12 Network security Flashcards
What is Zero Trust in network security?
A security model that emphasizes strict access controls and does not trust any entity by default.
It includes Control Plane components like Adaptive identity, Threat scope reduction, Policy-driven access control, and Data Plane aspects like Implicit trust zones.
What are the components of Deception and disruption technology?
- Honeypot
- Honeynet
- Honeyfile
- Honeytoken
These technologies are designed to deceive attackers and disrupt their activities.
What types of network attacks are commonly identified?
- Distributed denial-of-service (DDoS)
- Domain Name System (DNS) attacks
- Wireless attacks
- On-path attacks
- Credential replay attacks
- Malicious code
Each type presents unique challenges and requires specific mitigation strategies.
What is the purpose of segmentation in network security?
To divide a network into smaller segments to enhance security and control access.
This mitigates risk by limiting the spread of attacks.
What does an Access Control List (ACL) do?
It defines permissions for users and devices to access network resources.
ACLs are crucial for managing access controls in network environments.
What is an Air-gapped network?
A network that is physically isolated from other networks to enhance security.
This isolation prevents unauthorized access and cyber attacks.
What are the failure modes in network security?
- Fail-open
- Fail-closed
These modes determine how a system behaves during a failure, impacting security.
What is the role of a Jump server?
To serve as a secure access point for administrative tasks in a network.
Jump servers minimize direct access to sensitive resources.
What is a Web Application Firewall (WAF)?
A security device that monitors and filters HTTP traffic to and from a web application.
WAFs protect against common web attacks like SQL injection and cross-site scripting.
What are the types of firewalls mentioned?
- Web application firewall (WAF)
- Unified threat management (UTM)
- Next-generation firewall (NGFW)
- Layer 4/Layer 7 firewalls
Each firewall type offers different levels of protection and features.
What does VPN stand for?
Virtual Private Network.
VPNs create secure connections over untrusted networks.
What is the purpose of DNS filtering?
To block access to malicious domains and protect users from phishing and malware.
DNS filtering is a proactive security measure.
What are the components of Email Security?
- DMARC
- DKIM
- SPF
- Gateway
These protocols help authenticate emails and prevent spoofing.
What is DLP in the context of network security?
Data Loss Prevention.
DLP technologies are used to prevent sensitive data from being lost, misused, or accessed by unauthorized users.
What is the significance of hardening targets?
To strengthen network devices against attacks by minimizing vulnerabilities.
Common targets include switches and routers.
True or False: A proxy server can help in improving network security.
True.
Proxy servers can hide the IP addresses of users and filter traffic.
Fill in the blank: The __________ is used to monitor network devices and can send alerts when issues arise.
Simple Network Management Protocol (SNMP) traps
SNMP is widely used for network management.
What are common indicators of malicious activity in networks?
- On-path attacks
- DNS attacks
- Layer 2 attacks
- DDoS
- Credential replay attacks
Recognizing these indicators can help in early detection of security incidents.
What is the primary focus of the Security+ exam?
Implementing designs and explaining the importance of security concepts and components.
What does defense-in-depth refer to in security design?
Multiple controls designed to ensure that a failure in a single control is unlikely to cause a security breach.
How many layers are in the OSI model?
Seven layers.
What are Layers 1–3 of the OSI model known as?
Media layers.
What do Layers 4–7 of the OSI model address?
Reliable data transmission, session management, encryption, and translation of data.
Define attack surface.
The points at which an unauthorized user could gain access to a device or organization.