Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
- Segmentation is the process of breaking up a wireless network into smaller sub-nets that have
controlled access between them. In the case of an attack, these sub-nets allow us to block access to
other parts of the network.
3. If we needed a command-line tool that could sniff network traffic, what tool might we use?
- TCPDump
- WEP, WPA,
- Kismet
- To bait in potential attackers and see their methods. This allows us to see how a malware ware works,
see what attackers may want, or identify IPS that are an outside threat.
- to monitor for unusual spikes in network traffic that can signal an attack.
8. What would we use if we needed to send sensitive data over an untrusted network?
- a VPN
- We could use a DMZ to protect our mail server. The DMZ will protect the server and networks from
internet-based attacks.
10. What is the difference between a stateful firewall and a deep packet inspection firewall?
- A set of tools used to attack a network. These usually consist of an exploit, sniffers and mapping tools.
3. What is the difference between a port scanner and a vulnerability assessment tool?
- Port Scanners are used to discover the networks and systems that are connected while vulnerability
assessment tools are used to point out areas where the system may be vulnerable to an attack.
- The attack area is the size of area that is open to an attack. The larger the area, the more likely an
attacker may succeed in breaking through our defenses. Every insecure area adds to the attack surface.
5. Why might we want a firewall on our host if one already exists on the network?
- They can provide more centralized monitoring and provide the environment for more complex rules
and management options.
- A method to reduce the number of available avenues through which our operating system might be
attacked.
- It stands for Execute Disable and it is Intel’s version of executable space prevention. Its used to prevent
buffer overflows.
- It prevents certain portions of the memory used by the operating system and applications from being
used to execute code. This can limit or disable buffer overflows.
9. How does the principle of least privilege apply to operating system hardening?
- I adds another level of security to the system by limiting who has what privileges and leaving only
admins with high level clearance.
10. Download Nmap from www.nmap.org and install it. Conduct a basic scan of scanme.nmap.org using
either the Zenmap GUI or the command line. What ports can you find open?