Network Security

Question 1

Confidentiality

Answer 1

Keeping the data private and safe, only people who should access data, can
Encryption
Authentication to access resources

Question 2

Symmetric Encryption
examples
cons

Answer 2

sender and receiver share the same key
DES - weak, snmpv3
3DES
AES - strong, WPA2
cons: key management, poor scalability

Question 3

Asymmetric Encryption
example
cons

Answer 3

Uses different keys for sender and receiver
RSA: most popular, uses public key infrastructure PKI
used for online shopping (HTTPS)
slower than symmetric

Question 4

Integrity

Answer 4

Ensures data has not been modified in transit
Verifies the source that traffic originates from
uses hashing
ex: MD5, SHA1, SHA256

Question 5

Availability

Answer 5

Measures accessibility of the data

Increased by designing redundant networks

Question 6

Threat

Answer 6

A person or event that has the potential for impacting a valuable
resource in a negative manner
external: outside org
internal: inside org

Question 7

Technical Vulnerabilities

Answer 7

System-specific conditions that create security weaknesses
Common Vulnerabilities and Exposures: CVE (Known vulnerabilities)
Zero-Day Vulnerability (Brand new vulnerability)

Question 8

Exploit

Answer 8

Piece of software code that takes advantage of a security flaw or
vulnerability within a system or network

Question 9

Security Risk Assessment

Answer 9

Used to identify, assess, and implement key security controls within an
application, system, or network
-threat
-vulnerability
-penetration
-posture

Question 10

Threat Assessment

Answer 10

Focused on the identification of the different threats that may wish to
attack or cause harm to your systems or network

Question 11

Vulnerability Assessment

Answer 11

Focused on identifying, quantifying, and prioritizing the risks and
vulnerabilities in a system or network

Question 12

Penetration Test

Answer 12

Evaluates the security of an IT infrastructure by safely trying to exploit
vulnerabilities within the systems or network

Question 13

Posture Assessment

Answer 13

Assesses cyber risk posture and exposure to threats caused by
misconfigurations and patching delays

Question 14

Business Risk Assessment

Answer 14

Used to identify, understand, and evaluate potential hazards in the
workplace
-process
-vendor

Question 15

Process Assessment

Answer 15

The disciplined examination of the processes used by the organization
against a set of criteria

Question 16

Vendor Assessment

Answer 16

The assessment of a prospective vendor to determine if they can
effectively meet the obligations and the needs of the business

Question 17

Least Privilege

Answer 17

Using the lowest level of permissions or privileges needed in order to
complete a job function or admin task

Question 18

(RBAC)

Answer 18

Role-Based Access Control
An access model that focuses on a group of
permissions versus an individual’s permissions

Mandatory Access Control: system decides, military classification
Discretionary Access Control: resource owner decides

Question 19

Zero-Trust

Answer 19

A security framework that requires users to be authenticated and
authorized before being granted access to applications and data

Question 20

Defense in Depth

Answer 20

Cybersecurity approach in which a series of
defensive mechanisms are layered in order to protect valuable data and
information
Physical, logic, administrative

Question 21

Screen Subnet the artist formally known as dmz

Answer 21

Subnet in the network architecture that uses a single firewall with three
interfaces to connect three dissimilar networks
Triple-homed firewall (internet, dmz, intranet)

Question 22

Separation of Duties

Answer 22

Prevent frauds and abuse by distributing various tasks and approval
authorities across a number of different users

Question 23

(NAC)

Answer 23

Network Access Control
Ensures a device is scanned to determine its current state of security prior to
being allowed network access
IEEE 802.1x - Used in port-based Network Access Control

Question 24

Honeypot/ Honeynet

Answer 24

Attracts and traps potential attackers to counteract any attempts at
unauthorized access to a network
Track habits of attackers

Question 25

Multifactor Authentication

Answer 25

Authenticates or proves an identity using more than one method
Something you know (username, pins, passwords)
Something you have (cards, RFID tags, RSA key fob)
Something you are (fingerprint, retina)
Something you do (signature, voice)
Somewhere you are (geotagging/fencing)

Question 26

Dictionary Attack

Answer 26

Guesses the password by attempting to check every single word or
phrase contained within a word list, called a dictionary

Question 27

Brute Force Attack

Answer 27

Tries every possible combination until they figure out the password
good security - min 12 characters

Question 28

Hybrid Attack

Answer 28

Combination of dictionary and brute force attacks

Question 29

(LDAP)

Answer 29

Lightweight Directory Access Protocol
Validates a username and password combination against an LDAP server
as a form of authentication
Port 389 LDAP
Port 636 LDAP Secure

Question 30

Local Authentication

Answer 30

Process of determining whether someone or something is who or what it
local user login on pc

Question 31

Kerberos

Answer 31

Focused on authentication and authorization within a Windows domain
environment
Provides secure authentication over an insecure network

Question 32

(RADIUS)

Answer 32

Remote Authentication Dial-In User Service
Network Access Protocol
Provides centralized administration of dial-up, VPN, and wireless network
authentication, authorization, accounting
udp

Question 33

(NAC)

Answer 33

Network Access Control
Ensures a device is scanned to determine its current state of security prior to
being allowed network access
IEEE 802.1x - Used in port-based Network Access Control

Question 34

(TACACS+)

Answer 34

Terminal Access Controller Access Control System Plus
Network Access Protocol
Used to perform the role of an authenticator in an 802.1x network
tcp
Ensure Port 49 is open
Excellent if using Cisco devices

Question 35

802.1x

Answer 35

A standardized framework that’s used for port-based authentication on
both wired and wireless networks

Question 36

(EAP)

Answer 36

Extensible Authentication Protocol

Allows for numerous different mechanisms of authentication

Question 37

Indoor and Outdoor cameras

Answer 37

Indoor cameras tend to be lighter, cheaper, and easier to install

Question 38

Infrared System

Answer 38

Displays images based on the amount of heat in a room
Quickly and easily identify where a person is inside the room
Identify hot spots in the room and detect gear that could
overheat before it actually does

Question 39

Ultrasonic Camera

Answer 39

A type of surveillance camera that uses sound-based detection

Question 40

Asset Tag

Answer 40

Identifies a piece of equipment using a unique serial number,
code, or barcode
Reduce theft and helps to identify the device

Question 41

Tamper Detection

Answer 41

Ensures a network equipment has not been modified once labeled
and stored

Question 42

Access Control Vestibule (Mantrap)

Answer 42

An area between two doorways that holds people until they are
identified and authenticated

Question 43

Smart Locker

Answer 43

A fully integrated system that allows you to keep your laptop, tablet,
smartphone, or other valuables inside

Question 44

Asset Disposal

Answer 44

Occurs whenever a system is no longer needed by an organization
Perform a factory reset
Wipe the configuration
Sanitize the devices

Question 45

Factory Reset

Answer 45

Removes all customer specific data that has been added to a network
device since the time it was shipped from the manufacturer

Question 46

Data Remnants

Answer 46

Leftover pieces of data that may exist in the hard drive which we no
longer need

Question 47

Physical Environment

Answer 47

Computing equipment can be damaged by influencing the physical
environment
Temperature - Attacker disturbs the HVAC to overheat your systems
Humidity - Create a high level of moisture/humidity
Gas - Inject gas into an environment that could ignite