Chapter 1 - Networking Security Concepts Flashcards Preview

Cisco CCNA Security (640-554) > Chapter 1 - Networking Security Concepts > Flashcards

Flashcards in Chapter 1 - Networking Security Concepts Deck (22):
1

Which security term refers to a person, property, or data of value to a company

Asset

2

Which asset characteristic refers to risk that results from a threat and lack of a countermeasure?

Vulnerability

3

Which three items are the primary network security objectives for a company?

  • Confidentiality
  • Integrity
  • Availablity

4

What is an example of a physical control?

Electronic Lock

5

What is the primary motivation for most attacks against networks today?

Financial

6

What type of an attack involves lying about the source address of a frame or packet?

Spoofing Attack

7

Which two approaches to security provide the most secure results on day one?

  • Defense in Depth
  • Least Privilege

8

Which of the following might you find in a network that is based on a defense-in-depth security implementation?

  • Firewall
  • IPS (Intrusion Prevention System)
  • Access Lists
  • Current Patches on Servers

9

In relation to production networks, what are viable options when dealing with risk?

  • Transfer it
  • Mitigate it
  • Remove it

(NOT ignore it)

10

What is an Asset?

It is anything valuable to an organization. (computers, people, intellectual propery, contact lists, etc.)

11

What is a vulnerability?

it is an exploitable weakness in a system or its design.

12

What is a threat?

A threat is any potential danger to an asset. 

"Latent" threats are not yet realized. An active attack launched on an organization is "realized"

13

What is a countermeasure?

A countermeasure is a safeguard that somehow mitigates a potential risk.

14

When it comes to network security, what is risk?

Risk is the potential for unauthorized access to, compromise, destruction, or damage to an asset.

15

What is an Administrative Countermeasure?

These are things like written policies, procedures, guidelines, and standard. Acceptable Use Policies (AUP) would be an example.

16

What is a logical countermeasure?

Logical controls are things like passwords, firewalls, IPS, access lists, and VPN tunnels.

17

Why is a Social Engineering attack so dangerous?

Because it leverages users to gain information to compromise security. Users can be misdirected to phishing / pharming sites to give up username / password information, etc. 

18

What is ARP Poisoning?

An attacker spoofs a Layer 2 MAC address to make devices on the LAN believe that the layer 2 address of the attacker is the L2 address of their default gateway. The attacker than then sniff / capture all data attempting to leave the network. (They may even forward the packet along so that no one suspects anything is wrong. Can be mitigated by Dynamic Address Resolution Protocol Inspection (DAI)

19

What are governmental asset classifications?

  • Unclassified
  • Sensitive but unclassified (SBU)
  • Confidential
  • Secret
  • Top Secret

20

What are private sector asset classifications?

  • Public
  • Sensitive
  • Private
  • Confidential

21

What are asset classification criteria?

  • Value
  • Age
  • Replacement Cost
  • Useful Lifetime

22

What are asset classification roles?

  • Owner (the group ultimately responsible for the data)
  • Custodian (the group responsible for implementing the policy as dictated by the owner)
  • User (those who access the data and abide by the rules of use for the data)