Flashcards for Section 4.0 - Network Security

Question 1

What is the CIA Triad?

Answer 1

Confidentiality, Integrity, and Availability; a model to guide security policies ensuring data protection, accuracy, and accessibility.

Question 2

What is Confidentiality in the CIA Triad?

Answer 2

Ensuring data is accessible only to authorized users

Question 3

What is Integrity in the CIA Triad?

Answer 3

Maintaining data accuracy and trustworthiness, preventing unauthorized modifications, using hashing or checksums.

Question 4

What is Availability in the CIA Triad?

Answer 4

Ensuring data and systems are accessible to authorized users when needed

Question 5

What is the principle of least privilege?

Answer 5

Granting users only the access necessary for their tasks

Question 6

What is separation of duties?

Answer 6

Dividing tasks among multiple users to prevent fraud or errors

Question 7

What is zero trust?

Answer 7

A security model requiring continuous verification of all users and devices

Question 8

What is defense in depth?

Answer 8

A layered security approach using multiple controls (e.g., firewalls, IDS, encryption) to protect against threats.

Question 9

Why is defense in depth effective?

Answer 9

Multiple layers ensure that if one control fails, others can still protect the network, reducing single points of failure.

Question 10

What is multifactor authentication (MFA)?

Answer 10

Requiring two or more authentication factors (e.g.

Question 11

What is single sign-on (SSO)?

Answer 11

Allowing users to authenticate once and access multiple systems without re-authenticating.

Question 12

What is RADIUS in authentication?

Answer 12

Remote Authentication Dial-In User Service

Question 13

What is LDAP in authentication?

Answer 13

Lightweight Directory Access Protocol

Question 14

What is risk management in networking?

Answer 14

Identifying

Question 15

What is a risk assessment?

Answer 15

Evaluating potential threats

Question 16

What is risk mitigation?

Answer 16

Implementing controls (e.g., firewalls, patches) to reduce the likelihood or impact of risks.

Question 17

What is a Denial of Service (DoS) attack?

Answer 17

Overwhelms a network or system with traffic to disrupt service availability

Question 18

What is a Distributed Denial of Service (DDoS) attack?

Answer 18

A DoS attack using multiple compromised devices (botnets) to flood a target

Question 19

What is an on-path attack?

Answer 19

An attack where an attacker intercepts and potentially alters communication between two parties

Question 20

What is ARP spoofing?

Answer 20

An on-path attack where an attacker sends fake ARP messages to associate their MAC address with a legitimate IP

Question 21

What is VLAN hopping?

Answer 21

An attack exploiting misconfigured VLANs to access unauthorized VLANs

Question 22

How can VLAN hopping be prevented?

Answer 22

Disable unused ports, use non-default VLANs, and configure trunk ports to allow only specific VLANs.

Question 23

What is spoofing in networking?

Answer 23

Falsifying data to appear as a trusted source

Question 24

What is IP spoofing?

Answer 24

Forging the source IP address in packets to hide the attacker’s identity or impersonate a trusted host.

Question 25

What is MAC spoofing?

Answer 25

Changing a device’s MAC address to impersonate another device

Question 26

What are rogue services?

Answer 26

Unauthorized services (e.g., rogue DHCP servers, access points) running on a network, posing security risks.

Question 27

How can rogue DHCP servers be detected?

Answer 27

Use DHCP snooping on switches to filter unauthorized DHCP responses and monitor for unexpected IP assignments.

Question 28

What is malware?

Answer 28

Malicious software (e.g., viruses, worms, trojans) designed to harm, steal data, or disrupt systems.

Question 29

What is ransomware?

Answer 29

Malware that encrypts data

Question 30

What is a password attack?

Answer 30

Techniques like brute force or dictionary attacks to guess or crack passwords and gain unauthorized access.

Question 31

What is a brute force attack?

Answer 31

Systematically trying all possible password combinations until the correct one is found

Question 32

What is a dictionary attack?

Answer 32

Using a list of common words or phrases to guess passwords

Question 33

What is a deauthentication attack?

Answer 33

A wireless attack sending deauth frames to disconnect devices from a Wi-Fi network

Question 34

How can deauthentication attacks be mitigated?

Answer 34

Use 802.11w (protected management frames), monitor for attack patterns, or upgrade to newer Wi-Fi standards.

Question 35

What is social engineering?

Answer 35

Manipulating people to disclose sensitive information or perform actions

Question 36

What is phishing?

Answer 36

A social engineering attack using fraudulent emails or messages to trick users into revealing credentials or installing malware.

Question 37

What is network hardening?

Answer 37

Applying security measures to reduce vulnerabilities, like disabling unused services, updating firmware, and securing configurations.

Question 38

Why is disabling unused services important?

Answer 38

Reduces attack surfaces by eliminating unnecessary ports or protocols that could be exploited.

Question 39

What is the importance of changing default passwords?

Answer 39

Prevents attackers from using known default credentials

Question 40

What is password complexity in network hardening?

Answer 40

Using strong passwords (mixed case, special characters, long length) to resist guessing or brute-force attacks.

Question 41

Why change the default VLAN?

Answer 41

Prevents users from accessing the management VLAN

Question 42

What is the role of firmware upgrades in hardening?

Answer 42

Patches security vulnerabilities in network devices

Question 43

What is patch management in network hardening?

Answer 43

Regularly applying updates (service packs, monthly patches, emergency fixes) to ensure system stability and security.

Question 44

What is role-based access in network hardening?

Answer 44

Assigning specific permissions based on user roles (e.g.

Question 45

What are access control lists (ACLs)?

Answer 45

Rules allowing or denying traffic based on criteria like IP, port, or time, used to restrict unauthorized access.

Question 46

What are firewall rules in network hardening?

Answer 46

Policies managing traffic, often with implicit deny, logging explicit denies to detect reconnaissance attempts.

Question 47

What is MAC filtering in wireless security?

Answer 47

Limiting access by allowing only specific MAC addresses

Question 48

What is antenna placement in wireless security?

Answer 48

Positioning antennas to focus coverage and limit external access

Question 49

What is wireless isolation?

Answer 49

Preventing wireless clients on the same access point from communicating

Question 50

What is guest network isolation?

Answer 50

Ensuring guest Wi-Fi cannot access the internal private network

Question 51

What is WPA2-Personal?

Answer 51

Wi-Fi Protected Access 2 with a pre-shared key

Question 52

What is WPA3-Enterprise?

Answer 52

Wi-Fi security using 802.1X authentication with individual credentials via a server (e.g.

Question 53

What is EAP in wireless security?

Answer 53

Extensible Authentication Protocol

Question 54

What is geofencing in wireless security?

Answer 54

Restricting or allowing device features (e.g., camera, login) based on geographic location, often via MDM.

Question 55

What is a captive portal?

Answer 55

A web page requiring authentication (e.g.

Question 56

What is IoT security in wireless networks?

Answer 56

Segmenting IoT devices on a separate VLAN or guest network to protect private data from potential breaches.

Question 57

What is a VPN?

Answer 57

Virtual Private Network

Question 58

What is a site-to-site VPN?

Answer 58

Encrypts traffic between two network sites over the internet

Question 59

What is a host-to-site VPN?

Answer 59

Allows remote users to securely access a network via client software

Question 60

What is a clientless VPN?

Answer 60

Uses HTML5 and web browsers to create a VPN tunnel without dedicated software

Question 61

What is a remote desktop connection?

Answer 61

Allows sharing a desktop remotely, using protocols like RDP or VNC, often for technical support.

Question 62

What is a remote desktop gateway?

Answer 62

Combines VPN and RDP to securely access internal RDP servers via an SSL tunnel, acting as a proxy.

Question 63

What is SSH in remote access?

Answer 63

Secure Shell

Question 64

Why is authentication critical for remote access?

Answer 64

Prevents unauthorized access, requiring strong credentials and MFA, as seen in breaches like the 2008 Subway incident.

Question 65

What is out-of-band management?

Answer 65

Accessing devices via a separate management interface (e.g., serial, modem) when the network is unavailable.

Question 66

What is video surveillance in physical security?

Answer 66

Using CCTV cameras to monitor facilities, replacing guards, with features like motion detection and low-light capability.

Question 67

What are asset tracking tags?

Answer 67

Tags (e.g., barcode, RFID) on equipment to track location, configuration, and financial details for audits.

Question 68

What is tamper detection?

Answer 68

Mechanisms like case sensors or foil tags to detect unauthorized access to hardware, triggering alarms.

Question 69

What is employee training for physical security?

Answer 69

Educating staff on security practices via one-on-one sessions, posters, or intranet pages to prevent breaches.

Question 70

What is access control hardware?

Answer 70

Purpose-built devices like gates, locks, and cameras, often networked for real-time monitoring and control.

Question 71

What are badge readers?

Answer 71

Electronic keyless systems using PINs or cards

Question 72

What is biometric authentication?

Answer 72

Using unique traits (e.g., fingerprint, iris) for access, storing mathematical representations, not easily changed.

Question 73

What are access control vestibules?

Answer 73

Secure entry systems where opening one door locks others

Question 74

What are locking cabinets?

Answer 74

Enclosed data center racks with locks to secure hardware, managed by owners, with ventilation for cooling.

Question 75

What are smart lockers?

Answer 75

Automated lockers for secure package delivery, using PINs or apps to prevent theft and track access.

Question 76

What is data destruction in physical security?

Answer 76

Securely disposing of media to prevent data leaks, using physical destruction or sanitization for reuse.

Question 77

What is media sanitization?

Answer 77

Wiping or resetting storage devices to remove data