Module 7: Securing the Local Area Network and Cryptographic Systems Flashcards

1
Q

It is an endpoint security that is employed to protect critical computer systems containing crucial data against viruses and other Internet malware.

A

host-based intrusion prevention system (HIPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

three host-based protections

A
  • host-based intrusion prevention system (HIPS)
  • host-based firewall
  • antivirus/antimalware software
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A granular way to protect individual hosts from viruses and malware, and to control the spread of these harmful infections throughout the network.

A

host-based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The technical architecture that allows organizations to connect anyone, anywhere, anytime, and on any device – securely, reliably, and seamlessly.

A

Borderless Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

It is the foundation for the Network Infrastructure, providing optimization, scale, and security to collaboration and virtualization.

A

Borderless Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the different host-based protection/endpoint in a borderless network?

A
  • antivirus/antimalware
  • spam filtering
  • Uniform Resource Locator (URL) filtering
  • blacklisting
  • data loss prevention
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the different modern endpoint security solutions?

A
  • Advanced Malware Protection (AMP)
  • Enterprise Security Architecture (ESA)
  • Web Security Appliance (WSA)
  • Network access control (NAC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A modern endpoint security solution where its main focus is be to align information security controls and processes with business strategy, goals and objectives.

A

enterprise security architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A modern endpoint security solution which is the practice of applying a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization’s security processes, information security systems, personnel, and organizational sub-units so that they align with the organization’s core goals and strategic direction.

A

enterprise security architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A modern endpoint security solution which is the methodology and process used to develop a risk-driven security framework and business controls.

A

enterprise security architecture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A modern endpoint security solution that aims to do exactly what the name implies—control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.

A

network access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A modern endpoint security solution which safeguards businesses through broad threat intelligence, multiple layers of malware defense, and vital data loss prevention (DLP) capabilities across the attack continuum.

A

web security appliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A modern endpoint security solution which is an all-in-one web gateway that brings you broad protection, extensive controls, and investment value.

A

Web Security Appliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A modern endpoint security solution that might integrate the automatic remediation process (fixing non-compliant nodes before allowing access) into the network systems, allowing the network infrastructure such as routers, switches and firewalls to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.

A

Network access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A modern endpoint security solution that is designed to prevent, detect, and help remove threats in an efficient manner from computer systems.

A

Advanced Malware Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A modern endpoint security solution that is a computer networking solution that uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network

A

Network access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the 3 Advance Malware Protection offered by Cisco?

A
  • AMP for endpoints
  • AMP for Networks
  • AMP for Content Security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A Cisco AMP that integrates with Cisco AMP for Networks to deliver comprehensive protection across extended networks and endpoints.

A

AMP for endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A Cisco AMP that provides a network-based solution and is integrated into dedicated Cisco ASA Firewall and Cisco FirePOWER network security appliances.

A

AMP for Networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A Cisco AMP that is an integrated feature in Cisco Cloud Web Security or Cisco Web and Email Security Appliances to protect against email and web-based advanced malware attacks.

A

AMP for Content Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are the features and benefits of Cisco Email Security solutions?

A
  • Global threat intelligence
  • Spam blocking
  • Advanced malware protection
  • Outbound message control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the switch attack categories?

A
  • Spanning Tree Protocol (STP) Attack
  • Address Spoofing Attack
  • Address Resolution Protocol (ARP) Attack
  • Dynamic Host Configuration Protocol (DHCP) Attack
  • virtual local area network (VLAN) Attack
  • Content Addressable Memory (CAM) Table Attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

An enabling port security command used to learn connected MAC address dynamically

A

switchport port-security mac-address sticky

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An enabling port security command used to manually configure MAC addresses

A

switchport port-security mac-address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An enabling port security command used to set the maximum number of MAC addresses

A

switchport port-security maximum value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What are the port security violation modes?

A
  • Protect
  • Restrict
  • Shutdown
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A network management protocol used to automate the process of configuring devices on IP networks, thus allowing them to use network services such as DNS, NTP, and any communication protocol based on UDP or TCP.

A

Dynamic Host Configuration Protocol (DHCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

It is a security feature that acts like a firewall between untrusted hosts and trusted DHCP servers.

A

Dynamic Host Configuration Protocol (DHCP) snooping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

It is a stateless protocol used for resolving IP addresses to machine MAC addresses.

A

address resolution protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

It constructs a large number of forged ARP request and reply packets to overload the switch.

A

address resolution protocol (ARP) spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

It is one of the most frequently used spoofing attack methods.

A

IP (internet protocol) address spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

In an __________ attack, an attacker sends IP packets from a false source address in order to disguise itself.

A

address spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

It is a type of man-in-the-middle attack that can be used to stop network traffic, change it, or intercept it

A

address resolution protocol (ARP) poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

It is a security feature that validates ARP packets in a network.

A

dynamic address resolution protocol (ARP) inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

A mitigating ARP attack that allows a network administrator to intercept, log, and discard ARP packets with invalid MAC address to IP address bindings.

A

dynamic address resolution protocol inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

An attacker sends IP packets from a false (or “spoofed”) source address in order to disguise itself.

A

IP (internet protocol) address spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A way to mitigate VLAN attack that helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host.

A

IP (internet protocol) source guard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

A security feature that restricts IP traffic on untrusted Layer 2 ports by filtering traffic based on the DHCP snooping binding database or manually configured IP source bindings.

A

IP (internet protocol) source guard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A Layer 2 protocol that runs on bridges and switches and ensures that you do not create loops when you have redundant paths in your network.

A

Spanning Tree Protocol (STP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

A port in STP that is not being the designated or root port.

A

blocked port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

It is a port in STP that receives the best BPDU on a bridge is the root port.

A

root port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

This occurs when an attacker, hacker, or an unauthorized user spoof the root bridge in the topology.

A

spanning tree protocol manipulation attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

It is a port in STP that is the closest to the root bridge in terms of path cost.

A

root port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

It is the only bridge in the STP network that does not have a root port.

A

root bridge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

A reference point for all switches in a spanning-tree topology

A

root bridge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

It is calculated using port cost values associated with port speeds for each switch port along a given path in STP

A

STP (spanning tree protocol) Path Cost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

A port that can send the best BPDU on the segment to which it is connected.

A

designated port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

A port that receives more useful BPDUs from another bridge and is a port blocked.

A

alternate port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

This was introduced to accommodate the additional VLAN information in BPDU

A

Extended System
ID field

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

It can only be connected on switch or trunk ports that are connected to a single workstation, switch, or server to allow those devices to connect to the network immediately, instead of waiting for the port to transition from the listening and learning states to the forwarding state.

A

portfast

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

It used in selection of root bridge and to prevent loop which is supported only on nontrunking access ports because these ports typically do not transmit or receive BPDUs.

A

portfast mode

52
Q

It is used to mitigate STP attacks that provides a way to enforce the root bridge placement in the network.

A

root guard

53
Q

It forces a port to always be designated as the root port in STP.

A

root guard

54
Q

It is used to mitigate STP attacks that ensures that the port on which it is enabled is the designated port.

A

root guard

55
Q

A feature that provides additional protection against Layer 2 forwarding loops (STP loops) and is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state.

A

STP (spanning tree protocol) loop guard feature

56
Q

It is used to mitigate STP attacks that provides additional protection against Layer 2 forwarding loops (STP loops).

A

loop guard

57
Q

It causes a switch or trunk port to enter the spanning tree forwarding state immediately, bypassing the listening and learning states.

58
Q

Ciphertext can be creating using several methods:

A
  • Transposition
  • Substitution
  • One-time pad
59
Q

It is an encrypted text transformed from plaintext using an encryption algorithm.

A

ciphertext

60
Q

It is a an encryption technique where plaintext is paired with a random secret key.

A

one-time pad

61
Q

It is a method of encryption by which the positions held by units of plaintext are shifted according to a regular system, so that the ciphertext constitutes a permutation of the plaintext.

A

transposition cipher

62
Q

A method of encrypting in which units of plaintext are replaced with ciphertext, according to a fixed system; the “units” may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth.

A

substitution cipher

63
Q

An encryption technique that cannot be cracked, but requires the use of a one-time pre-shared key the same size as, or longer than, the message being sent.

A

one-time pad

64
Q

Methods used for cryptanalysis:

A
  • Brute-force method
  • Ciphertext method
  • Known-Plaintext method
  • Chosen-Plaintext method
  • Chosen-Ciphertext method
  • Meet-in-the-Middle method
65
Q

A method used in cryptanalysis where an attacker knows that a portion of the plaintext and the corresponding ciphertext.

A

Meet-in-the-Middle method

66
Q

A method used in cryptanalysis where an attacker tries every possible key with the decryption algorithm knowing that eventually one of them will work.

A

Brute-Force method

67
Q

A method used in cryptanalysis where an attacker has the ciphertext of several messages, all of which have been encrypted using the same encryption algorithm, but the attacker has no knowledge of the underlying plaintext.

A

Ciphertext-Only method

68
Q

A method used in cryptanalysis where the attacker uses a brute-force attack to try keys until decryption with the correct key produces a meaningful result.

A

Known-Plaintext method

69
Q

A method used in cryptanalysis where the attacker chooses which data the encryption device encrypts and observes the ciphertext output.

A

Chosen-Plaintext method

70
Q

A method used in cryptanalysis where the attacker chooses different ciphertext to be decrypted and has access to the decrypted plaintext.

A

Chosen-Ciphertext method

71
Q

The study of the distribution (and count) of the letters in a text.

A

Frequency analysis

72
Q

It is that part of cryptology concerned with the putting of messages into a secret or encrypted form.

A

Cryptography

73
Q

The art and science of making and breaking codes and ciphers.

A

Cryptology

74
Q

A method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.

A

Cryptography

75
Q

An algorithm used for authentication which is used by modern computers to encrypt and decrypt messages.

A

Rivest-Shamir-Adleman

76
Q

An algorithm used for authentication which is a widely used hash function producing a 128-
bit hash value.

A

message-digest algorithm (MD5)

77
Q

An algorithm used for authentication which the result of work done on developing a MAC derived from cryptographic hash functions.

A

Hash-based message authentication code (HMAC)

78
Q

An algorithm used for authentication that takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys.

A

DES (Data Encryption Standard)

79
Q

An algorithm used for confidentiality which is a symmetric-key block cipher created in the early 1970s by an IBM team and adopted by the National Institute of Standards and Technology (NIST).

A

data encryption standard

80
Q

An algorithm used for authentication which is a Federal Information Processing Standard for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem.

A

digital signature algorithm

81
Q

An algorithm that takes an arbitrary amount of data input—a credential—and produces a fixed-size output of enciphered text called a hash value, or just “hash.”

A

cryptographic hash function

82
Q

A Cryptographic Hash Function Property that should make it very hard to reconstruct the original password from the output or hash.

A

Non-reversibility or one-way function

83
Q

A Cryptographic Hash Function Property where a change in just one bit of the original password should result in change to half the bits of its hash.

A

Diffusion, or avalanche effect

84
Q

A Cryptographic Hash Function Property where a given password must always generate the same hash value or enciphered text.

A

Determinism

85
Q

A Cryptographic Hash Function Property where it should be hard to find two different passwords that hash to the same enciphered text.

A

Collision resistance

86
Q

A Cryptographic Hash Function Property where the hash value should not be predictable from the password.

A

Non-predictable

87
Q

It is a hash function that has been deprecated for uses other than as a non-cryptographic checksum to verify data integrity and detect unintentional data corruption.

A

message digest-5

88
Q

A well-known hash function that produces a 160-bit hash value from an arbitrary length string.

A

secure hash algorithm

89
Q

It is a specific type of message authentication code (MAC) involving a cryptographic hash function in combination with a secret cryptographic key.

A

keyed hash message authentication code (HMAC)

90
Q

A cryptographic hash algorithm that can be used to create a 128-bit string value from an arbitrary length string

A

Message Digest Algorithm 5 (MD5)

91
Q

The process of generating keys for cryptography.

A

Key generation

92
Q

It refers to managing cryptographic keys within a cryptosystem. It deals with generating, exchanging, storing, using and replacing keys as needed at the user level.

A

Key management

93
Q

A key management characteristics which removes KM from use prior to the end of its normal cryptoperiod for reasons that include key compromise, removal of an entity from an organization, etc.

A

key revocation

94
Q

A key management characteristics which any media on which the KM was stored should be erased in a manner that removes all traces of the KM so that it cannot be recovered by either physical or electronic means.

A

Key destruction

95
Q

A key management characteristics which is a specific time span during which a cryptographic key setting remains in effect.

A

key lifetime

96
Q

A key management characteristics where keys must be stored securely to maintain communications security.

A

Key storage

97
Q

A key management characteristics where prior to any secured communication, users must set up the details of the cryptography.

A

Key exchange

98
Q

It refers to the set of all possible permutations of a key.

99
Q

it is usually designed to be large enough to make such a key search infeasible.

100
Q

What are the different cryptographic keys?

A
  • symmetric key
  • asymmetric key
  • digital signature
  • hash key
101
Q

A type of encryption where only one key (a secret key) is used to both encrypt and decrypt electronic information.

A

Symmetric encryption

102
Q

A cryptographic value that is calculated from the data and a secret key known only by the signer.

A

Digital signature

103
Q

Two classes of encryption algorithms

A
  • symmetric encryption algorithm
  • asymmetric encryption algorithm
104
Q

A deterministic algorithm operating on fixed-length groups of bits, called blocks.

A

block cipher

105
Q

A cipher that uses an unvarying transformation or a symmetric key.

A

block cipher

106
Q

A type of encryption algorithm that process an individual bit, byte, or character of plaintext at a time

A

Stream cipher

107
Q

An algorithm used for confidentiality which takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys

A

DES (Data Encryption Standard)

108
Q

An algorithm used for confidentiality of data that uses symmetric algorithm and will take 6.4 days to crack using COPACABANA.

A

data encryption standard

109
Q

It is an algorithm that encrypts with the first key (k1), decrypts using the second key (k2), then encrypts with the third key (k3).

A

triple data encryption standard

110
Q

An algorithm used for confidentiality of data where key size can be 128, 192, and 256 bits.

A

advanced encryption standard

111
Q

An algorithm that is based on substitution–permutation network.

A

advanced encryption standard

112
Q

It is an algorithm replaced DES and needs 4.6 billion years to crack.

A

triple data encryption standard

113
Q

An algorithm used for confidentiality of data that uses symmetric algorithm and will take 149 trillions years to crack.

A

advanced encryption standard

114
Q

An algorithm which is a pseudorandom function family in that it can easily generate arbitrary portions of the keystream without having to start from the beginning.

A

software-optimized encryption algorithm

115
Q

An algorithm which uses is a stream cipher optimized for machines with a 32-bit word size and plenty of RAM with a reported performance of around 4 cycles per byte.

A

software-optimized encryption algorithm

116
Q

An algorithm where the router and peer must support IPSec.

A

software-optimized encryption algorithm

117
Q

It is an algorithm used for securely exchanging cryptographic keys over a public communications channel.

A

diffie-hellman algorithm

118
Q

What are the different protocols that uses asymmetric key algorithm?

A
  • Internet Key Exchange (IKE)
  • Secure Socket Layer (SSL)
  • Secure Shell (SSH)
  • Pretty Good Privacy (PGP)
119
Q

An asymmetric key algorithm which is often used as a method of exchanging encryption keys and/or authentication keys through an unsecured medium like the Internet.

A

Internet Key Exchange (IKE)

120
Q

An asymmetric key algorithm which is often used for key management purposes in IPSec networks.

A

Internet Key Exchange (IKE)

121
Q

An asymmetric key algorithm which provides several alternative options for strong authentication, and it protects the communications security and integrity with strong encryption.

A

Secure Shell (SSH)

122
Q

An asymmetric key algorithm which is a method for secure remote login from one computer to another.

A

Secure Shell (SSH)

123
Q

An asymmetric key algorithm which is an encryption-based Internet security protocol.

A

Secure Socket Layer (SSL)

124
Q

An asymmetric key algorithm which is an encryption program that provides cryptographic privacy and authentication for data communication.

A

Pretty Good Privacy (PGP)

125
Q

An asymmetric key algorithm used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications

A

Pretty Good Privacy (PGP)

126
Q

The transformation of a string of characters into a usually shorter
fixed-length value or key that represents the original string.

127
Q

Digital Signature Properties

A
  • authentic
  • unalterable
  • not reusable
  • cannot be repudiated