10.1: Endpoint Security

Question 1

a coordinated attack from many devices, called zombies, with the intention of degrading or halting public access to an organization’s website and resources.

Answer 1

Distributed Denial of Service (DDoS)

Question 2

an attack in which an organization’s data servers or hosts are compromised to steal confidential information.

Answer 2

Data breach

Question 3

an attack in which an organization’s hosts are infected with malicious software that cause a variety of problems. For example, ransomware such as WannaCry, shown in the figure, encrypts the data on a host and locks access to it until a ransom is paid.

Answer 3

Malware

Question 4

Various network security devices are required to protect the network perimeter from outside access. These devices could include:

Answer 4

-Virtual Private Network (VPN)
-Next-Generation Firewall (NGFW)
-Network Access Control (NAC)

Question 5

A _____-enabled router provides a secure connection to remote users across a public network and into the enterprise network.*** services can be integrated into the firewall.

Answer 5

VPN
Virtual Private Network

Question 6

An ____ provides stateful packet inspection, application visibility and control, a next-generation intrusion prevention system (NGIPS), advanced malware protection (AMP), and URL filtering.

Answer 6

NGFW
Next-Generation Firewall

Question 7

A ____device includes authentication, authorization, and accounting (AAA) services. In larger enterprises, these services might be incorporated into an appliance that can manage access policies across a wide variety of users and device types.

Ex: Cisco ___ (ISE)

Answer 7

NAC
Network Access Control
Identity Services Engine

Question 8

WLCs

Answer 8

wireless LAN controllers

Question 9

AP

Answer 9

access point

Question 10

___ are hosts which commonly consist of laptops, desktops, servers, and IP phones, as well as employee-owned devices that are typically referred to as bring your own devices (BYODs).

Answer 10

Endpoints

Question 11

Endpoints are particularly susceptible to ___ attacks that originate through email or web browsing.

Answer 11

malware-related

Question 12

HIPSs

Answer 12

host-based intrusion prevention systems

Question 13

Today endpoints are best protected by a combination of:

Answer 13

NAC
host-based AMP software
email security appliance (ESA)
web security appliance (WSA)

Question 14

WSA

Answer 14

web security appliance

Question 15

ESA

Answer 15

email security appliance

Question 16

AMP

Answer 16

Advance Malware Protection

Question 17

Cisco Email Security Appliance

___ include fine-grained control over email and web browsing for an organization’s users.

Answer 17

Content security appliances

Question 18

Cisco Email Security Appliance
The Cisco ESA is a device that is designed to monitor ___ (SMTP)

Answer 18

Simple Mail Transfer Protocol

Question 19

Cisco Email Security Appliance
These are some of the functions of the Cisco ESA:

Answer 19

Block known threats.
Remediate against stealth malware that evaded initial detection.
Discard emails with bad links (as shown in the figure).
Block access to newly infected sites.
Encrypt content in outgoing email to prevent data loss

Question 20

The____ (WSA) is a mitigation technology for web-based threats.
It helps organizations address the challenges of securing and controlling web traffic.

Answer 20

Cisco Web Security Appliance

Question 21

Certain features and applications, such as chat, messaging, video and audio, can be allowed, restricted with time and bandwidth limits, or blocked, according to the organization’s requirements.

Answer 21

Cisco Web Security Appliance (WSA)