Module 1 Flashcards

Securing Networks

1
Q

Networks are routinely under attack.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Maintains the interactive Cyberthreat Real-Time Map display of current network attacks.

A

Kapersky

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network security breaches can…

A

disrupt e-commerce, cause the loss of business data, threaten people’s privacy, and compromise the integrity of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cisco website that provides comprehensive security and threat intelligence

A

Cisco Talos Intelligence Group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does PSIRT stand for?

A

Cisco Product Security Incident Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PSIRT is responsible for..

A

investigating and mitigating potential vulnerabilities in Cisco products

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is an attack vector?

A

A path by which a threat actor can gain access to a server, host, or network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Where do attack vectors originate from?

A

Inside or outside the corporate network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How may threat actors target a network?

A

Through the internet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Why might threat actors target a network through the internet?

A

To disrupt network operations and create a DoS attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The most common vector for data loss including instant messaging software and social media sites

A

Email/Social Networking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A stolen corporate laptop containing confidential organizational data is an example of having an…

A

Unencrypted Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What happens when data isn’t stored using an encryption algorithm

A

A thief can retrieve valuable confidential data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What can happen with Cloud Storage Devices with sensitive data?

A

It can be lost if access to the cloud is compromised due to weak security settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Removable media?

A

Any type of storage device that can be removed from a computer while the system is running

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What could happen between a curious employee and a suspicious USB

A

The employee could perform an unauthorized transfer of data to a USB drive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What risk could happen involving a USB

A

Someone could lose it while it contained valuable corporate data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What should be done with confidential Hard Copies

A

It should be shredded when no longer required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Why should confidential Hard Copies be shredded?

A

A thief could retrieve discarded reports and gain valuable information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What could happen with Improper Access Control

A

Stolen or weak passwords which have been compromised can provide an attacker easy access to data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Virtual Private Networks (VPNs) ensure..

A

data confidentiality and integrity from authenticated sources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do VPNs protect data?

A

It protects data in motion that is flowing from the CAN to the outside world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does Adaptive Security Appliance (ASA) firewall do?

A

Performs stateful packet filtering to filter return traffic from the outside network into campus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What Cisco Intrusion Prevention System (IPS) device do?

A

Continuously monitors incoming and outgoing network traffic for malicious activity and blocks if needed

25
Q

What does IPS monitor/log?

A

Information about the activity and attempts to block and report it

26
Q

What are Layer 3 Switches and what do they do?

A

These distribution layer switches are secured and provide secure redundant trunk connections to the Layer 2 switches

27
Q

What type of security can be implemented on Layer 3 Switches?

A

ACLs, DHCP snooping, Dynamic ARP Inspection (DAI), and IP source guard

28
Q

What security features can be implemented on Layer 2 Switches?

A

Port security, DHCP snooping, and 802.1x user authentication

29
Q

What do Cisco Email Security Appliance (ESA) and Web Security Appliance (WSA) do?

A

They provide advanced threat defense, application visibility and control, reporting, and secure mobility to secure and control email and web traffic

30
Q

What do AAA servers do?

A

Authenticates users, authorizes what they are allowed to do, and tracks what they are doing

31
Q

How are Hosts secured?

A

Antivirus and antimalware software, Host Intrusion Protection System features, and 802.1X

32
Q

Campus Area Networks (CANs) consist of..?

A

Interconnected LANS within a limited geographical area

33
Q

What do the elements of the defense-in-depth design include?

A

VPN, ASA firewall, IPS, Layer 3 switches, ESA/WSA, AAA server, and hosts

34
Q

How are SOHO networks typically protected?

A

They use consumer-grade routers that provide integrated firewall features and secure wireless connections

35
Q

What hosts use WPA2 data encryption technology?

A

Wireless hosts

36
Q

What do WANs have to use to secure their network?

A

They must use secure devices on the edge of the network

37
Q

Where are Data center networks typically housed?

A

Off-site facility to store sensitive or proprietary data

38
Q

What is the physical security of Data centers?

A

Outside perimeter security and inside perimeter security

39
Q

What do Security traps do?

A

They require a person to use their badge ID to enter the first area. After the person is inside the security trap, facial recognition, fingerprints, or other biometric verifications are used to open the second door

40
Q

What does cloud computing do?

A

Allows organizations to use services such as data storage or cloud-based applications, to extend their capacity or capabilities without adding infrastructure

41
Q

What does the actual cloud network have?

A

It consists of physical and virtual servers which are commonly housed in data centers

42
Q

What are data centers using to provide server services to their clients?

A

Virtual Machines (VMs)

43
Q

What attacks are VMs prone to?

A

Hyperjacking, instant-on activation, and antivirus storms

44
Q

What does Cisco Secure Data Center do?

A

Block internal and external threats at the data center edge

45
Q

What do the core components of the Cisco Secure Data Center provide?

A

segmentation, threat defense, and visibility

46
Q

What devices are people using to access enterprise information?

A

Bring Your Own Device (BYOD)

47
Q

How does Cisco accommodate BYOD?

A

They developed the Borderless Network

48
Q

What happens in a Borderless Network?

A

Access to resources can be initiated by users from many locations, on many types of endpoint devices, using various connectivity methods

49
Q

How does Cisco support the Borderless Network?

A

Cisco devices support MDM features

50
Q

Data encryption (MDM)

A

MDM features can ensure that only devices that support data encryption and have it enabled can access the network and corporate content

51
Q

PIN Enforcement (MDM)

A

Strong password policies can also be enforced by an MDM, reducing the likelihood of brute-force attacks

52
Q

Data Wipe (MDM)

A

Lost or stolen devices can be removed fully- or partially wiped, either by the user or by an administrator via the MDM

53
Q

DLP (Data Loss Prevention) (MDM)

A

Prevents authorized users from doing careless or malicious things with critical data

54
Q

Jailbreak/Root Detection (MDM)

A

Jailbreaking (Apple IOS) and rooting (Andriod) are a means to bypass the management of a device. MDM features can detect such bypasses and immediately restrict a device’s access to the network or other corporate assets

55
Q

What is Hyperjacking?

A

AN attacker hijacks a VM hypervisor and uses it as a launch point to attack other devices on the data center network

56
Q

What is Instant-on Activation?

A

When a VM that has not been used for a period of time is brought online, it may have security policies that deviate from the baseline security and can introduce security vulnerabilities

57
Q

Secure Segmentation

A

Provides granular inter-virtual-machine security

58
Q

Threat Defense

A

Threat intelligence, passive OS fingerprinting, reputation, and contextual analysis are used to provide threat defense

59
Q

Visibility

A

Visibility solutions are provided using software such as the Cisco Security Manager which help simplify operations and compliance reporting