Network Security Flashcards

1
Q

Network Security

A

is the protection of the underlying networking infrastructure from unauthorized access, misuse, or theft. (es la protección de la infraestructura de red subyacente por acceso no autorizado, mal uso o robo.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

It involves creating… (Implica crear…)

A

a secure infrastructure for devices, applications, users, and applications to work in a secure manner. (una infraestructura segura para que dispositivos, aplicaciones, usuarios y aplicaciones funcionen de manera segura.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does network security work?

A

Network security combines multiple layers of defenses at the edge and in the network. (La seguridad de la red combina múltiples capas de defensas en el borde y en la red.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Each network security layer… (Cada capa de seguridad de la red…)

A

implements policies and controls. (implementa políticas y controles.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Authorized users gain access to network resources… (Los usuarios autorizados obtienen acceso a los recursos de la red…)

A

but malicious actors are blocked from carrying out exploit and threats. (pero los actores maliciosos están bloqueadas para llevar a cabo hazañas y amenazas.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Every organization that wants to deliver the services that customers and employees demand… (Toda organización que quiera ofrecer los servicios que los clientes y empleados exigen…)

A

must protect its network. (debe proteger su red.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Network security helps…

A

protect proprietary information from attack. And protects your reputation. (proteger la información propietaria de ataques. Y protege su reputación.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Network security is defined:

A

as the process of creating a strategic defensive approach that secures a company’s data and its resources across its network. (como el proceso de creación de un enfoque defensivo estratégico que proteja los datos y recursos de una empresa a través de su red.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Irrespective of the organization’s size, industry, or infrastructure…

A

network security solutions protect it against the ever-evolving threat of cyberattacks. (las soluciones de seguridad de red la protegen contra la amenaza en constante evolución de los ciberataques.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The integrity, confidentiality, and accessibility of these computers are: (La integridad, confidencialidad y accesibilidad de estas computadoras son:)

A

maintained with network security and software and hardware technologies. (mantenidas con seguridad de red y tecnologías de software y hardware.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A network is considered secure only when it comprises three key components: (Una red se considera segura sólo cuando consta de tres componentes clave:)

A

confidentiality, integrity and availability. (confidencialidad, integridad y disponibilidad.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

This combination, called:

A

the CIA triad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The CIA triad, is a well-know standard used…

A

while creating network security policies for any organization. (mientras crea políticas de seguridad de red para cualquier organización.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The system is constantly under threat from hackers… (El sistema está constantemente amenazado por hackers…)

A

who are envolving and constinuosly finding ways to spot vulnerabilities and exploit them. (que están evolucionando y encontrando constantemente formas de detectar vulnerabilidades y explotarlas.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Vulnerabilities exist in several areas such as:

A
  • devices
  • data
  • applications
  • users
  • locations
  • among others
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

With even the shortest period of downtime… (Incluso con el período de inactividad más corto…)

A

losses can be immense. (las pérdidas pueden ser inmensas.)

17
Q

Any vulnerability gives hackers the ability to:

A
  • access infrastructure
  • install malware
  • even steal (incluso robar)
  • and modify data (if not destroy or erase it)
18
Q

The vulnerabilities include:

A
  1. Missing data encryption (Cifrado de datos faltantes)
  2. Operating system command injection (Inyección de comandos del sistema operativo)
  3. SQL injection
  4. Missing authentication
  5. Unrestricted upload of dangerous file types (Carga sin restricciones de tipos de archivos peligrosos)
  6. Other vulnerabilities
19
Q

Missing data encryption

A

Sometimes, a software does not encrypt or secure sensitive data before transmitting or saving it. (A veces, un software no cifra ni protege los datos confidenciales antes de transmitirlos o guardarlos.)

20
Q

Operating system command injection

A

Through an operating system command injection, a hacker can execute a random OS, corrupting the server running an application and compromising its functioning completely. (A través de una inyección de comando del sistema operativo, un hacker puede ejecutar un sistema operativo aleatorio, corrompiendo el servidor que ejecuta una aplicación y comprometiendo su funcionamiento por completo.)

21
Q

SQL injection

A

A hacker uses an SQL injection to intercept queries that an application makes to its server. (Un hacker utiliza una inyección SQL para interceptar las consultas que una aplicación realiza a su servidor.)

22
Q

Missing authentication

A

Sometimes, a software does not conduct any authentication of user identity or the resources being utilized. (A veces, un software no realiza ninguna autenticación de la identidad del usuario o de los recursos que se utilizan.)

23
Q

Unrestricted upload of dangerous file types

A

Where a software permits a hacker to upload dangerous files and run them on the software’s environment. (Cuando un software permite que un hacker cargue archivos peligrosos y los ejecute en el entorno del software)

24
Q

Other vulnerabilities

A

Include:
- weak passwords
- buffer overflow
- missing authorization
- cross-site scripting and forgery
- download of codes without integrity checks
- use of broken algorithms
- URL redirection to untrusted sites
- path traversal
- bugs

25
Q

Since attacks can occur to any layer of a network’s set-up… (Dado que los ataques pueden ocurrir a cualquier capa de la configuración de una red…)

A

all network hardware, software and policies related to network security must be created to address each layer. (todo el hardware, software y políticas de red relacionados con la seguridad de la red deben crearse para abordar cada capa.)

26
Q

The fundamentals of network security include:

A
  1. Access control
  2. Identification
  3. Authentication
  4. Authorization
  5. Accounting
  6. Physical network security
  7. Technical network security
  8. Administrative network security
27
Q

Access control

A

Access control is the system used to restrict access to data. (El control de acceso es el sistema utilizado para restringir el acceso a los datos.)

28
Q

Identification

A

Utilizing usernames and identity numbers to confirm user identity, processes, or devices that may be requesting access to the network. (Utilizar nombres de usuario y números de identidad para confirmar la identidad del usuario, los procesos o los dispositivos que pueden estar solicitando acceso a la red.)

29
Q

Authentication

A

Verifying credentials, authorization is provided to those requesting access to specfic data on the network. (Al verificar las credenciales, se proporciona autorización a quienes solicitan acceso a datos específicos en la red.)

30
Q

Accounting

A

Accounting tracks all actions carried out by a user on the network, which helps identity all authorized and unauthorized actions. (La contabilidad rastrea todas las acciones realizadas por un usuario en la red, lo que ayuda a identificar todas las acciones autorizadas y no autorizadas.)

31
Q

Physical network security

A

Is used to prevent unauthorized individuals from gaining physical access to components such as routers or cabling cupboards. (Se utiliza para evitar que personas no autorizadas obtengan acceso físico a componentes como enrutadores o armarios de cableado.)

32
Q

Technical network security

A

Protects all the data stored on a network. This can be data coming into the network, going out, or even transiting though it. (Protege todos los datos almacenados en una red. Pueden ser datos que entran, salen o incluso transitan por la red.)

33
Q

Administrative network security

A

Administrative security controls comprise security policies and processes used to control user behavior. (Los controles administrativos de seguridad comprenden políticas y procesos de seguridad utilizados para controlar el comportamiento del usuario.)

34
Q

Types of network security:

A
  • Firewalls
  • Intrusion prevention systems
  • Workload security
  • NetWork security
  • SecureX
  • Network segmentation
  • VPN
  • Access control
  • Application security
  • Behavioral analytics
  • Cloud security
  • Data loss prevention
  • Email security
  • Industrial network security
  • Mobile device security
  • Security information and event management
  • Web security
  • Wireless security