CCNA EXPLORATION ACCESSING THE WAN Study Guide Chapter 4: Network ...
CCNA EXPLORATION<br />ACCESSING THE WAN<br />Study Guide<br />Chapter 4: Network Security<br /><ul><li>4.0.1What is the most important step that an organization can take to protect its network?4.1.1What balance must an organization find?As the types of threats, attacks, and exploits have evolved, various terms have been coined to describe the individuals involved. Describe some of the most common terms.Describe the seven-step process Hackers often use to gain information and start an attack.What are some of the most commonly reported acts of computer crime that have network security implications?Describe Open, Restrictive, & Closed Networks.What is the first step any organization should take to protect its data and itself from a liability challenge?What is a security policy?A security policy should meet what goals?What is ISO/IEC 27002?What are the sections of ISO/IEC 270024.1.2When discussing network security, what are the three common factors?What are the three primary vulnerabilities or weaknesses?What are the four classes of physical threats?How might you mitigate Hardware threats?How might you mitigate Environmental threats?How might you mitigate Electrical threats?How might you mitigate Maintenance threats?Describe Unstructured Threats.Describe Structured Threats.Describe External Threats.Describe Internal Threats.Describe Social Engineering.Describe Phishing.4.1.3Describe the four primary classes of network attacks.What are some possible reconnaissance attacks?What are some of the utilities external hackers can use to easily determine the IP address space assigned to a given corporation or entity?What is a ping sweep?How does the intruder use port scans?What are some common terms for eavesdropping?Describe Two common uses of eavesdropping.Why is SNMP version 1 community strings susceptible to eavesdropping?How would an intruder use a protocol analyzer?What are three of the most effective methods for counteracting eavesdropping?Why is encryption a valuable option?Describe Payload-only encryption.Describe password attacks.What are some of the tools intruders can use to implement password attacks?Describe Trust Exploitation.How might Trust Exploitation be mitigated?Describe Port Redirection.How might Port Redirection be mitigated?Describe Man-in-the-Middle Attack.Describe transparent proxy.What are some other harmful MITM attacks?How might MITM attacks be mitigated?Describe DoS attacks.Describe Pink of Death.Describe SYN flood attack.What are some other DoS attacks?Describe DDoS Attacks.What are the three typical components to a DDoS attack?What are some Examples of DDoS attacks?Describe Smurf attacks.How might DoS and DDoS attacks be mitigated?Describe Malicious Code Attacks.Describe the anatomy of a worm attack.How might Worm attacks be mitigated?How might Viruses & Trojan Horse attacks be mitigated?4.1.4Describe Device Hardening.Why use Antivirus software?Why use Personal Firewalls?Why use Operating System Patches?Describe Intrusion Detection and Prevention.Describe Host-based Intrusion Detection Systems.An integrated approach to security, and the necessary devices to make it happen, follows what building blocks?What are some devices that provide threat control solutions?Describe some of the other devices provided by Cisco.4.1.5Describe the Security Wheel.To begin the Security Wheel process, you first develop a security policy that enables the application of security measures. A security policy should include what?Describe the four steps of the Security Wheel.What is a Security Policy?How does a security policy benefit an organization?What are the Functions of a Security Policy?What are the most recommended Components of a Security Policy?What are other components that on organization may include?E-mail policies might include what?Remote access might include what?4.2.1What functions does a router provide?Why do intruders target routers?What are some of the security risks involved with routers?Router security should be thought of in terms of what category types?How can you provide physical security?4.2.2What are the steps to safeguard a router?4.2.3What should good password practices include?What is a passphrase?What router commands allow passwords to be seen in plain text in the output from show run?What in the output from show run command indicates that password is not hidden?Describe the two Cisco IOS password protection schemes.What command is used to enable the type 7 encryption?What in the output from show run command indicates that password is hidden & using type 7 encryption?What command is used to enable the type 5 encryption?What in the output from show run command indicates that password is hidden & using type 5 encryption?Why is type 5 preferred over type 7?4.2.4What is the preferred way for an administrator to connect to a device to manage it?What are the two steps to secure administrative access to routers and switches?Remote access typically involves allowing what types of connections to the router from a computer on the same internetwork as the router?If remote access is required, what options are available?What ports are included in remote access?What is the best way to control access to these lines? How is this done?If TTY and AUX lines are not needed what command(s) should be configured on the router?VTY lines should be configured to accept connections only with the protocols actually needed. What commands accomplish this?In limiting the risk of a DoS attack on VTY lines, what is a good practice?How is the answer to the above question accomplished?How can you prevent an idle session from consuming the VTY indefinitely?How can you help guard against both malicious attacks and orphaned sessions caused by remote system crashes?What port does Telnet use?What is the major difference between Telnet & SSH?What port does SSH use?Only cryptographic images in Cisco IOS images support SSH. How can you tell if an IOS supports SSH?The SSH terminal-line access feature enables administrators to configure routers with secure access and perform what tasks?When SSH is enabled, are Cisco routers clients or servers?To enable SSH on the router, what parameters must be configured?What other parameters can be configured?What are the steps to configure SSH on a router?To connect to a router configured with SSH, you have to use an SSH client application such as?4.2.5What is the purpose of logging router activity?What are the different levels of logging Routers support?Why is a syslog server a good option?What is the importance of time stamps?4.3.1Vulnerable Router Services and Interfaces can be restricted or disabled to improve security without degrading the operational use of the router. What is the best general security policy concerning these?What is the command(s) to disable Small services such as echo, discard, and chargen?What is the command(s) to disable BOOTP?What is the command(s) to disable Finger?What is the command(s) to disable HTTP?What is the command(s) to disable SNMP?What is the command(s) to disable Cisco Discovery Protocol (CDP)?What is the command(s) to disable remote configuration?What is the command(s) to disable source routing?What is the command(s) to disable classless routing?What is the command(s) to disable unused interfaces?What is the command(s) to disable SMURF attacks?What is the command(s) to disable ad hoc routing?Discuss the vulnerabilities of SNMP, NTP, and DNS.How do you set the name server to be used on a router?What is the command(s) to disable DNS?4.3.2In general, routing systems can be attacked in what two ways?What are the consequences of falsifying routing information?What is considered the best way to protect routing information on the network?Describe in general this process on networks using MD5.List the steps for configuring RIPv2 with Routing Protocol Authentication. Give the router commands needed for each.How is the above process different for EIGRP?How is the above process different for OSPF?4.3.3You can configure AutoSecure in privileged EXEC mode using the auto secure command in one of what two modes?What command is used to start the process of securing a router?What are some of the items Cisco AutoSecure will ask you for?4.4.1What is Cisco SDM?Where can SDM be installed?What are some of Cisco SDM features?4.4.2What are the steps to configure Cisco SDM on a router already in use, without disrupting network traffic?4.4.3On new routers where is Cisco SDM is stored by default?How do you launch the Cisco SDM?4.4.4Describe the Cisco SDM Home Page Overview.What elements are included in the About Your Router?What information is included in the Interfaces and Connections of the Configuration Overview Area?What information is included in the Firewall Policies of the Configuration Overview Area?What information is included in the VPN of the Configuration Overview Area?What information is included in the Routing of the Configuration Overview Area?4.4.6What are the differences in locking down a router with Cisco SDM vs. Cisco AutoSecure?4.5.1Cisco recommends following a four-phase migration process to simplify network operations and management. When you follow a repeatable process, you can also benefit from reduced costs in operations, management, and training. What are the four phases?What are some of the tools available on Cisco.com to aid in migrating Cisco IOS software that do not require a Cisco.com login?What are some of the tools that require valid Cisco.com login accounts?4.5.2Describe the Cisco IOS Integrated File System (IFS)?What command lists all of the available file systems on a Cisco router?What is the benefit of issuing the command above?What command shows the flash directory?Where is the file image of the IOS located?How do you view the contents of NVRAM?When a network administrator wants to move files around on a computer, the operating system offers a visible file structure to specify sources and destinations. Administrators do not have visual cues when working at a router CLI. How are file locations specified in Cisco IFS?Describe the following the TFTP example tftp://192.168.20.254/configs/backup-config.What command is used to move configuration files from one component or device to another?What is the command(s) to Copy the running configuration from RAM to the startup configuration in NVRAM?What is the command(s) to Copy the running configuration from RAM to a remote locationWhat is the command(s) to Copy a configuration from a remote source to the running configuration?What is the command(s) to Copy a configuration from a remote source to the startup configuration?Describe the Cisco IOS File Naming Conventions use in the following example:C1841-ipbase-mz.123-14.T7.bin4.5.3What is the benefit of using TFTP Servers to manage IOS Images?What tasks should be completed before changing a Cisco IOS image on the router?What steps should be carried out when you are ready to do the update?4.5.4What steps should you follow to copy a Cisco IOS image software from flash memory to the network TFTP server?During the copy process what is the purpose of the exclamation points (!)?Upgrading a system to a newer software version requires a different system image file to be loaded on the router. What command does this?What else is required in the process listed above?4.5.5List the steps needed if the IOS on a router is accidentally deleted from flash and the router has been rebooted.What command can be used to reload the router with the new Cisco IOS image?What is another method for restoring a Cisco IOS image to a router?Through what utility is this accomplished?Describe the steps in this process.4.5.6Describe the two most used troubleshooting commands.Which commands displays static information?By default, where does the network server send the output from debug commands and system error messages?Which commands displays dynamic data and events? In which mode is it issued?Describe when debug commands are used.To list and see a brief description of all the debugging command options what do you enter on the router?What are the considerations you should be aware of when using the debug command?Why?What other commands can help you to optimize your efficient use of the debug command?4.5.7In password recovery, why do you need physical access to the router?Describe the enable password and the enable secret password as related to password recovery.What is the configuration register?Describe the steps to router password recovery. What command will confirm that the router will use the configured config register setting on the next reboot?</li></ul> <br />