Page 20 - Security+ (635 notes by Nikkhah)
P. 20
Switches
300- Switches connect network segments and work at Layer 2 of the OSI model.
301- Switches use MAC addresses to forward network traffic.
302- Switches offer better security than routers.
303- Switches are prone to ARP spoofing, DoS, and MITM attacks.
304- Hackers can use MAC flooding to exploit a poorly configured switch.
Securing workstations
305- Users should not create weak passwords.
306- Passwords should be changed at regular intervals.
307- Virus scanners with the latest virus signatures should be used on all workstations.
308- Web browsers should be properly configured to avoid downloading or running active
content from different web sites.
309- Users should be instructed to lock their workstations when they are away.
Securing servers
310- Servers should be kept in locked rooms with limited physical access.
311- Auditing and logging of user and administrator activities should be done.
312- Users should be granted only need-based (or role-based) access to servers.
313- Files and folders should be protected using ACLs.
314- NetworkOperating Systems (NOSs) installed on servers should be kept up to date.
315- Servers accessible from outside, such as web servers, mail servers, remote access
servers, and VPN servers, should be placed in demilitarized zones.
316- All communications between servers and workstations should be encrypted.
UTP/STP cables
317- The twists in cables prevent electromagnetic interference, which results in crosstalk.
318- These cables are twisted pairs of insulated cables bundled inside a plastic sheath.
319- Their category number usually identifies them.
320- UTP/STP cables use RJ-11 (for telephone) and RJ-45 (for computers) connectors.
321- UTP cable is vulnerable to EMI, RFI, and eavesdropping.
322- STP cable provides protection from EMI and RFI.
www.hrnikkhah.com by : Hamid Reza Nikkhah Page 18
