Day 7

Question 1

IPsec core protocols

Answer 1

Authentication Header (AH) and Encapsulating Security Payload (ESP)

Question 2

Authentication Header (AH)

Answer 2

handles authentication services for IPsec

Question 3

Encapsulating Security Payload (ESP)

Answer 3

encrypts a datagrams payload, ensuring the privacy of the message

Question 4

IPsec security modes

Answer 4

IPsec provides protection through two security modes: transport and tunnel

Question 5

Transport Mode

Answer 5

host to host or end to end security.
provides security between any two communicating devices or end-points
only the data is encapsulated

Question 6

Tunnel mode

Answer 6

protects communication between routers and not the end hosts

IPsec encapsulates the entire payload

Question 7

CIA triad

Answer 7

confidentiality, integrity, availability

Question 8

five pillars of information assurance

Answer 8

confidentiality, integrity, availability, nonrepudiation, authentication

Question 9

hashing

Answer 9

a form of one way encryption where data of variable length is input to a hashing algorithm and a value of fixed length results are output.
hashing provides password authentication and file integrity verification.

Question 10

password authentication

Answer 10

password is hashed using the same algorithm and compared to the stored hash

Question 11

file verification

Answer 11

using a hashing algorithm allows a user to verify file integrity regardless of file size.
the hash is also known as a checksum

Question 12

encryption

Answer 12

a technique of providing confidentiality by converting plaintext, or ordinary data, into ciphertext.
can be done either symmetrically or asymmetrically

Question 13

symmetric encryption

Answer 13

uses a single key to encrypt and decrypt the data

Question 14

asymmetric encryption

Answer 14

uses a different key for encryption than is used for decryption.
this key pair consists of both a private key and public key.
PKI uses asymmetric encryption.

Question 15

digital signatures

Answer 15

utilizes hashing functions to associate a sender with data and to be sure a sender is who they say they are

Question 16

certificates

Answer 16

electronic documents of credentials usually signed by a third party called a certification authority

Question 17

authentication, authorization, and accounting (AAA)

Answer 17

a framework for data protection for databases

Question 18

authentication

Answer 18

presenting credentials for access to the network

Question 19

authorization

Answer 19

the determination of what tasks are and are not allowed on the network

Question 20

accounting

Answer 20

keeping a record of such things as login/logoff times, or what services have been accessed.
AAA is suported through two main protocols: RADIUS and TACACS+)

Question 21

Remote Authentication Dial-In User Service (RADIUS)

Answer 21

an AAA standard used in supporting thousands of access points managed by internet service providers and linking them to a single database.
requests are sent to a Network Access Server (NAS)
the three replies are “Access Accept”, “Access Reject”, or “Access Challenge”

Question 22

Terminal Access Controller Access Control System Plus (TACACS+

Answer 22

an AAA protocol developed by Cisco to include access to routers and switches.

Question 23

virtual networking

Answer 23

aka logical networking, overcomes certain network functions previously hindered by physical or geographic limitations

Question 24

Virtual Local Area Network (VLAN)

Answer 24

seperating LAN’s with a switch. VLAN’s logically seperate a single device into different resource groups.

Question 25

trunking

Answer 25

connects VLans that physically reside on different switches

Question 26

Virtual Private Network (VPN)

Answer 26

extends a LAN over an intermediate and usually unsecure infrastructure such as the internet.

Question 27

VPN tunnel

Answer 27

a secure connection that allows remote connections from the internet into the private network

Question 28

tunneling

Answer 28

allows private communications over a public infrastructure while maintaining security

Question 29

cloud computing

Answer 29

an idea by which people and businesses can use needed resources, such as software or hardware, without actually having to purchase them.

Question 30

deployment models

Answer 30

a cloud computing environment can be deployed in different ways depending on customer need.

Question 31

private cloud

Answer 31

a deployment model where one specific company or organization uses the entire cloud infrastructure

Question 32

public cloud

Answer 32

designated for use by the general public and exist on the cloud provider’s property

Question 33

community cloud

Answer 33

space occupied by several different tenants that share a common concern

Question 34

hybrid cloud

Answer 34

consists of the combination of two or more cloud deployment models.
allows for cloud bursting: additional processing can be handled outside of the normal cloud infrastructure and into another

Question 35

software as a service (SaaS)

Answer 35

the customer use of applications running from a cloud provider.
the client has no control over the network, servers, or even the actual application.

Question 36

Platform as a Service (PaaS)

Answer 36

a client creates their own applications or software, but use programming languages and tools supported by the cloud provider,

Question 37

infrastructure as a service (IaaS)

Answer 37

aka hardware as a service (HaaS)
the provisioning of processing, storage and networks to a customer. the customer controls the software and even the OS’s running on the hardware.

Question 38

threat

Answer 38

a network threat is something that has the potential to damage the network, to include data, hosts, or users.  most common threats:
hardware failures
access
malware
social engineering
denial of service

Question 39

hardware failures

Answer 39

equipment can fail. to mitigate these failures, redundancy must be maintained

Question 40

access

Answer 40

access is devided up into two main types: physical and logical

Question 41

physical access

Answer 41

physical access should be protected through the use of locking cabinets, doors, and buildings. security guards, cameras and safes are also means of providing physical security.

Question 42

logical access

Answer 42

protects data through the means of logical controls. these controls can be provided by the use of passwords, permissions, access control lists (ACL’s), and traffic filtering with devices such as firewalls

Question 43

remote access

Answer 43

the non local access to network systems or resources from a seperate physical location.
remote access points should always be shut off when not needed.

Question 44

malicious software (malware)

Answer 44

program or code designed to perform an undesired function on a system

Question 45

virus

Answer 45

a virus replicates itself by making copies of itself
viruses do not replicate across networks.
activation is the action a virus takes once replicated

Question 46

worm

Answer 46

a worm is like a virus but can send copies of itself to other computers on a network

Question 47

macro

Answer 47

a macro is a form of malware which exploits a programs built in macro function, with malicious results. these viruses use weaknesses in the macro language to accomplish the tasks of replication and activation

Question 48

trojan

Answer 48

a piece of malware that looks legitimate to a user but performs malicious functions in the background.
trojans to not replicate like viruses or worms do

Question 49

rootkit

Answer 49

rootkits are trojans that use low level computing functions in order to hide themselves from these anti-malware tools. rootkits allow for continued privileged access to the system

Question 50

adware/spyware

Answer 50

adware is a program that use functions such as pop-up windows to flood a user with advertisements. spyware is software that sends information about your system over the internet

Question 51

dealing with malware

Answer 51

anti-malware programs
training
procedures

Question 52

social engineering

Answer 52

the process of tricking people to gain unauthorized access to information

Question 53

phishing

Answer 53

a phishing attack consists of both creating a site, which seems trusted, and then soliciting people to visit it. phishing attacks launched through email include a hyperlink that when clicked, takes a victim to the attacker’s site

Question 54

denial of service (DoS)

Answer 54

involves an adversary flooding a network with enough traffic to overwhelm it

Question 55

distributed denial of service (DDoS)

Answer 55

overwhelms a system like DoS but through multiple source computers.
an adversary first takes control of a computer called the command and control server.
each of the comptuers being controlled to participate in a DDoS attack is called a zombie.
a group of computers under the control of an operator is called a botnet.