Networks and Network Security Flashcards
Module Four
What is the purpose of a baseline configuration (baseline image)?
A documented set of specifications within a system used as a basis for future builds, releases, and updates.
Describe the shared responsibility model in cloud security.
A model where the cloud service provider (CSP) is responsible for security of the cloud infrastructure, and the customer is responsible for securing the data and services they store in the cloud.
What is identity access management (IAM) in cloud security?
A collection of processes and technologies that manage digital identities and authorize how users can use cloud resources.
How does a hypervisor contribute to cloud security?
It abstracts the host’s hardware from the operating software environment, providing an additional layer of security.
What is cryptographic erasure?
A method of erasing data by destroying the encryption keys, making the data undecipherable.
Why is network log analysis important for security?
It helps identify events of interest by examining network logs.
What are the key functions of a Security Information and Event Management (SIEM) tool?
Collecting and analyzing log data to monitor critical activities and report suspicious events in a centralized dashboard.
What is multi-factor authentication (MFA)?
A security measure that requires users to verify their identity in two or more ways to access a system or network.
Describe the role of patch updates in security hardening.
They fix known security vulnerabilities and upgrade software to the latest version to enhance security.
What does network segmentation achieve in security?
It creates isolated subnets for different departments, enhancing security by limiting access.
Why is port filtering used in network security?
To disable unused ports and reduce the attack surface, preventing unauthorized access.
What is the purpose of an intrusion detection system (IDS)?
To detect and alert administrators about possible intrusions and malicious traffic.
How does an intrusion prevention system (IPS) differ from an IDS?
An IPS not only detects but also takes action to stop intrusive activities.
What is the significance of a virtual private network (VPN) in network security?
it encrypts data in transit and masks the user’s IP address, enhancing privacy and security on public networks.
What is a smurf attack?
A network attack where an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.