4. Network Security Flashcards
1
Q
This ensures that information can only be accessed by those who are authorized.
A
Confidentiality
2
Q
This ensures that data is accurate and has not been tampered with.
A
Integrity
3
Q
This ensures that systems and data are accessible when needed.
A
Availability
4
Q
This refers to protecting data while it’s being transmitted over a network.
A
Data in Transit
5
Q
This refers to protecting stored data on hard drives, backups, or cloud storage.
A
Data at Rest
6
Q
This is used to encrypt and verify data, often issued by a trusted authority.
A
Certificate
7
Q
A system for managing encryption keys and digital certificates.
A
PKI (Public Key Infrastructure)
8
Q
A certificate that is not signed by a certificate authority (CA), often used internally.
A
Self-Signed Certificate
9
Q
This is the process of verifying a user’s identity.
A
Authentication
10
Q
This uses two or more types of credentials (e.g., password + phone) to verify identity.
A
Multifactor Authentication (MFA)
11
Q
This allows users to log in once and access multiple systems without re-entering credentials.
A
Single Sign-On (SSO)
12
Q
A centralized AAA protocol commonly used for remote network access.
A
RADIUS
13
Q
An open protocol used to access and manage directory information (usernames, groups, etc.).
A
LDAP
14
Q
This XML-based protocol is used for exchanging authentication and authorization data between parties.
A
SAML
15
Q
A Cisco-developed AAA protocol that provides detailed command control.
A
TACACS+
16
Q
Uses time-based algorithms (like TOTP) for generating temporary access codes.
A
Time-Based Authentication
17
Q
Determines what a user is allowed to do after authentication.
A
Authorization
18
Q
The principle of giving users only the access they need to do their job.
A
Least Privilege
19
Q
Access control based on job responsibilities or organizational roles.
A
Role-Based Access Control (RBAC)
20
Q
A security method that restricts access based on physical location.
A
Geofencing
21
Q
Physical devices that monitor activity visually.
A
Security Cameras
22
Q
A physical access control method that requires a key or code.
A
Locks
23
Q
A decoy system set up to attract attackers and detect intrusions.
A
Honeypot
24
Q
A controlled network of honeypots used to observe attacker behavior.
A
Honeynet
25
A potential danger to systems or data.
Threat
26
A flaw or weakness that could be exploited by a threat.
Vulnerability
27
A specific method used to take advantage of a vulnerability.
Exploit
28
The likelihood and impact of a security incident.
Risk
29
Regulation that governs cardholder data security.
PCI DSS
30
EU regulation focused on personal data protection and privacy.
GDPR
31
Laws or policies that restrict where data must physically reside.
Data Locality
32
Segmenting a network to control access and reduce exposure.
Network Segmentation
33
Devices that often lack traditional security protections and should be isolated.
IoT / IIoT
34
Used in industrial settings to control and monitor infrastructure systems.
SCADA / ICS / OT
35
A network zone designated for temporary or untrusted users.
Guest Network
36
A policy that allows employees to use personal devices on corporate networks.
BYOD
37
Which part of the CIA triad ensures that only authorized users can access sensitive information?
A. Availability
B. Confidentiality
C. Integrity
D. Access Control
B. Confidentiality
38
What is the main goal of a honeypot in a network environment?
A. Encrypt traffic
B. Redirect real traffic
C. Detect and observe attacker behavior
D. Block malware downloads
C. Detect and observe attacker behavior
39
Which of the following best describes a self-signed certificate?
A. It is issued by a public certificate authority
B. It is encrypted with a third-party key
C. It is signed by the same entity that created it
D. It requires MFA to be validated
C. It is signed by the same entity that created it
40
Which access control method limits access based on a user’s job title or department?
A. Least privilege
B. Multifactor authentication
C. Role-based access control
D. Authorization
C. Role-based access control
41
What is the difference between a threat and a vulnerability?
A. Threats are known; vulnerabilities are theoretical
B. A threat is a risk rating; a vulnerability is a technique
C. A threat is potential harm; a vulnerability is a weakness
D. A vulnerability is external; a threat is internal
C. A threat is potential harm; a vulnerability is a weakness
42
What protocol is commonly used for centralized authentication and accounting on wireless or VPN access?
A. LDAP
B. TACACS+
C. RADIUS
D. SAML
C. RADIUS
43
Which of the following ensures that data has not been altered in transit?
A. Encryption
B. Availability
C. Integrity
D. Authentication
C. Integrity
44
What type of authentication uses an app like Google Authenticator to generate a one-time code?
A. Biometric
B. Role-based
C. Time-based
D. SAML
C. Time-based
45
Which regulation applies to the handling of payment card data?
A. HIPAA
B. PCI DSS
C. GDPR
D. NIST 800-53
B. PCI DSS
46
What’s the primary risk of allowing BYOD on a corporate network?
A. Power consumption
B. Encryption speed
C. Loss of control over unmanaged devices
D. Excessive camera use
C. Loss of control over unmanaged devices
47
This attack overwhelms a service or system to make it unavailable to legitimate users.
Denial-of-Service (DoS)
48
A coordinated DoS attack using multiple systems to flood a target simultaneously.
Distributed Denial-of-Service (DDoS)
49
This switch attack tricks the network into allowing traffic from one VLAN to another.
VLAN Hopping
50
An attack that floods a switch’s MAC address table, forcing it to act like a hub.
MAC Flooding
51
Sends false ARP replies to poison the ARP cache and redirect traffic.
ARP Poisoning
52
Forging ARP replies to impersonate another device on the network.
ARP Spoofing
53
Injects false DNS data into a DNS resolver’s cache to redirect users to malicious sites.
DNS Poisoning
54
A type of DNS attack where fake responses are sent to redirect users to a malicious site.
DNS Spoofing
55
Unauthorized network devices placed to intercept, disrupt, or impersonate services.
Rogue Device
56
A fake DHCP server that assigns incorrect IP settings, often used in MITM attacks.
Rogue DHCP Server
57
A malicious access point that mimics a legitimate AP to trick users into connecting.
Evil Twin
58
An attacker secretly intercepts or alters communication between two parties.
On-Path Attack
59
Any attack that manipulates or tricks humans into compromising security.
Social Engineering
60
An attempt to trick users into revealing sensitive information through fake emails or websites.
Phishing
61
Physically retrieving discarded sensitive information from trash bins.
Dumpster Diving
62
Spying over someone’s shoulder to see passwords or other sensitive information.
Shoulder Surfing
63
Following someone into a restricted area without proper access.
Tailgating
64
Any software intended to harm, exploit, or disrupt systems.
Malware
65
Which type of attack floods a system with traffic from multiple sources to make it unavailable?
A. On-path attack
B. DoS
C. ARP spoofing
D. DDoS
D. DDoS
66
What kind of attack involves sending fake ARP responses to redirect network traffic?
A. DNS poisoning
B. VLAN hopping
C. ARP spoofing
D. Evil twin
C. ARP spoofing
67
Which attack causes a switch to flood all ports by overwhelming its MAC table?
A. MAC flooding
B. ARP poisoning
C. DNS spoofing
D. Tailgating
A. MAC flooding
68
What is a rogue DHCP server typically used for?
A. Encrypt network traffic
B. Bypass DNS
C. Assign incorrect IP settings
D. Block MAC addresses
C. Assign incorrect IP settings
69
Which of the following tricks users into revealing sensitive info through fake websites or emails?
A. Shoulder surfing
B. Phishing
C. Dumpster diving
D. Evil twin
B. Phishing
70
Which physical attack involves entering a restricted area by following someone else in?
A. Tailgating
B. Shoulder surfing
C. VLAN hopping
D. On-path attack
A. Tailgating
71
Which type of malware disguises itself as legitimate software but performs malicious actions?
A. Worm
B. Virus
C. Trojan
D. Rootkit
C. Trojan
72
What is the goal of DNS spoofing?
A. Destroy DNS servers
B. Assign fake IP addresses
C. Redirect users to malicious sites
D. Prevent ARP traffic
C. Redirect users to malicious sites
73
Which attack sets up a fake wireless network to mimic a real access point?
A. On-path attack
B. Rogue DHCP
C. Evil twin
D. ARP spoofing
C. Evil twin
74
Which social engineering method involves watching someone type a password in public?
A. Tailgating
B. Phishing
C. Dumpster diving
D. Shoulder surfing
D. Shoulder surfing
75
This practice reduces attack surface by disabling unnecessary services or ports.
Device Hardening
76
A basic step in hardening that eliminates common vulnerabilities in default settings.
Change Default Passwords
77
Controls access to the network based on authentication and device posture.
Network Access Control (NAC)
78
Restricts access to switch ports by limiting allowed MAC addresses.
Port Security
79
An IEEE standard for port-based network access control using authentication protocols.
802.1X
80
Allows or blocks devices from connecting based on their physical MAC addresses.
MAC Filtering
81
The process of securely generating, storing, distributing, and revoking cryptographic keys.
Key Management
82
Defines what traffic is allowed or denied at a router or firewall level.
Access Control List (ACL)
83
Blocks access to specific websites by matching the URL against a rule list.
URL Filtering
84
Blocks access to certain types of data or content based on category or pattern.
Content Filtering
85
Network area where traffic is considered safe, such as an internal LAN.
Trusted Zone
86
Network area considered outside the organization, such as the internet.
Untrusted Zone
87
A network segment (often a DMZ) that separates trusted and untrusted zones to provide layered defense.
Screened Subnet
88
A foundational step in securing a device, this involves disabling unused ports, services, and interfaces to reduce the attack surface.
Device Hardening
89
Attackers often target default credentials—changing these immediately is a critical first line of defense.
Change Default Passwords
90
Used to control which users or devices can access the network, this security system often checks endpoint compliance.
Network Access Control (NAC)
91
Prevents unauthorized devices from accessing a network switch by limiting each port to specific MAC addresses.
Port Security
92
A secure authentication framework used to validate users or devices before granting network access—commonly used in enterprise networks with RADIUS.
802.1X
93
Allows or denies network access based on the device’s unique hardware address—useful for basic filtering but not spoof-proof.
MAC Filtering
94
Centrally manages encryption keys for secure communications—ensures key generation, renewal, revocation, and storage are all properly handled.
Key Management
95
Used in firewalls and routers, this defines rules to allow or block traffic based on IP address, protocol, port, or other criteria.
Access Control List (ACL)
96
Blocks user access to specific websites based on full or partial matches of the URL—can be applied at the firewall, proxy, or DNS level.
URL Filtering
97
Analyzes content (e.g., files, emails, downloads) to block inappropriate, dangerous, or restricted material—may use keywords or pattern matching.
Content Filtering
98
Network segment where devices are assumed to be trustworthy—typically includes internal users and systems.
Trusted Zone
99
Any external or unknown part of the network—like the internet—where threats are presumed.
Untrusted Zone
100
Also called a DMZ, this isolated segment sits between the trusted and untrusted networks, hosting systems like web servers or proxies to reduce risk.
Screened Subnet
101
Which of the following is a key part of device hardening?
A. Enabling all ports
B. Setting public passwords
C. Disabling unused services
D. Opening firewall rules
C. Disabling unused services
102
What is the purpose of 802.1X?
A. Encrypt wireless traffic
B. Block malware downloads
C. Authenticate devices before granting network access
D. Assign MAC addresses to hosts
C. Authenticate devices before granting network access
103
Which access control method uses hardware addresses to determine who can connect?
A. URL filtering
B. Port security
C. MAC filtering
D. Key management
C. MAC filtering
104
What security technique limits which websites users can visit based on full or partial matches?
A. ACL
B. URL filtering
C. Content filtering
D. 802.1X
B. URL filtering
105
A screened subnet is most commonly used to:
A. Extend wireless access outdoors
B. Encrypt user traffic
C. Host public-facing services while protecting internal systems
D. Authenticate internal users
C. Host public-facing services while protecting internal systems
106
Which of the following allows or denies network traffic based on rules about IPs, ports, or protocols?
A. Key management
B. Access control list (ACL)
C. Content filtering
D. DHCP snooping
B. Access control list (ACL)
107
A network zone that includes your internal LAN and trusted devices is called a:
A. DMZ
B. Untrusted zone
C. Trusted zone
D. Rogue network
C. Trusted zone
108
Which technique ensures encryption keys are securely created, stored, and distributed?
A. Device hardening
B. PKI
C. Key management
D. SSL
C. Key management
109
Which network control checks endpoint health and grants or denies access accordingly?
A. 802.1X
B. NAC
C. SSO
D. VLAN hopping
B. NAC
110
Changing default credentials on routers and switches helps prevent:
A. Content filtering
B. Unauthorized access via known credentials
C. DNS poisoning
D. Key expiration
B. Unauthorized access via known credentials
