Networks and Networks security Flashcards
module one
What is the primary function of a Security Information and Event Management (SIEM) tool?
To collect and analyze log data to monitor critical activities in an organization.
Describe the principle of defense-in-depth.
Implementing multiple layers of security measures to protect a network.
What does the confidentiality aspect of the CIA triad ensure?
Only authorized users can access specific assets or data.
How does an IDS differ from an IPS?
An IDS detects and alerts about possible intrusions, while an IPS takes action to stop them.
Define the role of a firewall in network security.
A firewall allows or blocks traffic based on a set of security rules.
What is an example of a physical security hardening measure?
Installing security cameras or hiring security guards
Explain the concept of network segmentation.
Dividing a network into segments to improve security and performance
What does the integrity aspect of the CIA triad ensure?
Data is correct, authentic, and reliable.
Describe the purpose of a baseline configuration.
A set of specifications used as a reference point for future builds, releases, and updates.
What is a common use of port filtering in network security?
To block or allow specific port numbers to control network traffic.
Define the term ‘attack surface.’
All the potential vulnerabilities that a threat actor could exploit in a system.
How does multi-factor authentication (MFA) enhance security?
By requiring users to verify their identity in two or more ways.
What is a key responsibility of a cloud service provider (CSP) under the shared responsibility model?
Managing the security of the cloud infrastructure, including physical data centers and hypervisors
What is the function of an intrusion detection system (IDS)?
To monitor system activity and alert administrators to possible intrusions.
How does cryptography help in cloud security?
By using encryption to ensure data integrity and confidentiality.
What does a penetration test aim to achieve?
Identifying vulnerabilities in systems, networks, websites, applications, and processes through a simulated attack.
Describe the purpose of network log analysis.
Examining network logs to identify events of interest and detect potential security incidents.
What is the benefit of using a hypervisor in cloud environments?
It abstracts the host’s hardware from the operating software environment to improve resource management and security.
Explain the role of patch updates in security hardening.
Fixing known security vulnerabilities in software and operating systems.
What is a virtual private network (VPN) used for?
Encrypting data in transit to provide secure communication over public networks.
How does a replay attack operate?
By intercepting a data packet in transit and delaying it or repeating it at another time.
What is the significance of the availability aspect of the CIA triad?
Ensuring that data is accessible to authorized users when needed.
Describe the principle of least privilege.
Providing users only the access that is necessary for their roles to minimize security risks.
What is the impact of a Distributed Denial of Service (DDoS) attack?
Overwhelming a network with unwanted traffic, causing system unavailability.
How can a firewall be configured to prevent IP spoofing attacks?
By implementing source IP address verification to check for spoofed IP addresses.
