Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Network+ > Section 4: Network Security > Flashcards

Section 4: Network Security Flashcards

1
Q

What is the difference between data in transit and data at rest encryption?

A

Data in Transit: Encryption applied to data as it moves across networks (e.g., HTTPS, VPN).

Data at Rest: Encryption applied to stored data (e.g., database encryption, encrypted hard drives).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the types of certificates, and how do they function?

A

Public Key Infrastructure (PKI): Certificates issued by trusted Certificate Authorities (CAs) to enable secure communications.

Self-Signed Certificates: Certificates generated without a CA; suitable for internal or non-critical use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is IAM, and what are its key components?

A

Identity and Access Management

Key Components:
* Authentication: Verifying a user’s identity (e.g., passwords, biometrics).
* Multifactor
Authentication Multifactor
Authentication (MFA): Combines two or more authentication methods (e.g., password + SMS code).
* Single Sign-On (SSO): Enables one login to access multiple systems.
* Time-Based Authentication: Uses temporary codes (e.g., TOTP) for enhanced security.
* Authorization: Defines what actions a user is allowed to perform.
* Least
Privilege: Grants users only the access necessary for their roles.
* Role-Based Access Control (RBAC): Assigns permissions based on user roles.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is geofencing, and how is it used in security?

A
  • Uses geographic boundaries (e.g., GPS, IP address) to control access or trigger alerts.
  • Common in physical and network security for location-based restrictions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are examples of physical security measures?

A
  • Cameras: Monitor and record activity in sensitive areas.
  • Locks: Restrict physical access to devices or facilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are common protocols and tools used in IAM?

A
  • RADIUS: Provides centralized authentication for remote users.
  • LDAP: Accesses and manages directory information (e.g., user credentials).
  • SAML: Enables Single Sign-On (SSO) by exchanging authentication data between services.
  • TACACS+: Provides authentication and authorization for network devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are deception technologies, and what are common examples?

A

Tools to detect and distract attackers by simulating vulnerabilities.

Honeypot: A decoy system designed to lure attackers.
Honeynet: A network of honeypots used to study attack patterns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the difference between risk, vulnerability, exploit, and threat?

A

Risk: The potential for a negative outcome due to vulnerabilities.

Vulnerability: Weaknesses that can be exploited.

Exploit: The method used to take advantage of a vulnerability.

Threat: Anything that can cause harm, such as malware or attackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the core concepts of the CIA triad?

A

Confidentiality: Ensures data is accessible only to authorized users.

Integrity: Ensures data remains accurate and unaltered.

Availability: Ensures data and systems are accessible when needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are common audits and regulatory compliance frameworks?

A

Data Locality: Ensures data storage complies with local regulations.

PCI DSS: Standards for securing payment card data.

GDPR: European Union regulation for data protection and privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is network segmentation enforcement, and what are its use cases?

A

Divides a network into segments to limit access and reduce risk.

Use Cases:
* IoT and IIoT: Protects devices from general network threats.
* SCADA/ICS/OT: Secures industrial control systems from cyberattacks.
* Guest Network: Isolates guest users to prevent access to sensitive resources.
* BYOD (Bring Your Own Device): Limits personal device access to specific network areas.

Internet of Things and Industria lIoT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a DoS attack?

A
  • An attack designed to overwhelm a target system with traffic or requests, causing it to become unavailable.
  • DDoS (Distributed DoS): Involves multiple systems (often botnets) attacking a single target to amplify the impact.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is VLAN hopping, and how does it work?

A

Exploits misconfigured VLANs to send traffic to unauthorized VLANs.

Methods:
* Switch Spoofing: Attacker pretends to be a trunk port.
* Double Tagging: Inserts extra VLAN tags in packets to bypass security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is MAC flooding, and what is its impact?

A
  • Overloads a switch’s MAC address table with fake addresses.
  • Forces the switch to broadcast all traffic, exposing sensitive data and degrading performance.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is ARP poisoning, and how does it differ from ARP spoofing?

A

Address Resolution Protocol

ARP Poisoning: Manipulates ARP tables to associate an attacker’s MAC address with a legitimate IP address.

ARP Spoofing: A technique used to perform ARP poisoning by sending forged ARP messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is DNS poisoning, and how does it differ from DNS spoofing?

A

DNS Poisoning: Corrupts DNS cache to redirect users to malicious websites.

DNS Spoofing: Forges DNS responses to achieve similar redirection without corrupting the cache.

17
Q

What are examples of rogue devices and services, and how do they pose a threat?

A

Rogue DHCP Server: Assigns incorrect IP configurations, causing disruptions or redirecting traffic.

Rogue Access Point (AP): Unauthorized wireless AP used to intercept traffic or lure users into connecting.

18
Q

What is an evil twin attack?

A

A malicious Wi-Fi network that mimics a legitimate one to trick users into connecting.

  • Used to intercept sensitive information like login credentials.
19
Q

What is an on-path attack, and how does it work?

A

Formerly known as Man in the middle attack

  • An attacker intercepts and manipulates communication between two parties.
  • Common methods: ARP spoofing, DNS spoofing, or Wi-Fi eavesdropping.
20
Q

What are 4 common types of social engineering attacks?

A
  • Phishing: Fraudulent attempts to obtain sensitive information via email, text, or fake websites.
  • Dumpster Diving: Searching through discarded materials for confidential information.
  • Shoulder Surfing: Observing someone’s screen or keyboard to steal credentials or sensitive data.
  • Tailgating: Gaining unauthorized physical access by following someone into a secure area.
21
Q

What is malware, and what are its common types?

A

Definition: Malicious software designed to harm or exploit systems.

Types:
* Viruses: Spread by attaching to files and programs.
* Worms: Self-replicating and spread across networks.
* Trojan Horses: Disguised as legitimate software but perform malicious activities.
* Ransomware: Encrypts files and demands payment for decryption.
* Spyware: Collects user data without consent.
* Adware: Displays unwanted ads, often bundled with spyware.

22
Q

What is device hardening, and what are key steps?

A

Defention: The process of securing a device by reducing vulnerabilities.

Key Steps:
* Disable unused ports and services to minimize attack vectors.
* Change default passwords to prevent unauthorized access.

23
Q

What is NAC, and what are its key components?

A

Network Access Control - Controls access to the network based on device compliance and user authentication.

Key Components:
* Port Security: Limits the number of devices connected to a switch port to prevent unauthorized access.
* 802.1X: Authentication framework using RADIUS or similar protocols for secure access.
* MAC Filtering: Restricts access to devices with approved MAC addresses.

24
Q

What is key management, and why is it important?

A

Involves securely creating, storing, and distributing cryptographic keys.

  • Ensures data confidentiality, integrity, and secure communication.
25
Q

What are security rules, and what types are commonly used?

A

Defention: Define how traffic is permitted or denied within a network.

Types:
* Access Control List (ACL): Specifies which traffic is allowed or blocked based on IPs, protocols, and ports.
* URL Filtering: Blocks or allows access to specific websites based on their URLs.
* Content Filtering: Inspects and blocks specific content within traffic (e.g., malicious files, inappropriate content).

26
Q

What is a screened subnet?

A

A buffer zone between a trusted internal network and an untrusted external network.

  • Hosts public-facing services like web servers while isolating them from sensitive internal resources.

Formerly known as DMZ

27
Q

What are the differences between trusted and untrusted zones?

A

Purpose: Segregates sensitive resources from external or less secure networks.

  • Trusted Zone: Internal network with known, secure devices (e.g., corporate LAN).
  • Untrusted Zone: External networks where security cannot be guaranteed (e.g., the internet).

CompTIA Network+ (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions