Module 1 - Intro to NDE Flashcards
(45 cards)
What are Network Security Controls
Security features that work together to control access to network resources based on identity management.
Page 17
What do Network Security Protocols do?
Ensure data passing through a network is secure.
Page 17
What are Network Security Devices?
A set of devices used to protect computer networks from unwanted traffic and threats.
Page 17
What are the categories of Network Security Devices?
- Active devices
- Passive devices
- Preventative devices
Page 17
What is the ultimate goal of Network Defence?
To protect an organisations information, systems and infrastructure
from
* unauthorised access,
* misuse,
* modification,
* service denial
and any degradation or disruptions.
Page 18
There are four
What are some potential threats to a network?
- Interruption of services
- Damaging and exploiting the network
- Restricting access to computing resources
- Stealing data
Page 18
Is a firewall alone sufficient to protect a network?
No. Firewalls can be bypassed for intruders to access the system.
Page 18
There are six
What does network defence involve?
- Predicting,
- protecting,
- monitoring,
- analysing,
- detecting
- and responding
to unauthorised activities.
Page 18
What are the five Information Assurance (IA) principles?
- Confidentiality
- Integrity
- Availability
- Non-Reupdiation
- Authentication
Page 19
What is the confidentiality IA principle?
Information shared on a network is not accessed by unauthorised parties.
Page 20
What is the integrity IA principle?
Information has not been modified or tampered with by unauthorised parties.
Page 20
What is the availability IA principle?
Information is available to authorised parties without disruption.
Page 20
What is the non-repudiation IA principle?
There is a trail of responsibility when messages are sent so that the sender can not deny sending it.
Page 21
What is the authentication IA principle?
No one can access the network without having their identity verified.
Page 21
What are the three elements of Network Security?
- Network security controls
- Network security protocols
- Network security devices
Page 17
What are four benefits of Network Defence?
- Increased profits
- Improved productivity
- Enhanced compliance
- Client confidence
Page 22
What are the three main Network Defence challenges?
- Distributed computing environments
- Emerging threats
- Lack of network security skills
Page 23
What are the four types of Network Defence Approaches?
- Preventative
- Retrospective
- Reactive
- Proactive
Page 24
What are four methods used in the Preventative network defence approach?
- Access control mechanisms - firewalls
- Admission control mechanisms - Network Access Controls (NAC) and Network Access Protections (NAP)
- Cryptographic applications - IPSec and SSL
- Biometric techniques - facial recognitiion
Page 24
What are five methods used in the Reactive network defence approach?
- Security monitoring methods such as:
- An intrusion detection system (IDS)
- An intrusion prevention system (IPS)
- Security information management systems (SIMS)
- Threat reputation services (TRS)
Page 24
What three methods are used in the Retrospective network defence approach?
- Fault finding mechanisms - protocol analysers and traffic monitors
- Security forensics techniques - CSIRT and CERT
- Post-mortem analysis mechanism - risk and legal assessments
Page 24
What are two methods used in the Proactive network defence approach?
- Threat intelligence
- Risk assessment
Page 24
What are seven examples of Administrative Security Controls?
- Regulatory framework compliance
- Security policy
- Employee monitoring and supervising
- Information classification
- Security awareness and training
- Separation of duties
- Principle of least privileges
Page 25
What are Administrative Security Controls?
Administrative security controls are
* Management limitations
* Operational procedures
* Accountability procedures
and other controls that ensure the security of an organisation.
Page 25
