Common risks, threats, and vulnerabilities Essay

1. What are some common hazards. menaces. and exposures normally set in the LAN-to-WAN Domain that must be mitigated through a superimposed warrantor strategy? A superimposed hostage fascinate will embrace Rouge protocols such(prenominal) as Bit archeological site and P2P. Unauthorized wind vane s give the bouncening and examining. and unauthorised entree to the web. 2. What is an Access restrict List ( ACL ) and how is it utile in a superimposed security shunning? An ACL is a Control list which will let or decline trade or devices based on specifications defined in the ACL. This ACL by and large is applied and tack together on Firewalls. It is utile in a superimposed security attack because from an External point of view it bring about the first line of defence when hosts attempt to link to the web.3. What is a bastion Host? Provide an illustration of when a Bastion Host should be used and how. A Bastion Host is a host that is minimally set up package firewall incorpo rating however necessary software/services. These are anyway referred to as bare metal or lite and is managed to be too secure through a minimalist attack. All traffic approach shot is directed to the Bastion or screened host . Outbound traffic is non send through it. The most common menace to the Bastion Host is to the operating(a) system that is non hardened with extra security applications.4. Supply at least two illustrations of how the enclave demand to put a firewall at the margin can be accomplished. a. Puting a firewall between two routers and another firewall before a DMZ would be the best demand pick to utilize 5. What is the variety between a traditional IP Stateful Firewall and a Deep bundle Inspection Firewall? a. IP Stateful firewall review takes topographic point in retreat 4. when traffic efforts to track the firewall a requested a beginning porthole and a finish port brace become portion of the school term leting the beginning to have information. Stateful r eview firewalls solve the exposure of allowing all the uplifted numbered ports by making a tabular array incorporating the outbound connexions and their associated lavishly numbered port ( s ) . b. Firewalls utilizing deep package review provides sweetenings to Stateful firewalls Stateful firewall is still open to assail even if the firewall is deployed and working as it should be. By adding application-oriented logic into the hardware. basically uniting IDS into the firewall traffic. Deep Packet Inspection uses an Attack Object Database to stack away away protocol anomalousnesss and onslaught traffic by grouping them by protocol and security degree.6. How would you supervise for unauthorised direction entree efforts to polished systems? Acls and audit logs can be leveraged to corroborate which station is move to do the unauthorised connexion. 7. Describe Group ID ( Vulid ) V-3057 in the Network IDS/IPS capital punishment Guide provided by DISA? A direction waiter is a cen tralize device that receives information from the detectors or agents 8. What is the significance of VLAN 1 traffic at bottom a Cisco Catalyst LAN Switch? Describe the exposures associated if it traverses crosswise unneeded bole. VLAN1 traffic will incorporate the STP or point of intersection tree traffic. CDP traffic. and Dynamic trunking traffic to call a few. If unneeded traffic traverses the bole it could do the switch instability doing it to travel down or go inoperable.9. At what logging degree should the syslog service be configured on a Cisco Router. Switch. or Firewall device? Syslogs traps should be configured at degrees 0-6. Loging Level 2 10. Describe how you would implement a superimposed. security scheme within the LAN-to-WAN Domain to back up authorised contrary user entree while denying entree to unauthorised users at the net profit ingress/egress point. To implement a superimposed security scheme for distant user entree. we would get down with an application bas ed login. such as a VPN -SSL hallmark so pair it with LDAP on a radius or Tacacs+ service. LDAP is bound to Active directory which will leverage division based entree controls to look into group permissions.11. As defined in the Network Infrastructure Technology Overview. Version 8. Let go of 3. drag the 3 beds that can be found in the DISA Enclave Perimeter layer security solution for cyberspace ingress/egress connexions ( i. e. . DMZ or component part Flow ) . 3 types of beds found in the Enclave Perimeter grammatical constituent Flow include the Network layer security. Application layer security and security of the existent applications themselves. 12. Which device in the Enclave Protection Mechanism Component Flow helps extenuate hazard from users go againsting acceptable usage and cast-off(prenominal) web sites and URL links? The Web Content Filter13. original or False. The Enclave Protection Mechanism includes both an upcountry IDS and impertinent IDS when linking a closed web substructure to the public Internet. True. it is required to hold external IDS every bit good as internal IDS. Requirements include attribute a firewall and IDS in between thecyberspace confronting router and the internal. premise . and router. 14. True or False. Procuring the enclave merely requires perimeter security and firewalls. False. procuring the enclave includes a superimposed firewall attack both on the interior and outside of the web. Sensitive informations can be secured from other sections of the internal web ( internal ) every bit good as Internet links ( external ) . 15. What is the primary aim of this STIG as is relates to web substructures for DoD webs? STIG. or Security Technical Implementation Guide. is an intended demonstrate to diminish exposures and potency of losing sensitive informations. The usher focuses on web security. bragging(a) security considerations for the enforced web. The STIG besides covers the degree of hazards and the associated a cceptable degrees to said hazards.