Class 9 August 2018

A vulnerability assessment is the most effective method for security professionals to find weaknesses in systems and networks. The vulnerability assessment is passive and does not cause damage to a system. It’s important to address any vulnerabilities discovered through a vulnerability assessment. Attackers have access to the same tools and if you can discover the weakness, they can too. Some common tools used for vulnerability assessments include Nmap and Nessus. List how the tool of Nessus is function for vulnerability assessment tools.

Amar has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the external gateway interface. Further inspection reveals that they are not responses from the internal hosts' requests but simply responses coming from the Internet. Analyze this type of attack likely cause.

A firewall is a crucial component of securing your network and is designed to address the issues of data integrity or traffic authentication. Our network gains these benefits from a firewall by receiving all transmitted traffic through the firewall. The importance of including a firewall in your security strategy is apparent; however, firewalls do have the limitations. Identify TWO(2) limitation of firewall.

In keeping with the best practices of layered security, determine the best places to place intrusion detection and intrusion prevention systems. Explain your answer.

Roni has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on the public side of the demilitarized zone, unprotected by a firewall or filtering router. Identify the device and illustrate how the device can protect Roni network.

Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company's network security. No employees for the company, other than the IT director, know about Shayla's work she will be doing. Shayla's first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee's access badge and uses it to gain unauthorized access to the Treks Avionics offices. Discuss the type of threat the Shayla involve.

Network layer firewall works as a

• Frame filter

• Packet filter

• Both Frame as well as Packet filter

• None of the mentioned

Network layer firewall has two sub-categories as

• State full firewall and stateless firewall

• Bit oriented firewall and byte oriented firewall

• Frame firewall and packet firewall

• None of the mentioned

A firewall is installed at the point where the secure internal network and untrusted external network meet which is also known as __________

• Chock point

• Meeting point

• Firewall point

• Secure point

Which of the following is / are the types of firewall?

• Packet Filtering Firewall

• Dual Homed Gateway Firewall

• Screen Host Firewall

• All of the mentioned

A proxy firewall filters at?

• Physical layer

• Data link layer

• Network layer

• Application layer

What is one advantage of setting up a DMZ with two firewalls?

• You can control where traffic goes in three networks

• You can do stateful packet filtering

• You can do load balancing

• Improved network performance

A stateful firewall maintains a ___________ which is a list of active connections?

• Routing table

• Bridging table

• State table

• Connection table

A(n) ____ is a fancy term for a computer that has two network interfaces.

• Proxy gateway

• Duel-homed host

• Routing workstation

• NAT server

The ____ server in the DMZ needs only list a limited number of public IP addresses.

• DNS

• NAT

• Proxy

• Firewall