Buscar
Estás en modo de exploración. debe iniciar sesión para usar MEMORY

   Inicia sesión para empezar

level: Chapter 5

Questions and Answers List

level questions: Chapter 5

QuestionAnswer
what does mean Asset ?everything valuable (Docs, Info’s, etc.)
what does mean Threat ?Danger to Asset (Hacker, SW BUG, Environmental Disaster)
what doe smean Vulnerability ?Vulnerability: Weakness (old Bug, missing Patch)
what is the three type of mitigation ?1- logical/technical mitigation 2-physical mitigation 3-Administrative
how we apply logical mitigation ?Type 1: Technical/Logical Mitigation: - Choosing the Correct Firewall - Choosing the Correct IPS - Choosing the Correct Design!
how we apply Administrative mitigation ?- Things that you (The Network Admin.) decides and consider - Like Policies & Procedures (The company agreed policies & procedures) - Written documents - Background check for new employees - Security awareness/periodically. and password length, complexity, and age of the password .
what is the alternatives for password ?- 2 Factor/Multi-Factor Authentication - Done by using some biometrics and certificates. - Besides passwords - Can be Physical Card (Identity Card) - One-Time Password (Mobile phone App) - Iris Scan, Fingerprints, Face recognition .
what is physical mitigation ?This is an in-reality protection - like securing the devices inside racks - racks should have licked metal/glass door - all racks should be installed in a secured DC - Racks and DCs can be secured using Keys, Cards, Fingerprints
what if the device wasn’t locked properly (physically) , if someone did connect to the Console/AUX ports!!!!Console and Auxiliary ports can be protected - either by configuring a specified password for each port . - or by using a local credentials and applying them upon the ports .
how we protect privilege mode ?*even if a user did login to a device, limit his access by assigning “enable secret/password” use command enable password 1234567
what command we must use to protect AUX and console ports ?line console/aux 0 password 2456789 login end
how we can set local credential ?command : username afaf privilege 15 password 12356 line console 0 login local end
what is VPN ?Virtual Private Networks (VPN) - How Virtual? And How Private? - Tunnels will be established - Full separation - End-to-End Encryption
what is the 2 type of VPN ?- site to site vpn - client vpn
what is the 2 type of site to site vpn ?- Peer-to-Peer VPN : - needs and IGP for Routing and Forwarding (Underlay) - the IGP will be exchange at the edges with the ISP - Overlay VPN : - obtain a circuit from the ISP - IGP will be yours all the way
what is client vpn ?- Client VPN - for an end user - requires a software - established remotely - credentials are needed - the Tunnel will be “PC – Router”
what is ACL ?Access Control List (ACL) - specific permissions for users/ networks - allow or deny rules only - allow or deny some hosts/networks from internet . - applying these specification on ports not the whole of router .
what is the types of ACL ?- Standard: uses source host/network to decide the permissions - range of 1-99 - NO specific permissions . - Extended: uses source & destination hosts/networks/ports/services - range of 100-199 . - specific in detail permissions. - Named: A Combination, Hierarchy Mode, Name . we apply ACL on checkpoints (inside/outside) .
some important command of standard ACL ?- access-list <give number> deny 10.10.10.1 0.0.0.3 - acces-list <give nimber> permit any -to applly it inside interface : ip access-group <give number> out/ins sho access-lists
some important command of Extended Named ACL ?- ip access-list extended Afaf - deny ip 19.10.10.1 10.10.1.0.0 0.0.0.15 --> deny this network from reaching this network . - deny ip host 19.10.10.1 10.10.1.0.0 0.0.0.15 --> deny this host from reaching this network . - permit ip any any . - applying it on interface : ip access-group Afaf in
what is port security ?- Switch Ports connects you immediately - A limitation is needed to the switch ports - This limitation includes: - The No. of learned MAC Addresses. - Only “Statically” assigned MAC Addresses are allowed to connect. - A combination of the 2 above.
important things i should do when applying port security ?*All Cisco Switch Ports are “Dynamic” by Default, Make them Access *Static Ports DON’T have timers, assign timers *Those “Statically” assigned MACs are called “Sticky”
What will be the reaction when an unallowed MAC/s hits? (port security)Violation the Behavior : 1-Shutdown the port (Default) 2-Protect (Silently) 3-Strict (log it)
what is DHCP snooping ?- Rouge DHCP Servers will respond to your “Discovery” message. - Computers will take/accept the first offer they receive. - Snooping will trust an interface to make it the: Only interface allowed to receive Broadcast Messages. - Applied on a specific VLAN . *Rouge Servers will Act as a “Man in the Middle”, which is an attack.
important command in DHCP snooping ?ip DHCP snooping vlan 1 - apply it on specific interface : ip dhcp snooping trust . - then go to the trusted dhcp server : ip dhcp rely information trust-all .
what is DAI ?Dynamic ARP Inspection ARP is a Broadcast, thus, everyone will know about you trying to Reach your GW for any purpose - Someone might manipulate you and claim that he is the GW!!!! *Man in the Middle detected - DAI will allow only trusted interfaces to receive and forward Broadcast.
how DAI will work ?- It will cooperate with the DHCP Snooping DB to perform - After inspecting, it will either Forward the ARP, or Drop it (LOG) *Static IPs don’t use DHCP, SO!! Drop the ARP ! solution ? Trust the Port , Or Create ARP ACL
what is AAA ?Authentication, Authorization, and Accounting - AAA are the Security mechanisms for the MGM Plane - you can control everything about everyone allowed/denied From accessing the Network .
Authentication ?- Verifies Credentials - Contacts the AAA Server to check the eligibility of those Credentials.
Authorization ?- Determines the Credentials Powers - Contacts the AAA Server to check the Privileges of those Credentials
Accounting ?- Determines some Limitations - Calculates Statistics