SlideShare a Scribd company logo

Telecommunications and Network Security Presentation

Wajahat Rajab
Wajahat Rajab
EducationTechnology
1 of 99
Download to read offline
Telecommunications and Network Security Muhammad Wajahat Rajab
Domain Overview • Deals with digital communication mechanism by concentrating on the security aspect!
Mind Exercises • Divide 30 by half and add ten. What do you get? • A farmer had 17 sheep. All but 9 died. How many alive sheep were left? • Some months have 30 days, some months have 31 days. How many months have 28 days?
Network Concepts
Data Network Types • Local Area Network (LAN) • Wide Area Network (WAN) • What is intranet? • What is extranet?
OSI Reference Model • Adopted by ISO in 1984 • Defines standard protocols for communication and interoperability by using a layered approach • Follows Divide and Conquer Rule?
OSI Reference Model • Advantages – Clarifies the functions of a communication process – Reduces complex networking processes – Promotes interoperability by defining standard interfaces – Aids development – Facilitates easier and more logical troubleshooting
OSI Layers • Application Layer • Presentation Layer • Session Layer • Transport Layer • Network Layer • Data Link Layer • Physical Layer
Application Layer • Serves as the interface between user and the communication technologies – SMTP, FTP, HTTP
Presentation Layer • Ensures communication between different data representations – ASCII, EBCDIC, JPEG, MPEG, GIF
Session Layer • Establishes, maintains and terminates sessions between applications – SQL, RPC
Transport Layer • Provides reliable, transparent transfer of data between end points – TCP, UDP
Network Layer • Provides routing and forwarding functionalities – IP, DHCP
Data Link Layer • Provides reliable transfer of information across the physical link – Ethernet, Token Ring
Physical Layer • Concerned with transmission of unstructured bit streams over physical medium – E1, T1
TCP/IP Model
Topologies
Wireless Networks
FHSS • Frequency Hoping Spread Spectrum – Takes the total bandwidth and splits it into smaller sub- channels
DSSS • Direct Sequence Spread Spectrum – Applies sub-bits to a message • The sub-bits are used to generate a different format of the data before the data are transmitted • The receiving end uses these sub-bits to reassemble the signal into the original data format
OFDM • Orthogonal Frequency Division Multiplexing
Data Link Layer • WLAN technologies and protocols Type Speed Frequency Modulation Description 802.11 1 Mbps 2.4 Ghz DSSS Legacy Protocol 802.11b 11 Mbps 2.4 Ghz DSSS First widely used protocol 802.11a 54 Mbps 5.0 Ghz OFDM Operated in 5 Ghz band 802.11g 54 Mbps 2.4 Ghz OFDM/DSSS 802.11n 150 Mbps 2.4 Ghz OFDM
Security Flaws • No user authentication • No mutual authentication • Flawed encryption protocol – Allows specific bits to be modified • Solution? – 802.11i • Incorporates security measures for the 802.11 standards!
WEP • Wired Equivalent Privacy – Used to provide confidentiality – Uses stream cipher RC4 – Versions • WEP-64 and WEP-128 – 24 bit IV – Authentication Methods • Open System Authentication • Shared Key Authentication
WEP • Open System Authentication – Any client, regardless of its WEP keys, can associate itself with the Access Point – No authentication (in the true sense of the term) occurs – After the association, WEP key needed for encrypting the data frames • At this point, the client needs to have the right key!
WEP • Shared Key Authentication – A four-way challenge-response handshake is used • Client sends an authentication request to the Access Point • Access Point replies with a clear-text challenge • Client encrypts the challenge text using configured WEP key, and sends it back to Access Point • Access Point decrypts the material, and compares it with the sent clear-text – Depending on the success of this comparison, the Access Point sends back a positive or negative response!
WPA • WiFi Protected Access – Uses Temporal Key Integrity Protocol (TKIP) • Adds 48 bit IV value • Implements a frame counter to discourage replay attacks! – Uses EAP via RADIUS Server • For authentication
WPA • WPA Modes – Enterprise Mode • Requires an authentication server • Uses RADIUS protocols for authentication and key distribution • Centralizes management of user credentials – Pre-Shared Key Mode • Does not require an authentication server • Shared secret is used for authentication • Device-oriented management
WPA2 • WiFi Protected Access 2 – Replaces TKIP with CCMP • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol • Uses AES • Provides more robust security
Network Attacks
DNS Poisoning
SYN Flood
ARP Poisoning Request 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 Reply 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 arp req | target IP: 140.252.13.5 | target eth: ? arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0 00:34:CD:C2:9F:A0
Network Sniffing … telnet Router5 User Access Verification Username: squiggie password: Sq%*jkl[;T Router5>ena Password: jhervq5 Router5# Got It !! Router5
IP Spoofing A B C Attacker
DDOS Attack Attacker Innocent handler Victim A Innocent handler Innocent agents Innocent agents Attack Alice NOW !
Smurf Attack 172.15.0.0 Muddasar Yasir 1 ICMP Echo Req Src: Yasir Dest: 172.15.255.255 2 ICMP Echo Reply Dest: Dos Target
Virtual Private Networks
Introduction • A private network that uses a public network to connect remote sites or users together!
Concept
Features of VPN • Security • Reliability • Scalability • Network management • Policy management
VPN Concepts • Encapsulation – Inclusion of one data structure within another structure • Encryption – Hiding of real information • Tunneling – Virtual path that delivers a packet
Tunneling Protocols • PPTP • L2F • L2TP • IPSec
PPTP • Point to Point Tunneling Protocol – Designed for client/server connectivity – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over IP networks only
L2F • Layer 2 Forwarding – Created before L2TP by Cisco – Merged with PPTP, which resulted in L2TP – Provides mutual authentication – No encryption
L2TP • Layer 2 Tunneling Protocol – Hybrid of L2F and PPTP – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over multiple types of networks, not just IP – Combined with IPSec for security
IPSec • Internet Protocol Security – Handles multiple connections at the same time – Provides secure authentication and encryption – Supports only IP networks – Focuses on LAN-to-LAN communication rather than user- to-user – Works at the network layer, and provides security on top of IP – Can work in tunnel mode, meaning the payload and the header are protected, or transport mode, meaning only the payload is protected
Benefits of VPN • Extend geographic connectivity • Improve security • Improve productivity • Simplify network topology • Provide global networking opportunities • Provide broadband networking compatibility • Provide faster ROI (return on investment) than traditional WAN
Intrusion Detection Systems
Introduction • A system that detects and logs – Inappropriate, Incorrect, or Anomalous activity
Types • Network based IDS • Host based IDS
Methods • Pattern matching – Signature based • Anomaly detection – Checks any abnormality • Protocol behavior – Checks correct usage of protocol
Events • True positive – When the IDS sets off an alert and it is a real attack • True negative – When the IDS does not set off an alert and it is normal traffic • False positive – When the IDS sets off an alert and it is normal traffic • False negative – When the IDS does not set off an alert and it is attack traffic
Firewalls
Introduction • A system that prevents unauthorized access – To or from a network • Controls the flow of traffic
Concept
Firewall Types • Packet filtering firewall • Proxy firewall – Application level proxy – Circuit level proxy • Stateful inspection firewall • Dynamic packet filtering firewall • Kernel proxy firewall
Packet Filtering Firewall • Governed by set of directives • Works at network layer • Makes decisions on – Packet’s source IP Address – Packet’s destination IP Address – Network and transport protocol being used – Source and destination ports – The interface being traversed
Packet Filtering Firewall • Ingress Filtering – Blocking inbound traffic • Egress Filtering – Blocking outbound traffic
Application Level Proxy • Contains a proxy agent • Does not allow a direct communication • Operates at the application level • Inspects the content, payload and header! • Can require authentication from the user
Circuit Level Proxy • Creates a circuit between client and the server • Works at session layer • Knows the source and destination addresses and makes access decisions based on the header information • Faster than application level proxy
Stateful Inspection Firewall • Tracks the state of connections • Blocks packets deviating from expected state • Works same as packet filtering firewall but keeps a state table as well! • Works at network and transport layer
Dynamic Packet Filtering
Kernel Proxy Firewalls • Fifth generation firewall! • Creates dynamic, customized TCP/IP stacks for packet evaluation • When a packet arrives, a new virtual network stack is created, which is made up of only the protocol proxies necessary to examine this specific packet properly • Speed of Packet filtering firewalls
Firewall Architectures • Screening Router • Dual Homed Gateways • Screened Host Gateways • Screened Subnet
Screening Router
Screening Router • Screening Router – A router placed between trusted and public networks – Security policy implemented using ACLs – Advantages: • Inexpensive • Simple and completely transparent – Disadvantages • Limited logging functionality • Single point of failure • Uses no user authentication
Dual Homed Gateway
Dual Homed Gateways • A single computer with separate NICs connected to each network • Used to divide internal trusted network from external networks • Advantages: – Operates in a Fail Secure mode – Logging functionality • Disadvantages: – Inconvenience to users – Slower network performance
Screened Host Gateways
Screened Host Gateways • Employs external screening router and internal bastion host • Advantages: – Provides distributed security between two devices – Restricted inbound/outbound access • Disadvantages: – Multiple single point of failures
Screened Subnet
Screened Subnet • Deploys external screening router, internal bastion host and internal screening router • Concept of DMZ • Advantages: – Provides defense in depth • Disadvantages: – Difficult to configure and maintain – Difficult to troubleshoot
Unified Threat Management • Single system with all the solutions • Contains firewall, malware detection and eradication, sensing and blocking of suspicious network probes, and so on… • Requires lot of resources • Reduces network complexity
Why Firewall Security • Remote login • Application backdoors • Operating system bugs • Denial of service • Spam • Source routing
Best Practices • Change the default configurations • ACLs should be simple and direct • Disallow source routing • Close unnecessary ports with dangerous services • Disable unused interfaces • Block directed IP broadcasts • Block incoming packets with internal address (they are spoofed) • Enable logging • Daily checks to ensure security
Thank You!  • Any Questions?
Questions
Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
Thank You! 

Recommended

IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11Abhishek Pachisia
 
Chapter01
Chapter01Chapter01
Chapter01Muhammad Ahad
 
DHCP
DHCPDHCP
DHCPKashif Latif
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
SPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANSPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANNetProtocol Xpert
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Simple mail transfer protocol
Simple mail transfer protocolSimple mail transfer protocol
Simple mail transfer protocolAnagha Ghotkar
 
Snmp
SnmpSnmp
Snmphetaljadav
 

Recommended

IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11Abhishek Pachisia
 
Chapter01
Chapter01Chapter01
Chapter01Muhammad Ahad
 
DHCP
DHCPDHCP
DHCPKashif Latif
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
SPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANSPAN, RSPAN and ERSPAN
SPAN, RSPAN and ERSPANNetProtocol Xpert
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Simple mail transfer protocol
Simple mail transfer protocolSimple mail transfer protocol
Simple mail transfer protocolAnagha Ghotkar
 
Snmp
SnmpSnmp
Snmphetaljadav
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
PSTN
PSTNPSTN
PSTNaminpathan11
 
Networking Basics
Networking BasicsNetworking Basics
Networking BasicsCarlo Fonda
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
IP addressing seminar ppt
IP addressing seminar pptIP addressing seminar ppt
IP addressing seminar pptSmriti Rastogi
 
Data Communications,Data Networks
Data Communications,Data NetworksData Communications,Data Networks
Data Communications,Data NetworksSrinivasa Rao
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Firewalls
FirewallsFirewalls
FirewallsRam Dutt Shukla
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLSMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLVidhu Arora
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityShahid Beheshti University
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
Telecom Security
Telecom SecurityTelecom Security
Telecom SecurityPriyanka Aash
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Kismet
KismetKismet
KismetNilesh Pawar
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 
Unit08
Unit08Unit08
Unit08Nurul Nadirah
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networksKishor Satpathy
 

More Related Content

What's hot

Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Networking Basics
Networking BasicsNetworking Basics
Networking BasicsCarlo Fonda
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
IP addressing seminar ppt
IP addressing seminar pptIP addressing seminar ppt
IP addressing seminar pptSmriti Rastogi
 
Data Communications,Data Networks
Data Communications,Data NetworksData Communications,Data Networks
Data Communications,Data NetworksSrinivasa Rao
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLSMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLVidhu Arora
 
Web application attacks
Web application attacksWeb application attacks
Web application attackshruth
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasureskaranwayne
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communicationchauhankapil
 

What's hot (20)

Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
PSTN
PSTNPSTN
PSTN
 
Networking Basics
Networking BasicsNetworking Basics
Networking Basics
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
IP addressing seminar ppt
IP addressing seminar pptIP addressing seminar ppt
IP addressing seminar ppt
 
Data Communications,Data Networks
Data Communications,Data NetworksData Communications,Data Networks
Data Communications,Data Networks
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOLSMTP - SIMPLE MAIL TRANSFER PROTOCOL
SMTP - SIMPLE MAIL TRANSFER PROTOCOL
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Web application attacks
Web application attacksWeb application attacks
Web application attacks
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
 
Kismet
KismetKismet
Kismet
 
Protocol for Secure Communication
Protocol for Secure CommunicationProtocol for Secure Communication
Protocol for Secure Communication
 

Similar to Telecommunications and Network Security Presentation

Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networksKishor Satpathy
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IPPiero Fraternali
 
08. networking-part-2
08. networking-part-208. networking-part-2
08. networking-part-2Muhammad Ahad
 
Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2NEEVEE Technologies
 
02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.pptstriker78669
 
Computer design and Architechure and Algorithm
Computer design and Architechure and AlgorithmComputer design and Architechure and Algorithm
Computer design and Architechure and Algorithmmirzaahmadali
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8suddenven
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal DistributionrAVe [PUBS]
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferenceCengage Learning
 
Network protocol
Network protocolNetwork protocol
Network protocolOnline
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technologytardeep
 

Similar to Telecommunications and Network Security Presentation (20)

Unit08
Unit08Unit08
Unit08
 
Enterprise campus networks
Enterprise campus networksEnterprise campus networks
Enterprise campus networks
 
Web technologies: recap on TCP-IP
Web technologies: recap on TCP-IPWeb technologies: recap on TCP-IP
Web technologies: recap on TCP-IP
 
08. networking-part-2
08. networking-part-208. networking-part-2
08. networking-part-2
 
Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2Internet of Things Protocol - Session 2
Internet of Things Protocol - Session 2
 
02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt02-ProtocolArchitecture william stellings.ppt
02-ProtocolArchitecture william stellings.ppt
 
Computer design and Architechure and Algorithm
Computer design and Architechure and AlgorithmComputer design and Architechure and Algorithm
Computer design and Architechure and Algorithm
 
cn1.ppt
cn1.pptcn1.ppt
cn1.ppt
 
MVA slides lesson 8
MVA slides lesson 8MVA slides lesson 8
MVA slides lesson 8
 
98 366 mva slides lesson 8
98 366 mva slides lesson 898 366 mva slides lesson 8
98 366 mva slides lesson 8
 
MVA slides lesson 2
MVA slides lesson 2MVA slides lesson 2
MVA slides lesson 2
 
IP Signal Distribution
IP Signal DistributionIP Signal Distribution
IP Signal Distribution
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
 
Vp ns
Vp nsVp ns
Vp ns
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
Case mis ch06
Case mis ch06Case mis ch06
Case mis ch06
 
Network protocol
Network protocolNetwork protocol
Network protocol
 
Wifi
WifiWifi
Wifi
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
 

Recently uploaded

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxNikitaBankoti2
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 

Recently uploaded (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 

Telecommunications and Network Security Presentation

  • 2. Domain Overview • Deals with digital communication mechanism by concentrating on the security aspect!
  • 3. Mind Exercises • Divide 30 by half and add ten. What do you get? • A farmer had 17 sheep. All but 9 died. How many alive sheep were left? • Some months have 30 days, some months have 31 days. How many months have 28 days?
  • 5. Data Network Types • Local Area Network (LAN) • Wide Area Network (WAN) • What is intranet? • What is extranet?
  • 6. OSI Reference Model • Adopted by ISO in 1984 • Defines standard protocols for communication and interoperability by using a layered approach • Follows Divide and Conquer Rule?
  • 7. OSI Reference Model • Advantages – Clarifies the functions of a communication process – Reduces complex networking processes – Promotes interoperability by defining standard interfaces – Aids development – Facilitates easier and more logical troubleshooting
  • 8. OSI Layers • Application Layer • Presentation Layer • Session Layer • Transport Layer • Network Layer • Data Link Layer • Physical Layer
  • 9. Application Layer • Serves as the interface between user and the communication technologies – SMTP, FTP, HTTP
  • 10. Presentation Layer • Ensures communication between different data representations – ASCII, EBCDIC, JPEG, MPEG, GIF
  • 11. Session Layer • Establishes, maintains and terminates sessions between applications – SQL, RPC
  • 12. Transport Layer • Provides reliable, transparent transfer of data between end points – TCP, UDP
  • 13. Network Layer • Provides routing and forwarding functionalities – IP, DHCP
  • 14. Data Link Layer • Provides reliable transfer of information across the physical link – Ethernet, Token Ring
  • 15. Physical Layer • Concerned with transmission of unstructured bit streams over physical medium – E1, T1
  • 19. FHSS • Frequency Hoping Spread Spectrum – Takes the total bandwidth and splits it into smaller sub- channels
  • 20. DSSS • Direct Sequence Spread Spectrum – Applies sub-bits to a message • The sub-bits are used to generate a different format of the data before the data are transmitted • The receiving end uses these sub-bits to reassemble the signal into the original data format
  • 21. OFDM • Orthogonal Frequency Division Multiplexing
  • 22. Data Link Layer • WLAN technologies and protocols Type Speed Frequency Modulation Description 802.11 1 Mbps 2.4 Ghz DSSS Legacy Protocol 802.11b 11 Mbps 2.4 Ghz DSSS First widely used protocol 802.11a 54 Mbps 5.0 Ghz OFDM Operated in 5 Ghz band 802.11g 54 Mbps 2.4 Ghz OFDM/DSSS 802.11n 150 Mbps 2.4 Ghz OFDM
  • 23. Security Flaws • No user authentication • No mutual authentication • Flawed encryption protocol – Allows specific bits to be modified • Solution? – 802.11i • Incorporates security measures for the 802.11 standards!
  • 24. WEP • Wired Equivalent Privacy – Used to provide confidentiality – Uses stream cipher RC4 – Versions • WEP-64 and WEP-128 – 24 bit IV – Authentication Methods • Open System Authentication • Shared Key Authentication
  • 25. WEP • Open System Authentication – Any client, regardless of its WEP keys, can associate itself with the Access Point – No authentication (in the true sense of the term) occurs – After the association, WEP key needed for encrypting the data frames • At this point, the client needs to have the right key!
  • 26. WEP • Shared Key Authentication – A four-way challenge-response handshake is used • Client sends an authentication request to the Access Point • Access Point replies with a clear-text challenge • Client encrypts the challenge text using configured WEP key, and sends it back to Access Point • Access Point decrypts the material, and compares it with the sent clear-text – Depending on the success of this comparison, the Access Point sends back a positive or negative response!
  • 27. WPA • WiFi Protected Access – Uses Temporal Key Integrity Protocol (TKIP) • Adds 48 bit IV value • Implements a frame counter to discourage replay attacks! – Uses EAP via RADIUS Server • For authentication
  • 28. WPA • WPA Modes – Enterprise Mode • Requires an authentication server • Uses RADIUS protocols for authentication and key distribution • Centralizes management of user credentials – Pre-Shared Key Mode • Does not require an authentication server • Shared secret is used for authentication • Device-oriented management
  • 29. WPA2 • WiFi Protected Access 2 – Replaces TKIP with CCMP • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol • Uses AES • Provides more robust security
  • 33. ARP Poisoning Request 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 Reply 140.252.13 .1 .2 .3 .4 .5 08:00:20:03:F6:42 00:00:C0:C2:9B:26 arp req | target IP: 140.252.13.5 | target eth: ? arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0 00:34:CD:C2:9F:A0
  • 34. Network Sniffing … telnet Router5 User Access Verification Username: squiggie password: Sq%*jkl[;T Router5>ena Password: jhervq5 Router5# Got It !! Router5
  • 36. DDOS Attack Attacker Innocent handler Victim A Innocent handler Innocent agents Innocent agents Attack Alice NOW !
  • 37. Smurf Attack 172.15.0.0 Muddasar Yasir 1 ICMP Echo Req Src: Yasir Dest: 172.15.255.255 2 ICMP Echo Reply Dest: Dos Target
  • 39. Introduction • A private network that uses a public network to connect remote sites or users together!
  • 41. Features of VPN • Security • Reliability • Scalability • Network management • Policy management
  • 42. VPN Concepts • Encapsulation – Inclusion of one data structure within another structure • Encryption – Hiding of real information • Tunneling – Virtual path that delivers a packet
  • 43. Tunneling Protocols • PPTP • L2F • L2TP • IPSec
  • 44. PPTP • Point to Point Tunneling Protocol – Designed for client/server connectivity – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over IP networks only
  • 45. L2F • Layer 2 Forwarding – Created before L2TP by Cisco – Merged with PPTP, which resulted in L2TP – Provides mutual authentication – No encryption
  • 46. L2TP • Layer 2 Tunneling Protocol – Hybrid of L2F and PPTP – Sets up a single point-to-point connection between two computers – Works at the data link layer – Transmits over multiple types of networks, not just IP – Combined with IPSec for security
  • 47. IPSec • Internet Protocol Security – Handles multiple connections at the same time – Provides secure authentication and encryption – Supports only IP networks – Focuses on LAN-to-LAN communication rather than user- to-user – Works at the network layer, and provides security on top of IP – Can work in tunnel mode, meaning the payload and the header are protected, or transport mode, meaning only the payload is protected
  • 48. Benefits of VPN • Extend geographic connectivity • Improve security • Improve productivity • Simplify network topology • Provide global networking opportunities • Provide broadband networking compatibility • Provide faster ROI (return on investment) than traditional WAN
  • 50. Introduction • A system that detects and logs – Inappropriate, Incorrect, or Anomalous activity
  • 51. Types • Network based IDS • Host based IDS
  • 52. Methods • Pattern matching – Signature based • Anomaly detection – Checks any abnormality • Protocol behavior – Checks correct usage of protocol
  • 53. Events • True positive – When the IDS sets off an alert and it is a real attack • True negative – When the IDS does not set off an alert and it is normal traffic • False positive – When the IDS sets off an alert and it is normal traffic • False negative – When the IDS does not set off an alert and it is attack traffic
  • 55. Introduction • A system that prevents unauthorized access – To or from a network • Controls the flow of traffic
  • 57. Firewall Types • Packet filtering firewall • Proxy firewall – Application level proxy – Circuit level proxy • Stateful inspection firewall • Dynamic packet filtering firewall • Kernel proxy firewall
  • 58. Packet Filtering Firewall • Governed by set of directives • Works at network layer • Makes decisions on – Packet’s source IP Address – Packet’s destination IP Address – Network and transport protocol being used – Source and destination ports – The interface being traversed
  • 59. Packet Filtering Firewall • Ingress Filtering – Blocking inbound traffic • Egress Filtering – Blocking outbound traffic
  • 60. Application Level Proxy • Contains a proxy agent • Does not allow a direct communication • Operates at the application level • Inspects the content, payload and header! • Can require authentication from the user
  • 61. Circuit Level Proxy • Creates a circuit between client and the server • Works at session layer • Knows the source and destination addresses and makes access decisions based on the header information • Faster than application level proxy
  • 62. Stateful Inspection Firewall • Tracks the state of connections • Blocks packets deviating from expected state • Works same as packet filtering firewall but keeps a state table as well! • Works at network and transport layer
  • 64. Kernel Proxy Firewalls • Fifth generation firewall! • Creates dynamic, customized TCP/IP stacks for packet evaluation • When a packet arrives, a new virtual network stack is created, which is made up of only the protocol proxies necessary to examine this specific packet properly • Speed of Packet filtering firewalls
  • 65. Firewall Architectures • Screening Router • Dual Homed Gateways • Screened Host Gateways • Screened Subnet
  • 67. Screening Router • Screening Router – A router placed between trusted and public networks – Security policy implemented using ACLs – Advantages: • Inexpensive • Simple and completely transparent – Disadvantages • Limited logging functionality • Single point of failure • Uses no user authentication
  • 69. Dual Homed Gateways • A single computer with separate NICs connected to each network • Used to divide internal trusted network from external networks • Advantages: – Operates in a Fail Secure mode – Logging functionality • Disadvantages: – Inconvenience to users – Slower network performance
  • 71. Screened Host Gateways • Employs external screening router and internal bastion host • Advantages: – Provides distributed security between two devices – Restricted inbound/outbound access • Disadvantages: – Multiple single point of failures
  • 73. Screened Subnet • Deploys external screening router, internal bastion host and internal screening router • Concept of DMZ • Advantages: – Provides defense in depth • Disadvantages: – Difficult to configure and maintain – Difficult to troubleshoot
  • 74. Unified Threat Management • Single system with all the solutions • Contains firewall, malware detection and eradication, sensing and blocking of suspicious network probes, and so on… • Requires lot of resources • Reduces network complexity
  • 75. Why Firewall Security • Remote login • Application backdoors • Operating system bugs • Denial of service • Spam • Source routing
  • 76. Best Practices • Change the default configurations • ACLs should be simple and direct • Disallow source routing • Close unnecessary ports with dangerous services • Disable unused interfaces • Block directed IP broadcasts • Block incoming packets with internal address (they are spoofed) • Enable logging • Daily checks to ensure security
  • 77. Thank You!  • Any Questions?
  • 79. Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
  • 80. Question 1 • Which of the following is not a security goal for remote access? A. Reliable authentication of users and systems B. Protection of confidential data C. Easy to manage access control to systems and network resources D. Automated login for remote users
  • 81. Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
  • 82. Question 2 • Which of the following is the biggest concern with firewall security? A. Internal hackers B. Complex configuration rules leading to misconfiguration C. Buffer overflows D. Distributed denial of service (DDOS) attacks
  • 83. Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
  • 84. Question 3 • Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH
  • 85. Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
  • 86. Question 4 • Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A. TCP sequence number attack B. IP spoofing attack C. Piggybacking attack D. Teardrop attack
  • 87. Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
  • 88. Question 5 • Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs B. It is not application dependant C. It operates at the network layer D. It keeps track of the state of a connection
  • 89. Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
  • 90. Question 6 • What is the main characteristic of a multi- homed host? A. It is placed between two routers or firewalls B. It allows IP routing C. It has multiple network interfaces, each connected to separate networks D. It operates at multiple layers
  • 91. Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
  • 92. Question 7 • One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and: A. Decide what to do with each application B. Decide what to do with each user C. Decide what to do with each port D. Decide what to do with each packet
  • 93. Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
  • 94. Question 8 • Address Resolution Protocol (ARP) interrogates the network by sending out a? A. Broadcast B. Multicast C. Unicast D. Semicast
  • 95. Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
  • 96. Question 9 • As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select? A. Protocol anomaly based B. Pattern matching C. Stateful matching D. Traffic anomaly-based
  • 97. Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse
  • 98. Question 10 • What refers to legitimate users accessing networked services that would normally be restricted to them? A. Spoofing B. Piggybacking C. Eavesdropping D. Logon abuse