Network Security

Question 1

What is CIA Triad?

Answer 1

• Confidentality, Integrity, and Availability
• A model that combines three principles of information security to help organizations protect their sensitive systems and information

Question 2

What is Confidentality?

Answer 2

• Keeping data private and safe
• Symmetrical Encryption & Asymmetrical Encryption
• Steganography
• Access Control Methods

Question 3

What is Symmetrical Encryption?

Answer 3

• Sender and Recipient use same keys
• Data Encryption Standard (DES) - Weak
• Triple DES
• Advanced Encryption Standard (AES) - WPA2 in 128, 192, 256 bits

Question 4

What is Asymmetrical Encryption?

Answer 4

• Sender and Recipient use different keys
• RSA algorithm
• Common use with Public Key Infrastructure
• Can be in secure emails

Question 5

What is Integrity?

Answer 5

• Ensure data has not bee modified in transit
• Hashing Algorithms

Question 6

What is Availability?

Answer 6

• Ensures data accessibility
• Redundancy
• Fault Tolerance
• Load Balancing
• Patch Management

Question 7

What is Confidentiality Attack?

Answer 7

Attempt to make data viewable by attacker

Question 8

What is Integrity Attack?

Answer 8

Attempt to alter data

Question 9

What is Availability Attack?

Answer 9

Attempt to limit network accessibility and usability

Question 10

What is TACACS+?

Answer 10

• Terminal Access Controller Access Control System Plus (TACACS+) under TCP
• Perform the role of an authenticator in an 802.1x network
• Encrypts the entire payload of the access-request packet
• Primarily used for device administration
• Separates authentication and authorization

Question 11

What is RADIUS?

Answer 11

• Remote Authentication Dial-In User Service (RADIUS) under UDP
• Provides centralized administration of dial-up, VPN, and wireless network authentication
• Encrypts only the password in the access-request packet
• Combines authentication and authorization (802.1x)
• Primarily used for network access

Question 12

What is NAC?

Answer 12

• Network Access Control (NAC)
• A concept of effective security posture employing multiple tools and different techniques to slow down an attacker
• Time-based, Location-based, Role-based, Rule-based.

Question 13

What is CVE?

Answer 13

• Common Vulnerabilities and Exposures (CVE)
• List of publicly disclosed vulnerabilities – known vulnerabilities

Question 14

What is Zero Day?

Answer 14

• Newly discovered vulnerabilities - A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer

Question 15

What is DLP?

Answer 15

• Data Loss Policy
• A document defining how organizations can share and protect data

Question 16

What is DMZ?

Answer 16

• Demilitarized Zone
• A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall

Question 17

What is Honeypot/Honeynet?

Answer 17

Attracts and traps potential attackers to counteract any attempts at unauthorized access to a network

Question 18

What is Kerberos?

Answer 18

• Windows domain authentication/authorization
• Provides secure authentication over an insecure network
• “Ticket”

Question 19

In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide countermeasure against?

Answer 19

Replay Attacks

Question 20

What protocol ensures the reliability of the Kerberos authentication process?

Answer 20

NTP

Question 21

What is SIEM?

Answer 21

• Security Information and Event Management
• A security solution designed to detect anomalies in the log and event data collected from multiple network devices

Question 22

What is Penetration Testing?

Answer 22

• Bypasses security controls
• Actively tests security controls
• Exploits vulnerabilities

Question 23

What is Vulnerability Scanning?

Answer 23

• Identifies lack of security controls
• Identifies common misconfigurations
• Passively tests security controls

Question 24

What is ACL?

Answer 24

• Access Control List
• A mechanism in several network devices used to restrict access based on the following:
• Source & Destination MAC address
• Source & Destination IP address
• Port numbers or services
• Time of day

Question 25

What is PKI?

Answer 25

- Public Key Infrastructure (PKI) - A complex authentication technique that functions using digital certificates

Question 26

What is IDS?

Answer 26

- Intrusion Detection Systems (IDS) - NIDS - Detect unauthorized access or anomalies. - System administrators need to review report and plan an action against threats

Question 27

What is IPS?

Answer 27

- Intrusion Prevention Systems (IPS) - NIPS - Detect and take action to prevent intrusion - Between Firewall and Router

Question 28

What is a Threat?

Answer 28

* Person or event that has the potential to negatively impact valuable resources * Ex: Hackers & Hurriances

Question 29

What is a Vulnerability?

Answer 29

* Weakness in system design, implementation, or lack of preventive mechanisms * Usually within user control

Question 30

What is a Risk?

Answer 30

Occurs when a threat exploits a vulnerability

Question 31

What is SAML?

Answer 31

* Security Assertion Markup Language (SAML) * Designed for exchanging authentication and authorization data between trusted parties, enabling SSO and secure access to multiple systems.

Question 32

What is a CVSS?

Answer 32

* Common Vulnerability Scoring System * Provides a score from 0 to 10 indicating severity of a vulnerability.

Question 33

What is the primary focus of Secure Access Service Edge (SASE)?

Answer 33

Securing network access for remote users and branch offices.

Question 34

What is AAA?

Answer 34

* Authentication, Accounting, Authorization * Primary method for access control often uses RADIUS, TACAS, or Kerberos