Harding the Network

Question 1

What is secure SNMP?

Answer 1

Secure SNMP: Using SNMPv3 for secure management of network devices.

Question 2

What is Router Advertisement (RA) Guard?

Answer 2

Router Advertisement (RA) Guard: Protects against rogue RA messages in IPv6 networks.

Question 3

What is port security?

Answer 3

Port security: Limits the devices that can connect to a network switch port.

Question 4

What is dynamic ARP inspection?

Answer 4

Dynamic ARP inspection: Prevents ARP spoofing attacks by validating ARP packets.

Question 5

What is control plane policing?

Answer 5

Control plane policing: Limits traffic to the control plane to protect router resources.

Question 6

What are private VLANs?

Answer 6

Private VLANs: Isolate devices within the same VLAN for security.

Question 7

Why should unneeded switchports be disabled?

Answer 7

Disable unneeded switchports: Reduces attack surface by deactivating unused ports.

Question 8

Why should unneeded network services be disabled?

Answer 8

Disable unneeded network services: Minimizes vulnerabilities by turning off unused services.

Question 9

Why should default passwords be changed?

Answer 9

Change default passwords: Prevents unauthorized access using well-known default credentials.

Question 10

Why is password complexity/length important?

Answer 10

Password complexity/length: Increases security by making passwords harder to guess.

Question 11

What is DHCP snooping?

Answer 11

DHCP snooping: Prevents rogue DHCP servers by monitoring DHCP traffic.

Question 12

Why should the default VLAN be changed?

Answer 12

Change default VLAN: Reduces risk of VLAN hopping attacks.

Question 13

What is patch and firmware management?

Answer 13

Patch and firmware management: Keeps devices secure with the latest updates and fixes.

Question 14

What is an access control list (ACL)?

Answer 14

Access control list (ACL): Controls network traffic flow based on rules.

Question 15

What is role-based access?

Answer 15

Role-based access: Limits access based on user roles to enhance security.

Question 16

What are firewall rules?

Answer 16

Firewall rules: Define what traffic is allowed or blocked in a network.

Question 17

What is explicit deny?

Answer 17

Explicit deny: Clearly specifies what traffic is not allowed.

Question 18

What is implicit deny?

Answer 18

Implicit deny: Blocks all traffic by default unless explicitly allowed.

Question 19

What is MAC filtering?

Answer 19

MAC filtering: Restricts network access to specific devices based on their MAC address.

Question 20

Why is antenna placement important in wireless security?

Answer 20

Antenna placement: Optimizes wireless coverage and reduces interference.

Question 21

Why are power levels important in wireless security?

Answer 21

Power levels: Adjusts signal strength to limit wireless coverage to the desired area.

Question 22

What is wireless client isolation?

Answer 22

Wireless client isolation: Prevents wireless clients from communicating with each other.

Question 23

What is guest network isolation?

Answer 23

Guest network isolation: Segregates guest network traffic from the main network.

Question 24

What are preshared keys (PSKs)?

Answer 24

Preshared keys (PSKs): Shared passwords for securing wireless networks.

Question 25

What is Extensible Authentication Protocol (EAP)?

Answer 25

Extensible Authentication Protocol (EAP): A framework for various authentication methods.

Question 26

What is geofencing?

Answer 26

Geofencing: Restricts network access based on geographic location.

Question 27

What is a captive portal?

Answer 27

Captive portal: A web page that users must interact with before accessing a network.

Question 28

What are IoT access considerations?

Answer 28

IoT access considerations: Implementing security measures specific to Internet of Things devices.