NETWORK SECURITY

Question 1

Freedom from risk, danger, doubt, anxiety, and fear.

Answer 1

Security

Question 2

Why do we need Security?(3)

Answer 2

• Protect vital information while still allowing access to those who need it.
• Provide authentication and access control for resources.
• Guarantee availability of resources.

Question 3

Who is vulnerable?(7)
(possible quesion?)

Answer 3

• Financial institutions and banks
• Internet service providers
• Pharmaceutical companies
• Government and defense agencies
• Contractors to various government agencies
• Multinational corporations
• ANYONE ON THE NETWORK

Question 4

Common Security Attacks and their Countermeasures

attacks = countermeasures

Answer 4

• Finding a way into the network = Firewalls
• Exploiting software bugs = Intrusion Detection Systems
• Denial of Service = Ingress Filtering
• TCP Attacks/ hijacking = IPSec
• Packet Sniffing = Encryption
• Social Problems = Education lol

Question 5

is like a castle with a drawbridge.
Only one point of access into the network.

Answer 5

Firewall

Question 6

Used to monitor for suspicious activity on a network.
Uses “intrusion signatures”

Answer 6

Intrusion Detection

Question 7

Can take a dictionary of words, crypt() them all, and compare with the hashed passwords.

Answer 7

Dictionary Attack

Question 8

Make a network service unusable, usually by overloading the server or network.

Answer 8

Denial of Service (DOS)

Question 9

Different kinds of DoS attacks(4)

Answer 9

1. SYN flooding
2. SMURF
3. Distributed attacks/ denial of service
4. Mini Case Study: Code-Red

Question 10

Send packets with bogus source address

Answer 10

SYN flooding
(Synchronous)

Question 11

Large number of machines respond back to victim, overloading it

Answer 11

SMURF

Question 12

Same techniques as regular DoS, but on a much larger scale.

Answer 12

Distributed Denial of Service

Question 13

launched a DDOS attack against www1.whitehouse.gov from the 20th to the 28th of every month
Spent the rest of its time infecting other hosts.

Answer 13

CodeRed

Question 14

host may trick destination into believing that the packet is from a trusted source.

Attacker can insert malicious data into the TCP stream, and the recipient will believe it came from the original source

Answer 14

TCP Attacks

Question 15

Encrypts data before transport.

Answer 15

IPSec

Question 16

Other hosts listening on the wire from sent packets to detect collisions.

Answer 16

Packet Sniffing

Question 17

People can be just as dangerous as unprotected computer systems.

Answer 17

Social Problems