Network Security

Question 1

What are the two types of penetration testing?

Answer 1

Internal: hacker has information about the company (white box)
External: hacker has no information about the company (black box)

Question 2

What is ethical hacking?

Answer 2

It is done by professional hackers hired by the company to find flaws in their security system.
It can include penetration testing, phishing or impersonation.

Question 3

What is access control?

Answer 3

Authentication: verifying the identity of the user when logging into the system
Authorization: verifying what the user can do in the system

Question 4

What is a firewall used for?

Answer 4

A piece of software, hardware or both. It scans all data going to and from a network and act as a barrier between the computer and the outside world.

Question 5

What is physical security?

Answer 5

Stopping people from accessing data physically e.g stopping a person trying to break in and steal data.
Piggybacking: pretending to be someone who is authorised. (forgetting ID card at home)
Tailgating: taking advantage of a vulnerability in the system. (asking someone to hold the door for you)

Question 6

What is encryption?

Answer 6

Turning plain text into something unreadable. Ensures data stays private and only the person with the right “key” is able to translate the data back to readable form.

Question 7

What is Mac Address Filtering?

Answer 7

Every device has a unique Mac address so network managers can create whitelists which is a list with specific devices allowed to connect to the network.