System and Network Administration

Outgoing traffic with IP source addresses external to the network.

ACL management

c. Check with the helpdesk, and report the network

facility specifies the channel and level specifies the amount of detail

netstat

/var/log/
-The (security) policy defines what info is to be protected and from whom
-The (acceptable use policy) applies to people and interfaces
-The (service-level agreement) applies primarily to availability
-Implementing the (acceptable use policy) is essentially a management issue
-Implementing the (security policy) is essentially a technical issue
-Implementing the (service-level agreement ) is equally a management and technical issue

brute-force is a method for guessing passwords. Strong passwords are hard to guess, and changing
passwords locks out someone who guessed, increasing security.

social engineering attacks involve getting information from people. [1] strong passwords are hard to
remember so users tend to write them down or change in a predictable pattern.

iptables
TCPwrap and Xinetd
TCPwrap & xinetd
Xinetd
NONE
TCPwrap only
Encapsulates data packets : BOTH
Encrypts packet: BOTH
extra layer of authentication : NEITHER
pre-service for port forward : Stunnel
Secure l2 or l3 : OPENVPN

Ethernet : Layer 2
UDP : layer 4
TCP : layer 4

DHCP : no
SNMP : yes
LDAP : yes
ARP : no
ICMP : no
HTTP : yes

Essentially, encapsulation means a packet in a given layer adds its own (header ) and carries the
complete peckets from the layer( above ) as the ( header )
sends an alert :IDS
pre-packet network and transport layer header ingo :Packet filter
Intercepts traffic bt source and destination : Packet Sniffer

A buffer zone between protected and untrusted networks

/etc/passwd
read by anyone (644)
user's GID, shell

/etc/shadow
only by privileged users (600)
the encrypted password for the account and password expiration date

d: To determine if and when someone is authenticating successfully with high privilege

data-in-transit- data sending across network
data in use: data in memory or being used by the CPU
data at rest : data on a storage
plaintext: data before any type of cryptography
ciphertext : data after some cryptography
confusion : encrypted data look much dif then the data we started
diffusion : changing data makes the encrypted data look much dif

Disable all unnecessary port and service

Information entered into the site is encrypted

mac - layer 2 , IP - layer 3

1. dns query returns IP for the fqdn

2. arp query returns the mac for the IP

(need more alaboration)

Blocking access to critical systems or service due to false triggers

the cert is self-signed

[need more elaboration] > create new file [1]

< use right as stdin of left [1]
new file with sorted lines from original file [2]

True