10) Network Security

Question 1

This firewall uses a state table to keep track of the connection state of a data packet and will only allow traffic to pass that is part of a new or already existing conneciton.

Answer 1

Stateful packet inspection

Question 2

Large amounts of data traffic are inspected to detect signature-based or anomaly-based attacks.

Answer 2

Network IDS

Question 3

Breaking up a network into subnets to boost performance and to allow or disallow certain data traffic flows.

Answer 3

Network segmentation

Question 4

Determining whether to allow a data packet to move forward based on source or destination IP address, port number, or protocol.

Answer 4

Packet filtering

Question 5

This device can provide security and performance features and can serve as a choke point.

Answer 5

Proxy server

Question 6

A way to keep our network traffic content from being logged by our ISP is ___.

a) VPN
b) P2P
c) POP
d) Telnet

Answer 6

VPN

Question 7

The toolset a corporation might use to centrally manage phones provided to its employees is ___.

a) Raspberry Pi
b) MDM
c) BYOD
d) Android

Answer 7

b) MDM

Question 8

MDM is a solution that runs an agent on mobile devices to enforce certain configurations. What does MDM stand for?

Answer 8

Mobile Device Management

Question 9

A tool used to test the security firewall.

Answer 9

Hping3

Question 10

A tool used to detect unauthorized wireless access points.

Answer 10

Kismet

Question 11

A versatile tool able to scan ports, search for hosts on the network, and other operations.

Answer 11

Nmap

Question 12

This command-line packet sniffing tool runs on Linux and UNIX operating systems

Answer 12

Tcpdump

Question 13

A graphical interface protocol analyzer capable of filtering, sorting, and analyzing both wired and wireless network traffic.

Answer 13

Wireshark

Question 14

This method of security involves a well-configured and patched network, and incorporating elements such as network segmentation, choke points, and redundancy.

Answer 14

Security in network design

Question 15

The act of dividing a network into multiple smaller networks, each acting as its own small network (subnet)

Answer 15

Network segmentation

Question 16

Certain points in the network, such as routers, firewall, or proxies, where we can inspect, filter, and control network traffic.

Answer 16

Choke points

Question 17

A method of security that involves designing a network to always have another route if something fails or loses connection.

Answer 17

Redundancy

Question 18

A mechanism for maintaining control over the traffic that flows into and out of our networks.

Answer 18

Firewall

Question 19

A firewall technology that inspects the contents of each packet in network traffic individually and makes a gross determination of whether the traffic should be allowed to pass.

Answer 19

Packet filtering

Question 20

A firewall technology that functions on the same general principle as packet filtering firewalls, but is able to keep track of the traffic at a granular level. Has the ability to watch the traffic over a given connection.

Answer 20

Stateful packet inspection

Question 21

A firewall technology that can analyze the actual content of the traffic that is flowing through.

Answer 21

Deep packet inspection

Question 22

A specialized type of firewall that can serve as a choke point, log traffic for later inspection, and provide a layer of security for the devices behind it.

Answer 22

Proxy server

Question 23

A combination of a network design feature and a protective device such as a firewall; often used for systems that need to be exposed to external networks but are connected to our network.

Answer 23

DMZ

Question 24

DMZ is a combination of a network design feature and a protective device such as a firewall; often used for systems that need to be exposed to external networks but are connected to our network. What does DMZ stand for?

Answer 24

Demilitarized Zone

Question 25

A system that monitors the network to which it is connected for unauthorized activity.

Answer 25

NIDS

Question 26

An NIDS is a system that monitors the network to which it is connected for unauthorized activity. What does NIDS stand for?

Answer 26

Network intrusion detection system

Question 27

An intrusion detection system that maintains a database of signatures that might signal a particular type of attack and compares incoming traffic to those signatures.

Answer 27

Signature-based IDS

Question 28

An intrusion detection system that takes a baseline of normal traffic and activity and measures current traffic against this baseline to detect unusual events.

Answer 28

Anomaly-based IDS

Question 29

A phrase that refers to an organization’s strategy and policies regarding the use of personal vs. corporate devices.

Answer 29

BYOD

Question 30

BYOD is a phrase that refers to an organization’s strategy and policies regarding the use of personal vs. corporate devices. What does BYOD stand for?

Answer 30

Bring your own device

Question 31

A solution that manages security elements for mobile devices in the workplace.

Answer 31

MDM

Question 32

MDM is a solution that manages security elements for mobile devices in the workplace. What does MDM stand for?

Answer 32

Mobile device management

Question 33

A well-known Linux tool used to detect wireless access points.

Answer 33

Kismet

Question 34

A Windows tool used to detect wireless access points.

Answer 34

NetStumbler

Question 35

A well-known port scanner that can also search for hosts on a network, identify the operating systems those hosts are running, and detect the versions of the services running on any open ports.

Answer 35

Nmap

Question 36

Also known as a network or protocol analyzer, this type of tool can intercept traffic on a network.

Answer 36

Packet sniffer

Question 37

A fully featured sniffer that is also a great tool for troubleshooting traffic; this well-known tool is used by many network operations and security teams.

Answer 37

Wireshark

Question 38

A type of tool that deliberately displays vulnerabilities or attractive data so it can detect, monitor, and sometimes tamper with the activities of an attacker.

Answer 38

Honeypot

Question 39

A tool that can map the network topology and help locate firewall vulnerabilities.

Answer 39

Hping3

Question 40

A firewall that can watch packets and monitor the traffic from a given connection is using what kind of firewall technology?

Answer 40

Stateful packet inspection

Question 41

A specialized type of firewall that provides security and performance features, functions as a choke point, allows for logging traffic for later inspection, and serves as a single source of requests for the devices behind it.

Answer 41

Proxy server

Question 42

A popular, fully-featured sniffer capable of intercepting traffic from a wide variety of wired and wireless sources.

Answer 42

Wireshark

Question 43

A sniffer that specialized in detecting wireless devices.

Answer 43

Kismet

Question 44

A tool that deliberately displays vulnerabilities in an attempt to bait attackers.

Answer 44

A honeypot