Module 3 Flashcards
Mitigating Threats
Security network organization to keep you informed-
SANS, Mitre, FIRST, SecurityNewsWire, ISC^2, and CIS
What does information security deal with?
Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
What does the CIA triad consist of?
Three components of information security: Confidentiality, Integrity, and Availability
Who is responsible for maintaining data assurance for an organization and ensuring the integrity and confidentiality of information?
Network security professionals
There are 14 network security domains specified but the ISO/IEC that serve as what?
A common basis for developing organizational security standards
What provides as analogies for understanding approaches to network security?
The Security Onion and security Artichoke
Why are penetration tools used by security personnel?
To validate network security
What allows the exchange of latest threat information?
Threat intelligence services like Cisco Talos
What might various tools, software, and services help with?
Mitigation of malware, reconnaissance, DoS and address spoofing attacks
What does the Cisco Network Foundation Protection framework (CoPP) provide?
Comprehensive guidelines for protecting the network infrastructure by addressing security at the control plane, management plane, and data plane (forwarding plane) of network devices
What Layer 2 security tools are integrated into the Cisco Catalyst switches?
Port security, DHCP snooping, DAI, and IPSG
What do the 14 network security domains do?
THey serve as a common basis for developing organizational security standards and effective security management practices
What can also help facilitate communication between organizations?
The 14 network security domains
In networking, what do policies define?
They define the activities that are allowed on the network
What policies may be included in a security policy?
-Identification and authentication policy
-Password policies
-Acceptable use policy
-Remote access policy
-Network maintenance policy
-Incident handling procedures
What would a threat actor do with a Security Onion defense-in-depth approach?
They would have to peel away at the network’s defense layer by layer, similar to peeling an onion