Section 13: Network Security

Question 1

What does CIA stand for?

Answer 1

Confidentiality, Integrity, Availability

Question 2

What is Confidentiality?

Answer 2

Keeping the data private and safe, such as encryption or authentication to access resources

Question 3

What is Integrity?

Answer 3

Ensures data has not been modified in transit. It verifies the source that traffic originates from

Question 4

What is Availability?

Answer 4

Measures accessibility of the data.

Question 5

What is a Threat?

Answer 5

A person or event that has the potential for impacting a valuable resource in a negative manner

Question 6

What is an Internal Threat?

Answer 6

Any threat that originates within the organization itself

Question 7

What is an External Threat?

Answer 7

Any threat that could be, like a hacker, or it can be an event or environmental condition

Question 8

What is a Vulnerability?

Answer 8

A quality or characteristic within a given resource or its environment that might allow the threat to be realized

Question 9

What are Common Vulnerabilities Exposures (CVE)?

Answer 9

A list of publicly disclosed computer security weaknesses

Question 10

What is a Zero-Day Vulnerability?

Answer 10

Any weakness in the system design, implementation, software code, or a lack of preventive mechanisms in place

Question 11

What is an Exploit?

Answer 11

A piece of software code that takes advantage of a security flaw or vulnerability within a system or network

Question 12

What is the Least Privilege?

Answer 12

Using the lowest level of permissions or privileges needed in order to complete a job function or admin task

Question 13

What is a Role-Based Access Control?

Answer 13

An access model that is controlled by the system but focuses on a set of permissions versus an individual’s permissions

Question 14

What is Zero-Trust?

Answer 14

A security framework that requires users to be authenticated and authorized before being granted access to applications and data

Question 15

What is Defense in Depth?

Answer 15

A cybersecurity approach in which a series of defensive mechanisms are layered in order to protect valuable data and information

Question 16

What is a Perimeter Network (DMZ)?

Answer 16

Protects an organization’s internal local area network from untrusted traffic

Question 17

What is Separation of Duties?

Answer 17

Prevent frauds and abuse by distributing various tasks and approval authorities across a number of different users

Question 18

What is the Network Access Control (NAC)?

Answer 18

Ensures a device is scanned to determine its current state of security prior to being allowed network access

Question 19

What is a Honeypot?

Answer 19

Attracts and traps potential attackers to counteract any attempts at unauthorized access to a network

Question 20

What is Risk Management?

Answer 20

The identification, evaluation, and prioritization of risks to minimize, monitor, and control the vulnerability exploited by a threat

Question 21

What is a Security Risk Assessment?

Answer 21

Used to identify, assess, and implement key security controls within an application, system, or network

Question 22

What is a Threat Assessment?

Answer 22

Focused on the identification of the different threats that may wish to attack or cause harm to your systems or network

Question 23

What is a Vulnerability Assessment?

Answer 23

Focused on identifying, quantifying, and prioritizing the risks and vulnerabilities in a system or network

Question 24

What is a Posture Assessment?

Answer 24

Assesses cyber risk posture and exposure to threats caused by misconfigurations and patching delays

Question 25

What is a **Business Risk Assessment**?

Answer 25

Used to identify, understand, and evaluate potential hazards in the workplace

Question 26

What is a **Process Assessment**?

Answer 26

The disciplined examination of the processes used by the organization against a set of criteria.

Question 27

What is a **Vendor Assessment**?

Answer 27

To determine if they can effectively meet the obligations and the needs of the business

Question 28

What is **Multifactor Authentication**?

Answer 28

Authenticates or proves an identity using more than one method

Question 29

What is **Terminal Access Controller Access Control System Plus (TACACS+)**?

Answer 29

Used to perform the role of an authenticator in an 802.1x network

Question 30

What is **Single Sign-On (SSO)**?

Answer 30

An authentication scheme that allows a user to log in with a single ID and password

Question 31

What is a **Remote Authentication Dial-In User Service (RADIUS)**?

Answer 31

Provides centralized administration of dial-up, VPN, and wireless network authentication

Question 32

What is the **Lightweight Directory Access Protocol (LDAP)**?

Answer 32

Validates a username and password combination against an LDAP server as a form of authentication

Question 33

What is **Kerberos**?

Answer 33

Focused on authentication and authorization within a Windows domain environment

Question 34

What is **Local Authentication**?

Answer 34

Process of determining whether someone or something is who or what it claims itself to be

Question 35

What is **802.1x**?

Answer 35

A standardized framework that's used for port-based authentication on both wired and wireless networks

Question 36

What is the **Extensible Authentication Protocol (EAP)**?

Answer 36

Allows for numerous different mechanisms of authentication

Question 37

What is the **EAP-MD5**?

Answer 37

Utilizes simple passwords and the challenge handshake authentication process to provide remote access authentication

Question 38

What is the **EAP-TLS**?

Answer 38

Uses public key infrastructure with a digital certificate being installed on both the client and the server

Question 39

What is the **EAP-TTLS**?

Answer 39

Requires a digital certificate on the server and a password on the client for its authentication

Question 40

What is the **EAP Flexible Authentication via Secure Tunneling (EAP-FAST)**?

Answer 40

Uses a protected access credential to establish mutual authentication between devices

Question 41

What is the **Protected EAP (PEAP)**?

Answer 41

Uses server certificates and Microsoft's Active Directory databases to authenticate a client's password

Question 42

What is the **Lightweight EAP (LEAP)**?

Answer 42

A proprietary protocol that only works on Cisco-based devices