Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network Defense Essentials > Module 01: Network Security Fundamentals- > Flashcards

Module 01: Network Security Fundamentals- Flashcards

1
Q

Process of protecting information systems or networks that store sensitive data, to make them available for the end users whenever they request access.

A

Information Assurance Principle of Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Process of authorizing users with credentials provided, by comparing them to those in a database of authorized users on an authentication server, to grant access to the network. It guarantees that the files or data phasing through the network is safe.

A

Information Assurance Principle of Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Protects data and does not allow modification, deletion, or corruption of data without proper authorization.

A

Information Assurance Principle of Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A service that validates the integrity of a digital signature’s transmission, starting from where it originated to where it arrived.

A

Information Assurance Principle of Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Permits only authorized users to access, use or copy information. Authentication is crucial for confidentiality. If an authorized user accesses protected information, it implies that a breach of confidentiality has occurred.

A

Information Assurance Principle of Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

This approach consists of methods or techniques that are used to inform decision making for countering future attacks on the target network. Threat intelligence and risk assessment are examples of methods that can be used to assess probable future threats on the organization.

A

Proactive Approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Essentially consists of methods or techniques that can easily prevent threats or attacks in the target network. Firewall, NAC and NAP, and IPSec and SSL are examples of this approach.

A

Preventative Approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Examines the causes for attacks in the network. These include: Fault finding mechanism such as protocol analyzers and traffic monitors, Security forensics techniques such as CSIRT and CERT, Post-mortem analysis mechanism including risk and legal assessments.

A

Retrospective Approach

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

This approach address attacks and threats that the preventative approach may have failed to avert. DoS and DDoS attacks are examples of the reactive approach. It is necessary to implement both preventative and this approach to ensure the security of the network. This includes security monitoring methods such as IDS, SIMS, TRS, and IPS.

A

What is the Reactive Approach?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Ensures that only users with appropriate privileges can access the system or network resources.

A

Authentication and Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Used for the restriction of access to data according to sensitivity of data, clearance level of users, user rights, and permissions.

A

System Access Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Refers to the tracking and examining of the actives of network devices in a network. This mechanism helps in identifying weaknesses in the network.

A

Auditing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Protects the information passing through the network and preserve the privacy and reliability of the data.

A

Encryption and Protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Firewall and IDS are used to filter and detect malicious traffic, thus protecting the organization from threats.

A

Network Security Devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Provides access to the resource indirectly. A task is possible after a user receives authorization for a primary resource through which access to the requested resource is possible.

A

Implicit Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Maintains separate authorization for each resource request. This technique is simpler.

A

Explicit Authorization

16
Q

Tracking the actions performed by a user on a network. IT keeps track of who, when, and how the users access the network. This includes verifying the files accessed by the user and functions such as alteration or modification of the files or data.

A

Accounting

17
Q

Involves verifying the credentials provided by a user while attempting to connect to a network. Both wired and wireless networks perform this on users before allowing them to access the resources in the network.

A

Authentication

18
Q

Deals with confirming the identity of a user, process, or device accessing the network. This is the most commonly used technique for authenticating the users in the network and applications.

A

Identification

19
Q

Refers to the process of providing permission to access the resources or perform an action on the network. It can decide the user privileges and access permissions of users on a multiuser system.

A

Authorization

20
Q

Ensures secure communications over the IP network. It works at the network layer of the communication model. It makes use of the cryptographic security services to ensure a secure communication. It allows authentication of the IP packets during communication of data. It provides authentication as well as encryption of the data passing through VPN tunnels.

A

IPsec

21
Q

Used for sending digitally signed and encrypted messages. It allows you to encrypt email messages and digitally sign them to ensure confidentiality, integrity, and non-repudiation for messages.

A

S/MIME: Secure/Multipurpose internet mail extensions

22
Q

Used to distribute TCP/IP configuration information to DHCP-enabled clients in the form of a lease offer.

A

DHCP

23
Q

A standard networking protocol used for sharing files over the Internet’s TCP/IP protocols

A

FTP

24
Q

A protocol that provides centralized authentication, authorization, and accounting (AAA) for remote access servers to communicate with a central server.

A

RADIUS

25
Q

Application layer protocol which provides cryptographic privacy and authentication for network communication. Is an encryption and decryption computer program that is used for providing confidentiality and validation during communication. Enhances the security of emails.

A

PGP: Pretty Good Privacy

26
Q

A protocol developed by Cisco, It primary performs AAA separately. It is primary used for device administration

A

TACAS+: The terminal access controller access control system plus

27
Q

A TCP/IP protocol used on a LAN that helps a user or administrator to access remote computers over a network.

A

Telnet: Telecommunications network.

28
Q

A network authentication protocol that is implemented for authenticating requests in computer networks. It is based on the client-server model, which uses an encryption technology and a “ticket” mechanism to prove the identification you a user on a non-secure network.

A

Kerberos

29
Q

an XML-Based messaging protocol used to transmit data between computers

A

SOAP: The Simple Object Access Protocol

30
Q

A secure version of FTP and an extension of SSH2 protocol. It is used for secure file transmission and file access over a reliable data stream.

A

SFTP

31
Q

An application layer that manages a TCP/IP based network based on client server architecture.

A

SNMP

Network Defense Essentials (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions