Scribd
Upload
41 views8 pages

LAN Security and Firewall Insights

Uploaded by

Fares Salman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
41 views8 pages

LAN Security and Firewall Insights

Uploaded by

Fares Salman
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Q

It is possible to break LAN security through the dail in route. Without dail up access controls, a caller can
dial in and try passwords until they gain acces

TRUE

A dial back modem may be used to prevent access by guessing passwords.

TRUE

Twin line dial back modems

Dial back modems are available that are connected to two individual telephones. one is used for
incoming calls and the second is used to call back the user on the known telephone number.

Router packet filtering firewalls

Packet header have information in them, including the IP address of the sender and receiver and the
authorized port numbers allowed to use the information transmitted. Base onthat information the
router know what kind of internet service, such as web based or FTP, is being used to send the date as
well as the identitied of the sender and reciver of the data.

Possible attacks in packet filtering firewalls


A

IP spoofing, Source routing specification and miniature fragment attack.

Application firewall systems

Disadvantages are poor performance and scalability as internet usage grows

Stateful inspection firewall

It keeps track of the destination IP address of each packet that leaves the organizations internal
network. whenever the response to the packet is received its record is referenced to ascertain and
ensure that the incoming message is in response to the request that went out from the organization.

problem faced firewall

Most firewalls operate at network layer, therefore they do not stop any application base or input based
attack

example of such attacks in application layer

SQL injection, buffer overflow attacks.

10

Q
components of IDS

Sensors that are responsible for collecting data, Analyzer that receive input from sensors and determine
intrusive activity, An administrative control, A user interface

11

Types of IDS

Signature based, statistical based, and Neural based

12

Neural based IDS

are similar to statistical model but with added self learning functionality

13

IDS cannot help following weakness

weakness in policy definition, application level vulnerabilities, back door in the applications, weakness in
identification and athentication schemes

14

Two types of Honey pots

High interactionn , Low interaction

15
Q

Heuristic scanning tools

are a type of virus scanning used to indicate possible infected codes

16

what is the most prevalent security risk when an organisation implements remote VPN access to its
network

Malicious code could be spread across the network

17

Establishing controls to handle concurrent access problems is a preventive control

Study These Flashcards

TRUE

18

Implementing data backup and recovery procedure is a corrective control, because backup and recovery
procedure can be used to rollback database errors

Study These Flashcards

TRUE

19

An ITF is considered a useful audit tool because it uses the same programs to compare processing using
independently calculated data
Study These Flashcards

TRUE

20

A benefit of open system architecture is that it

Study These Flashcards

facilitates interoperatability

21

Open system are those for which suppliers provied components whose interfaces aer defined by public
standards, thus facilitating interoperability between systems made by different vendors

Study These Flashcards

TRUE

22

Prototyping is the development of a system through controlled trial and error

Study These Flashcards

TRUE

23

when using public key encryption to secure data being transmitted across a network

Study These Flashcards


A

the key use to encrypt is public, but the key used to deycrypt the data is private

24

symmetric key systems use single, secret, bidirectional keys

Study These Flashcards

TRUE

25

In asymetric encryption process, two keys ork together as pair. One key is ued to encrypt data and other
is used to decrypt data. Either key can be used to encrypt or decrypt but once the key has been used to
encrypt data, only its partner can be used to decrypt the data

Study These Flashcards

TRUE

26

If asymmetric keys were used to encrypt bulk data

Study These Flashcards

the proces would be very slow, this is the reason they are used to encrypt short messages such as digest
or signatures

27

A common form of asymmetric encryption is RSA

Study These Flashcards


A

TRUE

28

common type of message digest algorithms are SHA1, MD2, MD4 and MD5

Study These Flashcards

There algorithms are one way functions unlike private and public key encryption algoritms. This process
of creating message digest cannot be reversed

29

digital signature is a cryptographic method that ensures

Study These Flashcards

Data integrity, Authentication and Non repudiation

30

digital signatures and public\ Key encryption are vulnerable to man in the middle attacks wherein the
senders digital signature private key and public key may be faked

Study These Flashcards

TRUE

31

To protect against Man in the middle attacks and independent authority has been designed

Study These Flashcards


A

TRUE

You might also like