Network-Based Security

Question 1

What is an IDS

Answer 1

A Tool that is used to monitor and analyse network traffic and raise an alarm for anything abnormal

Question 2

What is an IPS

Answer 2

Similar to an IPS but also acts upon anomalies as opposed to monitoring them like IDS

Question 3

What is a RADIUS Server

Answer 3

A system that can remotely control access to network resources

Question 4

What can a RADIUS Server Do?

Answer 4

Authenticating and authorising users, then managing the policies.

Question 5

What does a AAA Server Stand for (And Focuses on)?

Answer 5

Authentication
Authorisation
Accounting

Question 6

What is a Perimeter Network?

Answer 6

Separates an organisation private network (intranet) from a public network such as the Internet. It is common to install such devices as wireless access points, web servers and email servers in a perimeter network.

Question 7

What can a Perimeter Network also be referred to as?

Answer 7

A DMZ or a Public/Outward Facing Server

Question 8

What is a DMZ used for?

Answer 8

DMZ’s are commonly employed for the general public as guest servers, where users can access the internet using a business’s network but have no access to their infrastructure. Vice versa, attacks coming from the internet will target the DMZ as opposed to the business’s network.

Question 9

What does an IoT gateway do?

Answer 9

Allows devices to communicate with each other in a network or between networks, which also allows internet capability. Especially useful for legacy devices as it provides additional security for data that transfers through the gateway.

Question 10

What is the RIP Routing Protocol

Answer 10

Routing Information Protocol utilises a hop count based on distance. RIP is limited by 15 hops within a network and is therefore best suited for smaller networks.

Question 11

What is the OSPF Routing Protocol?

Answer 11

Open Shortest Path First uses link state routing where nodes send information to each other to create a map. It then uses the Dijkstra’s Algorithm to calculate the shortest route to take using the map generated at the time.

Question 12

What does Dijkstra’s Algorithm do?

Answer 12

calculate the shortest route to take using the map generated at the time.

Question 13

What is Policy Based Routing?

Answer 13

Used to define a path that a packet must take through a network based on its payload

Question 14

What is common practice for networks that dont support QoS?

Answer 14

Networks that do not support a control mechanism like QoS (Quality of Service), usually focus on traffic prioritisation where it provides high quality voice communications. This is known as best-effort networks where there are adjustments the different types of traffic such as download and upload speed.

Question 15

What is a downside to Traffic Prioritisation?

Answer 15

There is no guaranteed delivery of data

Question 16

What are the Human factors of QoS?

Answer 16

Human factors of QoS could include the stability and availability of services

Question 17

What is Network Segregation?

Answer 17

This involves splitting a network into smaller networks where users are assigned to their own specific network based on their roles. In large businesses where there are many employees within each department, may have their own segregated networks so users only have access to what they require. For instance, operations staff would not be able to access the financial documents from the finance department etc.
8
VLANs can be used to separate computers and users into more appropriate networks.