Information Security 3

Question 1

wall or partition that is designed to prevent fire from spreading from one part of a building to another.

Answer 1

firewall

Question 2

Firewall Types

Answer 2

1. Network Layer Firewall
2. Transport Layer Firewall
3. Application Layer Firewall
4. Context Aware Application Firewall
5. Proxy Server
6. Reverse Proxy Server
7. Network Address Translation (NAT) Firewall
8. Host-based Firewall

Question 3

filtering based on source and destination IP addresses

Answer 3

Network Layer Firewall

Question 4

filtering based on source and destination data ports, and filtering based on connection states

Answer 4

Transport Layer Firewall

Question 5

filtering based on application, program or service

Answer 5

Application Layer Firewall

Question 6

iltering based on the user, device, role, application type, and threat profile

Answer 6

Context Aware Application Firewall

Question 7

filtering of web content requests like URL, domain, media, etc.

Answer 7

Proxy Server

Question 8

placed in front of web servers, reverse proxy servers protect, hide, offload, and distribute access to web servers

Answer 8

Reverse Proxy Server

Question 9

hides or masquerades the private addresses of network hosts

Answer 9

Network Address Translation (NAT) Firewall

Question 10

filtering of ports and system service calls on a single computer operating system

Answer 10

Host-based Firewall

Question 11

designed to control, or filter, which communications are allowed in and which are allowed out of a device or network, as shown in the figu

Answer 11

firewall

Question 12

process of probing a computer, server or other network host for open ports. In networking, each application running on a device is assigned an identifier called a port number.

Answer 12

Port Scanning

Question 13

The host replied indicating a service is listening on the port.

Answer 13

Open or Accepted

Question 14

The host replied indicating that connections will be denied to the port.

Answer 14

Closed, Denied, or Not Listening

Question 15

There was no reply from the host.

Answer 15

Filtered, Dropped, or Blocked

Question 16

8 types of firewalls based on general structure and method

Answer 16

1. packet-filtering firewall
2. circuit-level gateway
3. stateful inspection firewall
4. application-level firewall
5. next-gen firewall
6. software firewall
7. hardware firewall
8. cloud firewall

Question 17

• oldest firewall
• designed to create checkpoints at individual routers or switches

Answer 17

packet-filtering firewall

Question 18

• quickyly and easily approve or deny traffic
• verifying transmission control protocol handshake

Answer 18

circuit-level gateway

Question 19

• combination of packet-filtering and circuit-level gateway
• offer higher level of protection of your business

Answer 19

stateful inspection firewall

Question 20

• firewalls operate at application layer to filter traffic
• cloud-based most of the time and establish traffic connections and examine data packets coming

Answer 20

proxy firewall

Question 21

time it was created into what makes it this kind of firewall

Answer 21

next generation firewall

Question 22

firewalls installed on local devices

Answer 22

software firewall

Question 23

firewalls used on physical devices and act as traffic router

Answer 23

hardware firewall

Question 24

• also called as FaaS
• often go hand in hand i=with proxy firewalls and they grow with business

Answer 24

cloud firewall

Question 25

can be stand-alone devices, like a router or firewall, a card that can be installed into a network device, or a module with its own processor and cached memory

Answer 25

Security Appliances

Question 26

have many firewall capabilities besides just routing functions, including traffic filtering, the ability to run an Intrusion Prevention System (IPS), encryption, and VPN capabilities for secure encrypted tunneling.

Answer 26

Routers

Question 27

Cisco Next Generation Firewalls have all the capabilities of an ISR router, as well as, advanced network management and analytics. Cisco Adaptive Security Appliance (ASA) with firewall capabilities are shown in Figure 2.

Answer 27

Firewalls

Question 28

are dedicated to intrusion prevention.

Answer 28

IPS

Question 29

server and client technologies. It is designed for secure encrypted tunneling.

Answer 29

Virtual Private Network (VPN)

Question 30

comes in next generation Cisco routers, firewalls, IPS devices, Web and Email Security Appliances and can also be installed as software in host computers.

Answer 30

Malware/Antivirus

Question 31

This category includes web and email security appliances, decryption devices, client access control servers, and security management systems.

Answer 31

Other Security Devices

Question 32

which firewall is best for business needs

Answer 32

cloud and hardware firewalls

Question 33

Detecting attacks in real time requires actively scanning for attacks using firewall and IDS/IPS network devices

Answer 33

Real Time Scanning from Edge to Endpoint

Question 34

• DDoS is one of the biggest attack threats requiring real-time response and detection.
• DDoS attacks are extremely difficult to defend against because the attacks originate from hundreds, or thousands of zombie hosts, and the attacks appear as legitimate traffic, as shown in the figure.

Answer 34

DDoS Attacks and Real Time Response

Question 35

• security technique that regulates who or what can view or use resourcesin a computing environment
• fundamental concept in security that minimizes risk to the business organization
• perform identification authentication and authorization of users and entities by evaluating login credentials

Answer 35

access control

Question 36

two types of access control

Answer 36

1. physical access
2. logical access

Question 37

type of access that controls limit access to campuses, buildings, rooms and physical IT assets

Answer 37

physical access

Question 38

type of access control that limits connections to computer networks, system files and data

Answer 38

logical data

Question 39

why is access control important?

Answer 39

1. minimiza security risk
2. ensures security technology and access control are in place to protect customer data
3. complex and can be challenging to manage
4. on-premises and cloud environments

Question 40

models of access controls

Answer 40

1. mandatory access control
2. discretionary access control
3. role-based access control
4. rule-based access control
5. attribute-based access control

Question 41

security model in which access rights are regulated by central authority based on multiple levels of security

Answer 41

mandatory access control

Question 42

access control method which owners or admins set policies defining who or what is authorized to access the resource

Answer 42

discretionary access control

Question 43

This is a widely used access control mechanism that restricts access to computer resources based on individuals or groups with defined business functions

Answer 43

Role-based access control (RBAC)

Question 44

This is a security model in which the system administrator defines the rules that govern access to resource objects

Answer 44

Rule-based access control.

Question 45

This is a methodology that manages access
rights by evaluating a set of rules, policies and relationships using the attributes of
users, systems and environmental condition

Answer 45

Attribute-based access control (ABAC)

Question 46

Challenges of access control

Answer 46

• dynamically managing distributed IT environments;
• password fatigue;
• compliance visibility through consistent reporting;
• centralizing user directories and avoiding application-specific silos; and
• data governance and visibility through consistent reporting.

Question 47

• use of a program to screen and/or exclude access to web pages or email deemed objectionable
• also used to implement company policies related to information system
  usage.

Answer 47

Content Filtering

Question 48

types of content filtering

Answer 48

1. web filter
2. email filter
3. internet filter
4. search engine filter
5. proxy content filtering
6. dns based content filtering

Question 49

Top 10 Content Filtering Software
Solutions

Answer 49

1. AT&T Global Security Gateway
2. Barracuda Web Security Gateway
3. Cisco Umbrella
4. Comodo Cybersecurity
5. DNSFilter
6. Flashstart
7. FortiGuard
8. Smoothwall SWG
9. WebRoot
10. WebTitan

Question 50

Why is Content Filtering Important?

Answer 50

helps to mitigate these risks by making such content difficult to access in the workplace, and by demonstrating the company’s intolerance for inappropriate, illegal, or objectionable content in general.

Question 51

n encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted

Answer 51

Virtual Private Network

Question 52

To be effective, content filtering has to be deployed across all content channels. The most common channels include

Answer 52

1. web
2. emails
3. executables

Question 53

• provides a safe, secure way to connect users and devices
• remotely to a corporate network. It includes VPN technology that uses strong ways to authenticate the user or device

Answer 53

Secure remote access

Question 54

Types of VPNs

Answer 54

1. remote access
2. site-to-site

Question 55

VPN securely connects a device outside the corporate office

Answer 55

Remote access

Question 56

connects the corporate office to branch offices over the Internet

Answer 56

Site-to-site

Question 57

Setting up a VPN on Windows 10

Answer 57

1. Type “VPN” into the search box in your
   taskbar, then open your VPN Settings
2. Add a VPN connection
3. Here, you’ll enter all the information about
   your VPN
4. click the icon that corresponds
   to your internet connection

Question 58

seven new emerging technology clusters to have significatnt impact on cybercrime

Answer 58

1. AI
2. Autonomous Drive and Systems
3. Computing and Data Storage Technologies
4. Telecommunication Infrastructure
5. Internet of Things (IoT)
6. Privacy-Enhancing Technologies
7. Blokchain and Distributed Ledger Technologies

Question 59

could increase autimation, speed, frequency and efficiency of attacks as well as potential for tailored attacks targeting specific groups

Answer 59

AI/ML

Question 60

could be used to carry out disguised criminal acts, develop new operation methods for criminals or canduct large-scale automated attacks

Answer 60

autonomous device and systems

Question 61

development and increasing use of computing and data storage technologies could be exploited by criminals to gain access and disseminated non-consensual recordings

Answer 61

computing data and storage tech

Question 62

can be used to enhance anonymity, speed aand capacity of criminal activities

Answer 62

telecommunication infrastructure

Question 63

growing volumes of data gathered by IOT could become vulnerable to theft, corruption, extortion

Answer 63

IoT

Question 64

could be exploited by malicious actors to pursure illicit activities anonymously and secretly making it difficult to detect criminal
activity

Answer 64

Privacy Enhancing Technologies (PETS)

Question 65

transactions become digitalized and processed, these could be manipulated for malicious purposes such as preventing transactions from being processed

Answer 65

blockchain and distributed ledger technologies