1
Q
What types of attacks are Switches vulnerable to?
A
MAC Flooding
MAC Spoofing
Physical Tampering
2
Q
What is MAC Flooding?
A
An attempt to overwhelm the limited switch memory that is set aside to store the MAC addresses for each port.
Note: If the switch gets flooded, it can “fail-open” and start sending information out to every port.
3
Q
What is MAC Spoofing?
A
This occurs when an attacker masks their own MAC address to pretend they are another MAC address.
Note: MAC spoofing is often combined with ARP spoofing attacks.
4
Q
What is Physical Tampering?
A
The attacker gains physical access to the switch and can do a number of things to it.
5
Q
What layer of the OSI Model is the switch?
A
Layer 2
Cyber Security 601
flashcards
Decks in class (118)
# Cards
-
Encryption Overview8
-
IPSec & TLS/SSL7
-
Securing Storage Devices7
-
Endpoint Analysis7
-
Securing Wireless Devices4
-
SIM Cloning, ID Theft, & Bluetooth Attacks5
-
Root of Trust2
-
Trusted Firmware8
-
Secure Processing6
-
Mobile Device Theft2
-
Security of Mobile Apps3
-
Bring Your Own Device6
-
Hardening Mobile Devices1
-
Hardening5
-
Trusted Operating System4
-
Group Policies6
-
File Systems & Hard Drives5
-
Supply Chain Assessment5
-
Root of Trust Supply Chain1
-
Hypervisors4
-
Threats to VM's5
-
Securing VM's6
-
Web Browser Security4
-
Web Browser Concerns8
-
Securing Applications3
-
Software Development12
-
SDLC Principles (Software Development Life Cycle)15
-
Testing Methods (Software)9
-
Vulnerabilities & Exploits4
-
Buffer Overflows5
-
Cross Site Scripting & Cross Site Request Forgery7
-
SQL Injection5
-
XML Vulnerabilities7
-
Race Conditions3
-
Design Vulnerabilities7
-
The OSI Model9
-
Switches5
-
Routers4
-
Network Zones4
-
Jumpbox5
-
Network Access Control4
-
VLAN's4
-
Subnetting3
-
Network Address Translation6
-
Firewalls14
-
Proxy Servers0
-
Authentication Summary7
-
Access Control Models6
-
Best Practices for Access Control5
-
Users and Groups6
-
Permissions3
-
Risk Assesment7
-
Qualitative and Quantitative Risk9
-
Methodologies and Security Controls19
-
Types of Risk6
-
Vulnerability Management4
-
Penetration Testing4
-
Training and Exercises4
-
OVAL1
-
Vulnerability Assessment Tools6
-
Password Analysis Tools10
-
Performance Baselining3
-
Protocol Analyzers6
-
Simple Network Management Protocol (SNMP)7
-
Auditing6
-
Logging9
-
Log Files5
-
Security Information and Event Management Systems (SIEM)2
-
SYSLOG10
-
Security Orchestration Automation and Response4
-
Symmetric Algorithms10
-
Asymmetric Algorithms4
-
Pretty Good Privacy3
-
One-Time Pad2
-
Cryptography Considerations4
-
Hashing13
-
Hashing Attacks7
-
Public Key Infrastructure3
-
Digital Certificates14
-
Certificate Authorities9
-
Secure/Multipurpose Internet Mail Extensions (S/MIME)3
-
More on SSL and TLS3
-
Secure Shell (SSH)4
-
VPN Protocols13
-
Planning for the Worst2
-
Redundant Power8
-
Backup Power3
-
Data Redundancy / Disk Redundancy10
-
Network Redundancy4
-
Server Redundancy4
-
Redundant Sites4
-
Data Backup4
-
Tape Rotation6
-
Disaster Recovery Plan1
-
Business Impact Analysis10
-
Policies and Procedures5
-
Data Classifications13
-
Data Ownership5
-
PII and PHI9
-
Legal Requirements3
-
Privacy Technologies5
-
Security Policies4
-
Vendor Relationships5
-
Disposal Policies6
-
IT Security Framework13
-
Incident Response Procedures9
-
Incident Response Planning9
-
Investigative Data10
-
Forensic Procedures10
-
Data Collection Procedures2
-
Security Tools Part 1 (Network Tools)10
-
Security Tools Part 2 (Network Tools)7
-
Security Tools Part 3 (File Manipulation)6
-
Security Tools Part 4 (Shells and Scripts)4
-
Security Tools Part 5 (Packet Capture)3
-
Security Tools Part 6 (Forensics)5
-
Security Tools Part 7 (Exploitation)4
-
Ports & Protocols37
