Domain 1.0 Network Security Flashcards

0
Q

An S/FTP server is deployed within your intranet but is accessible to external users. You are not allowed to change the configuration of the network by relocating existing services. Which is the most important solution to install?

A. Install strong password management policies
B. Install a host firewall
C. Install a VPN server
D. Install a Network IDS

A

D. Install a Network IDS

IDS - Intrusion Detection System
VPN - Virtual Private Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

How does a switch determine which port to use to transmit a packet once it is received?

A. IP routes
B. Security associations
C. ACLs
D. Mac tables

A

D. Mac tables

ACL - Access Control List

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What hardware device can filter content and cache data?

A. Switch
B. Proxy
C. Router
D. VPN concentrator

A

B. Proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What tool can be used to distribute network data for the optimization of performance across multiple computers and networks?

A. Multiplexer
B. Switch trunking
C. Load balancer
D. NATing

A

C. Load balancer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A malware scanner is least effective against what type of attack?

A. Pharming
B. Logic bomb
C. Trojan horse
D. Backdoor

A

A. Pharming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A firewall is an example of what type of access control model?

A. Role Based Access Control
B. Mandatory Access Control
C. Rule Based Access Control
D. Discretionary Access Control

A

C. Rule Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Most corporate security policies set the firewall to use what security stance?

A. Anti-spoofing
B. Reverse DNS lookup
C. Malware filtering
D. Implicit deny

A

D. Implicit deny

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following performs loop protection?

A. 802.1x
B. Spanning tree
C. VPN
D. Caching

A

B. Spanning tree

STP - Spanning Tree Protocols (they build hierarchical maps from Bridge Protocol Data Units and provide loop protection)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

To leverage existing authentication services, what must a networking device support?

A. x.509 v3
B. 802.3
C. x.500
D. 802.1x

A

C. x.500

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do ACLs most often contain in order for Access control within and between VLANs to be managed? [select two]

A. IP addresses
B. FQDNs
C. MAC addresses
D. Protocol ports

A

A. IP addresses
C. MAC addresses

MAC - Machine Address Code (also Mandatory Access Control, Media Access Control, and Message Authentication Code)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following can be implemented in cloud services as Software as a Service (SaaS)?

A. Web based mail
B. On demand computing
C. Custom development based on programming language or database structures
D. Protocol ports

A

A. Web based mail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

VLANs represent what?

A. Virtualized honey pots
B. IP subnetting
C. Hardware imposed network segmentations
D. Wireless accessible service network

A

C. Hardware imposed network segmentations

VLAN - Virtual Local Area Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In order to provide the most complete protection against malware, which of the following is the best implementation choice?

A. Install anti-virus on the host computer and each virtual system
B. Install anti-virus only on the host computer
C. Install anti-virus only on the virtual systems
D. Install anti-virus on only one virtual system

A

A. Install anti-virus on the host computer and each virtual system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When network access control is used to maintain patch levels and configs, where is a system returning from weeks in the field often placed?

A. In a quarantine with a remediation server
B. In a VPN
C. In an extranet
D. In the internet

A

A. In a quarantine with a remediation server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the most effective method to reduce the risk of war dialing?

A. Blocking Caller ID
B. Installing video cameras in the parking area
C. Removing all modems
D. Disabling SSID broadcasting

A

C. Removing all modems

SSID - Service Set Identifier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

On what layer if the TCP/IP (DARPA or DOD) model does IPSec operate?

A. Process (Application)
B. Link (Network Interface)
C. Internet (Internetworking)
D. Host-to-host

A

C. Internet (Internetworking)

TCP/IP - Transmission Control Protocol/Internet Protocol
DARPA - Defense Advanced Research Projects Agency
DOD - Department of Defense

16
Q

What does the S/FTP replacement for traditional insecure FTP use for its security services?

A. SSL
B. SSH
C. SHA
D. SRPC

A

B. SSH

SSL - Secure Socket Layer
SSH - Secure Shell
SHA - Secure Hashing Algorithm

17
Q

What ports does SNMP utilize?

A. UDP 161 and 162
B. TCP 20 and 21
C. TCP 53 and UDP 53
D. TCP 25 and 110

A

A. UDP 161 and 162

18
Q

Which layer of the OSI model stack is secured by SSL or TLS?

A. Application
B. Presentation
C. Session
D. Transport

A

D. Transport

19
Q

Which of the following is used to secure FTPS?

A. SSH
B. SSL
C. IPSec
D. L2TP

A

B. SSL

SSL - Secure Socket Layer
FTPS - File Transfer Protocol over SSL
SSH - Secure Shell
IPSec - Internet Protocol Security
L2TP - Layer 2 Tunneling Protocol
20
Q

What is the default port for TFTP?

A. UDP 21
B. TCP 21
C. UDP 69
D. TCP 69

A

C. UDP 69

21
Q

Which of the following operates over default port TCP 22?

A. SNMP
B. NetBIOS
C. HTTPS
D. SCP

A

D. SCP

SCP - Secure Copy (from SSH suite)
SNMP - Simple Network Management Protocol
HTTPS - Hypertext Transfer Protocol over SSL (Secure Socket Layer)

22
Q

HTTPS operates over what default TCP port?

A. 443
B. 445
C. 23
D. 80

A

A. 443

TCP - Transmission Control Protocol

23
Q

What is the default TCP port of FTPS?

A. 443
B. 21
C. 22
D. 990

A

D. 990

FTPS - File Transfer Protocol over SSL (Secure Socket Layer)

24
Q

What is the encryption algorithm used by WEP?

A. DES
B. IDEA
C. RC4
D. CAST

A

C. RC4

WEP - Wired Equivalent Privacy (also a Weak Encryption, cracked with an IV attack)
DES - Digital Encryption Standard
IDEA - International Data Encryption Algorithm

25
Q

What is the IEEE standard amendment that defines WPA as a standards based alternative to WEP?

A. 802.11f
B. 802.11g
C. 802.11n
D. 802.11i

A

D. 802.11i

WPA - Wi-Fi Protected Areas
WEP - Wired Equivalent Privacy (also a Weak Encryption vulnerable to IV Attacks)

26
Q

The wireless PEAP is used for what purpose?

A. Authentication
B. Integrity checking
C. Detecting wireless networks
D. Exchanging session keys

A

A. Authentication

PEAP - Protected Extensible Authentication Protocol

27
Q

What is CCMP related to?

A. Hashing
B. WPA2-PSK
C. Antenna power level
D. 802.11n

A

B. WPA2-PSK

CCMP - Counter-Mode/CBC-MAC Protocol

28
Q

You want to ensure that data is only viewable by authorized users. What security principle are you trying to enforce?

A. Confidentiality
B. Integrity
C. Availability
D. Authentication

A

A. Confidentiality

Confidentiality ensures that data is only viewable by authorized users and can be ensured with access controls and encryption. Integrity ensures that data has not been modified and is ensured with hashing. Availability can be ensured with power, cooling systems, various fault tolerances, and redundancy. Authentication is the validation of a credential that is bound to an entity’s identification, should never be bypassed, and is a first step in access control, but by itself does not provide confidentiality.

29
Q

Of the following choices, what is the best way to protect the confidentiality of data?

A. Authentication
B. Encryption
C. Hashing
D. PaaS

A

B. Encryption

Encryption protects the confidentiality of data. You can encrypt any kind of data. Authentication is the validation of a credential that is bound to an entity’s identification, should never be bypassed, and is the first step in access control but by itself does not provide confidentiality. Hashing ensures the integrity of the data. Platform as a Service (PaaS) provides an easy to configure operating system for on-demand cloud computing.

30
Q

You want to ensure that data has not been changed between the time when it was sent and when it arrived at its destination. What provides this assurance?

A. Confidentiality
B. Integrity
C. Availability
D. Authentication

A

B. Integrity

Integrity ensures that data has not been modified and is ensured with hashing. Confidentiality ensures that data is only viewable by authorized users and can be ensured with access controls and encryption. Availability ensures systems are up and operational when needed and uses fault tolerance and redundancy methods. Authentication is the validation of a credential that is bound to an entity’s identification, should never be bypassed, and is the first step in access control but does not provide integrity.

31
Q

A database administrator is tasked with increasing the retail prices of all products in a database by 10 percent. The administrator writes a script performing a bulk update of the database and executes it. However, all retail prices are doubled (increased by 100 percent instead of 10 percent). What has been lost?

A. Confidentiality
B. Integrity
C. Hashing
D. Authentication

A

B. Integrity

The database has lost integrity through an unintended change. Loss of confidentiality indicates that unauthorized users have accessed the database. Hashing can be used to verify integrity in some situations, but confidentiality would not be compromised. Authentication is the validation of a credential that is bound to an entity’s identification, should never be bypassed, and is the first step in access control but does not provide integrity.

32
Q

Your organization is addressing single points of failure as potential risks to security. What are they addressing?

A. Confidentiality
B. Integrity
C. Availability
D. Authentication

A

C. Availability

By addressing a single point of failure (SPOF), you increase availibility. An SPOF can be a drive, a server, power, cooling or any other item whose failure will cause the entire system to fail. Confidentiality ensures that data is only viewable by authorized users and can be ensured with access controls and encryption. Integrity ensures that data has not been modified and is ensured with hashing. Authentication provides proof of a user’s identity.

33
Q

What are some common hashing algorithms and what do they provide?

A

MD5, SHA, and HMAC provide Integrity.

MD5 - Message Digest 5 (128 bits)
SHA - Secure Hashing Algorithm
SHA-0 is unused, SHA-1 is 160 bits, SHA-224, SHA-256, SHA-384, and SHA-512 (# represents the bits), SHA-3 is 1600 bits (Wikipedia)
HMAC - Hashed Message Authentication Code
Hashing algorithms always provide a fixed bit-string regardless of the size of the hashed data. By comparing the hash at two different times, you can verify the integrity of the data.

34
Q

What is identification?

A

Identification is a claim (userid, username, subject, entity, etc.)

35
Q

What is authentication?

A

Authentication is the validation of a credential that is bound to an entity’s identification and should never be bypassed.

36
Q

What are the three types of authentication?

A

Something you KNOW (username, passwords, PINS, etc.)

Something you HAVE (token, certificate, smart card, Common Access Card, etc.)

Something you ARE (biometrics)

37
Q

What are the 7 OSI levels?

A
Application (7)
Presentation (6)
Session (5)
Transport (4)
Network (3)
Data Link (2)
Physical (1)
"People Don't Need To See Pink Alligators"