Network Security Operations Flashcards
Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server?
Circuit level
Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet?
Port Address Translation (PAT)
What is the meaning of “state” when referring to stateful inspection in firewalls?
It refers to the connection state of a conversation between two computers.
What can a user install to detect malicious software?
Antivirus
Which feature of a network intrusion prevention system (NIPS) uses a lists of known bad IP addresses to protect the network?
Reputation-based prevention
A company provides access to employees’ tax and personal information via a public-facing web portal.
What should the company implement to encrypt employees’ web access to this information?
Transport layer security (TLS)
Which attack tricks a client into mapping an IP address to a spoofed MAC address?
ARP spoofing
Which type of port has access to all VLANs by default in a traditional layer 2 switch?
Trunk
Which cloud feature is used to prevent data loss and provide for data retrieval in the event of a disaster?
Data backups and archives
Which cloud-hosting model provides exclusive cloud access for a single company?
Private
What should a cloud provider use to secure data in flight?
Private key encryption
Which type of wireless security protocol is the most secure?
WPA2 + AES
Which statement is true when comparing AES encryption to Triple DES (3DES)?
AES requires less CPU utilization and uses a larger block size than 3DES.
What is the best defense against fake access attacks?
Never use unsecured Wi-Fi hotspots.
Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination?
Proxy servers
An organization’s IT department is concerned that malicious insiders may be using elevated access rights.
Which security control can be used to draw attacks away from critical systems?
Honeypots
Which network device is usually placed in-line between a trusted network and an untrusted network?
Firewall
What is end-to-end encryption?
Data is encrypted on the sender’s system and only the recipient is able to decrypt it.
Which phrase describes unencrypted data?
In the clear
An adminstrator fails to configure protection for usernames and passwords transmitted across the network.
Which component of the AAA model is weakened?
Authentication
A user is mistakenly granted access to customer accounts not required for his duties.
Which component of the AAA model is violated?
Authorization
What device creates an array of MAC addresses and functions on the Data Link layer?
Switch
What device connects 2 or more networks, but does not analyze the information? On Layer 2.
Bridge
What device takes packets from the router and sends it to devices on network?
Hub
What layer of the OSI model does the router function on?
Layer 3/ Network
What layer of the OSI model does the modem function on?
Physical/Layer 1
Describe the speed and distance of Cat5 cables.
100 mpbs/ 100 meters
Describe the speed and distance of Cat5e cables.
Double twisted pairs. 1 gps over 100 meters. Used for switch/hub/router
What are Cat6 cables used for?
Ethernet LANs and Data centers
How many tightly woven pairs are in Cat6 cables?
4
What is the speed and distance of Cat6 cables?
1 gps/100 meters.
what does the traceroute or tracert command do?
traces the route an IP packet takes to the destination.
What command is tracepath similar to?
tracert
What command provides user w/ the IP, subnet mask and default gateway?
ipconfig
