4.1 Explain the importance of basic network security concepts.

Question 1

Explain logical security in terms of “data in transit”.

Answer 1

• Data transmitted over the network
• Also called “data in motion”
• Not much protection as it travels (switches, routers, devices)
• The security comes from other equipment (firewall, IPS)

Question 2

Explain logical security in terms of “data at rest”.

Answer 2

• The data on a storage device (hard drive, SSD, Flash drive, etc.)
• Encrypting the information as your write it to the storage drive.
• Apply permissions to the data that you have stored (also ACLs).

Question 3

Digital Certificates

Answer 3

• A public key certificate
• Binds a public key with a digital signature and other details about the key holder.
• Adds trust to the PKI
• Certificate creation can be built into the OS.

Question 4

What is PKI?

Answer 4

• Public Key infrastructure
• Policies, procedures, hardware, software, and people form digital certificates.

Question 5

What is “self-signed” mean?

Answer 5

• Internal certificates don’t need to be signed by a public CA
• Your company is the only one going to use it.
• Build your own CA to issue your own certificates signed by your own CA.

Question 6

What is IAM?

Answer 6

• Identity and Access Management
• Identify lifecycle management; every entity (human or non-human) gets a digital identity.
• AAA (Access Control, Authentication, Authorization)
• Identity Governance

Question 7

What is MFA?

Answer 7

• Multi-factor Authentication
• Using different methods to prove who you are.
• Something you know (password), something you have (mobile app), something you are (biometric), somewhere you are (GPS location.

Question 8

What is SSO?

Answer 8

• Single Sign-on
• You will only need to provide your credentials one time with no additional authentication required.
• Usually a time frame so that you do not stay logged in all the time.

Question 9

What is RADIUS?

Answer 9

• Remote Authentication Dial-in User Service
• One of the more common AAA protocols
• Centralize authentication for users (routers, switches, firewalls, server authentication, remote VPN access.

Question 10

What role does LDAP play in authentication?

Answer 10

• Lightweight Directory Access Protocol
• Protocol for reading and writing directories over an IP network
• An organized set of records, like a phone directory
• X.500 specification was written by the International Telecommunications Union (ITU).
• It allows you to add more attributes for additional context about a particular device to build a hierarchy of devices within your network.

Question 11

What is SAML?

Answer 11

• Security Assertion Mark-up Language
• Open standard for authentication and authorization
• You can authenticate through a third-party to gain access
• Not originally designed for mobile apps (biggest roadblock)

Question 12

What is TACACS+?

Answer 12

• Terminal Access Controller Access Control System Plus
• Remote authentication protocol
• More authentication requests and response codes
• Very Cisco-centric model of remote authentication

Question 13

What is time-based authentication?

Answer 13

• TOTP (Time-based One-time Password algorithm)
• Use a secret key and the time of day
• No incremental counter.
• The secret key is configured ahead of time.

Question 14

What does it mean to grant the least-privileged access to something?

Answer 14

• Rights and permissions should be set to the bare minimum
• You only get exactly what’s needed to complete your objective.
• All user accounts must be limited.

Question 15

What is role-based access control?

Answer 15

• You have a role in your organization (manager, director, team lead, project manager).
• Rights and permissions will be different based on their role.
• Administrators provide the access based on those roles.

Question 16

What is a honeypot?

Answer 16

• Attract the bad guys and trap them there.
• Create a virtual world for an attacker to explore.

Question 17

What is the CIA triad?

Answer 17

1. Confidentiality: Prevents disclosure of info to unauthorized individuals or systems.
2. Integrity: messages can’t be modified without detection
3. Availability: Systems and networks must be up[ and running.

Question 18

What is PCI DSS?

Answer 18

• Payment Card Industry Data Security Standards
• A standard for protecting credit cards
• Six control objectives
  1. Build and maintain a secure network and systems
  2. Protect cardholder data
  3. Maintain vulnerability management program
  4. Implement strong access control measures
  5. Regularly monitor and test networks
  6. Maintain an information security policy

Question 19

What is GDPR?

Answer 19

• General Data Protection Regulation
• European Union regulation
• Protected data for individuals such as name, address, photo, e-mail address, bank details, posts on social media, medical information, a computer’s IP address.
• Laws that prohibit where data is stored and how it should be stored.

Question 20

What is IoT?

Answer 20

• Internet of Things
• Sensors (heating, cooling, lighting)
• Smart Devices (home automation, video doorbells)
• Wearable technology (watches, health monitors)

Question 21

What is IIoT?

Answer 21

• Industrial Internet of Things
• Machine to machine communication
• Segmentation is just as important here sense more data is at stake.

Question 22

What is SCADA / ICS?

Answer 22

• Supervisory Control and Data Acquisition / Industrial Control System
• Large Scale
• PC manages equipment (power generation, refining, manufacturing equipment)
• Real-time information and system control

Question 23

What is OT?

Answer 23

• Operational Technology
• The hardware and software for industrial equipment
• Examples: Electric grids, traffic control, manufacturing plants, etc.

Question 24

What is BYOD?

Answer 24

• Bring Your Own Device