Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber > Chp 5 Infrastructure > Flashcards

Chp 5 Infrastructure Flashcards

1
Q

OSI

A

The Open Systems Interconnection (OSI) model is a conceptual framework used to understand and implement network protocols in seven distinct layers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

OSI Physical Layer (Layer 1):

A

Function: Deals with the physical connection between devices and the transmission and reception of raw bitstreams over a physical medium.
Key Components: Cables, switches, hubs, repeaters, and network interface cards (NICs).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

OSI Data Link Layer (Layer 2):

A

Function: Responsible for node-to-node data transfer and error detection and correction. It ensures that data transferred from one node to another is free of errors.
Key Components: Bridges, switches, and protocols like Ethernet and Wi-Fi.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

OSI Network Layer (Layer 3):

A

Function: Manages device addressing, tracks the location of devices on the network, and determines the best way to move data between them. It handles packet forwarding, including routing through different routers.
Key Components: Routers and layer 3 switches.
Protocols: IP (Internet Protocol), ICMP (Internet Control Message Protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OSI Transport Layer (Layer 4):

A

Function: Ensures complete data transfer with error recovery, flow control, and data integrity. It manages end-to-end communication and the segmentation and reassembly of data.
Key Components: Gateways and firewalls.
Protocols: TCP (Transmission Control Protocol), UDP (User Datagram Protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

OSI Application Layer (Layer 7):

A

Function: Closest to the end-user. It interacts with software applications to implement a communicating component. It provides network services directly to end-user applications.
Key Components: Web browsers, email clients, and other network-based applications.
Protocols: HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), SMTP (Simple Mail Transfer Protocol), DNS (Domain Name System).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FQDN

A

A Fully Qualified Domain Name (FQDN) is the complete domain name for a specific computer or host on the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Star Topology

A

is BAD. is a network configuration where all devices (nodes) are connected to a central hub or switch.
Central Point of Failure: The entire network depends on the central hub or switch. If it fails, the whole network is disrupted.
The network segment is also “flat” in terms of security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

logical segmentation

A

Helps the Layer 3 of OSI by switch, router, and firewall configuration where hosts on one network segment are prevented from or restricted in communicating with hosts on other segments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In IPv6, how are the 128 bits of an IP address divided and used?

A. The last 32 bits are the host’s interface ID, and the first 96 bits contain network information.

B. The last 64 bits are the host’s interface ID, and the first 64 bits contain network information. The first 48 bits are used by ISPs to determine the network’s location on the global Internet, and the remaining 16 bits are used for subnetting by the site administrator.

C. The last 128 bits are the host’s interface ID, and there are no bits for network information.

D. The first 64 bits are the host’s interface ID, and the last 64 bits contain network information. The first 48 bits of the last 64 bits are used by ISPs to determine the network’s location on the global Internet, and the remaining 16 bits are used for subnetting by the site administrator.

A

B. The last 64 bits are the host’s interface ID, and the first 64 bits contain network information. The first 48 bits are used by ISPs to determine the network’s location on the global Internet, and the remaining 16 bits are used for subnetting by the site administrator.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ARP

A

Address Resolution Protocol (ARP) is a protocol used in IPv4 networks to map IP addresses to MAC (Media Access Control) addresses. ARP is essential for communication between devices on a local network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

security zones

A

An area of the network (or of a connected network) where the security configuration is the same for all hosts within it. In physical security, an area separated by barriers that control entry and exit points.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Attack Surface Layer 1/2

A

—allows unauthorized hosts to connect to wall ports or wireless networks and communicate with hosts within the same broadcast domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Attack Surface Layer 3

A

—allows unauthorized hosts to obtain a valid network address, possibly by spoofing, and communicate with hosts in other zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RADIUS

A

Remote Authentication Dial-In User Service (RADIUS)
AAA protocol used to manage remote and wireless authentication infrastructures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

PNAC

A

Port-based Network Access Control (PNAC), commonly implemented using the IEEE 802.1X standard, is a method used to control access to a network by requiring devices to authenticate themselves before gaining access to network resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Attack Surface Layer 4/7

A

—allows unauthorized hosts to establish connections to TCP or UDP ports and communicate with application layer protocols and services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

EAP

A

Extensible Authentication Protocol (EAP)
Framework for negotiating authentication methods that enable systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication and to establish secure tunnels through which to submit credentials.

16
Q

Why are some hosts considered so security-critical that they should not be connected to any type of network, and what is an example of such a host?

A. They have limited processing power, and one example is a basic IoT device.

B. They perform critical security functions that, if compromised, could undermine the entire security infrastructure. One example is the root certification authority in a Public Key Infrastructure (PKI).

C. They are used primarily for testing software, and one example is a developer’s personal computer.

D. They handle large volumes of data and need to be highly available, such as a data warehouse server.

A

B. They perform critical security functions that, if compromised, could undermine the entire security infrastructure. One example is the root certification authority in a Public Key Infrastructure (PKI).

16
Q

Passive Security Control

A

A passive security control operates without requiring any configuration on the client side or transferring host data. It monitors and analyzes data silently, without interacting with network hosts directly.
Example:

Network traffic can be mirrored or copied to a sensor and scanned by an analysis engine. This process is entirely passive, as it does not interact with or alter the network traffic in any way.

17
Q

Active Security Control

A

An active security control requires configuration and interaction with network hosts. It involves setting up credentials, permissions, and possibly installing software agents on the hosts.
Example:

An active control performing network filtering may require hosts to be explicitly configured to use the control, such as installing agent software or configuring network settings to route traffic through a gateway.

18
Q

inline

A

Placement and configuration of a network security control so that it becomes part of the cable path.
examples:
TAP- Test access point (TAP)—this is an inline device with ports for incoming and outgoing network. Between the firewall and the switch
SPAN (switched port analyzer)/mirror port- NOT RELIABLE

19
Q

Fail-Open

A

In a fail-open configuration, network or host access is preserved during a failure, ensuring that the system remains available even if a security control fails.
Priority:

Availability is prioritized over confidentiality and integrity.

20
Q

Fail-Closed

A

In a fail-closed configuration, access is blocked or the system enters its most secure state when a failure occurs, ensuring that confidentiality and integrity are maintained even during a failure.
Priority:

Confidentiality and Integrity are prioritized over availability.

21
Q

layer 7 firewall

A

A stateful inspection firewall that can filter traffic based on specific application protocol headers and data, such as web or email data.

Layer 7 Firewall: Offers advanced, application-layer filtering ideal for detecting sophisticated attacks and protecting web applications, albeit with higher resource demands and complexity.

21
Q

stateful inspection

A

A technique used in firewalls to analyze packets down to the application layer rather than filtering packets only by header information, enabling the firewall to enforce tighter and more security.

22
Q

layer 4 firewall

A

A stateful inspection firewall that can monitor TCP sessions and UDP traffic.
Layer 4 Firewall: Provides efficient, transport-layer filtering suitable for basic traffic management and environments where performance is critical.

23
Q

SOHO

A

Small Office/Home Office

23
Q

forward proxy

A

is a server that acts as an intermediary between a client and the internet. It processes requests from clients to access resources from other servers.

24
Q

Non-Transparent Proxy

A

A non-transparent proxy requires the client to be explicitly configured with the proxy server’s address and port number., such as corporate networks.

25
Q

reverse proxy

A

A type of proxy server that protects servers from direct contact with client requests. Typically deployed on the network edge and configured to listen for client requests from a public network

25
Q

Transparent Proxy

A

Suitable for environments where client configuration cannot be enforced, such as public Wi-Fi.

25
Q

UTM

A

Unified threat management (UTM) All-in-one security appliances and agents that combine the functions of a firewall, malware scanner, intrusion detection, vulnerability scanner, data-loss prevention, content filtering, and so on. NOT SO GOOD BUT OK

26
Q

NGFW

A

next-generation firewall (NGFW) Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection. BEST

26
Q

WAF

A

web application firewall (WAF) A firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks.

26
Q

PPTP

A

Legacy protocols such as the Point-to-Point Tunneling Protocol (PPTP) PPTP is highly vulnerable to password cracking attacks and considered obsolete.

27
Q

RDP

A

Remote Desktop Protocol (RDP) can be used to access a physical machine on a one-to-one basis.

27
Q

VNC

A

Virtual Network Computing (VNC) Remote access tool and protocol. VNC is the basis of macOS screen sharing.

28
Q

HTML5 VPN

A

Using features of HTML5 to implement remote desktop/VPN connections via browser software (clientless).

29
Q

OOB

A

out-of-band (OOB) Accessing the administrative interface of a network appliance using a separate network from the usual data network. This could use a separate VLAN or a different kind of link, such as a dial-up modem.

30
Q

A security team in a multinational organization decides to improve the security of their inter-office communications. They agree to use a tunneling protocol that can offer confidentiality, sender authentication, and message integrity. They need a protocol that operates at the network level. Which protocol BEST fulfills the team’s requirements for securing inter-office communications and operates at the network level?

A.Hypertext Transfer Protocol Secure
B.Secure Shell
C.Internet Protocol Security
D.Transport Layer Security

A

C
Internet Protocol Security (IPSec) provides confidentiality, sender authentication, and message integrity by functioning at the network level.

31
Q

An organization’s flat network segment currently hosts a mailbox server, a client network, and a mail transfer server, all of which need enhanced security. Which redesign option BEST segregates the network according to the OSI model and secure architecture principles to mitigate vulnerabilities?

A.Segregate with VLANs and control inter-VLAN traffic with ACLs.
B.Monitor the mail server with a WAF at the application layer.
C.Strengthen router ACLs and enable IPsec for data-in-transit.
D.Create a DMZ for the mail transfer server and separate others with port security.

A

A
VLANs with ACLs create secure segments, providing effective internal traffic control without affecting other layers. This approach not only enhances network performance but also significantly improves security by isolating different network segments.

32
Q

The network administrator in an organization is reinforcing the security measures of the company’s enterprise infrastructure, with a key focus on port security. In an environment with dynamic port usage where different applications request ports on an ad-hoc basis, the administrator must consider the most secure method of assigning and managing these ports to mitigate security risks. To secure the enterprise infrastructure optimally, what key measure should the network administrator prioritize in terms of port security?

A.Keeping all ports open to ensure application functionality
B.Implementing a dynamic port allocation and management system
C.Assigning all applications a static port number
D.Blocking all incoming and outgoing connections on all ports

A

B
Implementing a dynamic port allocation and management system aids in optimizing security by reducing the attack surface, as the system only opens the ports when needed and promptly closes them when not in use.

33
Q

A growing company’s IT department is weighing the pros and cons of different architectural models for its next project. The debate narrows down to cloud architecture versus traditional network architecture. During a team meeting, the head of IT security asks a newly hired network specialist to identify the primary security consideration when comparing cloud architecture to traditional network architecture. Based on the conversation in the IT department, which security consideration is MOST directly associated with cloud architecture compared to traditional network architecture?

A.A need for regular network hardware/firmware updates
B.Shared responsibility model with service providers
C.Encryption of data transmitted over local networks
D.Requirement for secure physical access to network devices

A

B
In cloud services, the division of security responsibilities between the cloud service provider and the customer creates a shared responsibility model.

Cyber (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions