Chapter 1

Question 1

802.1x Authentication Parts

Answer 1

1. Supplicant 2. Authenticator 3. Authentication Server

Question 2

802.1x Supplicant

Answer 2

Client device attach to WAN/LAN

Question 3

802.1x Authenticator

Answer 3

Network device that provides a data link between the client and the network and can allow or block network traffic between the two

Question 4

802.1x Authentication Server

Answer 4

Typically a trusted server that can receive and respond to requests for network access, and can tell the authenticator if the connection is to be allowed, and various settings that should apply to that client’s connection or setting.

Question 5

Vulnerability

Answer 5

Is a weakness in a device, system, application, or process that might allow an attack to take place. Vulnerabilities are internal factors that may be controlled by cybersecurity professionals.

Question 6

Threat

Answer 6

In the world of cybersecurity is an outside force that may exploit a vulnerability.

Question 7

Risk

Answer 7

Combination of a threat and a corresponding vulnerability. Both of these factors must be present before a situation poses a risk to the security of an organization.

Question 8

Adversarial Threats

Answer 8

Are individuals, groups, and organizations that are attempting to deliberately undermine the security of an organization. Adversaries may include trusted insiders, competitors, suppliers, customers, business partners, or even nation-states.

Question 9

Accidental Threats

Answer 9

occur when individuals doing their routine work Mistakenly perform an action that undermines security. For example, a system administrator might accidentally delete a critical disk volume, causing a loss of availability.

Question 10

Structural Threats

Answer 10

Occur when equipment, software, or environmental controls fail due to the exhaustion of resources (such as running out of gas), exceeding their operational capability (such as operating in extreme heat), or simply failing due to age. Structural threats may come from IT components (such as storage, servers, and network devices), environmental controls (such as power and cooling infrastructure), and software (such as operating systems and applications).

Question 11

Environmental Threats

Answer 11

Occur when natural or man-made disasters occur that are outside the control of the organization. These might include fires, flooding, severe storms, power failures, or widespread telecommunications disruptions.

Question 12

Agent-Based vs Agentless

Answer 12

Agent-based solutions, such as 802.1x, require that the device requesting access to the network run special software designed to communicate with the NAC service. Agentless approaches to NAC conduct authentication in the web browser and do not require special software.

Question 13

In-Band vs Out-of-Band

Answer 13

In-band (or inline) NAC solutions use dedicated appliances that sit in between devices and the resources that they wish to access. They deny or limit network access to devices that do not pass the NAC authentication process. The “captive portal” NAC solutions found in hotels that hijack all web requests until the guest enters a room number are examples of in-band NAC. Out-of-band NAC solutions, such as 802.1x, leverage the existing network infrastructure and have network devices communicate with authentication servers and then reconfigure the network to grant or deny network access, as needed.

Question 14

Port 22

Answer 14

SSH

Question 15

Port 23

Answer 15

Telnet

Question 16

Port 25

Answer 16

SMTP

Question 17

Port 110

Answer 17

POP3

Question 18

Port 123

Answer 18

NTP

Question 19

Port 143

Answer 19

IMAP

Question 20

Port 389

Answer 20

LDAP

Question 21

Port 636

Answer 21

LDAPS

Question 22

Port 1443

Answer 22

SQL Server

Question 23

Port 1521

Answer 23

Oracle Server

Question 24

Port 1720

Answer 24

H.323

Question 25

Port 1723

Answer 25

PPTP

Question 26

Packet Filtering Firewalls

Answer 26

Simply check the characteristics of each packet against the firewall rules without any additional intelligence. Packet filtering firewall capabilities are typically found in routers and other network devices and are very rudimentary firewalls.

Question 27

Stateful Firewalls

Answer 27

Go beyond packet filters and maintain information about the state of each connection passing through the firewall. These are the most basic firewalls sold as stand-alone products.

Question 28

NGFW’s

Answer 28

Incorporate even more information into their decision-making process, including contextual information about users, applications, and business processes. They are the current state-of-the-art in network firewall protection and are quite expensive compared to stateful inspection devices.

Question 29

WAF’s

Answer 29

Are specialized firewalls designed to protect against web application attacks, such as SQL injection and cross-site scripting.

Question 30

GPO

Answer 30

Mechanism allows administrators to define groups of security settings once and then apply those settings to either all systems in the enterprise or a group of systems based on role.

Question 31

Confidentiality

Answer 31

Makes sure that unauthorized personal are not able to view sensitive documentation

Question 32

Integrity

Answer 32

Makes sure that unauthorized personal are not able to manipulate sensitive documentation

Question 33

Availability

Answer 33

Ensures that information and systems are ready to meet the needs of legitimate users at the time those users request them.