Section 4.1

Question 1

What does CIA stand for?

Answer 1

Confidentiality, Integrity, and Availability

Question 2

Define Confidentiality

Answer 2

Information is kept safe from unauthorized individuals

Question 3

Define Integrity

Answer 3

Information is true and unaltered

Question 4

Define Availability

Answer 4

Information is accessible at all times

Question 5

How do you maintain Confidentiality?

Answer 5

encryption
access controls
authentication
network security
physical security
steganography
training

Question 6

How do you maintain Integrity?

Answer 6

hashing
digital signatures
certificates

Question 7

How do you maintain Availability?

Answer 7

Redundancies, Load Balancing, Patching

Question 8

Define Zero Trust

Answer 8

no user is trusted by default

Question 9

What is a Threat?

Answer 9

A person or thing that could take advantage of a vulnerability

Question 10

What is a Vulnerability?

Answer 10

A weakness in a system or a network that can be exploited by a threat.

Question 11

What is an Exploit?

Answer 11

When a threat takes advantage of a vulnerability

Question 12

RBAC

Answer 12

Role Based Access Control

Question 13

What is Defense in Depth?

Answer 13

The utilization of multiple methods and layers of defense to minimize attack surface

Question 14

What is Separation of Duties?

Answer 14

No one person has all of the access or knowledge

Question 15

What are 3 way to protect a network interface?

Answer 15

port security (MAC address filtering)
802.1X (NAC) which requires authentication
manual deactivation of port by administrator

Question 16

What does NAC stand for and what does it do?

Answer 16

Network Access Control
Requires authentication when plugging into a switch

Question 17

Where does authentication take place?

Answer 17

locally or separate authentication server.

Question 18

What are the common remote authentication protocols?

Answer 18

RADIUS, TACACS+, LDAP, Kerberos

Question 19

What is the advantage of using Kerberos vs the other authentication protocols?

Answer 19

allows Single Sign On (SSO)

Question 20

CVE

Answer 20

Common Vulnerabilities and Exposures

Question 21

What are CVEs?

Answer 21

documented and cataloged vulnerabilities in software and hardware

Question 22

CIA

Answer 22

Confidentiality, Integrity, Availability

Question 23

What is Least Privilege?

Answer 23

users have minimum access necessary to perform their job

Question 24

What’s the IEEE standard for NAC?

Answer 24

802.1X

Question 25

What’s another name for DMZ?

Answer 25

Perimeter Network

Question 26

What is the Perimeter Network?

Answer 26

the network between the internet and the internal network

Question 27

TACACS+

Answer 27

Terminal Access Controller Access-Control System Plus

Question 28

Between RADIUS and TACACS+, which provides granular control over what users can do?

Answer 28

TACACS+

Question 29

EAP

Answer 29

Extensible Authentication Protocol

Question 30

What’s TACACS+ commonly used for?

Answer 30

network device management

Question 31

What is RADIUS commonly used for?

Answer 31

network access

Question 32

What is LDAP commonly used for?

Answer 32

authentication and directory management

Question 33

What is Kerberos?

Answer 33

ticket based authentication

Question 34

SSO

Answer 34

Single Sign On

Question 35

What does EAP do?

Answer 35

connects the client to the authentication server/protocol

Question 36

What’s the goal of a Business Risk Assessment?

Answer 36

to identify potential risks and to implement strategies to mitigate them

Question 37

What’s the goal of a Vendor Assessment?

Answer 37

to evaluate the security and reliability of a 3rd party

Question 38

What’s the goal of a Process Assessment?

Answer 38

to ensure that internal processes are secure and efficient