Network Security Flashcards
What are the components of the Confidentiality, Integrity, Availability (CIA) triad?
The components of the Confidentiality, Integrity, Availability (CIA) triad are confidentiality, integrity, and availability, which are the three core principles of information security.
What are internal threats?
Internal threats are security risks originating from within the organization, such as employees or contractors.
What are external threats?
External threats are security risks originating from outside the organization, such as hackers or competitors.
What are common vulnerabilities and exposures (CVE)?
Common vulnerabilities and exposures (CVE) are publicly disclosed security vulnerabilities in software and hardware.
What is a zero-day vulnerability?
A zero-day vulnerability is a security flaw that is unknown to the vendor and has no available fix, making it highly exploitable.
What are exploits?
Exploits are techniques or code used to take advantage of vulnerabilities in systems or applications.
What is the principle of least privilege?
The principle of least privilege means granting users only the access necessary to perform their job functions, reducing the risk of unauthorized access.
What is role-based access control?
Role-based access control is a method of restricting access to resources based on the roles of individual users within an organization.
What is Zero Trust security?
Zero Trust security is a model that assumes no implicit trust and requires continuous verification of every user and device attempting to access resources.
What is defense in depth?
Defense in depth is a layered security approach that uses multiple defenses to protect systems and data.
What is network segmentation enforcement?
Network segmentation enforcement is the practice of dividing a network into segments to control traffic and limit access based on policy.
What is a perimeter network (previously known as demilitarized zone or DMZ)?
A perimeter network, previously known as a demilitarized zone (DMZ), is a buffer zone between an internal network and the external internet, used to host public-facing services.
What is the separation of duties?
Separation of duties is a security principle that divides responsibilities among different individuals to reduce the risk of fraud or error.
What is network access control?
Network access control is a security technique used to restrict network access to authorized users and devices.
What is a honeypot?
A honeypot is a decoy system or network set up to attract and analyze potential attackers.
What is multifactor authentication?
Multifactor authentication is a security method that requires multiple forms of verification to access resources, such as a password and a fingerprint.
What is Terminal Access Controller Access-Control System Plus (TACACS+)?
Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol used for centralized authentication and authorization of network devices.
What is single sign-on (SSO)?
Single sign-on (SSO) is an authentication process that allows users to access multiple applications with one set of login credentials.
What is Remote Authentication Dial-in User Service (RADIUS)?
Remote Authentication Dial-in User Service (RADIUS) is a protocol used for remote user authentication and accounting.
What is LDAP?
LDAP (Lightweight Directory Access Protocol) is a protocol used to access and manage directory information.
What is Kerberos?
Kerberos is a network authentication protocol that uses secret-key cryptography to provide secure communication.
What is local authentication?
Local authentication is the process of verifying a user’s identity through credentials stored locally on the device.
What is 802.1X?
802.1X is a network access control protocol for securing wired and wireless networks.
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP) is a framework for transporting authentication protocols used in network access.
What is a security risk assessment?
A security risk assessment is the process of identifying and evaluating potential security risks to an organization.
What is a threat assessment?
A threat assessment is the process of identifying and evaluating potential threats to an organization.
What is a vulnerability assessment?
A vulnerability assessment is the process of identifying and evaluating vulnerabilities in a system or network.
What is penetration testing?
Penetration testing is the practice of testing a computer system or network to find security vulnerabilities that an attacker could exploit.
What is posture assessment?
Posture assessment is the process of evaluating the security posture of a system or network, including compliance with policies and standards.
What is a business risk assessment?
A business risk assessment is the process of identifying and evaluating risks that could impact the business operations of an organization.
What is a process assessment?
A process assessment is the evaluation of business processes to identify potential security risks and inefficiencies.
What is a vendor assessment?
A vendor assessment is the process of evaluating third-party vendors to ensure they meet security requirements and standards.
What is security information and event management (SIEM)?
Security information and event management (SIEM) is a solution that provides real-time analysis of security alerts and logs generated by network hardware and applications.
