CYSE FINAL HW #6-12 | with COMPLETE SOLUTION

Document Content and Description Below

For what might we use the tool Kismet? Correct Answer: You use the kismet tool in order to find and detect wireless devices. Explain the concept of segmentation and why it might be done. Correct A ... nswer: We divide a network into multiple smaller networks each acting as its own small network called a subnet. Here we can control the flow of traffic. We may do this to prevent unauthorized network traffic or attacks from reaching portions of the network we would prefer to prevent access. What risks might be present with a permissive BYOD policy in an enterprise? Correct Answer: Having people bring their own device poses for some security vulnerabilities. With corporate machines you can force employees to update the devices and patch them for vulnerabilities. Allowing BYOD limits that because you have less control over their device. A way to solve this is to meet somewhere in the middle allowing devices as well as implementing some security measures in order to minimize the risks involved. What are the three main types (protocols) of wireless encryption mentioned in the text? Correct Answer: Wired Equivalent Privacy (WEP). Wifi Protected Access (WPA). Wifi protected access version 2 (WPA2). What tool mentioned in the text might we use to scan for devices on a network, to include fingerprinting the operating system and detecting versions of services on open ports? Correct Answer: The Nmap tool Why would we use a honeypot Correct Answer: We would use a honeypot in order to lure out an intruder. We do this by providing him with false information about vulnerabilities in the system that he then takes as bait and then we can monitor what he/she does. This can be done to provide an early warning system Explain the difference between signature and anomaly detection in IDSes. Correct Answer: Signature based IDSes works more like a usual antivirus system. It has a databse with signatures of the more common types of attacks and can usually detect them. The drawback is if the threat uses a new type of attack to bypass this IDS it can easily go by unnoticed.The anomaly based IDSes measure the present state of the network traffic against the baseline traffic to detect patterns that are not usually present with normal traffic. This can detect new attacks much easier. We may also see more false positive What technology mentioned in this chapter would we use if we needed to send sensitive data over an untrusted network? Correct Answer: The Virtual Private Network (VPNs) is an encrypted connection between two points. You would use a VPN client application that would later connect over the internet to a VPN concentrator once the connection is established all traffic through the connection will be encripted in this VPN "tunnel" [Show More]

Last updated: 3 years ago

Preview 1 out of 4 pages

Buy Now

Instant download

We Accept: