Questions and Answers
Study Notes
Cryptographic Algorithms
- RSA (Rivest-Shamir-Adleman) is an asymmetric algorithm, commonly used for secure data transmission.
- Other listed algorithms (RC4, AES, DES) are symmetric algorithms.
Wireless Security Measures
- MAC Filtering allows only known devices to connect but can be bypassed if an attacker spoofs a MAC address.
- WEP (Wired Equivalent Privacy) is outdated and can be compromised in minutes via brute force.
- Disabling SSID broadcasting does not stop skilled attackers, who can still discover the SSID.
Web-Based Attacks
- Web-based attacks are likely linked to ports 80 (HTTP) or 443 (HTTPS).
- Active Directory attacks typically target port 389 (LDAP).
- Attacks on FTP servers utilize port 21, while remote desktop protocol (RDP) attacks occur on port 3389.
SAML Transactions
- SAML (Security Assertion Markup Language) facilitates user authentication and identity management via XML.
- In a SAML transaction, the User Agent requests a resource from the Service Provider (SP).
- If not authenticated, the User Agent is redirected to the Identity Provider (IdP) for credentials.
SCADA/ICS Threat Mitigation
- The quickest defensive action against a newly identified threat is to block the SCADA/ICS web interface if it is not essential for system operation.
- It’s crucial to assess if the interface is necessary before blocking to avoid disrupting operations.
- Ideally, SCADA/ICS components should be isolated from the enterprise network to enhance security.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
