Book Image

Network Protocols for Security Professionals

By : Yoram Orzach, Deepanshu Khanna
5 (1)
Book Image

Network Protocols for Security Professionals

5 (1)
By: Yoram Orzach, Deepanshu Khanna

Overview of this book

With the increased demand for computer systems and the ever-evolving internet, network security now plays an even bigger role in securing IT infrastructures against attacks. Equipped with the knowledge of how to find vulnerabilities and infiltrate organizations through their networks, you’ll be able to think like a hacker and safeguard your organization’s network and networking devices. Network Protocols for Security Professionals will show you how. This comprehensive guide gradually increases in complexity, taking you from the basics to advanced concepts. Starting with the structure of data network protocols, devices, and breaches, you’ll become familiar with attacking tools and scripts that take advantage of these breaches. Once you’ve covered the basics, you’ll learn about attacks that target networks and network devices. Your learning journey will get more exciting as you perform eavesdropping, learn data analysis, and use behavior analysis for network forensics. As you progress, you’ll develop a thorough understanding of network protocols and how to use methods and tools you learned in the previous parts to attack and protect these protocols. By the end of this network security book, you’ll be well versed in network protocol security and security countermeasures to protect network protocols.
Table of Contents (23 chapters)
Part 1: Protecting the Network – Technologies, Protocols, Vulnerabilities, and Tools
Part 2: Network, Network Devices, and Traffic Analysis-Based Attacks
Part 3: Network Protocols – How to Attack and How to Protect


  1. Which SMB version is dangerous and leads to many known attacks?
    1. SMBv2
    2. SMBv1
    3. CIFS
    4. All of these
  2. SMB is used for what?
    1. File sharing
    2. File-share server access
    3. Client–server communication
    4. All of these
  3. An SMB relay is used to compromise what?
    1. Remote machines
    2. User accounts
    3. NTLM/NTLMv2 hashes
    4. None of these
  4. Which of these is a misconfiguration of an SQL server?
    1. xp_cmdshell
    2. Weak credentials
    3. Trustworthy databases
    4. All of these
  5. Which tool is used to run SQL commands?
    1. PowerUp
    2. PowerUpSQL
    3. Command Prompt
    4. NMAP
  6. To audit a SQL server, which command is used?
    1. Invoke-SQLAudit
    2. Nmap -sT -T4 <ip address>
    3. Responder -I eth0
    4. None of these
  7. Responder is used to do what?
    1. Identify vulnerabilities in remote servers
    2. To find open ports
    3. To capture NTLM/NTLMv2 hashes
    4. None of these