Author: examcert

• Firewalls and Host-Based Intrusion Prevention—Firewalls resist network attacks, serve as the only point between internal and external networks, and enforce access control policies. They protect hosts from exposure, sanitize protocol flow, and block malicious data from servers and clients. Firewalls are ineffective if misconfigured or out of date. They can slow networks and some…

Accounting traces an action back to a person or process. Accounting then collects this information and reports the usage data. The organization can use this data for such purposes as auditing or billing. • Defending Systems and Devices—An organization needs a good administrator to configure operating systems to protect against outside threats. A systematic approach…

Check Your Understanding—Secure WLANs (39.6.15)Refer to the online course to complete this activity. Packet Tracer—Configure Basic Wireless Security (39.6.16)In this activity, you will configure wireless security using WPA2-Personal.Refer to the online course to complete this Packet Tracer. Network Security Summary (39.7) The following is a summary of each topic in the chapter and some questions…

Authentication in the Enterprise (39.6.13)In networks that have stricter security requirements, an additional authentication or login is required to grant wireless clients such access. The Enterprise security mode choice requires an Authentication, Authorization, and Accounting (AAA) RADIUS server. Figure 39-30 Example of Configuring WPA2-Enterprise Authentication In Figure 39-30, the administrator is configuring the wireless router…

802.11 Original Authentication Methods (39.6.9) Although SSID cloaking and MAC address filtering would deter most users, the reality is that neither feature would deter a crafty intruder. SSIDs are easily discovered even if APs do not broadcast them, and MAC addresses can be spoofed. The best way to secure a wireless network is to use…

Man-in-the-Middle Attack (39.6.5) In a man-in-the-middle (MITM) attack, also known as an on-path attack, the hacker is positioned in between two legitimate entities in order to read or modify the data that passes between the two parties. There are many ways in which to create an MITM attack. A popular wireless MITM attack is called…

Wireless Security Overview (39.6.2) A WLAN is open to anyone within range of a wireless access point (AP) and the appropriate credentials to associate to it. With a wireless NIC and knowledge of cracking techniques, an attacker may not have to physically enter the workplace to gain access to its network over a WLAN. Attacks…

Host-Based Firewalls (39.5.6) Host-based personal firewalls are standalone software programs that control traffic entering or leaving a computer. Firewall apps are also available for Android phones and tablets. Host-based firewalls may use a set of predefined policies, or profiles, to control packets entering and leaving a computer. They also may have rules that can be…

Antimalware Programs (39.5.7) Malware includes viruses, worms, Trojan horses, keyloggers, spyware, and adware. These are designed to invade privacy, steal information, damage the computer, or corrupt data. It is important that you protect computers and mobile devices using reputable antimalware software. Table 39-6 summarizes the types of antimalware programs that are available. Table 39-6 Types…

Packet Filtering Firewall Benefits and Limitations (39.5.4) Packet filtering firewalls are usually part of a router firewall, which permits or denies traffic based on Layer 3 and Layer 4 information, as shown in Figure 39-16. They are stateless firewalls that use a simple policy table lookup that filters traffic based on specific criteria, as shown…