SAN QUESTIONS
Port zoning utilizes physical ports to define security zones. A users access to data is determined by what physical port he or she is connected to. With port zoning, zone information must be updated every time a user changes switch ports. In addition, port zoning does not allow zones to overlap. Port zoning is normally implemented using hard zoning, but could also be implemented using soft zoning.
Snooping: Mallory reads data Alice sent to Bob in private Allows access to data
2|Page
SAN QUESTIONS
Spoofing: Mallory fools Alice into thinking that he is Bob Allows access to or destruction of data Denial of Service: Mallory crashes or floods Bob or Alice Reduces availability
3|Page
SAN QUESTIONS
Fibre Channel network.
What is DH-CHAP?
DH-CHAP (Diffie Hellman - Challenge Handshake Authentication Protocol) is a forthcoming Internet Standard for the authentication of devices connecting to a Fibre Channel switch.
4|Page
SAN QUESTIONS
DH-CHAP is a secure key-exchange authentication protocol that supports both switch-to-switch and host-to-switch authentication. DH-CHAP supports MD-5 and SHA-1 algorithm-based authentication.
5|Page