Network Security Flashcards
What is CIA Triad?
- Confidentality, Integrity, and Availability
- A model that combines three principles of information security to help organizations protect their sensitive systems and information
What is Confidentality?
- Keeping data private and safe
- Symmetrical Encryption & Asymmetrical Encryption
- Steganography
- Access Control Methods
What is Symmetrical Encryption?
- Sender and Recipient use same keys
- Data Encryption Standard (DES) - Weak
- Triple DES
- Advanced Encryption Standard (AES) - WPA2 in 128, 192, 256 bits
What is Asymmetrical Encryption?
- Sender and Recipient use different keys
- RSA algorithm
- Common use with Public Key Infrastructure
- Can be in secure emails
What is Integrity?
- Ensure data has not bee modified in transit
- Hashing Algorithms
What is Availability?
- Ensures data accessibility
- Redundancy
- Fault Tolerance
- Load Balancing
- Patch Management
What is Confidentiality Attack?
Attempt to make data viewable by attacker
What is Integrity Attack?
Attempt to alter data
What is Availability Attack?
Attempt to limit network accessibility and usability
What is TACACS+?
- Terminal Access Controller Access Control System Plus (TACACS+) under TCP
- Perform the role of an authenticator in an 802.1x network
- Encrypts the entire payload of the access-request packet
- Primarily used for device administration
- Separates authentication and authorization
What is RADIUS?
- Remote Authentication Dial-In User Service (RADIUS) under UDP
- Provides centralized administration of dial-up, VPN, and wireless network authentication
- Encrypts only the password in the access-request packet
- Combines authentication and authorization (802.1x)
- Primarily used for network access
What is NAC?
- Network Access Control (NAC)
- A concept of effective security posture employing multiple tools and different techniques to slow down an attacker
- Time-based, Location-based, Role-based, Rule-based.
What is CVE?
- Common Vulnerabilities and Exposures (CVE)
- List of publicly disclosed vulnerabilities – known vulnerabilities
What is Zero Day?
- Newly discovered vulnerabilities - A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer
What is DLP?
- Data Loss Policy
- A document defining how organizations can share and protect data
What is DMZ?
- Demilitarized Zone
- A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall
What is Honeypot/Honeynet?
Attracts and traps potential attackers to counteract any attempts at unauthorized access to a network
What is Kerberos?
- Windows domain authentication/authorization
- Provides secure authentication over an insecure network
- “Ticket”
In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide countermeasure against?
Replay Attacks
What protocol ensures the reliability of the Kerberos authentication process?
NTP
What is SIEM?
- Security Information and Event Management
- A security solution designed to detect anomalies in the log and event data collected from multiple network devices
What is Penetration Testing?
- Bypasses security controls
- Actively tests security controls
- Exploits vulnerabilities
What is Vulnerability Scanning?
- Identifies lack of security controls
- Identifies common misconfigurations
- Passively tests security controls
What is ACL?
- Access Control List
- A mechanism in several network devices used to restrict access based on the following:
- Source & Destination MAC address
- Source & Destination IP address
- Port numbers or services
- Time of day
What is PKI?
- Public Key Infrastructure (PKI)
- A complex authentication technique that functions using digital certificates
What is IDS?
- Intrusion Detection Systems (IDS) - NIDS
- Detect unauthorized access or anomalies.
- System administrators need to review report and plan an action against threats
What is IPS?
- Intrusion Prevention Systems (IPS) - NIPS
- Detect and take action to prevent intrusion
- Between Firewall and Router
What is a Threat?
- Person or event that has the potential to negatively impact valuable resources
- Ex: Hackers & Hurriances
What is a Vulnerability?
- Weakness in system design, implementation, or lack of preventive mechanisms
- Usually within user control
What is a Risk?
Occurs when a threat exploits a vulnerability
What is SAML?
- Security Assertion Markup Language (SAML)
- Designed for exchanging authentication and authorization data between trusted parties, enabling SSO and secure access to multiple systems.
What is a CVSS?
- Common Vulnerability Scoring System
- Provides a score from 0 to 10 indicating severity of a vulnerability.
What is the primary focus of Secure Access Service Edge (SASE)?
Securing network access for remote users and branch offices.
What is AAA?
- Authentication, Accounting, Authorization
- Primary method for access control often uses RADIUS, TACAS, or Kerberos
