Module 3: Mitigating Threats

Question 1

What is the CIA Triad

Answer 1

Confidentiality, Integrity, Availability

Question 2

What are the 4 stages to mitigate a worm?

Answer 2

1. Containment
2. Inoculation
3. Quarantine
4. Treatment

Question 3

What is containment?

Answer 3

Limiting the spread of the worm

Question 4

What is inoculation?

Answer 4

All infected systems are patched. Ie jabbed.

Question 5

What is quarantine?

Answer 5

Tracking down and identifying all infected machines

Question 6

What is treatment?

Answer 6

disinfected the machines and systems

Question 7

How do you mitigate a access attack?

Answer 7

Using strong passwords, disable accounts etc

Question 8

How do you mitigate malware

Answer 8

with a antivirus

Question 9

How do you mitigate reconnaissance attacks

Answer 9

It is impossible to mitigate port scanning. Using an IPS and firewall can limit the information that can be discovered with a port scanner.

Question 10

How to mitigate a DoS attack

Answer 10

To minimize the number of attacks, a network utilization software package should be running at all times.

Question 11

Cisco NFP Framework 3 Parts

Answer 11

Control Plane, Management Plane and Data Plane

Question 12

What is the Control Plane

Answer 12

Responsible for routing data correctly.

Question 13

What is the Management Plane

Answer 13

Responsible for managing network elements.

Question 14

What is the Data plane

Answer 14

Responsible for forwarding data correctly

Question 15

How do you secure the Control Plane

Answer 15

Routing Protocol Authentication or Control Plane Policing CoPP

Question 16

What does CoPP do?

Answer 16

designed to prevent unnecessary traffic from overwhelming the route processor.

Question 17

How do you secure the Management Plane

Answer 17

Login and password policy, Present legal notification and RBAC

Question 18

How do you secure the Data Plane?

Answer 18

using Access Control Lists