Introduction- Security Concepts

Question 1

Primary 3 Goals of Network Security

Answer 1

Confidentiality
Integrity
Availability

Question 2

Confidentiality

Answer 2

Encryption

Only Authorized Users can access assets

Question 3

Integrity

Answer 3

No one modifies your information

Question 4

Availability

Answer 4

Network must be available.

Question 5

Physical Threats

Answer 5

Fire, water, earthquake
Electrical
Lack of Spare Parts
Poor cabling/labeling

Question 6

Internal Threats

Answer 6

User has physical access and knowledge of the internal network.
Locks, Cameras, ID access, Data backups

Question 7

Value Classifications. 5

Answer 7

Confidentiality
Value
Age
Replacement Cost
Useful Lifetime

Question 8

Countermeasures 3

Answer 8

Administrative Controls
Physical Controls
Technical/Logical Controls

Question 9

Administrative Control

Answer 9

Policy/Procedure

Training, Standards, change management, audits, background checks

Question 10

Physical Controls

Answer 10

Security Guard, IDS, Locks, UPS, Fire Suppression

Question 11

Vulnerabilities 4

Answer 11

Protocols
Operating Systems
Application
System Design

Question 12

Network Security Policy

Answer 12

Rules for individuals and groups throughout the company
Access Control
Guide for Network security Engineer to configure, change, monitor, Log, and respond to attacks

Question 13

Network Segmentation

Answer 13

Separate network by where devices are physically connected as well as VLANs
Group assets of the same type, value, security level, or risk level

Question 14

Separation of Duties

Answer 14

No single individual has the capability to execute a set of tasks
More than one person required to complete a task

Question 15

Weakest Link

Answer 15

Humans are the weakest link

Weak passwords or humans kindness attacks

Question 16

Accountability and Non-repudiation

Answer 16

User activity and changes are logged and audited

Guarantees all operations can be traced to source