Join Lisa Bock for an in-depth discussion in this video Introducing protocol spoofing, part of IT Security Foundations: Network Security.
- Protocol spoofing is when a malicious…party impersonates another entity on the network…with the objective of stealing data,…spreading malware, or circumventing access controls.…An attacker has several tools in his or her arsenal.…Common methods include DNS spoofing,…IP address spoof, email spoof, or ARP spoofing.…Domain name system is a host name…to an IP address resolution.…It is essential to any network.…
A spoof will modify the DNS server cache.…Now, I'm going to show you on your own system,…you have a certain cache.…And, this is so you can access websites quickly.…If you go into the command line…and we type ipconfig /displaydns,…here we can see our own local cache.…Now if we were to modify the server cache…or any cache for that matter,…it would direct us to websites…we probably don't want to go to.…
An IP Address Spoof…An IP address uniquely identifies a host on a network.…Spoofing an IP address will conceal the actual IP.…It doesn't change it because if it did…it wouldn't be able to return data…because it wouldn't know where to go.…
Note: This training maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals exam (98-367). See https://www.microsoft.com/learning/en-us/exam-98-367.aspx for more information.
- Explain how Network Access Protection (NAP) works.
- Recall how server and domain isolation provides extra protection.
- Describe how Network Address Translation (NAT) works.
- Differentiate between DNSSec and DNS.
- Recognize the threat of password attacks.
- Summarize how antivirus software protects your system against malware.
- Cite the three levels for software-restriction policies.