Network Security

Question 1

security appliance

Answer 1

general term used to describe a network device that performs some kind of security function

Question 2

Endpoint

Answer 2

general term used to describe a computing device on a network (such as a laptop, desktop, mobile device, smartphone, tablet, or even a server).

Question 3

Internet of Things (IoT)

Answer 3

general term that is loosely used to describe devices that historically did not connect to the Internet (or a network) that now have network connectivity.

Question 4

Application (Layer 7)

Answer 4

consists of protocols used by computer applications to perform certain functions (such as a web browser using the HTTP protocol to access a website).

Question 5

Presentation (Layer 6)

Answer 5

responsible for translating data from something the user expects to something the network expects (and vice versa) so that it may be transferred over a network.

Question 6

Session (Layer 5)

Answer 6

responsible for setting up, controlling, and tearing down the connection between applications communicating between two different computers

Question 7

Transport (Layer 4)

Answer 7

handles end-to-end transport services and the establishment of logical connections between two computers (e.g., a clientserver connection).

Question 8

Network (Layer 3)

Answer 8

responsible for the routing and route selection for network packets based on logical IP addresses.

Question 9

Data Link (Layer 2)

Answer 9

responsible for transmitting and delivery of frames throughout a LAN based on the unique physical MAC addresses of the devices on the network.

Question 10

Physical (Layer 1)

Answer 10

with how bits (binary 1’s and 0’s) are transmitted and received

Question 11

(TCP/IP) model

Question 13

The Application Layer of the TCP/IP model

Answer 13

provides various services, processes, and protocols that run on a network and are used by user applications (such as a web browser).
Application, Presentation and Session osi model

Question 14

Secure Sockets Layer (SSL) and Transport Layer Security (TLS)

Answer 14

protocols are often lumped together in conversation since the SSL protocol was the predecessor to TLS; however, they are different protocols

Question 15

Host-to-Host Layer of the TCP/IP model

Answer 15

sometimes also called the Transport Layer since it loosely maps to the Transport Layer of the OSI model.

Question 16

Internet Layer of the TCP/IP model

Answer 16

provides logical addressing and routing of IP network traffic. This layer is sometimes also referred to as the Network Layer because it loosely maps to the Network Layer (Layer 3) of the OSI model.

Question 17

Network Access Layer of the TCP/IP model

Answer 17

loosely maps to the lower two layers (Layer 1 and Layer 2) of the OSI model (Physical and Data Link, respectively).

Question 18

conducting Research

Answer 18

primary purpose of the first step in the process of planning a cyberattack is to conduct research about the planned target organization or victim

Question 19

Identifying Targets

Answer 19

the cyberattacker pieces together the various bits of information collected in the previous phase.

Question 20

Exploiting Targets

Answer 20

attacker takes advantage of vulnerabilities in systems or networks to gain unauthorized access.

Question 21

iming and Race Conditions

Answer 21

also called a race condition attack, is an entire family of attacks in which the attacker takes advantage of the time between a sequence of events.

Question 22

HTTP response splitting

Answer 22

another type of attack where an attacker sends a malicious script to a website.

Question 23

Pretexting

Answer 23

uses a fake scenario to deceive someone

Question 24

quid pro quo (QPQ)

Answer 24

exchange of information or goods, such as a purchase.

Question 25

Password Attacks

Answer 25

can gain access to the data and systems that are their ultimate objective.

Question 26

Man-in-the Middle Attacks

Answer 26

class of attacks in which a cyberattacker intercepts communication between two entities

Question 27

Doing Bad Things

Answer 27

include deploying malware, writing scripts, guessing passwords, and using social
engineering and MITM attacks.

Question 28

Advanced Persistent Threat

Answer 28

stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period

Question 29

Network Segmentation

Answer 29

network design approach that allows organizations to group portions of the network into segments, each acting like a small network.

Question 30

Demilitarized Zones

Answer 30

network segment that is positioned in between the organization’s
connection to the Internet and their internal networks
purpose of the DMZ is to create a buffer zone between the
organization’s internal network and the outside world.

Question 31

Network Access Control

Answer 31

technology that allows organizations to implement controls that limit what devices can connect to their network
if you want to connect to a corporate network that is configured for NAC, the network
will not allow your computer to connect until it first checks your computer to see if it meets certain criteria based on a policy.

Question 32

Internet of Things Security

Answer 32

refers to many different kinds of physical devices that connect to the Internet or IP networks. IoT devices are sometimes called smart devices because they frequently contain processing capability, often in combination with sensors, robotics, and
automation technology.

Question 33

On-demand self-service

Answer 33

Cloud service customers can configure the computing resources they need (what they need, when they need it), allowing them to tailor resources to their needs.

Question 34

Rapid elasticity

Answer 34

Cloud service customers can rapidly scale resources (in some cases automatically) as needed to acquire more or less capability.

Question 35

Resource pooling

Answer 35

Computing resources of the CSP are pooled and shared across multiple consumers (referred to as cloud service customers or tenants) in a manner that abstracts the consumer from the underlying implementation.

Question 36

Measured service

Answer 36

amount of resources used by the CSC can be automatically metered and measured.

Question 37

Broad network access

Answer 37

CSC access is enabled over the network and supported by many different client platforms running on a wide variety of endpoint devices (e.g., laptops, desktops, mobile phones).