CYSE 101 FINAL REVIEW(2023 updated)fully solved

CYSE 101 FINAL REVIEW(2023 updated)fully solvedWhat Kismet used for? Finding wireless access points even when attempts have made it difficult to do so. What is the concept of network segmentation and why do it? Divide networks into subnets. Do this for controlling network traffic. Boost Performance. Troubleshooting network issues. Why is a BYOD policy bad for an enterprise network? Potential for malware to be brought into the network from outside sources is high. Rogue access points. Three main protocols of wire encryption? WEP, WPA, WPA2 What application might we use to scan for devices on a network, fingerprint operating systems, and detecting versions of services on open ports? Nmap Why use a honeypot? Giving attackers a vulnerable target to direct attacks at instead of the client network, analyze malware in the wild to better protect our client network. Different between signature and anomaly IDSes? Signature based IDSes used a database of signatures generated from already encountered malware. Anomaly base IDSes track abnormal network traffic to detect attacks. (better at detecting newer attacks) What technology may use to send sensitive data over an untrusted network? VPN Difference between a stateful firewall and a deep packet inspection firewall? Stateful firewalls can only look at the structure of the packet. Deep packet inspection firewalls can reassemble the contents of the packet to see where and what will be delivered. What would use a DMZ to protect? Protect mail servers, segmenting the mail server and only letting certain traffic to reach the server. What is an exploit framework? Category of tools used to find exploits. What is the difference between a port scanner and a vulnerability assessment tool? Port scanners show us how hosts interact. Vulnerability assessment tools show us which areas we are open to attack. What is the concept of an attack surface? If we leave a path for an attack open in our operating system, the attack surface is all the vulnerabilities that can take advantage of this opening. What might we want a software firewall is one already exists on the network? To add another layer of defense. It could also be installed on a clients machine to monitor traffic from each client and can be configured to allow only the traffic the client needs to get there job done. What is operating system hardening? Decreasing the attack surface or overall avenues that attackers can use to gain entry to the system. What is the XD bit and why is it used? Used by intel chipsets to support executable space protection. Used to prevent buffer overflow attacks. What does executable space protection do for us? Protects the memory in the OS from being used to execute code. Protects against buffer overflows. How does the principle of least privilege apply to operating system hardening. Allowing only the rights t