Chapter 1 Flashcards
T/F: Most network attacks originate from inside the network.
True; approximately 60-80% of misuse incidents originate from the inside network.
Why can internal threats be severe threats?
- Users already have knowledge of the network 2. Users have some level of access granted to them in order to perform their job 3. IPS and firewalls are ineffective
What are the 3 goals of network security?
- Confidentiality: Keeping data private2. Integrity: ensures data is not modified in transit 3. Availability: measure of data accessibility
What is the Government and Military data classification model?
- Unclassified 2. Sensitive, but unclassified (SBU) 3. Confidential 4. Secret 5. Top-Secret
What is the organizational data classification model?
- Public 2. Sensitive 3. Private 4. Confidential
What are the 3 classification roles?
- Owner - determines classification level, reviews procedures 2. Custodian - Backup/maintain integrity of data, restores data 3. User - Accesses and uses data
What are the 3 types of security controls?
- . Administrative Controls 2. Physical Controls 3. Technical Controls
What is the chain of custody?
A chain of custody documents who has been in possession of the data/evidence since a security breach occurred.
What is a script kiddy?
Someone who lacks sophisticated hacking knowledge, but downloads hacking utilities to launch attacks.
What is IP Spoofing?
A type of attack where the hacker’s IP address appears to be a trusted IP address.
How do you protect against an IP spoofing attack?
- Use ACLs to deny outside traffic claiming to be an IP address used on the internal network 2. Encrypt traffic between devices via an IPSec Tunnel to make captured packets unreadable.