ccna 6.0 itn pretest exam

ccna 6.0 itn pretest exam.In a direct attack, the attacker tricks the application to perform tasks that are correspondingly privileged for that application. When an attacker is able to communicate directly with a target application, that application must be properly protected. For example, an attacker might attempt to perform a DoS attack against a specific application. An attacker may also attempt to perform a buffer overflow attack, which is achieved by intentionally crashing a program, thereby launching an attacker's program in the memory space created during the program crash. Another example of a direct attack is where an attacker uses a flaw in an application to bypass its access controls to gain read or write access to sensitive data.In an indirect attack, the attacker first compromises another subsystem and then attacks the application through the compromised subsystem, which is referred to as privilege escalation. In a non-direct attack scenario, the attacker gains access to sensitive data indirectly through a chain of compromise of other system components. For example, an attacker first gains basic user-level access to a system, and that system contains sensitive data. Subsequently, by exploiting a flaw in any local application, the attacker gains system administrator privileges. Using these privileges, the attacker is able to read and write to most objects on the system, enabling sensitive data including the target application.Here are some techniques that can be used to prevent endpoints from being affected by operating system vulnerabilities that can lead to direct and indirect attacks.The concept of least privilege - To better protect the terminal, a process should not be given more privileges than it actually needs to perform its job.Isolation between processes - Isolation between processes can be virtual or physical. For example, memory protection can be done in hardware. Some trusted operating systems provide isolation by using logical execution intervals.Reference monitor One-by-one reference monitor is a concept of access control that refers to a mechanism or process that mediates all accesses to a target. It provides a central point for all policy decisions, usually by performing auditing functions to keep track of accesses.Small, verifiable blocks of code - For all security functions, it is desirable to have small, easily verifiable blocks of code that can be managed and monitored by the reference monitor.6.1.1.5 Cisco Endpoint Security SolutionsCisco provides a variety of components to ensure a robust endpoint security solution. The two main components of this solution are the Cisco Mail and Web Security Appliance (previously known as the CiscoIronPort Appliance) and the CiscoNACo The Cisco Mail and Web Security Appliance protects the enterprise by focusing on mail and Web security to address Internet threats; mail and Web security are also two of the main endpoint security endpoints. The endpoints in this case are protected by devices that work on the network perimeter. NAC uses the network infrastructure to enforce full policy on all devices that attempt to access network computing resources. With NAC, network security experts can first authenticate, authorize, evaluate, and orchestrate wired, wireless, and remote users and theirmachines before allowing access to the network. NAC identifies which connected devices are compliant with network security policies and fixes any vulnerabilities before allowing it access to the network.