Determine mitigations for network-related security threats Flashcards
(14 cards)
What is the purpose of implementing a comprehensive approach to network security?
To ensure that one loophole or omission doesn’t result in further weaknesses upon which malicious users can capitalize.
Comprehensive security measures are essential to protect against various attack vectors.
What does Internet Protocol security (IPsec) do?
Authenticates IP-based communications between two hosts and encrypts network traffic where desirable.
IPsec is crucial for secure communications over IP networks.
What is the function of firewalls in network security?
Allow or block network traffic based on the type of traffic.
Firewalls are a fundamental component of network security architectures.
What are perimeter networks?
Isolated areas on your network to define network traffic flow and allow services to be available on the Internet without exposing the corporate intranet.
Placing servers in a perimeter network enhances security by limiting access.
Why is it important for users to connect securely to their organization’s intranet?
To protect data in transit across the Internet from eavesdropping or MITM attacks.
Secure connections are vital as the Internet is a public network.
What are VPNs and DirectAccess used for?
To authenticate and encrypt connections between remote users and the organization’s intranet.
These technologies help mitigate risks associated with remote access.
What does server hardening involve?
Running only the services that you need to make servers inherently more secure.
Establishing a security baseline is crucial for determining necessary services.
What tools can be used to determine required Windows Server services?
Security Configuration Wizard and Microsoft Baseline Security Analyzer.
These tools help assess and configure server security.
What is the role of intrusion detection in network security?
To monitor the network regularly for signs of attack.
Intrusion detection systems are essential for early threat detection.
Where should intrusion-detection systems be implemented?
On perimeter devices, such as Internet-facing routers.
This placement helps to monitor external threats effectively.
What does Domain Name System Security Extensions (DNSSEC) do?
Uses digital signatures for validation so that DNS servers and resolvers can trust DNS responses.
DNSSEC helps prevent data modification and tampering in DNS responses.
Fill in the blank: The DNS zone contains all ______ that are generated in the new resource records.
signatures.
These signatures are crucial for validating DNS responses.
What happens when a resolver issues a query for a name in DNSSEC?
The DNS server returns the accompanying digital signature in the response.
This process ensures the integrity of the DNS data received.
What is validated using a preconfigured trust anchor in DNSSEC?
The digital signature returned by the DNS server.
Successful validation indicates no tampering has occurred.
