Professional Documents
Culture Documents
Networks and System Administration Notes Tutorial All Chapters
Networks and System Administration Notes Tutorial All Chapters
Networks and System Administration Notes Tutorial All Chapters
• Some DHCP servers will also provide the network device with
further configuration information such as the address of a DNS
(Domain Name Server).
1
• Services
• Protocols
• Accounts
• Shares
2
Ports
Services that run on the server listen to specific ports so that they
can respond to incoming requests. Audit the ports on your server
regularly to ensure that an insecure or unnecessary service is not
active on your Web server. If you detect an active port that was
not opened by an administrator, this is a sure sign of
unauthorized access and a security compromise.
• Registry
• Script Mappings
• ISAPI Filters
3
server.
• IIS Metabase
• Machine.config
4
• Watch for new issues that emerge
5
Define security management?
• Security Management - a process designed to safeguard the
integrity, availability, and confidentiality of designated data and
programs against unauthorized access, modification, or
destruction.
7
Compare and contrast between SMTP, POP3 and
IMAP. SMTP:
8
allows a server to break up different parts of a message
into categories the other server can understand.
• The other server will authorize the operation, and the message
will be sent. If the recipient address is wrong, or if there is some
other problem, the receiving server may reply with an error
message of some kind.
POP3:
9
And, much as the post office does not make copies of the mail
it receives, in previous versions of POP3, when an individual
downloaded email from the server into their email program,
there were no more copies of the email on the server; POP
automatically deleted them.
• POP3 makes it easy for anyone to check their email from any
computer in the world, provided they have configured their
email program properly to work with the protocol.
IMAP:
10
of your new messages from it. Once they are downloaded, they
disappear from the server.
• POP works fine for those who generally only check their email
messages from a single device; those who travel or need to
access their email from various devices are much better off
with IMAP-based email service.
List and briefly explain FIVE different strategies of QoS principles to
improve a network design.
• Always perform QoS in hardware rather than software when a
choice exists. Cisco IOS routers perform QoS in software. This
places additional demands on the CPU, depending on the
complexity and functionality of the policy. Cisco Catalyst
switches, on the other hand, perform QoS in dedicated hardware
Application-Specific Integrated Circuits (ASICs) and as such do
not tax their main CPUs to administer QoS policies
• Police unwanted traffic flows as close to their sources as
possible. There is little sense in forwarding unwanted traffic
only to police and drop it at a subsequent node. This is
especially the case when the unwanted traffic is the result of
Denial of Service (DoS) or worm attacks. Such attacks can
cause network outages by overwhelming network device
processors with traffic.
11
Service (CoS) of Differentiated Services Code Point (DSCP)
markings correctly, but this is not always recommended as
users could easily abuse provisioned QoS policies if permitted
to mark their own traffic.
• Post Office server makes it easy for anyone to check their email
12
from any computer in the world, provided they have configured
their email program properly to work with the protocol.
13
updates, is withheld until the device is connected over a Wi-Fi or faster
connection, or after working hours. This allows administrators to most
appropriately balance the need for security against the goal of keeping
workers productive.
Paul had the desire to get into someone’s hotmail account that he knew
but had little technical knowledge. He only needed to get in there once
or twice and didn’t really care too much about them knowing that their
email had been broken into. He knew a little information already on that
person but nothing more than a name and an email address. Based on the
information that Paul has how he will manage to get into the target’s
email account?
Suggested Answer:
The first thing Paul did was go to the local college that provided free
internet access to anyone who could walk up to a console and hit enter
as to remain somewhat anonymous. Next he went to Hotmail and
clicked on “forgot your password?” (As a lot of times people will have
security questions that really do not serve them well.) and it asked for
some verification like city/town, zip code which he had already and if
not, it could have probably been easily Googled. After that step it asked
the security question “What is your pet’s name?” Oh simple. He went on
Google, pulled up the person’s phone number, went to a quiet payphone
and dialed them up. When they answered Paul said “Hi, I am a local
biology student doing a term paper on household pets and I just have a
couple questions. I am on the last part of the paper and I only have a few
more pieces of data to gather before I am finished. Can you help me?” A
couple of seconds of silence passed and she said “Sure, fire away” The
first question was how many pets do you own and what kind of pets are
they? She answered 3 dogs 2 cats immediately. Next Paul asked “What
are their names?” a few seconds passed and he continued with “My
14
paper has a chapter on the most popular animal names in it.” She
answered promptly and he asked the final question “and what are their
ages?” to reduce the likeliness of her remembering the question that he
asked that he was interested. After she answered that question, Paul
thanked her for her time and she shockingly said “Oh that was easy” as
if she was prepared to give out more information. Paul wasn’t
completely stupid and waited a couple of days to pass before attempting
the names then anxiously came home from work one day and attempted
the names. The first 2 didn’t work and as he was thinking oh crap, time
to come up with a Plan B, he typed in the 3rd name and success he was
at the reset password screen which also gave him a temporary password
to login.
Note: The candidate should provide the steps in logical manner by
applying the tool to conduct social engineering methods to obtain the
access to the hotmail account of the target.
Where and how does Social Engineering can be used ethically?
Social engineering will be ethically used:
15
Poor Security Awareness
Users do not understand the lengths that people will go to to obtain the
information that they have access to on a daily basis. Many people do
not understand that throwing something in the garbage does not mean
that the information is destroyed. What is garbage to a user might be
extremely valuable to a hacker, and most people do not understand this
concept.
Human Weaknesses
People will give out information for many reasons. In most cases,
people just want to be helpful, because that is their job and/or nature.
People can also be intimidated to release information, either by being
16
made to believe that a superior wants the information or by just trying to
make an annoying person go away. Corporate spies and many hackers
understand that what is considered to be a positive personal attribute can
easily be exploited and used against the individual.
17
reduce risk in managing a network?
• Understand current legal environment
• Stay current with laws and regulations
• Watch for new issues that emerge
Vendor Agreements.
As the contingency plan is being developed, SLAs with hardware,
software, and support vendors may be made for emergency
maintenance service. The SLA should specify how quickly the vendor
must respond after being notified. The agreement should also give the
organization priority status for the shipment of replacement equipment
over equipment being purchased for normal operations. SLAs should
further discuss what priority status the organization will receive in the
event of a catastrophic disaster involving multiple vendor clients. In
such cases, organizations with health- and safety-dependent processes
will often receive the highest priority for shipment. The details of these
negotiations should be documented in the SLA, which should be
maintained with the contingency plan.
Equipment Inventory.
Required equipment may be purchased in advance and stored at a
secure offsite location, such as an alternate site where recovery
operations will take place (warm or mobile site) or at another location
where they will be stored and then shipped to the alternate site. This
solution has certain drawbacks. An organization must commit financial
resources to purchase this equipment in advance, and the equipment
could become obsolete or unsuitable for use over time because system
technologies and requirements change.
18
Every recovery personnel should go for official training program to
establish the familiarization with the contingency plan. List FIVE
different purpose of the training.
• POP works fine for those who generally only check their email
messages from a single device; those who travel or need to
access their email from various devices are much better off with
IMAP-based email service.
Describe the features of SNMPv2 and discuss the limitation of SNMPv2
that leads to the development of SNMPv3.
Features of SNMPv2:
20
• The development of SNMPv3 was based on the security issues.
SNMPv3 defines two security-related capabilities.
• The User-Based Security Model (USM) and the View-Based
Security Model (VACM).
Limitation of SNMPv2:
Lacked the following features, which are all focused on the security
aspects. They are:
• Authentication
• Privacy
• Authorization and Access Control
• Suitable remote configuration and administration capabilities for
these features.
21