Networks and Network Security Flashcards
Module Four
What is the purpose of a baseline configuration (baseline image)?
A documented set of specifications within a system used as a basis for future builds, releases, and updates.
Describe the shared responsibility model in cloud security.
A model where the cloud service provider (CSP) is responsible for security of the cloud infrastructure, and the customer is responsible for securing the data and services they store in the cloud.
What is identity access management (IAM) in cloud security?
A collection of processes and technologies that manage digital identities and authorize how users can use cloud resources.
How does a hypervisor contribute to cloud security?
It abstracts the host’s hardware from the operating software environment, providing an additional layer of security.
What is cryptographic erasure?
A method of erasing data by destroying the encryption keys, making the data undecipherable.
Why is network log analysis important for security?
It helps identify events of interest by examining network logs.
What are the key functions of a Security Information and Event Management (SIEM) tool?
Collecting and analyzing log data to monitor critical activities and report suspicious events in a centralized dashboard.
What is multi-factor authentication (MFA)?
A security measure that requires users to verify their identity in two or more ways to access a system or network.
Describe the role of patch updates in security hardening.
They fix known security vulnerabilities and upgrade software to the latest version to enhance security.
What does network segmentation achieve in security?
It creates isolated subnets for different departments, enhancing security by limiting access.
Why is port filtering used in network security?
To disable unused ports and reduce the attack surface, preventing unauthorized access.
What is the purpose of an intrusion detection system (IDS)?
To detect and alert administrators about possible intrusions and malicious traffic.
How does an intrusion prevention system (IPS) differ from an IDS?
An IPS not only detects but also takes action to stop intrusive activities.
What is the significance of a virtual private network (VPN) in network security?
it encrypts data in transit and masks the user’s IP address, enhancing privacy and security on public networks.
What is a smurf attack?
A network attack where an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.
Define a replay attack.
An attack where a malicious actor intercepts a data packet in transit and delays or repeats it at another time.
What is the role of a firewall in network security?
To monitor and filter incoming and outgoing network traffic based on security rules.
Describe the concept of defense in depth.
An approach of adding multiple layers of security to protect a network.
What is the purpose of using flow logs in cloud security?
To provide visibility into network traffic and help identify potential security threats.
How does an on-path attack compromise security?
By intercepting and potentially altering communication between two trusted devices.
Why is cloud configuration important for security?
Proper configuration ensures compliance with security requirements and prevents vulnerabilities.
What is the attack surface in network security?
All the potential system vulnerabilities that a threat actor could exploit.
What does the term “world-writable file” mean in security?
A file that can be altered by anyone in the world, posing a significant security risk.
How can cryptography enhance cloud security?
By using encryption to provide data integrity and confidentiality for data processed and stored in the cloud.
