Network Security 4.1

Question 1

A perimeter network that protects an organization’s internal local area network from untrusted traffic

Answer 1

DMZ

Question 2

Subnet in the network architecture that uses a single firewall with three interfaces to connect three dissimilar networks

Answer 2

Screen Subnet

Question 3

Prevents frauds and abuse by distributing various tasks and approval authorities across a number of different users

Answer 3

Separation of Duties

Question 4

Two people each have half of the knowledge of how to do something

Answer 4

Split Knowledge

Question 5

Attracts and traps potential attackers to counteract any attempts at unauthorized access to a network. Used a form of research to learn the tools involved in network attacks

Answer 5

Honeypot/Honeynet

Question 6

Using the lowest level of permissions of privileges needed in order to complete a job function or admin task

Answer 6

Least Privilege

Question 7

An access control model that is controlled by the system but focuses on a set of permissions versus an individual’s permissions

Answer 7

Role-Based Access (RBAC)

Question 8

An access control method where access is determined by the owner of the resource

Answer 8

Directionary Access Control (DAC)

Question 9

An access control policy where the computer system gets to decide who gets access to what objects. Used in the government for security clearance.

Answer 9

Mandatory Access Control (MAC)

Question 10

A security framework that requires users to be authenticated and authorized before being granted access to applications and data

Answer 10

Zero-Trust

Question 11

Authenticates or proves an identity using more than one method

Answer 11

Multifactor Authentication

Question 12

Tries every possible combination until they figure out the password

Answer 12

Brute Force Attack

Question 13

Combination of dictionary and brute force attacks

Answer 13

Hybrid Attack

Question 14

The process of determining whether someone or something is who or what it claims itself to be

Answer 14

Authentication Methods

Question 15

A database used to centralize information about your clients and your objects on your network

Answer 15

Lightweight Directory Access Protocol (LDAP) – Port 389

Question 16

Organizes and manages everything on the network, including clients, servers, devices and users

Answer 16

Active Directory

Question 17

validates usernames and password combination against an LDAP server as a form of authentication

Answer 17

Lightweight Directory Access Protocol (LDAP) – Port 389

Question 18

Focused on authentication and authorization within a Windows domain environment

Answer 18

Kerberos

Question 19

used to give a default user profile for each of their users and rank that profile to all different resources users will have access to. Can use strong password or MFA for authentication

Answer 19

Single Sign-On

Question 20

uses port 88

Answer 20

Kerberos

Question 21

Provides centralized administration of dial up, VPN, and wireless network authentication

Answer 21

Remote Authentication Dial-In User Service (RADIUS) - UDP

Question 22

Operates on Layer 7 - TACACAS or RADIUS?

Answer 22

Remote Authentication Dial-In User Service (RADIUS) - UDP

Question 23

Used to perform the role of an Authenticator in an 802.1x network

Answer 23

Terminal Access Controller Access Control System Plus (TACACS+) - TCP

Question 24

A standardized framework that’s used for port-based authentication on both wired and wireless networks

Answer 24

802.1x

Question 25

The device requesting access to the network

Answer 25

Supplicant

Question 26

The device through which the supplicant is requesting to access the network (ex: Switch, Access point, VPN concentrator)

Answer 26

Authenticator

Question 27

Centralized device that performs the Authorization (RADIUS or TACACS+ server)

Answer 27

Authentication Server

Question 28

Allows for numerous different mechanisms of authentication

Answer 28

Extensible Authentication Protocol (EAP)

Question 29

Utilizes simple passwords and the challenge handshake authentication process to provide remote access authentication

Answer 29

EAP – MD5

Question 30

Uses public key infrastructure with a digital certificate being installed on both the client and the server

Answer 30

EAP-TLS

Question 31

Requires a digital certificate on the server and a password on the client for its authentication

Answer 31

EAP-TTLS

Question 32

Uses a protected access credential to establish mutual authentication between devices

Answer 32

EAP Flexible Authentication via Secure Tunneling (EAP-FAST)

Question 33

Uses server certificates and Microsoft’s Active Directory databases to authenticate a client’s password

Answer 33

Protected EAP (PEAP)