Chapter 1 - Networking Security Concepts Flashcards
Which security term refers to a person, property, or data of value to a company
Asset
Which asset characteristic refers to risk that results from a threat and lack of a countermeasure?
Vulnerability
Which three items are the primary network security objectives for a company?
- Confidentiality
- Integrity
- Availablity
What is an example of a physical control?
Electronic Lock
What is the primary motivation for most attacks against networks today?
Financial
What type of an attack involves lying about the source address of a frame or packet?
Spoofing Attack
Which two approaches to security provide the most secure results on day one?
- Defense in Depth
- Least Privilege
Which of the following might you find in a network that is based on a defense-in-depth security implementation?
- Firewall
- IPS (Intrusion Prevention System)
- Access Lists
- Current Patches on Servers
In relation to production networks, what are viable options when dealing with risk?
- Transfer it
- Mitigate it
- Remove it
(NOT ignore it)
What is an Asset?
It is anything valuable to an organization. (computers, people, intellectual propery, contact lists, etc.)
What is a vulnerability?
it is an exploitable weakness in a system or its design.
What is a threat?
A threat is any potential danger to an asset.
“Latent” threats are not yet realized. An active attack launched on an organization is “realized”
What is a countermeasure?
A countermeasure is a safeguard that somehow mitigates a potential risk.
When it comes to network security, what is risk?
Risk is the potential for unauthorized access to, compromise, destruction, or damage to an asset.
What is an Administrative Countermeasure?
These are things like written policies, procedures, guidelines, and standard. Acceptable Use Policies (AUP) would be an example.
What is a logical countermeasure?
Logical controls are things like passwords, firewalls, IPS, access lists, and VPN tunnels.
Why is a Social Engineering attack so dangerous?
Because it leverages users to gain information to compromise security. Users can be misdirected to phishing / pharming sites to give up username / password information, etc.
What is ARP Poisoning?
An attacker spoofs a Layer 2 MAC address to make devices on the LAN believe that the layer 2 address of the attacker is the L2 address of their default gateway. The attacker than then sniff / capture all data attempting to leave the network. (They may even forward the packet along so that no one suspects anything is wrong. Can be mitigated by Dynamic Address Resolution Protocol Inspection (DAI)
What are governmental asset classifications?
- Unclassified
- Sensitive but unclassified (SBU)
- Confidential
- Secret
- Top Secret
What are private sector asset classifications?
- Public
- Sensitive
- Private
- Confidential
What are asset classification criteria?
- Value
- Age
- Replacement Cost
- Useful Lifetime
What are asset classification roles?
- Owner (the group ultimately responsible for the data)
- Custodian (the group responsible for implementing the policy as dictated by the owner)
- User (those who access the data and abide by the rules of use for the data)
