ch. fifthteen
network security
Summary
■ Authentication is the procedure of verifying a user’s identity.
■ Social engineering is an activity that uses personal skills rather than
technical knowledge to gain access to a network or secure area.
■ Spoofing is fooling the destination by using an IP address other than the true
IP address of a source to gain access to a system.
■ A Trojan horse often contains a program that can reveal user names and
passwords.
■ The most common way worms and other undesirable content are spread is
through e-mail attachments.
■ A macro virus is written using readily available macro writers that come as
part of a word processing program.
■ Encryption is a method of using an algorithm to encode data.
■ A key is a software code used to encode or decode data.
■ Public Key Infrastructure (PKI) is a security method that uses encryption
keys and certificates to encrypt and authenticate users.
■ There are two main types of key encryption methods: symmetric-key
encryption and asymmetric-key encryption.
■ A symmetric key is a key classification that uses the same key to encrypt and
decrypt data.
■ An asymmetric key is a key classification that uses two different keys to
encrypt and decrypt data.
■ Digital certificates are issued by Certificate Authorities and are used to verify
identities.
■ Digital certificate keys are typically asymmetric.
■ The Secure Socket Layer (SSL) protocol was developed by Netscape to secure
transactions between Web servers and individuals using the Internet for
such purposes as credit card transactions.
■ Transport Layer Security (TLS) was developed after SSL by the Internet
Engineering Task Force (IETF). It serves the same purpose as SSL but is more
secure.
■ IPSec is a protocol designed to secure IP packets on an unsecured network
medium.
■ The original solution to wireless device security includes a Service Set
Identifier (SSID), Media Access Control (MAC) filtering, and Wired
Equivalent Privacy (WEP).
■ IEEE 802.11i is a standard that was developed to remedy the original security
flaws in 802.11.
■ 802.1x provides port-based, network access control, which supports
authentication for Ethernet network access.
■ 802.1x is composed of three components: supplicant, authenticator, and
authentication server.
■ AAA represents Authentication, Authorization, and Accounting.
■ TACTACS+, RADIUS, and Diameter are all models of AAA.
■ Password Authentication Protocol (PAP) was an early development of
user name and password authentication that transmits the user name and
password as clear text.
■ The Challenge Handshake Authentication Protocol (CHAP) encrypts the
user name and password.
■ Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is a
Microsoft version of CHAP that can only be used with Microsoft operating
systems.
■ Kerberos was designed at the Massachusetts Institute of Technology (MIT)
and is used to authenticate the client and the server.
■ The Kerberos system uses two different keys similar to a public and private
key for security.
■ After installing a network operating system, you should immediately apply
any available software patches to the system.
■ The system administrator default user name should be changed to lessen the
chance of the system being cracked.
■ A strong password is composed of letters, numbers, and special symbols.
■ Network operating systems typically incorporate password policy features
such as password history, minimum length, age, and complexity.
■ A firewall monitors data packets as they enter or exit the network system and
either blocks or passes them.
■ A proxy server is a special firewall designed to hide clients inside the
network from unauthorized personnel outside the network.
■ Biometrics is the use of physical characteristics for the basis of user
authentication.
■ A smart card integrates electronics into a card for authentication.
■ A protocol analyzer is a tool that inspects protocol activity and contents.
■ A packet sniffer is a type of network monitoring utility that inspects data
packets.
Review Questions
Answer the following questions on a separate sheet of paper. Please do not write in this book.
1. What is using a false IP address or identity called?
2. What method is used to counter a Smurf attack on a network?
3. What is the purpose behind using a Trojan horse?
4. Where are macro writers commonly found?
5. Through what method are worms typically spread?
6. What is the difference between symmetrical key encryption and
asymmetrical key encryption?
7. Another name for symmetric key encryption is _____.
8. What does the acronym PKI represent?
9. What is the purpose of a Certificate Authority (CA)?
10. Who developed SSL?
11. What is the purpose of SSL?
12. Which two protocols are specifically designed to make Web site transactions
safe?
13. What is IPSec?
14. What is the difference between IPSec tunnel mode and transport mode?
15. What two protocols are common to IPSec?
16. What are the three original wireless device security mechanisms?
17. What encryption mechanism was developed as a replacement for WEP?
18. What is 802.11i?
19. What is 802.1x?
20. What are the three components of an 802.1x configuration?
21. Identify three security technologies that meet the AAA requirements?
22. Which protocol could be considered as the next generation RADIUS?
23. Why is PAP considered an unsecured system of authorization?
24. What does the acronym CHAP represent?
25. Why is CHAP considered an improvement over PAP?
26. What operating system is MS-CHAP designed exclusively for?
27. Of the three different protocols, PAP, CHAP, and MS-CHAP, which encrypts
the contents of the packet?
28. What is Kerberos?
29. The initial network operating system should not be considered complete
until the latest software _____ is installed.
30. Describe the characteristics of a poor password.
31. Describe the characteristics of a good password.
32. How is a firewall used to secure network access?
33. What factors are used by firewalls to filter inbound and outbound network
traffic?
34. What is the difference between stateful and stateless firewall inspection?
35. How is a proxy server used to secure network access?
36. What is biometrics?
37. What technology uses a plastic card with embedded electronics for
identification?
38. What TCP utility displays open ports?
39. What is a protocol analyzer used for?
40. What is a packet sniffer?
■ Authentication is the procedure of verifying a user’s identity.
■ Social engineering is an activity that uses personal skills rather than
technical knowledge to gain access to a network or secure area.
■ Spoofing is fooling the destination by using an IP address other than the true
IP address of a source to gain access to a system.
■ A Trojan horse often contains a program that can reveal user names and
passwords.
■ The most common way worms and other undesirable content are spread is
through e-mail attachments.
■ A macro virus is written using readily available macro writers that come as
part of a word processing program.
■ Encryption is a method of using an algorithm to encode data.
■ A key is a software code used to encode or decode data.
■ Public Key Infrastructure (PKI) is a security method that uses encryption
keys and certificates to encrypt and authenticate users.
■ There are two main types of key encryption methods: symmetric-key
encryption and asymmetric-key encryption.
■ A symmetric key is a key classification that uses the same key to encrypt and
decrypt data.
■ An asymmetric key is a key classification that uses two different keys to
encrypt and decrypt data.
■ Digital certificates are issued by Certificate Authorities and are used to verify
identities.
■ Digital certificate keys are typically asymmetric.
■ The Secure Socket Layer (SSL) protocol was developed by Netscape to secure
transactions between Web servers and individuals using the Internet for
such purposes as credit card transactions.
■ Transport Layer Security (TLS) was developed after SSL by the Internet
Engineering Task Force (IETF). It serves the same purpose as SSL but is more
secure.
■ IPSec is a protocol designed to secure IP packets on an unsecured network
medium.
■ The original solution to wireless device security includes a Service Set
Identifier (SSID), Media Access Control (MAC) filtering, and Wired
Equivalent Privacy (WEP).
■ IEEE 802.11i is a standard that was developed to remedy the original security
flaws in 802.11.
■ 802.1x provides port-based, network access control, which supports
authentication for Ethernet network access.
■ 802.1x is composed of three components: supplicant, authenticator, and
authentication server.
■ AAA represents Authentication, Authorization, and Accounting.
■ TACTACS+, RADIUS, and Diameter are all models of AAA.
■ Password Authentication Protocol (PAP) was an early development of
user name and password authentication that transmits the user name and
password as clear text.
■ The Challenge Handshake Authentication Protocol (CHAP) encrypts the
user name and password.
■ Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is a
Microsoft version of CHAP that can only be used with Microsoft operating
systems.
■ Kerberos was designed at the Massachusetts Institute of Technology (MIT)
and is used to authenticate the client and the server.
■ The Kerberos system uses two different keys similar to a public and private
key for security.
■ After installing a network operating system, you should immediately apply
any available software patches to the system.
■ The system administrator default user name should be changed to lessen the
chance of the system being cracked.
■ A strong password is composed of letters, numbers, and special symbols.
■ Network operating systems typically incorporate password policy features
such as password history, minimum length, age, and complexity.
■ A firewall monitors data packets as they enter or exit the network system and
either blocks or passes them.
■ A proxy server is a special firewall designed to hide clients inside the
network from unauthorized personnel outside the network.
■ Biometrics is the use of physical characteristics for the basis of user
authentication.
■ A smart card integrates electronics into a card for authentication.
■ A protocol analyzer is a tool that inspects protocol activity and contents.
■ A packet sniffer is a type of network monitoring utility that inspects data
packets.
Review Questions
Answer the following questions on a separate sheet of paper. Please do not write in this book.
1. What is using a false IP address or identity called?
2. What method is used to counter a Smurf attack on a network?
3. What is the purpose behind using a Trojan horse?
4. Where are macro writers commonly found?
5. Through what method are worms typically spread?
6. What is the difference between symmetrical key encryption and
asymmetrical key encryption?
7. Another name for symmetric key encryption is _____.
8. What does the acronym PKI represent?
9. What is the purpose of a Certificate Authority (CA)?
10. Who developed SSL?
11. What is the purpose of SSL?
12. Which two protocols are specifically designed to make Web site transactions
safe?
13. What is IPSec?
14. What is the difference between IPSec tunnel mode and transport mode?
15. What two protocols are common to IPSec?
16. What are the three original wireless device security mechanisms?
17. What encryption mechanism was developed as a replacement for WEP?
18. What is 802.11i?
19. What is 802.1x?
20. What are the three components of an 802.1x configuration?
21. Identify three security technologies that meet the AAA requirements?
22. Which protocol could be considered as the next generation RADIUS?
23. Why is PAP considered an unsecured system of authorization?
24. What does the acronym CHAP represent?
25. Why is CHAP considered an improvement over PAP?
26. What operating system is MS-CHAP designed exclusively for?
27. Of the three different protocols, PAP, CHAP, and MS-CHAP, which encrypts
the contents of the packet?
28. What is Kerberos?
29. The initial network operating system should not be considered complete
until the latest software _____ is installed.
30. Describe the characteristics of a poor password.
31. Describe the characteristics of a good password.
32. How is a firewall used to secure network access?
33. What factors are used by firewalls to filter inbound and outbound network
traffic?
34. What is the difference between stateful and stateless firewall inspection?
35. How is a proxy server used to secure network access?
36. What is biometrics?
37. What technology uses a plastic card with embedded electronics for
identification?
38. What TCP utility displays open ports?
39. What is a protocol analyzer used for?
40. What is a packet sniffer?