Domain 2.1 Install and configure network components, both hardware- and software based, to support organizational security. Flashcards

1
Q

Number 1 VPN tunnel in the world

A

IPSEC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a piece of hardware designed to protect one network from another?

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does a Packet filtering firewall filter traffic based on?

A

– Source and Destination IP
– Port Numbers
– Protocols Used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is another name for a layer 7 firewall?

A

Application Firewall - Opens and inspects every packet on layer 7 of the OSI model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Stateful Inspection Firewall

A

Keeps a state table to track every communication channel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A list of rules that determine what traffic to block, and what to allow

A

Access Control List (ACL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what locally installed security control is Used to prevent application specific protocol and payload attacks?

A

Application Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A hardware device designed for general network filtering.

– Provides protection for the network.

A

Network Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

_______ firewalls analyzes packets on an individual basis against the filtering ACL.

A

Stateless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Unless some traffic is explicitly allowed it will be Denied.

A

Implicitly denied

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what is a VPN?

A

A secure tunnel through an unsecured internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does a VPN do?

A

Secures the private network, using encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

VPN concentrator

A

Gives all the VPNs a label.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Site-to-Site VPN

A

Site-to-site refers to the connection of separate sites through a VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Remote access VPN

A

Remote Access refers to connecting single entities or hosts through a VPN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

At what layer of the OSI model does a VPN operate?

A

Layer 3 - Network layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

An IPSEC VPN tunnel uses ___ by default.

A

AES - Advanced Encryption Standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What part of the packet does AH encapsulate

A

the outside of the packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What does ESP do?

A

ESP encapsulates the data inside the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

using a pre-existing VPN tunnel to exchange keys is called.

A

IKE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ISAKMP

A

a VPN tunnel setup to send symmetric keys across.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IPSEC Tunnel mode

A

Encrypts the Header, payload and Footer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

IPSEC Transport mode

A

Encrypts only the payload of the packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What type of tunnel routes all traffic across the tunnel?

A

A full tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What type of tunnel routes only specific traffic across the tunnel, and routes internet bound traffic outside of the tunnel.

A

Split tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What layer of the OSI model does TLS operate on?

A

Layer 4 - The Transport Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Host based Intrusion detection system (HIDS)

A

an IDS installed on your specific computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Network Based intrusion detection system (NIDS)

A

an IDS on the network, protecting all devices on your network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What device analyzes data, logs attacks, and notifies you.

A

Intrusion Detection System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

what is a HoneyPot?

A

A server setup to entice an attacker.

31
Q

What device analyzes data and prevents attack, and notifies you.

A

IPS - Intrusion Prevention System.

32
Q

NIPS

A

Network Intrusion Prevention System

33
Q

HIPS

A

Host intrusion Prevention System

34
Q

a known attack

A

a signature based attack

35
Q

requires a baseline to evaluate for normal or abhorrent operation

A

Behavior based IPS/IDS

36
Q

Compares suspicious programs vs known malware

A

Heuristics (“watching trends” on the exam)

37
Q

A flagged event that isn’t really an event and has been falsely triggered

A

False positive

38
Q

An event that should be flagged but isn’t.

A

False negative

39
Q

firewalls have _____ and routers have ____

A

firewalls have RULES and routers have ACLs

40
Q

Port Security AND wireless security

A

802.1X

41
Q

RADIUS port

A

port 1812

42
Q

A _________ switch works on Layer 2 and Layer 3 of the OSI Model.

A

Multilayer Switch / Layer 3 Switch

43
Q

Cisco proprietary Loop prevention

A

Spanning Tree Protocol (STP)

44
Q

Flood Gaurd

A

Stops buffer overflow - A flood guard will prevent your system or network from accepting more than it can handle

45
Q

a packet that is 9000 bytes

A

a Jumbo packet

46
Q

A ______ _______ goes to the internet on your behalf.

A

A Proxy Server

47
Q

a Proxy server ________ the websites you visit most often

A

Caches/stores

48
Q

what does a load balancer do?

A

routes traffic to multiple servers to ensure availability

49
Q

Active-Active

A

If one goes down the other is already active and in use.

50
Q

Active-passive

A

If one goes down the second/backup will activate and begin usage.

51
Q

Access Point

A

A device that creates a wireless local area network, or WLAN, usually in an office or large building. (For testing purposes it is a network extender)

52
Q

802.11a

A

54 Mbps - 5 GHz

53
Q

802.11b

A

11 Mbps - 2.4 GHz

54
Q

802.11g

A

54 Mbps - 2.4 GHz

55
Q

802.11n

A

200+ Mbps - 2.4 GHz or 5 GHz or both

56
Q

802.11n uses a unique technology called?

A

uses MIMO - two or more antenna. multiple input multiple output.

57
Q

The name of your wireless network

A

Service Set identifier (SSID)

58
Q

Each host is allowed or denied based on their mac address.

A

MAC filtering

59
Q

According to CompTIA there are 3 wireless channels you can use.

A

1, 6, and 11

60
Q

what antenna type goes 360 degrees

A

omni-directional - rubber-duck

61
Q

a direction antenna does what?

A

forces the signal in one direction, and since it is focusing the signal, it can cover a greater distance with a stronger signal. also called a YAGI antenna.

62
Q

Security Information and Event Management (SIEM)

A

provide real-time analysis of security alerts that are flagged by network appliances and software applications (aggregation.)

63
Q

write-once-read-many (WORM)

A

is built into many SIEMS. means that once the data is written you should not be able to edit it.

64
Q

What is DLP?

A

Data Loss Prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed.

65
Q

What is Tripwire?

A

File Integrity Verifier (VIF), that is utilized in a DLP environment. It will inform you if anyone accessed data.

66
Q

Network Access Control

A

a set of standards defined by the network for clients attempting to access it so that only known devices meeting specified requirements can connect. (similar to 802.1x)

67
Q

SSL Accelerators

A

Since encrypting data is very processor intensive, accelerators can be used to offload the public-key encryption to a hardware accelerator, which is a separate plug-in card (usually into a PCI slot).

68
Q

trusted platform module

A

a chip on the motherboard called a crypto-processor that performs encryption and decryption,

69
Q

Bitlocker

A

a microsoft program used for whole disk or full disk encryption.

70
Q
Which of the following devices is typically used to provide protection at the edge of the network attack surface?
A. Firewall
B. Router
C. Switch
D. VPN concentrator
A

A. Firewall

71
Q
In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be configured to provide remote access? (Select TWO).
A. Subnetting
B. NAT
C. Firewall
D. NAC
E. VPN
A

C. Firewall

E. VPN

72
Q
What type of wireless antenna can be used to send or receive signals in any direction?
A. Cantenna
B. Yagi
C. Rubber duck
D. Panel
A

C. Rubber duck

73
Q
You have recently had some security breaches in the network. You suspect the cause might be a small group of employees. You want to implement a solution that monitors incoming external traffic. Which of the following devices would you use?
A. A router
B. A network-based IDS
C. A VPN
D. A host-based IDS
A

B. A network-based IDS