Device Vulnerabilities facts
should be changed immediately when hardware or software is turned on
Default account and passwords
how do you find your target
a ping sweep
how do you access the switch
type in its ip address
a term for entering a system through other ways
Backdoor
Can be used to remotely control the device at a later date
Backdoors
what is the main way used to get into the account
brute force the password and username
how can u tell if a switch is secure or not
if it still has the default username and password
A software vulnerability that is unknown to the vendor that can be exploited by attackers.
Zero day vulnerability
are blank, too short, dictionary words, or simple.
Weak passwords
SSH is configured on what Port Number, by default?
SSH is configured on port 22, by default.
what do you do immediately after creating a brand new cisco
change username and password
A software bug or design flaw in an application that allows an attacker to gain access to system resources or additional privileges that aren't typically available.
Privilege escalation
allows a user to take advantage of a software bug or design flaw in an application to gain access to system resources
Privilege escalation
Is it possible to login to SSH server without password? How
Yes! It is possible to login to a remote SSH server without entering password. We need to use ssh-keygen technology to create public and private keys.
what is the final step in securing a switch
save the changes to a start up configuration
A repository of vulnerabilities hosted by MITRE corporation (full name)
Common Vulnerabilities and Exposures