Telecommunications and Network Security Presentation
Transcript of Telecommunications and Network Security Presentation
![Page 1: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/1.jpg)
Telecommunications and Network Security
Muhammad Wajahat Rajab
![Page 2: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/2.jpg)
Domain Overview
• Deals with digital communication mechanism by concentrating on the security aspect!
![Page 3: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/3.jpg)
Mind Exercises
• Divide 30 by half and add ten. What do you get?
• A farmer had 17 sheep. All but 9 died. How many alive sheep were left?
• Some months have 30 days, some months have 31 days. How many months have 28 days?
![Page 4: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/4.jpg)
Network Concepts
![Page 5: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/5.jpg)
Data Network Types
• Local Area Network (LAN)
• Wide Area Network (WAN)
• What is intranet?
• What is extranet?
![Page 6: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/6.jpg)
OSI Reference Model
• Adopted by ISO in 1984
• Defines standard protocols for communication and interoperability by using a layered approach
• Follows Divide and Conquer Rule?
![Page 7: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/7.jpg)
OSI Reference Model
• Advantages
– Clarifies the functions of a communication process
– Reduces complex networking processes
– Promotes interoperability by defining standard interfaces
– Aids development
– Facilitates easier and more logical troubleshooting
![Page 8: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/8.jpg)
OSI Layers
• Application Layer
• Presentation Layer
• Session Layer
• Transport Layer
• Network Layer
• Data Link Layer
• Physical Layer
![Page 9: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/9.jpg)
Application Layer
• Serves as the interface between user and the communication technologies
– SMTP, FTP, HTTP
![Page 10: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/10.jpg)
Presentation Layer
• Ensures communication between different data representations
– ASCII, EBCDIC, JPEG, MPEG, GIF
![Page 11: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/11.jpg)
Session Layer
• Establishes, maintains and terminates sessions between applications
– SQL, RPC
![Page 12: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/12.jpg)
Transport Layer
• Provides reliable, transparent transfer of data between end points
– TCP, UDP
![Page 13: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/13.jpg)
Network Layer
• Provides routing and forwarding functionalities
– IP, DHCP
![Page 14: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/14.jpg)
Data Link Layer
• Provides reliable transfer of information across the physical link
– Ethernet, Token Ring
![Page 15: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/15.jpg)
Physical Layer
• Concerned with transmission of unstructured bit streams over physical medium
– E1, T1
![Page 16: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/16.jpg)
TCP/IP Model
![Page 17: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/17.jpg)
Topologies
![Page 18: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/18.jpg)
Wireless Networks
![Page 19: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/19.jpg)
FHSS
• Frequency Hoping Spread Spectrum
– Takes the total bandwidth and splits it into smaller sub-channels
![Page 20: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/20.jpg)
DSSS
• Direct Sequence Spread Spectrum
– Applies sub-bits to a message• The sub-bits are used to generate a different format of the data
before the data are transmitted
• The receiving end uses these sub-bits to reassemble the signal into the original data format
![Page 21: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/21.jpg)
OFDM
• Orthogonal Frequency Division Multiplexing
![Page 22: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/22.jpg)
Data Link Layer
• WLAN technologies and protocols
Type Speed Frequency Modulation Description
802.11 1 Mbps 2.4 Ghz DSSS Legacy Protocol
802.11b 11 Mbps 2.4 Ghz DSSS First widely used protocol
802.11a 54 Mbps 5.0 Ghz OFDM Operated in 5 Ghz band
802.11g 54 Mbps 2.4 Ghz OFDM/DSSS
802.11n 150 Mbps 2.4 Ghz OFDM
![Page 23: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/23.jpg)
Security Flaws
• No user authentication
• No mutual authentication
• Flawed encryption protocol
– Allows specific bits to be modified
• Solution?
– 802.11i • Incorporates security measures for the 802.11 standards!
![Page 24: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/24.jpg)
WEP
• Wired Equivalent Privacy
– Used to provide confidentiality
– Uses stream cipher RC4
– Versions• WEP-64 and WEP-128
– 24 bit IV
– Authentication Methods• Open System Authentication
• Shared Key Authentication
![Page 25: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/25.jpg)
WEP
• Open System Authentication
– Any client, regardless of its WEP keys, can associate itself with the Access Point
– No authentication (in the true sense of the term) occurs
– After the association, WEP key needed for encrypting the data frames• At this point, the client needs to have the right key!
![Page 26: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/26.jpg)
WEP
• Shared Key Authentication
– A four-way challenge-response handshake is used • Client sends an authentication request to the Access Point
• Access Point replies with a clear-text challenge
• Client encrypts the challenge text using configured WEP key, and sends it back to Access Point
• Access Point decrypts the material, and compares it with the sent clear-text
– Depending on the success of this comparison, the Access Point sends back a positive or negative response!
![Page 27: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/27.jpg)
WPA
• WiFi Protected Access
– Uses Temporal Key Integrity Protocol (TKIP)• Adds 48 bit IV value
• Implements a frame counter to discourage replay attacks!
– Uses EAP via RADIUS Server• For authentication
![Page 28: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/28.jpg)
WPA
• WPA Modes
– Enterprise Mode• Requires an authentication server
• Uses RADIUS protocols for authentication and key distribution
• Centralizes management of user credentials
– Pre-Shared Key Mode• Does not require an authentication server
• Shared secret is used for authentication
• Device-oriented management
![Page 29: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/29.jpg)
WPA2
• WiFi Protected Access 2
– Replaces TKIP with CCMP• Counter Mode with Cipher Block Chaining Message Authentication
Code Protocol
• Uses AES
• Provides more robust security
![Page 30: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/30.jpg)
Network Attacks
![Page 31: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/31.jpg)
DNS Poisoning
![Page 32: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/32.jpg)
SYN Flood
![Page 33: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/33.jpg)
ARP PoisoningRequest
140.252.13
.1 .2 .3 .4 .508:00:20:03:F6:42 00:00:C0:C2:9B:26
Reply
140.252.13
.1 .2 .3 .4 .508:00:20:03:F6:42 00:00:C0:C2:9B:26
arp req | target IP: 140.252.13.5 | target eth: ?
arp rep | sender IP: 140.252.13.5 | sender eth: 00:34:CD:C2:9F:A0
00:34:CD:C2:9F:A0
![Page 34: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/34.jpg)
Network Sniffing
… telnet Router5User Access VerificationUsername: squiggiepassword: Sq%*jkl[;TRouter5>enaPassword: jhervq5Router5#
Got It !!
Router5
![Page 35: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/35.jpg)
IP Spoofing
A
B
C
Attacker
![Page 36: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/36.jpg)
DDOS Attack
Attacker
Innocent handler
Victim
AInnocent handler
Innocent agents
Innocent agents
Attack AliceNOW !
![Page 37: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/37.jpg)
Smurf Attack
172.15.0.0Muddasar Yasir
1 ICMP Echo ReqSrc: Yasir
Dest: 172.15.255.255
2 ICMP Echo ReplyDest: Dos Target
![Page 38: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/38.jpg)
Virtual Private Networks
![Page 39: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/39.jpg)
Introduction
• A private network that uses a public network to connect remote sites or users together!
![Page 40: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/40.jpg)
Concept
![Page 41: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/41.jpg)
Features of VPN
• Security
• Reliability
• Scalability
• Network management
• Policy management
![Page 42: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/42.jpg)
VPN Concepts
• Encapsulation
– Inclusion of one data structure within another structure
• Encryption
– Hiding of real information
• Tunneling
– Virtual path that delivers a packet
![Page 43: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/43.jpg)
Tunneling Protocols
• PPTP
• L2F
• L2TP
• IPSec
![Page 44: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/44.jpg)
PPTP
• Point to Point Tunneling Protocol
– Designed for client/server connectivity
– Sets up a single point-to-point connection between two computers
– Works at the data link layer
– Transmits over IP networks only
![Page 45: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/45.jpg)
L2F
• Layer 2 Forwarding
– Created before L2TP by Cisco
– Merged with PPTP, which resulted in L2TP
– Provides mutual authentication
– No encryption
![Page 46: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/46.jpg)
L2TP
• Layer 2 Tunneling Protocol
– Hybrid of L2F and PPTP
– Sets up a single point-to-point connection between two computers
– Works at the data link layer
– Transmits over multiple types of networks, not just IP
– Combined with IPSec for security
![Page 47: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/47.jpg)
IPSec
• Internet Protocol Security
– Handles multiple connections at the same time
– Provides secure authentication and encryption
– Supports only IP networks
– Focuses on LAN-to-LAN communication rather than user-to-user
– Works at the network layer, and provides security on top of IP
– Can work in tunnel mode, meaning the payload and the header are protected, or transport mode, meaning only the payload is protected
![Page 48: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/48.jpg)
Benefits of VPN
• Extend geographic connectivity
• Improve security
• Improve productivity
• Simplify network topology
• Provide global networking opportunities
• Provide broadband networking compatibility
• Provide faster ROI (return on investment) than traditional WAN
![Page 49: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/49.jpg)
Intrusion Detection Systems
![Page 50: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/50.jpg)
Introduction
• A system that detects and logs
– Inappropriate, Incorrect, or Anomalous activity
![Page 51: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/51.jpg)
Types
• Network based IDS
• Host based IDS
![Page 52: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/52.jpg)
Methods
• Pattern matching
– Signature based
• Anomaly detection
– Checks any abnormality
• Protocol behavior
– Checks correct usage of protocol
![Page 53: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/53.jpg)
Events
• True positive
– When the IDS sets off an alert and it is a real attack
• True negative
– When the IDS does not set off an alert and it is normal traffic
• False positive
– When the IDS sets off an alert and it is normal traffic
• False negative
– When the IDS does not set off an alert and it is attack traffic
![Page 54: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/54.jpg)
Firewalls
![Page 55: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/55.jpg)
Introduction
• A system that prevents unauthorized access
– To or from a network
• Controls the flow of traffic
![Page 56: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/56.jpg)
Concept
![Page 57: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/57.jpg)
Firewall Types
• Packet filtering firewall
• Proxy firewall
– Application level proxy
– Circuit level proxy
• Stateful inspection firewall
• Dynamic packet filtering firewall
• Kernel proxy firewall
![Page 58: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/58.jpg)
Packet Filtering Firewall
• Governed by set of directives
• Works at network layer
• Makes decisions on
– Packet’s source IP Address
– Packet’s destination IP Address
– Network and transport protocol being used
– Source and destination ports
– The interface being traversed
![Page 59: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/59.jpg)
Packet Filtering Firewall
• Ingress Filtering
– Blocking inbound traffic
• Egress Filtering
– Blocking outbound traffic
![Page 60: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/60.jpg)
Application Level Proxy
• Contains a proxy agent
• Does not allow a direct communication
• Operates at the application level
• Inspects the content, payload and header!
• Can require authentication from the user
![Page 61: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/61.jpg)
Circuit Level Proxy
• Creates a circuit between client and the server
• Works at session layer
• Knows the source and destination addresses and makes access decisions based on the header information
• Faster than application level proxy
![Page 62: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/62.jpg)
Stateful Inspection Firewall
• Tracks the state of connections
• Blocks packets deviating from expected state
• Works same as packet filtering firewall but keeps a state table as well!
• Works at network and transport layer
![Page 63: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/63.jpg)
Dynamic Packet Filtering
![Page 64: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/64.jpg)
Kernel Proxy Firewalls
• Fifth generation firewall!
• Creates dynamic, customized TCP/IP stacks for packet evaluation
• When a packet arrives, a new virtual network stack is created, which is made up of only the protocol proxies necessary to examine this specific packet properly
• Speed of Packet filtering firewalls
![Page 65: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/65.jpg)
Firewall Architectures
• Screening Router
• Dual Homed Gateways
• Screened Host Gateways
• Screened Subnet
![Page 66: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/66.jpg)
Screening Router
![Page 67: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/67.jpg)
Screening Router
• Screening Router– A router placed between trusted and public networks– Security policy implemented using ACLs– Advantages:
• Inexpensive• Simple and completely transparent
– Disadvantages• Limited logging functionality• Single point of failure• Uses no user authentication
![Page 68: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/68.jpg)
Dual Homed Gateway
![Page 69: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/69.jpg)
Dual Homed Gateways
• A single computer with separate NICs connected to each network
• Used to divide internal trusted network from external networks
• Advantages:– Operates in a Fail Secure mode
– Logging functionality
• Disadvantages:– Inconvenience to users
– Slower network performance
![Page 70: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/70.jpg)
Screened Host Gateways
![Page 71: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/71.jpg)
Screened Host Gateways
• Employs external screening router and internal bastion host
• Advantages:
– Provides distributed security between two devices
– Restricted inbound/outbound access
• Disadvantages:
– Multiple single point of failures
![Page 72: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/72.jpg)
Screened Subnet
![Page 73: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/73.jpg)
Screened Subnet
• Deploys external screening router, internal bastion host and internal screening router
• Concept of DMZ
• Advantages:
– Provides defense in depth
• Disadvantages:
– Difficult to configure and maintain
– Difficult to troubleshoot
![Page 74: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/74.jpg)
Unified Threat Management
• Single system with all the solutions
• Contains firewall, malware detection and eradication, sensing and blocking of suspicious network probes, and so on…
• Requires lot of resources
• Reduces network complexity
![Page 75: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/75.jpg)
Why Firewall Security
• Remote login
• Application backdoors
• Operating system bugs
• Denial of service
• Spam
• Source routing
![Page 76: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/76.jpg)
Best Practices
• Change the default configurations
• ACLs should be simple and direct
• Disallow source routing
• Close unnecessary ports with dangerous services
• Disable unused interfaces
• Block directed IP broadcasts
• Block incoming packets with internal address (they are spoofed)
• Enable logging
• Daily checks to ensure security
![Page 77: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/77.jpg)
Thank You!
• Any Questions?
![Page 78: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/78.jpg)
Questions
![Page 79: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/79.jpg)
Question 1
• Which of the following is not a security goal for remote access?
A. Reliable authentication of users and systems
B. Protection of confidential data
C. Easy to manage access control to systems and network resources
D. Automated login for remote users
![Page 80: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/80.jpg)
Question 1
• Which of the following is not a security goal for remote access?
A. Reliable authentication of users and systems
B. Protection of confidential data
C. Easy to manage access control to systems and network resources
D. Automated login for remote users
![Page 81: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/81.jpg)
Question 2
• Which of the following is the biggest concern with firewall security?
A. Internal hackers
B. Complex configuration rules leading to misconfiguration
C. Buffer overflows
D. Distributed denial of service (DDOS) attacks
![Page 82: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/82.jpg)
Question 2
• Which of the following is the biggest concern with firewall security?
A. Internal hackers
B. Complex configuration rules leading to misconfiguration
C. Buffer overflows
D. Distributed denial of service (DDOS) attacks
![Page 83: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/83.jpg)
Question 3
• Which of the following should NOT normally be allowed through a firewall?
A. SNMP
B. SMTP
C. HTTP
D. SSH
![Page 84: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/84.jpg)
Question 3
• Which of the following should NOT normally be allowed through a firewall?
A. SNMP
B. SMTP
C. HTTP
D. SSH
![Page 85: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/85.jpg)
Question 4
• Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system?
A. TCP sequence number attack
B. IP spoofing attack
C. Piggybacking attack
D. Teardrop attack
![Page 86: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/86.jpg)
Question 4
• Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system?
A. TCP sequence number attack
B. IP spoofing attack
C. Piggybacking attack
D. Teardrop attack
![Page 87: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/87.jpg)
Question 5
• Which of the following statements pertaining to packet filtering is incorrect?
A. It is based on ACLs
B. It is not application dependant
C. It operates at the network layer
D. It keeps track of the state of a connection
![Page 88: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/88.jpg)
Question 5
• Which of the following statements pertaining to packet filtering is incorrect?
A. It is based on ACLs
B. It is not application dependant
C. It operates at the network layer
D. It keeps track of the state of a connection
![Page 89: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/89.jpg)
Question 6
• What is the main characteristic of a multi-homed host?
A. It is placed between two routers or firewalls
B. It allows IP routing
C. It has multiple network interfaces, each connected to separate networks
D. It operates at multiple layers
![Page 90: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/90.jpg)
Question 6
• What is the main characteristic of a multi-homed host?
A. It is placed between two routers or firewalls
B. It allows IP routing
C. It has multiple network interfaces, each connected to separate networks
D. It operates at multiple layers
![Page 91: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/91.jpg)
Question 7
• One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and:
A. Decide what to do with each application
B. Decide what to do with each user
C. Decide what to do with each port
D. Decide what to do with each packet
![Page 92: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/92.jpg)
Question 7
• One drawback of Application Level Firewall is that it reduces network performance due to the fact that it must analyze every packet and:
A. Decide what to do with each application
B. Decide what to do with each user
C. Decide what to do with each port
D. Decide what to do with each packet
![Page 93: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/93.jpg)
Question 8
• Address Resolution Protocol (ARP) interrogates the network by sending out a?
A. Broadcast
B. Multicast
C. Unicast
D. Semicast
![Page 94: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/94.jpg)
Question 8
• Address Resolution Protocol (ARP) interrogates the network by sending out a?
A. Broadcast
B. Multicast
C. Unicast
D. Semicast
![Page 95: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/95.jpg)
Question 9
• As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?
A. Protocol anomaly basedB. Pattern matchingC. Stateful matchingD. Traffic anomaly-based
![Page 96: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/96.jpg)
Question 9
• As a result of a risk assessment, your security manager has determined that your organization needs to implement an intrusion detection system that can detect unknown attacks and can watch for unusual traffic behavior, such as a new service appearing on the network. What type of intrusion detection system would you select?
A. Protocol anomaly basedB. Pattern matchingC. Stateful matchingD. Traffic anomaly-based
![Page 97: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/97.jpg)
Question 10
• What refers to legitimate users accessing networked services that would normally be restricted to them?
A. Spoofing
B. Piggybacking
C. Eavesdropping
D. Logon abuse
![Page 98: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/98.jpg)
Question 10
• What refers to legitimate users accessing networked services that would normally be restricted to them?
A. Spoofing
B. Piggybacking
C. Eavesdropping
D. Logon abuse
![Page 99: Telecommunications and Network Security Presentation](https://reader033.fdocuments.us/reader033/viewer/2022050808/55700731d8b42ac0178b461f/html5/thumbnails/99.jpg)
Thank You!