Networks and Network Security Flashcards
module two
What network protocol is used to determine the MAC address of the next router or device on a path?
Address Resolution Protocol (ARP).
Which protocol is used to translate internet domain names into IP addresses?
Domain Name System (DNS).
Define encapsulation in the context of network security.
The process of wrapping sensitive data in other data packets to protect information in transit.
What is a smurf attack?
A network attack where an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.
Describe the role of a forward proxy server.
It regulates and restricts a person’s access to the internet.
What type of attack involves intercepting and altering communication between two devices?
On-path attack.
How does a reverse proxy server function in network security?
It regulates and restricts the internet’s access to an internal server.
What does TCP stand for and what is its purpose?
Transmission Control Protocol; it allows two devices to form a connection and stream data.
What is the purpose of a demilitarized zone (DMZ) in network security?
To act as a network perimeter that isolates servers exposed to the internet.
Explain the concept of packet sniffing.
The practice of capturing and inspecting data packets across a network.
What is an ICMP flood attack?
A DoS attack where an attacker repeatedly sends ICMP request packets to a network server.
How can using a VPN protect against packet sniffing?
By encrypting data as it travels across a network.
Describe the purpose of port filtering.
To block or allow certain port numbers to control network communication.
What is IP spoofing and how does it compromise a network?
Changing the source IP of a data packet to impersonate an authorized system and gain network access.
How does a SYN flood attack work?
By simulating a TCP connection and flooding a server with SYN packets, overwhelming it.
What type of attack sends an oversized ICMP packet to a server, causing it to crash?
Ping of Death.
Define passive packet sniffing.
A type of attack where a malicious actor connects to a network hub and monitors all traffic without altering it.
What does a security incident report typically include?
A summary of the incident, type of attack, systems impacted, protection plan, detection methods, response plan, and recovery procedures.
How does a firewall help in protecting a network?
By monitoring and filtering incoming and outgoing network traffic based on security rules.
What is the purpose of using a controlled zone in network security?
To protect a company’s internal network from an uncontrolled security zone.
Explain the concept of a botnet.
A collection of computers infected by malware under the control of a single threat actor.
How does network segmentation improve security?
By creating isolated subnets for different departments, limiting access to specific areas of the network.
What is the function of network log analysis?
Examining network logs to identify events of interest and detect potential security incidents
Why is multi-factor authentication (MFA) important in network security?
It requires users to verify their identity in two or more ways to access a system, enhancing security.
It requires users to verify their identity in two or more ways to access a system, enhancing security.
By ensuring all cloud services meet security and compliance requirements, reducing vulnerabilities.