Perkins.Larry.Test2Part1x

calvesnorthΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

68 εμφανίσεις

IST 462





NAME
Larry Perkins

Test 2, Part 1



After answering the following questions, name your file:



LastName.FirstName.Test2Part1


and save your file in the correct folder on Blackhawk.



1.

Define the term
back door

and explain how one is created.



A back door is an alternate way to access a website or system generally though
unauthorized or illegal
accounts and/or login credentials
.



2.

Explain the concept of
DNS poisoning.

What kind of addresses are used?




DNS
poisoning can be used to prevent intrustion by directing specified IP addresses to an
alternate location.

However, it can be used maliciously to direct users to an alternate site as well.





3.


DNS spoofing
is a specific form of DNS poisoning. Explain h
ow DNS spoofing works.



DNS spoofing sets up a faulty DNS address in order to redirect traffic to an undesired
location.






4.

Define
ARP poisoning
and explain how this can take place.

What kind of addresses are
involved in this type of attack
?



ARP
occurs when an attacker alters the MAC address to redirect traffic to an unwanted
location.









5.

What is
war driving
? Is it illegal?



War driving is achieved by going down the street or other location using a scanner to
search for wireless networks.

It is not illegal

if the scanning is passive
.





6.

Suppose a company owns an IP address of 198.60.18.0/24. Through subnettin
g they want
to create four equal
-
size subnets.


A.

How many bits will this subnetting require?




255



B.

Where are these bits
located?



In the last octet xxx.xxx.xxx.0



C.

Give two ways this can improve network security.



By subnetting to private IP addresses or using proxy.






7.

Describe the concept of a
VLAN
. How does this improve network security?



VLAN represents given IP addresses with “virtual” IP addresses. This prevents
unwanted users from seeing the real ip addresses on a network.







8.

Describe how
NAT
works. What kind of addresses are involved? Explain how it works.




Network address tra
nslation
is used to translate many IP addresses into few addresses.
Therefore when information is being sent from or intended for an address, the translation of the
few addresses translate the address to the many addresses and the information is still
delivered/sent.









9.

Explain the concept of a
honey pot
. How does this improve network security?



A honeypot is

a machine specifically set up to

intercept or lure in intrusion attempts
.
This machine can be used as a filter and also to anaylse

attacks.





10.

Explain what a
DMZ
is and
describe
how it enhances network security.



A demilitarized zone is

a specific area on a network

used to isolate sensitive
parts of the
network

from the ma
i
n infrastructure to prevent them from being compromised
.






11.

Explain how a
NAC
works. How does it enhance network security?



Network access control allows only certain users to access certain networks. This
prevents unwanted users from accessing certain networks.






12.

In the Windows NAC system, what

happens if a client is not approved for connection to
the network?



They are asked for credentials for login name and password.






13.

In Lab 4.2 we monitored FTP data using what program?






14.

Does FTP encrypt data in transit? Explain.



No. File transfer does not include any encryption inherently, however other encryption
can be used in conjunction with FTP programs to provide security.


15.

Explain the following Snort rule:



Log icmp any any
-
> 192.168.21.0/24 111



This command will c
reate a log file for any activity by any user with address
192.168.21.0/24.





16.

What type of network attack is shown in the following figure?



DNS spoofing.