Network And Application Security Week 6/7

Question 1

Active directory

Answer 1

A windows component that stores network, domain, and user data. Allows administrators manage permissions and limit network access.

Question 2

Active directory domain services

Answer 2

Authenticates users and defines which network resources they can access.

Question 3

Anonymity

Answer 3

A condition in which users conceal their online id without masking their activity.

Question 4

Asymmetric cryptography (public key cryptography

Answer 4

A cryptographic algorithm that requires two separate keys. One private and the other public. Message is encrypted with the public key and decrypted with the private key.

Question 5

Authorization

Answer 5

The process that determines whether an id person is allowed access to a resource.

Question 6

Behavior based detection

Answer 6

A type of threat detection that monitors unusual behavior. Ex a large number of requests for a computer or device resource.

Question 7

Blacklisting

Answer 7

The practice of allowing anything to enter a network unless expressly prohibited.

Question 8

Cloud DLP

Answer 8

A type of data loss prevention that encrypts cloud acct.

Question 9

Correlation rule

Answer 9

A rule that instructs a sec mechanism as to which sequence of events may indicate anomalies, security vulnerabilities, or a cyber-attack

Question 10

Data Loss Prevention (DLP)

Answer 10

A security tool that helps ensure users don’t transfer Valuable or sensitive data outside of the organization by monitoring, identifying, and blocking unwanted transfers.

Question 11

Demilitarized Zone(DMZ)

Answer 11

A subnetwork located between private networks and the public internet which contains services that are fully exposed to the internet. This adds an extra layer of security preventing unnecessary access to private networks.

Question 12

Domain controllers DC

Answer 12

A server that handles and responds to authentication requests inside a windows server domain.

Question 13

Discretionary Access Control

Answer 13

Type is access control that restricts access to resources based on subject’s identity or group membership.

Question 14

Endpoint agent

Answer 14

An EDR agent that monitors and collects data on all endpoint activities and stores it in a centralized database.

Question 15

Endpoint Detection and Response (EDR)

Answer 15

A security tool that combines monitoring, protection and response to security threats on endpoints in real time.

Question 16

Endpoint DLP

Answer 16

A type of DLP that doesn’t require a network. It monitors servers, workstations, laptops, and mobile devices that use, transfer, or store critical data. It can also monitor unsecure data storage.

Question 17

Hashing

Answer 17

A process performed on data such as a file or application to generate a hash value.

Question 18

Honeypot

Answer 18

A security mechanism that sets up a virtual trap to attract attackers. They are a form of misdirection that enables analysts to study the attackers activity patterns.

Question 19

Host based firewall

Answer 19

A firewall that runs on a single networked computer or device. This type of firewall protect individual hosts from malware and attacks and control their network spread.

Question 20

Host based intrusion detection system (HIDS)

Answer 20

A mechanism that runs on each host or endpoint device in a network and checks incoming and outgoing host packets and alerts endpoint users when it detects abnormalities.

Question 21

Hypertext transfer protocol (HTTP)

Answer 21

A protocol that defines how messages are formatted and transmitted, as well as the actions web servers and browsers should take in response to various commands.

Question 22

Incident Response

Answer 22

A collection of information security rules and procedures implemented by an organization to detect, contain, and remove cyber attacks.

Question 23

Incident Detection

Answer 23

A task carried out by analysts to detect and collect data from IT systems, security technologies, and publicly available data as well as detect attack precursors and indicators.

Question 24

Internet protocol security (IPsec)

Answer 24

A protocol that secures Internet communication across an IP network by verifying the session and encrypting each data packet during the connection.

Question 25

Kerberos

Answer 25

A system that acts as a boundary between users and the network. It uses strong cryptography to allow clients to prove their ID to a server over an insecure network connection.

Question 26

Key Distribution Center (KDC)

Answer 26

An access control component responsible for issuing access tickets and session keys in response to user requests for resource access.

Question 27

Lightweight Directory Access Protocol (LDAP)

Answer 27

A protocol that allows programs to access user information quickly. It’s a simple client-server protocol used to access directory services.

Question 28

Local Area Network

Answer 28

A collection of interconnected computers in a small area such as a building or an office.

Question 29

Mandatory Access Control (MAC)

Answer 29

A type of access control in which the ability to grant or deny access to resource objects in a file system is restricted by an OS.

Question 30

MD5

Answer 30

A type of hashing algorithm that encodes a string of information into a 128 bit fingerprint.

Question 31

Network DLP

Answer 31

A type of DLP that secures network data by monitoring and analyzing network traffic.

Question 32

Network based Firewall

Answer 32

A type of firewall that protects computer networks from attacks and restricts network traffic so that only authorized packets can access the organizations network, servers and assets.

Question 33

New technology LAN Manager (NTLM)

Answer 33

A challenge response authentication mechanism that allows clients to prove their ID without submitting a password to the server.

Question 34

Network based intrusion Detection system (NIDS)

Answer 34

A mechanism that monitors network traffic to detect threats. It examines al network packets content and headers.

Question 35

OpenVPN

Answer 35

A type of VPN that creates secure point to point or site to site connections and remote access. It runs client and server apps.

Question 36

Privacy

Answer 36

A condition in which no one can see a users actions but they may be able to determine who the user is.

Question 37

Psuedonymity

Answer 37

The id of a person by a name that isn’t their actual name.

Question 38

Remote access VPN

Answer 38

a type of VPN that allows remote users to securely access and use apps and data located in a remote network by encrypting all outgoing and incoming traffic.

Question 39

Role based access control (RBAC)

Answer 39

A method for restricting access to a resource based on a users position within the organization.

Question 40

Secure shell protocol (SSH)

Answer 40

A protocol that provides users a secure way to access a computer over an unsecured network.

Question 41

Secure sockets layer protocol (SLL)

Answer 41

A protocol responsible for protecting data sent between web browsers and servers. It encrypts the connection between the two parties to protect their data.

Question 42

SHA

Answer 42

Hashing algorithms that encrypt data and are considered very secure. The subtypes include SHA1 and SHA256. The greater the number following SHA the more recent and sophisticated the version.

Question 43

Single sign on(SSO)

Answer 43

Authentication that allows a user to authenticate and securely with multiple applications and websites using a single set of credentials.

Question 44

Site to site VPN

Answer 44

A type of VPN that relies on router to router communication, one router serves as the VPN client and the other is the VPN Server.

Question 45

Stateful firewall

Answer 45

A type of firewall capable of monitoring all aspects of network traffic, including communication channels and characteristics.

Question 46

Symmetric key cryptography

Answer 46

An encryption system where the sender and receiver of a message share a single key to both encrypt and decrypt the message.

Question 47

The 3 a’s

Answer 47

Stands for Access Control, authentication, and Authorization. An indispensable framework for network management and security.

Question 48

Ticket granting ticket

Answer 48

A user authentication token generated by the KDC that is used to request access to particular resources/systems without repeatedly entering credentials.

Question 49

Transport Layer Security Protocols (TLS)

Answer 49

An enhanced and more secure version of ssl. TLS offers end to end security for different data transmissions between applications and services.

Question 50

Web application Firewall

Answer 50

Protects web applications by filtering and monitoring HTTP traffic between a web application and the Internet.

Question 51

Whitelisting

Answer 51

The practice of defining permitted access as opposed to blocking prohibited access.