Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network Defence Essentials > Module 1 - Intro to NDE > Flashcards

Module 1 - Intro to NDE Flashcards

1
Q

What are Network Security Controls

A

Security features that work together to control access to network resources based on identity management.

Page 17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What do Network Security Protocols do?

A

Ensure data passing through a network is secure.

Page 17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are Network Security Devices?

A

A set of devices used to protect computer networks from unwanted traffic and threats.

Page 17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the categories of Network Security Devices?

A
  • Active devices
  • Passive devices
  • Preventative devices

Page 17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the ultimate goal of Network Defence?

A

To protect an organisations information, systems and infrastructure
from
* unauthorised access,
* misuse,
* modification,
* service denial
and any degradation or disruptions.

Page 18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

There are four

What are some potential threats to a network?

A
  • Interruption of services
  • Damaging and exploiting the network
  • Restricting access to computing resources
  • Stealing data

Page 18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Is a firewall alone sufficient to protect a network?

A

No. Firewalls can be bypassed for intruders to access the system.

Page 18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

There are six

What does network defence involve?

A
  • Predicting,
  • protecting,
  • monitoring,
  • analysing,
  • detecting
  • and responding
    to unauthorised activities.

Page 18

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the five Information Assurance (IA) principles?

A
  • Confidentiality
  • Integrity
  • Availability
  • Non-Reupdiation
  • Authentication

Page 19

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the confidentiality IA principle?

A

Information shared on a network is not accessed by unauthorised parties.

Page 20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the integrity IA principle?

A

Information has not been modified or tampered with by unauthorised parties.

Page 20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the availability IA principle?

A

Information is available to authorised parties without disruption.

Page 20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the non-repudiation IA principle?

A

There is a trail of responsibility when messages are sent so that the sender can not deny sending it.

Page 21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the authentication IA principle?

A

No one can access the network without having their identity verified.

Page 21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the three elements of Network Security?

A
  • Network security controls
  • Network security protocols
  • Network security devices

Page 17

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are four benefits of Network Defence?

A
  • Increased profits
  • Improved productivity
  • Enhanced compliance
  • Client confidence

Page 22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the three main Network Defence challenges?

A
  • Distributed computing environments
  • Emerging threats
  • Lack of network security skills

Page 23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the four types of Network Defence Approaches?

A
  • Preventative
  • Retrospective
  • Reactive
  • Proactive

Page 24

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are four methods used in the Preventative network defence approach?

A
  • Access control mechanisms - firewalls
  • Admission control mechanisms - Network Access Controls (NAC) and Network Access Protections (NAP)
  • Cryptographic applications - IPSec and SSL
  • Biometric techniques - facial recognitiion

Page 24

20
Q

What are five methods used in the Reactive network defence approach?

A
  • Security monitoring methods such as:
  • An intrusion detection system (IDS)
  • An intrusion prevention system (IPS)
  • Security information management systems (SIMS)
  • Threat reputation services (TRS)

Page 24

21
Q

What three methods are used in the Retrospective network defence approach?

A
  • Fault finding mechanisms - protocol analysers and traffic monitors
  • Security forensics techniques - CSIRT and CERT
  • Post-mortem analysis mechanism - risk and legal assessments

Page 24

22
Q

What are two methods used in the Proactive network defence approach?

A
  • Threat intelligence
  • Risk assessment

Page 24

23
Q

What are seven examples of Administrative Security Controls?

A
  • Regulatory framework compliance
  • Security policy
  • Employee monitoring and supervising
  • Information classification
  • Security awareness and training
  • Separation of duties
  • Principle of least privileges

Page 25

24
Q

What are Administrative Security Controls?

A

Administrative security controls are
* Management limitations
* Operational procedures
* Accountability procedures
and other controls that ensure the security of an organisation.

Page 25

25
Q

What are Physical Security Controls?

A

Controls that provide physical protect of the information, buildings, and all other physical assets of an organisation

Page 26

26
Q

What are the three categories of Physical Security Controls?

A
  • Prevention controls
  • Detterence controls
  • Detection controls

Page 26

27
Q

What are four examples of Prevention Controls?

Physical Security Controls

A
  • Fences
  • Locks
  • Biometrics
  • Mantraps

Page 27

28
Q

What are Deterrence Controls?

Physical Security Controls

A

Controls that are used to discourage the violation of security policies. They include access controls such as security guards and warning signs.

Page 27

29
Q

What are two examples of Detection Controls?

Physical Security Controls

A
  • CCTV
  • Alarms

Page 27

30
Q

What are Technical Security Controls?

Network Security Controls

A

A set of security measues taken to protect data and systems from unauthorised personnel

Page 29

31
Q

What are the six components of Technical Security Controls?

Network Security Controls

A
  • System access controls
  • Network access controls
  • Authentication and authorisation
  • Encryption and protocols
  • Network security devices
  • Auditing

Page 29

32
Q

What are System access controls used for?

Technical Security Controls

A

Restricting access to data based on
* Sensitivity (confidentiality) of data
* Clearance level
* User rights
* Permissions

Page 29

33
Q

What are Network access controls?

Technical Security Controls

A

A set of access control mechanisims for network devices like routers and switches.

Page 29

34
Q

What do Authentication and Authorisation controls do?

Technical Security Controls

A

Ensure that only users with appropriate privileges can access the system or network resources.

Page 29

35
Q

What do Encryption and Protocols do?

Technical Security Controls

A

Protect information passing through the network and preserve the privacy and reliability of data.

Page 29

36
Q

What are two types of Network Security Devices?

Technical Security Controls

A
  • Firewall
  • Intrusion detection system (IDS)

Page 29

37
Q

How does Auditing help with network security?

Technical Security Controls

A

By tracking and examining network activities so weaknesses in the network can be identified.

Page 29

38
Q

Name ten Network Security Protocols

Network Security Protocols

A
  • RADIUS
  • TACAS+
  • Kerebos
  • PGP
  • S/MIME
  • Secure HTTP
  • HTTPS
  • TLS
  • SSL
  • IPsec

Page 31

39
Q

What are three layers that Security Protocols work at?

Network Security Protocols

A
  • Transport layer
  • Network layer
  • Application layer

Page 31

40
Q

Which security protcols work at the Transport Layer?

Network Security Protocols

A
  • Transport Layer Security (TLS)
  • Secure Sockets Layer (SSL)

Page 31

41
Q

Which security protocols work at the Network Layer?

Network Security Protocols

A
  • Internet Protocol Security protocol (IPSec)

Page 31

42
Q

Which security protocols work at the Application Layer?

Network Security Protocols

A
  • Pretty Good Privacy (PGP)
  • Secure/Multi-purpose Internet Mail Extension (S/MIME)
  • Secure HTTP
  • Hyper Text Transfer Protocol Secure (HTTPS)
  • Kerebos
  • Remote Authentication Dial-In User Service (RADIUS)
  • Terminal Access Controller Access Control System Plus (TACAS+)

Page 31

43
Q

What does RADIUS do?

Network Security Protocols

A

Provides centralised authentication, authorisation and accounting for remote access servers to communicate with a central server

Page 33

44
Q

What are the Handshake steps for RADIUS?

Network Security Protocols

A
  1. access-request packet (Client)
  2. access-accept message and access-challenge or access-reject (RADIUS)
  3. accounting-request (Client)
  4. accounting-response message (RADIUS)

Page 33

45
Q
A

Network Defence Essentials (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions