Switching Errors
Occur when data packets are misdirected or dropped as they move through a network switch
Broadcast Storms
Happen when there is a layer 2 network loop, which often occurs due to improper configuration of the STP
VLAN Mismatch
Occurs when two switches connected by a trunk are configured with different VLAN settings
Duplex Mismatch
Occurs when the two ends of a network link have different duplex settings
Routing Errors
Typically caused by misconfigurations, incorrect routing tables, or unstable network conditions
Routing Loops
Happen when a packet gets stuck in a continuous cycle between routers without ever reaching its destination. Can be caused by incorrect routing table entry
Incorrect Subnet Masks
Occur when the subnet mask associated with an IP address is not configured correctly
Route Flapping
Occurs when a network route frequently changes state, causing instability in routing tables
VPN and Tunnel Errors
Occur when encrypted communication tunnels face disruptions due to misconfigurations, expired credentials, or encryption failures
Insecure Routing
Occurs when routing protocols or configurations lack proper security measures
Configuration Drift
Gradual and often unnoticed changes in network configurations over time
Signature-Based Detection
Compares network activity to known threat patterns, but it can miss new or sophisticated attacks
Behavioral Analysis
Looks for deviations from normal network behavior, which can highlight suspicious activity even if no known threat signature is present
Anomaly Detection
Uses machine learning to flag irregular patterns outside predefined baselines, adding protection
DNSSEC
Domain Name System Security Extensions
Secure name resolution by digitally signing DNS data
Zone Transfers
Replicate DNS databases but can be attacked if misconfigured
DNS/Cache Poisoning
Attack where false DNS data is injected into a DNS resolver’s cache
Sinkholing
Defensive technique that redirects malicious traffic to a controlled sinkhole server
DNS Zone
Portion of the DNS namespace that a specific DNS server or a group of servers manages
SPF
Sender Policy Framework
Specifies permitted mail servers for a domain to prevent email spoofing
Stored in DNS, specify domains and IP ranges authorized to send emails
DKIM
Domain Keys Identified Mail
Adds a digital signature to verify email integrity and sender authenticity
Does not fully prevent spoofing, often combined with DMARC
DMARC
Domain-based Message Authentication, Reporting, and Conformance
Provides email authentication and policy enforcement using SPF and DKIM results (ie if they fail SPF/DKIM, reject, quarantine, or mark as suspicious)
S/MIME
Secure/Multipurpose Internet Mail Extensions
Enables encryption and digital signatures in email messages
Network Access Control List Issues
Arise when incorrectly configured rules allow inappropriate network traffic or block legitimate network traffic
-
Governance28
-
Risk Management19
-
Compliance33
-
Resilient System Design45
-
Secure Architecture Design16
-
Security in Systems38
-
Access, Authentication, Authorization5
-
Hardware Security7
-
PKI Architecture39
-
Troubleshooting IAM15
-
Troubleshooting Network Infrastructure26
-
Cloud Security31
-
Specialized System Security9
-
Automated Security Operations7
-
Integrated Security and Automation16
-
Artificial Intelligence17
-
Vulnerabilities and Attacks26
-
Detection and Mitigation7
-
Threat Modeling Considerations5
-
Threat Modeling Frameworks15
-
Attack Surface Determination11
-
Indication Analysis19
-
REVIEW217
-
Cryptographic Types13
-
802.1x and Authentication Protocols9
