11.1 Introduction to Firewalls and Network Security Flashcards
Security professionals use the concept of _____ to implement security controls.
Security professionals use the concept of defense in depth to implement security controls.
What are the seven basic layers of layered defense?
- Data - Attacker’s ultimate target.
- Application - Software used to defend networks.
- Host - Physical hardware running applications and storing data.
- Internal Network - everything between the host and the perimeter defenses.
- Perimeter - Hardware; everything external to the network.
- Physical - Physical barriers
- Policies, Procedures, Awareness - Written documentation
The _______ is an intelligence-driven defense framework designed to identify and prevent cyber intrusions.
The cyber kill chain is an intelligence-driven defense framework designed to identify and prevent cyber intrusions.
The Cyber Kill Chain
Adversaries are categorized into three designations:
Advanced - An adversary who is targeted, coordinated, and purposeful.
Persistent - An adversary who is relentless and undeterred by time.
Threat - An adversary with opportunity, intent, and capability.
Which layer of defense applies:
A criminal hacker cuts through a security fence to gain access to the property.
Physical
Which layer of defense applies:
A user clicks on a nefarious email, which downloads and installs malware on their computer.
Application
Which layer of defense applies:
An employee walks away from their terminal and leaves their screen unlocked.
Host
Which layer of defense applies:
A criminal hacker scans a network to see which ports are open.
Perimeter
Which layer of defense applies:
An employee forwards an email containing social security numbers to their personal email account.
Data
Which layer of defense applies:
An employee allows a stranger to tailgate them into a secured facility.
Policies, Procedures, Awareness
Which layer of defense applies:
A disgruntled employee tries to log into their computer with administrative privileges when they only have basic user rights.
Internal Network
Which layer of the Cyber Kill Chain applies:
An attacker breaches a network and installs a remote access trojan, providing the attacker remote control over the computer.
Installation
Which layer of the Cyber Kill Chain applies:
An attacker sucessfully enumerates company employee profiles and crafts convincing phishing emails that contain malware.
Weaponization
Which layer of the Cyber Kill Chain applies:
An attacker sends commands to infected hosts (zombies), which generate pings to a remote victim’s IP address.
Explotation
Which layer of the Cyber Kill Chain applies:
An employee finds a USB thumb drive in the office parking lot and plugs it into their company’s workstation to see what’s on it.
Delivery
Which layer of the Cyber Kill Chain applies:
An attacker compiles employee information from LinkedIn and gets the names and phone numbers of company personnel from publicly available resources.
Reconnaissance