to put more data into memory than it is designed to hold
Buffer overflow
107
Occurs when an attacker embeds malicious scripting commands into a trusted website. This allows the attacker to steal the victim's cookies or steal other information from a victim's web browser.
XSS (Cross-site scripting)
108
In a XSS attack, is the victim the website, or the viewer?
The viewer
109
This XSS attack attempts to get data provided by the attacker to be saved on the web server by the victim
Stored/persistent XSS
110
This XSS attack attempts to have a non-persistent effect activated by a victim by clicking a link on the site
Reflected
111
This XXS attack attempts to exploit the victim's web browser.
DOM-based (Document Object Model)
AKA client-side XSS
112
Part of a user's web browser that is an API for web documents (HTML and XML). It defines the logical structure of documents and the way a document is accessed and manipulated.
DOM (Document Object Model)
113
The process of ensuring that any data sent to a client is safe and won't cause unintended consequences on the client side. It transforms user-supplied or untrusted data into a safe format that does not interfere with the intended functionality or appearance of a web page.
Output encoding
114
The process that prevents malicious or inappropriate data from entering your system.
Input validation
115
The 2 main ways to prevent XSS (as the website programmer)
Output encoding
Input validation
116
2 main ways to protect yourself (as the end user) from XSS
Increasing security settings for cookie storage
Disabling scripting languages when browsing the web
117
An attack that exploits the trust that a user's web browser has in a website
XSS (cross-site scripting)
118
An attack that exploits the trust that a website has in a user's web browser
XSRF (cross-site request forgery)
AKA CSRF
119
Occurs when an attacker forces a user to execute actions on a web server for which they are already authenticated
XSRF (cross-site request forgery)
AKA CSRF
120
An attack in which an attacker sends a command to a web server through a user's existing authenticated session.
XSRF (cross-site request forgery)
AKA CSRF
121
4 ways to prevent XSRF (as the website programmer)
Require tokens (captcha)
Encryption
XML file scanning (scan any XML files sent to the server)
Cookie verification (require users to submit their cookies twice for verification)
122
An attack consisting of the insertion or injection of an SQL query via input data from the client to a web application
SQL injection
123
An attack that involves the insertion of additional information or code through data input from a client to an application
Injection attack
124
The 4 most common languages used in injection attacks
SQL
HTML
XML
LDAP
125
Which language is by far the most commonly used in injection attacks?
SQL
126
What key is used before code to treat the code as executable even if it is written in quotes?
` (called escape character, backquote, etc.)
127
How to prevent SQL injection (as a website programmer)
Input validation
Least privilege
128
What is the number one best thing you can do to prevent any type of injection attack?
Input validation
129
Anytime you see `OR 1=1 what type of attack is it? What should you do to prevent it?
SQL injection
Input validation
130
XML data submitted without encryption or input validation is vulnerable to what 3 attacks?
Spoofing
Request forgery
Injection of arbitrary code
131
A type of attack where XML encodes entities that expand to exponential sizes, consuming memory on the host and potentially crashing it
XML bomb
AKA Billion Laughs attack
132
A way of representing data within an XML document without using the data itself
XML entity
133
An attack that embeds a request for a local resource
XXE (XML eXternal Entity) attack
134
An XXE attack is similar to what type of attack?
File inclusion
135
A type of vulnerability that allows an attacker to include a file, usually exploiting a "dynamic file inclusion" mechanism implemented in the target application.
File inclusion vulnerability
136
]>
&xxe;
This is an example of what type of attack?
XXE (XML eXternal Entity)
Note the inclusion of the file file:///etc/shadow. The attacker is trying to do a file inclusion through XML, which is an XXE attack.
137
Best way to keep XML vulnerabilities from being exploited?
Input validation
138
T/F: XML vulnerability, XML exploitation, and XML injection all mean the same thing
True
139
Easily defineable traits different between XML and JavaScript/HTML?
HTML and JavaScript have defined tags.
In XML, you can make the tags say anything you want.
140
Tags that say or are using what type of language?
HTML
141
Tags that say are using what type of language?
XML
142
A software vulnerability when the resulting outcome from execution processes is directly dependent on the order and timing of certain events, and those events fail to execute in the order and timing intended by the developer
Race condition
143
A vulnerability found where multiple threats are attempting to write a variable or object at the same memory location
Race condition
144
A software vulnerability that occurs when the code attempts to remove the relationship between a pointer and the thing it points to
Dereferencing
145
Dirty COW is a type of what kind of exploit?
Race condition exploit
COW stands for Copy On Write
Allowed attackers to write to a file where they were only supposed to have read access
146
The potential vulnerability that occurs when there is a change between when an app checked a resource and when the app used the resource
TOCTOU (Time of Check to Time of Use)
AKA TOCTTOU
AKA TOC/TOU
147
TOCTOU stands for
Time of Check to Time of Use
148
Difference between a race condition and TOCTOU vulnerability?
The race condition is when two processes attempt to access a resource at the same time.
TOCTOU is caused by a race condition, and it involves a piece of data changing between the time a process checks a piece of information and the time it uses the information.
149
2 ways to prevent a TOCTOU vulnerability
Develop applications to process things in parallel rather than sequentially if possible
Implement a locking mechanism to provide an app or user exclusive access to a resource
150
Vulnerabilities often arise from what?
General design of code
151
Any code that is used or invoked outside the main program development process
Insecure components
152
Code reuse
Third-party library
SDK (Software Development Kit)
These are all examples of outside code being brought in. What are they called? And what do they bring in?
Insecure components
Vulnerabilities
153
Caused by any program that doesn't properly record or log detailed enough information for an analyst to perform their job
Insufficient logging and monitoring
154
Describes any program that uses ineffective credentials or configurations, or one in which the defaults have not been changed for security
Weak or default configurations
155
2 best practices to secure configuration?
Utilize scripted installations
Use baseline configuration templates
156
An attack in which the attacker takes over a web user's session by obtaining the session ID and masquerading as the authorized user.
Session hijacking
157
The insertion of malicious data, which has not been validated, into a HTTP response header.
Header manipulation
158
The model used to explain network communications between a host and remote device over a LAN or WAN
OSI Model
159
Please Do Not Throw Sausage Pizza Away stands for
The 7 layers of the OSI model
Physical
Data link
Network
Transport
Session
Presentation
Application
160
What are the data units at the Physical layer?
Bits
161
The OSI layer that represents the actual network cables and radio waves used to carry data over a network
Layer 1: Physical layer
162
The OSI layer that describes how a connection is established, maintained, and transferred over the physical layer and uses physical addressing (MAC addresses)
Layer 2: Data link layer
163
What are the data units at the Data link layer?
Frames
164
The OSI layer that uses logical address to route or switch information between hosts, the network, and the internetworks
Layer 3: Network Layer
165
What are the data units at the Network layer?
Packets
166
The OSI layer that manages and ensures transmission of the packets occurs from a host to a destination using either TCP or UDP
Layer 4: Transport layer
167
An example of a connectionful protocol
TCP
168
An example of a connectionless protocol
UDP
169
What are the data units at the Transport layer?
Segments (TCP)
Datagrams (UDP)
170
The OSI layer that manages the establishment, termination, and synchronization of a session over the network
Layer 5: Session layer
171
The OSI layer that translates the information into a format that the sender and receiver both understand
Layer 6: Presentation layer
172
The OSI layer from which the message is created, formed, and originated. Consists of high-level protocols like HTTP, SMTP, and FTP
Layer 7: Application layer
173
The attempt to overwhelm the limited switch memory set aside to store the MAC addresses for each port
MAC flooding
174
Switch memory set aside to store the MAC addresses for each port
CAM (Content Addressable Memory) table
175
CAM stands for
Content Addressable Memory
176
What it's called when, due to MAC flooding, a switch begins to act like a hub
Fail-open
177
Occurs when an attacker masks their own MAC address to pretend they have the MAC address of another device
MAC spoofing
178
MAC spoofing is used in conjunction to what other type of attack?
ARP spoofing
179
Switches are vulnerable to what 3 type of attacks?
MAC spoofing
MAC flooding
Physical tampering
180
Occurs when an attacker attempts to gain physical access to a device in order to modify it
Physical tampering
181
The device used to connect two or more networks to form an internetwork
Router
182
What layer of the OSI model do routers operate?
Layer 3: Network
They make their decisions based on IP addresses
183
What layer of the OSI model do switches operate?
Layer 2: Data link
They make their decisions based on MAC addresses
184
What kind of request does a router perform to find the destination host in the destination network?
ARP request
185
An ordered set of rules that a router uses to decide whether to permit or deny traffic based upon given characteristics.
ACL (Access Control List)
186
ACL stands for
Access Control List
187
Most networks are segmented into 3 separate zones. What are they?
LAN
DMZ
WAN
188
T/F: The tunnels used in HTTPS connections are a type of VPN
True
189
A network segment that is focused on providing controlled access to publicly available servers that are hosted within your organizational network. It also separates the LAN from publicly accessed resources.
DMZ (Demilitarized Zone)
190
A specialized type of DMZ that is created for your partner organizations to access over a WAN
Extranet
191
A type of private network that is used when only one company is involved
Intranet
192
Any host that accepts inbound connections from the internet
Internet-facing host
193
What is the relationship between a LAN, DMZ, and WAN (the internet)?
The DMZ is the only network segment that is internet-facing, meaning that the resources in it are open and waiting for a connection. The DMZ holds publicly-accessed resources.
The internet would not be able to connect with machines in the LAN; they are NOT internet-facing. They have access to the internet, but since they are not waiting for a connection from the internet, they aren't internet-facing.
194
A network segment isolated from the rest of the private network by one or more firewalls that accepts connections from the Internet over designated ports
DMZ (Demilitarized zone)
195
DMZ stands for
Demilitarized zone
196
T/F: Everything behind the DMZ (the machines in the LAN) is invisible to the outside network
True
197
T/F: Because systems inside the DMZ are internet-facing and thus not fully trusted, you should do your best to harden them.
True
198
A host or server in the DMZ which are not configured with any services that run on the local network
Bastion host
199
T/F: Every host inside a DMZ should be a bastion host
True
Bastion hosts are more easily hardened.
200
A hardened server in the internal network that provides access to other hosts within the DMZ
Jumpbox
201
Since hosts in the DMZ are not fully trusted, what type of internal network resource is used to configure hosts in the DMZ?
Jumpbox
They are extremely hardened and secure, so the risk is very small for attackers to infiltrate a jumpbox and pivot into the internal network
202
A security technique in which devices are scanned to determine their current state of security prior to being allowed access onto a given network. While the devices are being scanned, they are placed into a virtual holding area.
NAC (Network Access Control)
203
NAC stands for
Network Access Control
204
What happens to a device if it passes the NAC examination?
It is allowed into the network
205
What happens to a device if it fails the NAC examination
It is placed into digital quarantine where it awaits remediation
It may receive AV updates, patches, etc., but it can't communicate with the rest of the network. Once it meets requirements, it's allowed into the network.
206
A piece of software that is installed on the device requesting access to the network. Works well in a corporate environment.
Persistent agent
207
Software that NAC uses to scan devices before allowing them into the network
Persistent and Non-persistent agents
208
A piece of software that scans a device remotely or is installed and subsequently removed after the scan
Non-persistent agent
209
What does IEEE 802.1x define?
Port-based NAC mechanism
210
When an attacker moves from VLAN to VLAN
VLAN hopping
211
When an attacker configures their device to pretend it is a switch and uses it to negotiate a trunk link to break out of a VLAN
Switch spoofing
212
The physical links between switches or between switches and routers
Trunk links
213
4 ways to prevent switch spoofing?
Disable DTP (Dynamic Trunking Protocol) on all switches
Avoid default VLAN names
Explicitly forward frames
Place all unplugged ports into an unused VLAN
214
DTP stands for
Dynamic Trunking Protocol
215
A security protocol that allows two switches to negotiate whether to form a trunk link or not
DTP (Dynamic Trunking Protocol)
216
When an attacker adds an additional VLAN tag to create an outer and inner tag
Double tagging
217
How to prevent double tagging?
Move all ports out of the default VLAN group
218
The act of creating subnetworks logically through the manipulation of IP addresses
Subnetting
219
What security practice can:
Compartmentalize a network
Efficiently use IP addresses
Reduce broadcast traffic
Reduce collisions
Subnetting
220
Occurs when two or more devices attempt to transmit data over a network at the same time
Network collision
221
The process of changing an IP address while it transits across a router
NAT (Network Address Translation)
222
NAT stands for
Network Address Translation
223
What is used to hide internal network IPs?
NAT (Network Address Translation)
224
Used when a router keeps track of requests from internal hosts by assigning them random high number ports for each request. The router uses a single public IP address that is used for every private IP address in the internal network. The router keeps track of which private IP is sending each request by assigning the port number.
PAT (Port Address Translation)
225
The most common type of NAT
PAT (Port Address Translation)
226
Which class of private IP addresses has the ranges:
10.0.0.0 - 10.255.255.255
Class A
227
Which class of private IP addresses has the ranges:
172.16.0.0 - 172.31.255.255
Class B
228
Which class of private IP addresses has the ranges:
192.168.0.0 - 192.168.255.255
Class C
229
The loopback address in a TCP/IP network
127.0.0.1
230
The term used to describe a device that provides voice communication to users
Telephony
231
A device that could modulate digital information into an analog signal for transmission over a standard dial-up phone line
Modem
232
When an attacker begins dialing random phone numbers to see whether a modem answers on the other side.
Servers used to have dial-up modems to allow remote technicians to dial into the server and make changes. This could be exploited by an attacker using this method.
War dialing
233
How to protect dial-up resources from war dialing?
Using the callback feature
234
A feature when a caller calls a dial-up server. The server hangs up and, if the server recognizes the phone number, it will call the number back and initiate the connection.
Callback feature
235
Internal phone system used in large organizations. It runs all the internal phone lines for the company.
PBX (Private Branch Exchange)
236
PBX stands for
Private Branch Exchange
237
Why would an attacker try to exploit a PBX system?
Free long-distance phone calls
238
Digital phone service provided by software or hardware services over a data network
VoIP (Voice over Internet Protocol)
239
VoIP stands for
Voice over Internet Protocol
240
What is replacing PBX systems?
VoIP
241
What is the difference between a regular desk phone and an IP phone?
It takes a network cable instead of a phone cable
242
What is the biggest concern for VoIP? Why?
QoS (Quality of service)
VoIP takes up a lot of bandwidth
243
QoS stands for
Quality of Service
244
A security software solution that can control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.
NAC (Network Access Control)
245
T/F: A jumpbox is only used for configuration purposes
False
A jumpbox can be used in any situation in which communication is needed between trusted and untrusted devices/networks.
For example, if you need to connect vulnerable laptops to a secure network, you would implement a jumpbox system between them.
246
T/F: NAC is used only for security compliance purposes
False
NAC also enforces policies that allow where users can go on the network and what they can do
