Network Hardening

Question 1

Specifies minimum password length, complexity, periodic changes, and limits on password reuse

Answer 1

Password Policy

Question 2

Sufficiently long and complex which creates lots of possible combinations for brute force attacks to be completed in time

Answer 2

Strong Password

Question 3

Securing a system by reducing its surface of vulnerabilities

Answer 3

Hardening

Question 4

A list of permissions associated with a given a system or network resources

Answer 4

Access Control List (ACL)

Question 5

What are IoT considerations

Answer 5

1. Understand your endpoints
   
   2. Track and manage your devices
   3. Patch vulnerabilities
   4. Conduct test and evaluation
   5. Change defaults credentials
   6. Use encryption protocols
   7. Segment IoT devices

Question 6

Defines a list of devices and only allows those on your Wi-Fi network

Answer 6

MAC filtering

Question 7

Secures wireless networks, including those protected with WEP, WPA, WPA2 and WPA3

Answer 7

Pre-Shared Key (PSK)

Question 8

Acts as a framework and transport for other authentication protocols

Answer 8

Extensible Authentication Protocol (EAP)

Question 9

Validates the Address Resolution Protocol (or ARP) packets in your network

Answer 9

Dynamic ARP Inspection (DAI)

Question 10

Provides security by inspecting DHCP traffic, filtering untrusted DHCP messages, and building a maintaining a DHCP snooping binding table

Answer 10

DHCP Snooping

Question 11

Mitigates attack vectors based forged ICMPv6 router advertisement messages

operate at Layer 2 of the OSI model for IPv6 networks

Answer 11

IPv6 Router Advertisement Guard (RA-Guard)

Question 12

Configures a QoS filter that manages the traffic flow of control plane packets to protect the control plane of Cisco IOS routers and switches

Answer 12

Control Plane Policing (CPP)