Podcast
Questions and Answers
What is a key characteristic of a bastion host?
What is a key characteristic of a bastion host?
What is a zero-day attack?
What is a zero-day attack?
What is an advantage of an IDS?
What is an advantage of an IDS?
What is a limitation of a bastion host?
What is a limitation of a bastion host?
Signup and view all the answers
What is a key feature of an IDS?
What is a key feature of an IDS?
Signup and view all the answers
What is the primary goal of a bastion host?
What is the primary goal of a bastion host?
Signup and view all the answers
What is the primary objective of Authentication in secure communications?
What is the primary objective of Authentication in secure communications?
Signup and view all the answers
What type of encryption technique is used in DES Operation?
What type of encryption technique is used in DES Operation?
Signup and view all the answers
What is the purpose of a ping sweep in reconnaissance attacks?
What is the purpose of a ping sweep in reconnaissance attacks?
Signup and view all the answers
What type of attack is difficult to eliminate because it requires little effort to execute?
What type of attack is difficult to eliminate because it requires little effort to execute?
Signup and view all the answers
What is the purpose of Integrity in secure communications?
What is the purpose of Integrity in secure communications?
Signup and view all the answers
What is the result when two identical plaintext blocks are encrypted using the same key in ECB mode?
What is the result when two identical plaintext blocks are encrypted using the same key in ECB mode?
Signup and view all the answers
What is the primary objective of Confidentiality in secure communications?
What is the primary objective of Confidentiality in secure communications?
Signup and view all the answers
What type of encryption method is used in Block Ciphers?
What type of encryption method is used in Block Ciphers?
Signup and view all the answers
What is the main disadvantage of an Intrusion Detection System (IDS)?
What is the main disadvantage of an Intrusion Detection System (IDS)?
Signup and view all the answers
What is the main advantage of an Intrusion Prevention System (IPS)?
What is the main advantage of an Intrusion Prevention System (IPS)?
Signup and view all the answers
What is one of the advantages of using an IDS over an IPS?
What is one of the advantages of using an IDS over an IPS?
Signup and view all the answers
What is the main benefit of using stream normalization techniques in an IPS?
What is the main benefit of using stream normalization techniques in an IPS?
Signup and view all the answers
What is the main disadvantage of an IPS compared to an IDS?
What is the main disadvantage of an IPS compared to an IDS?
Signup and view all the answers
What is one of the limitations of an IDS?
What is one of the limitations of an IDS?
Signup and view all the answers
Study Notes
Modes of Deployment
- Host-Based IPS and Network-Based IPS are two modes of deployment
- Promiscuous Mode and Inline Mode are two deployment modes
Alarm Triggering Mechanisms
- Alarm triggering mechanisms are used to detect and respond to potential security threats
Advantages and Disadvantages of IDS and IPS
- IDS Advantages: no impact on network, no network impact if sensor fails or is overloaded
- IDS Disadvantages: response action cannot stop trigger packets, requires correct tuning, vulnerable to network security evasion techniques
- IPS Advantages: stops trigger packets, can use stream normalization techniques
- IPS Disadvantages: sensor issues might affect network traffic, sensor overloading impacts network, some impact on network
Bastion Hosts
- A bastion host is a critical strong point in the network’s security
- Characteristics: runs secure O/S, requires user authentication, restricts features and hosts accessed, small and simple, independent, non-privileged, limited disk use
Zero-Day Attacks
- A zero-day attack is a computer attack that tries to exploit software vulnerabilities
- Zero-hour describes the moment when the exploit is discovered
Intrusion Detection Systems (IDS)
- IDS works passively, requires traffic to be mirrored, does not slow network traffic, monitors traffic offline, generates an alert when detecting malicious traffic
- Types of malicious traffic: reconnaissance attacks, access attacks, denial of service attacks
- Reconnaissance attacks include: internet information queries, ping sweeps, port scans, packet sniffers
Denial of Service (DoS) Attacks
- Types of DoS attacks include: ping of death, smurf attack, TCP SYN flood attack, packet fragmentation and reassembly, email bombs, CPU hogging, malicious applets, misconfiguring routers, chargen attack, out-of-band attacks
Securing Communications
- Authentication: guarantees message authenticity
- Integrity: guarantees message integrity, similar to a checksum function
- Confidentiality: guarantees message confidentiality, ensures captured message cannot be deciphered
Encryption
- Symmetric Encryption Techniques: block ciphers, stream ciphers
- Data Encryption Standard (DES): ECB mode serially encrypts each 64-bit plaintext block using the same 56-bit key, vulnerable to attacks if identical plaintext blocks are encrypted using the same key
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
This quiz covers the modes of deployment, alarm triggering mechanisms, and advantages and disadvantages of IDS and IPS. Test your understanding of host-based and network-based IPS and more.