Network Security Flashcards
Confidentiality
Keeping the data private and safe, only people who should access data, can
Encryption
Authentication to access resources
Symmetric Encryption
examples
cons
sender and receiver share the same key DES - weak, snmpv3 3DES AES - strong, WPA2 cons: key management, poor scalability
Asymmetric Encryption
example
cons
Uses different keys for sender and receiver
RSA: most popular, uses public key infrastructure PKI
used for online shopping (HTTPS)
slower than symmetric
Integrity
Ensures data has not been modified in transit
Verifies the source that traffic originates from
uses hashing
ex: MD5, SHA1, SHA256
Availability
Measures accessibility of the data
Increased by designing redundant networks
Threat
A person or event that has the potential for impacting a valuable
resource in a negative manner
external: outside org
internal: inside org
Technical Vulnerabilities
System-specific conditions that create security weaknesses
Common Vulnerabilities and Exposures: CVE (Known vulnerabilities)
Zero-Day Vulnerability (Brand new vulnerability)
Exploit
Piece of software code that takes advantage of a security flaw or
vulnerability within a system or network
Security Risk Assessment
Used to identify, assess, and implement key security controls within an application, system, or network -threat -vulnerability -penetration -posture
Threat Assessment
Focused on the identification of the different threats that may wish to
attack or cause harm to your systems or network
Vulnerability Assessment
Focused on identifying, quantifying, and prioritizing the risks and
vulnerabilities in a system or network
Penetration Test
Evaluates the security of an IT infrastructure by safely trying to exploit
vulnerabilities within the systems or network
Posture Assessment
Assesses cyber risk posture and exposure to threats caused by
misconfigurations and patching delays
Business Risk Assessment
Used to identify, understand, and evaluate potential hazards in the
workplace
-process
-vendor
Process Assessment
The disciplined examination of the processes used by the organization
against a set of criteria
Vendor Assessment
The assessment of a prospective vendor to determine if they can
effectively meet the obligations and the needs of the business
Least Privilege
Using the lowest level of permissions or privileges needed in order to
complete a job function or admin task
(RBAC)
Role-Based Access Control
An access model that focuses on a group of
permissions versus an individual’s permissions
Mandatory Access Control: system decides, military classification
Discretionary Access Control: resource owner decides
Zero-Trust
A security framework that requires users to be authenticated and
authorized before being granted access to applications and data
Defense in Depth
Cybersecurity approach in which a series of
defensive mechanisms are layered in order to protect valuable data and
information
Physical, logic, administrative
Screen Subnet the artist formally known as dmz
Subnet in the network architecture that uses a single firewall with three
interfaces to connect three dissimilar networks
Triple-homed firewall (internet, dmz, intranet)
Separation of Duties
Prevent frauds and abuse by distributing various tasks and approval
authorities across a number of different users
(NAC)
Network Access Control
Ensures a device is scanned to determine its current state of security prior to
being allowed network access
IEEE 802.1x - Used in port-based Network Access Control
Honeypot/ Honeynet
Attracts and traps potential attackers to counteract any attempts at
unauthorized access to a network
Track habits of attackers
Multifactor Authentication
Authenticates or proves an identity using more than one method
Something you know (username, pins, passwords)
Something you have (cards, RFID tags, RSA key fob)
Something you are (fingerprint, retina)
Something you do (signature, voice)
Somewhere you are (geotagging/fencing)
Dictionary Attack
Guesses the password by attempting to check every single word or
phrase contained within a word list, called a dictionary
Brute Force Attack
Tries every possible combination until they figure out the password
good security - min 12 characters
Hybrid Attack
Combination of dictionary and brute force attacks
(LDAP)
Lightweight Directory Access Protocol Validates a username and password combination against an LDAP server as a form of authentication Port 389 LDAP Port 636 LDAP Secure
Local Authentication
Process of determining whether someone or something is who or what it
local user login on pc
Kerberos
Focused on authentication and authorization within a Windows domain
environment
Provides secure authentication over an insecure network
(RADIUS)
Remote Authentication Dial-In User Service
Network Access Protocol
Provides centralized administration of dial-up, VPN, and wireless network
authentication, authorization, accounting
udp
(NAC)
Network Access Control
Ensures a device is scanned to determine its current state of security prior to
being allowed network access
IEEE 802.1x - Used in port-based Network Access Control
(TACACS+)
Terminal Access Controller Access Control System Plus
Network Access Protocol
Used to perform the role of an authenticator in an 802.1x network
tcp
Ensure Port 49 is open
Excellent if using Cisco devices
802.1x
A standardized framework that’s used for port-based authentication on
both wired and wireless networks
(EAP)
Extensible Authentication Protocol
Allows for numerous different mechanisms of authentication
Indoor and Outdoor cameras
Indoor cameras tend to be lighter, cheaper, and easier to install
Infrared System
Displays images based on the amount of heat in a room
Quickly and easily identify where a person is inside the room
Identify hot spots in the room and detect gear that could
overheat before it actually does
Ultrasonic Camera
A type of surveillance camera that uses sound-based detection
Asset Tag
Identifies a piece of equipment using a unique serial number,
code, or barcode
Reduce theft and helps to identify the device
Tamper Detection
Ensures a network equipment has not been modified once labeled
and stored
Access Control Vestibule (Mantrap)
An area between two doorways that holds people until they are
identified and authenticated
Smart Locker
A fully integrated system that allows you to keep your laptop, tablet,
smartphone, or other valuables inside
Asset Disposal
Occurs whenever a system is no longer needed by an organization
Perform a factory reset
Wipe the configuration
Sanitize the devices
Factory Reset
Removes all customer specific data that has been added to a network
device since the time it was shipped from the manufacturer
Data Remnants
Leftover pieces of data that may exist in the hard drive which we no
longer need
Physical Environment
Computing equipment can be damaged by influencing the physical
environment
Temperature - Attacker disturbs the HVAC to overheat your systems
Humidity - Create a high level of moisture/humidity
Gas - Inject gas into an environment that could ignite
