1.2 Defensible Network Architecture Flashcards

Book 1.2

1
Q

What ethernet uses to:

  • listen before transmitting, ensuring only one station transmits at a time
  • monitor transmissions to detect collisions
A

CSMA/CD - carrier sense with multiple access and collision detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Principle that states that access and software should only be what’s necessary to perform a job and nothing more.

A

Principle of least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

method enforcing the idea that devices should not be allowed to communicate with one another simply by the nature of being connected.

A

Network segmentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

networking concept that can observe the entirety of an environment and maintain segmentation in the face of a dynamically changing network, and it’s not hardware dependant.

A

SDN - software defined networking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The idea that no single failure of any single part of the environment will result in a total catastrophic failure of the entirety of the environment. Provided through a tiered architecture.

A

Defense in depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A tier of the network (network section) used for organizational systems that intend to be public facing such as web servers, email servers and domain name service.

A

DMZ / semi public

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Network section that separates DMZ from the private internal Network.

A

Middleware or proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Network design that is a high level design overview. Represents internal and external systems, data flow, and overall system behavior.

A

Conceptual Network design

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Network design that maps the components of the conceptual design via the use of a network diagram. Includes all identified devices that connect to the network.

A

Logical network design.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Network design that includes detailed aspects of the network components. Including OS versions, patch levels, hardening configurations, risk categorization, etc. Also includes physical risks such as network cable locations, etc

A

Physical Network design

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A security control that can attempt to discover sensitive data on our Network systems, monitor for the misuse of that data, and potentially prevent exfiltration.

A

DLP - data loss prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Basic devices that connect our systems together to form a network.

A

Switches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Devices that connect networks to networks.

A

Routers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Threat agents that must maintain persistent access to an organization for perhaps an extended period of time, in order to achieve a longer term goal.

A

APT - advanced persistent threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An attack against a router that results in the service of the device being denied.

A

DoS - denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An attack against a router, where the attack is distributed not originating from a single machine but from a large number of machines, and results in denial of service.

A

DDoS - distributed denial of service

17
Q

Capture and analysis of the traffic on a network.

A

Packet sniffing

18
Q

Router attack where the adversary convinces a router to update the routing table resulting in traffic reduction.

A

Routing table poisoning

19
Q

Router attack where the routers configuration is manipulated so that the traffic is no longer routed properly.

A

Packet Misrouting

20
Q

Used on switches, these are protocols that are used to aid devices in discovering other devices that also exist on a network.

A

CDP - Cisco Discovery protocol, or network discovery protocol.

21
Q

Attack against a switch where the attacker floods the MAC address table with fake or non-existent MAC addresses.

A

MAC flooding

22
Q

Attack against a switch where it downgrades the switches functionality to that of a hub, granting and attacker access to the overall internal network communication.

A

MAC flooding attack

23
Q

this networking concept defines the interrelationship of network-based components, and can be defined as physical or logical.

A

Network topologies

24
Q

Common term that refers to a series of standards that allow us to structure a standard communication form prior to physical transmission and to construct and adapt physical cabling related to performance capabilities for wired networks.

A

Ethernet

25
Q

the idea that the network as a whole is not a single trusted entity. That within the architecture are areas of differing capability, criticality, and security risk.

A

Network segmentation

26
Q

These separate the two ends of a communication. these will analyze requests to verify that they are expected. That they match the characteristics of an expected request. And that they do not appear to be malicious.

A

Proxy or middleware.

27
Q

Three key rules to tiered Network architecture design:

A
  1. Any system visible from the internet must be on the DMZ and cannot contain sensitive data
  2. any system that has sensitive data must reside on the private Network and must not be accessible from the internet
  3. the only way a DMZ system can communicate with the private system is through a middleware or proxy.