CHP 9 Flashcards
NAC
Network access control (NAC) is a security solution that enforces policy on devices seeking to access network resources. Network Access Control (NAC) is a security solution that manages and controls access to a network by enforcing policies on devices and users attempting to connect.
fact
Unfortunately, WPS is vulnerable to a brute force attack. WPA3, is intended to replace WPS
SAE
Simultaneous Authentication of Equals (SAE)
Simultaneous Authentication of Equals (SAE) is a password-based authentication and key exchange protocol used in wireless networks. It provides strong security by resisting offline dictionary attacks and is part of the WPA3 standard. replaces the Pre-Shared Key (PSK) exchange protocol in WPA2, ensuring an attacker cannot intercept the Wi-Fi password even when capturing data from a successful login.
AES GCM
AES Galois Counter Mode (GCM)
—replaces AES CCM. AES-GCM (Advanced Encryption Standard - Galois/Counter Mode) is a widely used encryption method that provides both confidentiality and data integrity. It combines the AES encryption algorithm with the Galois/Counter Mode of operation to offer secure and authenticated encryption. A high performance mode of operation for symmetric encryption.
VLANs
VLANs (Virtual Local Area Networks) are a method of creating separate, isolated networks within a single physical network. VLANs allow you to segment network traffic logically, improving security and performance.
NBAD
Network Behavior and Anomaly Detection (NBAD) is a security technique used to monitor network traffic and identify unusual patterns or anomalies that may indicate potential security threats or network issues.
UEBA
User and Entity Behavior Analytics (UEBA) is a security solution that uses advanced analytics to track and analyze the behaviors of users and entities (such as devices and applications) within a network. UEBA identifies anomalies and potential security threats by comparing current behavior against established patterns of normal behavior.
Web Filtering
Its primary function is to block users from accessing malicious or inappropriate websites, thereby protecting the network from potential threats.
NTA
Network Traffic Analysis (NTA) is a security practice that involves monitoring and analyzing network traffic to identify unusual patterns, detect threats, and ensure network performance.
DLP
Data Loss Prevention (DLP) refers to a set of strategies and tools used to ensure that sensitive information does not get lost, misused, or accessed by unauthorized users.
Which of the following practices is critical for device hardening by providing a standard set of guidelines or checklists for configuring devices securely?
A.Regular maintenance cycle
B.User awareness training
C.Least functionality principle
D.Monitoring and encryption
C
Which of the following methods is a replacement for Wi-Fi Protected Setup (WPS) as a more secure means of configuring client devices with the necessary information to access a Wi-Fi network?
A.Device Provisioning Protocol (DPP)
B.Wi-Fi Protected Access 3 (WPA3)
C.Enhanced Open
D.Simultaneous Authentication of Equals (SAE)
A
A newly-hired cybersecurity manager of a software company evaluates the available intrusion detection and intrusion prevention capabilities of the company. What method detects changes in normal “baseline” operating data sequences and identifies abnormal sequences?
A.Signature-based detection
B.Behavioral-based detection
C.Network behavior and anomaly detection
D.Network traffic analysis
B
A company’s IT security specialist decides to upgrade the wireless network infrastructure to enhance data protection during transmissions. Recognizing the importance of strong encryption for wireless data, the specialist evaluates the various encryption standards available. Which wireless encryption standard offers the MOST robust security for protecting wireless data transmissions and has become the preferred choice for many organizations?
A.Wi-Fi Protected Access 3
B.Wired Equivalent Privacy
C.Wi-Fi Protected Access
D.Temporal Key Integrity Protocol
A
