The Importance of Patch Updates and Service Disabling
Question
A network technician notices a router that repeatedly reboots.
When contacting technical support, the technician discovers this is a known problem in which an attacker can craft packets and send them to the router through an obsolete protocol port, causing the router to reboot.
Which of the following did the network technician fail to do? (Choose two.)
A.
Generate new crypto keys. B.
Keep patches updated. C.
Disable unnecessary services. D.
Shut down unused interfaces. E.
Avoid using common passwords. F.
Implement file hashing.
BC.
Explanations
A network technician notices a router that repeatedly reboots.
When contacting technical support, the technician discovers this is a known problem in which an attacker can craft packets and send them to the router through an obsolete protocol port, causing the router to reboot.
Which of the following did the network technician fail to do? (Choose two.)
A.
Generate new crypto keys.
B.
Keep patches updated.
C.
Disable unnecessary services.
D.
Shut down unused interfaces.
E.
Avoid using common passwords.
F.
Implement file hashing.
BC.
The two options that the network technician failed to do are B) Keep patches updated and C) Disable unnecessary services.
B) Keep patches updated: Keeping patches updated is a crucial step in network security because it ensures that known vulnerabilities are addressed and resolved. In this case, the router was vulnerable to an attack through an obsolete protocol port, which could have been mitigated if the router's firmware had been updated with the latest security patches. By failing to keep patches updated, the network technician left the router vulnerable to the known attack.
C) Disable unnecessary services: Disabling unnecessary services is another critical step in network security. Unused services may contain vulnerabilities that could be exploited by attackers, as was the case with the obsolete protocol port in this scenario. By disabling unnecessary services, the network technician could have reduced the attack surface of the router, making it less vulnerable to attacks.
A) Generate new crypto keys: Generating new crypto keys is a good security practice, but it may not have prevented the specific attack described in this scenario. Crypto keys are used to encrypt and decrypt network traffic, and generating new keys can help prevent unauthorized access to sensitive data. However, generating new crypto keys would not have addressed the vulnerability in the router's firmware that allowed the attacker to reboot the device.
D) Shut down unused interfaces: Shutting down unused interfaces can help reduce the attack surface of a network, but it may not have prevented the specific attack described in this scenario. The attacker was able to send packets through a specific port, which was not necessarily an unused interface.
E) Avoid using common passwords: Avoiding common passwords is also a good security practice, but it may not have prevented the specific attack described in this scenario. The attacker was able to exploit a vulnerability in the router's firmware, which was unrelated to the router's password.
F) Implement file hashing: File hashing is a technique used to verify the integrity of files by generating a unique digital fingerprint of the file. While file hashing can help ensure that files have not been tampered with, it would not have prevented the specific attack described in this scenario. The attacker was not targeting any specific files on the router.
