Chapter 1 Flashcards

1
Q

T/F: Most network attacks originate from inside the network.

A

True; approximately 60-80% of misuse incidents originate from the inside network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why can internal threats be severe threats?

A
  1. Users already have knowledge of the network 2. Users have some level of access granted to them in order to perform their job 3. IPS and firewalls are ineffective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the 3 goals of network security?

A
  1. Confidentiality: Keeping data private2. Integrity: ensures data is not modified in transit 3. Availability: measure of data accessibility
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the Government and Military data classification model?

A
  1. Unclassified 2. Sensitive, but unclassified (SBU) 3. Confidential 4. Secret 5. Top-Secret
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the organizational data classification model?

A
  1. Public 2. Sensitive 3. Private 4. Confidential
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the 3 classification roles?

A
  1. Owner - determines classification level, reviews procedures 2. Custodian - Backup/maintain integrity of data, restores data 3. User - Accesses and uses data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 3 types of security controls?

A
  1. . Administrative Controls 2. Physical Controls 3. Technical Controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the chain of custody?

A

A chain of custody documents who has been in possession of the data/evidence since a security breach occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a script kiddy?

A

Someone who lacks sophisticated hacking knowledge, but downloads hacking utilities to launch attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is IP Spoofing?

A

A type of attack where the hacker’s IP address appears to be a trusted IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you protect against an IP spoofing attack?

A
  1. Use ACLs to deny outside traffic claiming to be an IP address used on the internal network 2. Encrypt traffic between devices via an IPSec Tunnel to make captured packets unreadable.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly