Network Security Foundations and Secure Management

Question 1

A hardware component within a device that provides network access capabilities

Answer 1

Network Interface Card (NIC)

Question 2

Layer 2 communication device (within a LAN)

Answer 2

Switch

Question 3

Layer 3 communication device that interconnects two or more LANs

Answer 3

Router

Question 4

Hardware or software that filters traffic

Answer 4

Firewall

Question 5

A node on a computer that serves as a source or a destination point

Answer 5

End Device

Question 6

A device that provides a wireless network connection (WLAN)

Answer 6

Access Point

Question 7

______, _____, ______ & _______are intermediary devices that connect end devices to the network and control data flow

Answer 7

Switches, routers, firewalls, and access points

Question 8

guides traffic to its destination network by Layer 3 devices

Answer 8

Routing Process

Question 9

These devices use __________ to determine the best path and forward packets to the next hop on the way to their destination

Answer 9

routing tables

Question 10

boosts IP addressing efficiency by splitting networks, distributing traffic, and enhancing security policy distributions.

Answer 10

Subnetting

Question 11

VLANs in administrative networks key roles:

Answer 11

• Divide large networks
• Isolate traffic securely
• Decrease the network resources wasted
  when broadcasting is used
• Ensure controlled communication outside
  the VLAN

Question 12

ACLs are essential for _____ and _____ traffic management

Answer 12

Secure
Efficient

Question 13

filter traffic based on criteria like addresses, protocols, and ports. They are manually configured to allow or block traffic using permit or deny statements

Answer 13

Access-control lists (ACLs)

Question 14

statements within the ACLs that are inspected upon packet arrival. When the conditions within the ACE are met, the traffic is either allowed or blocked based on the rules configured in the ACE

Answer 14

Access control entries (ACEs)

Question 15

______ manage network resources, respond to client requests, and host various services. They are dedicated to their intended function.

Answer 15

Servers

Question 16

Server Types:

Answer 16

• Web
• Database
• Mail
• Communication
• Application

Question 17

Host web pages

Answer 17

Web

Question 18

Stores user or computer-related data

Answer 18

Database

Question 19

Enables email communication among clients

Answer 19

Mail

Question 20

Facilitates communication among devices and networks

Answer 20

Communication

Question 21

Enables users to run applications on the web without installing them

Answer 21

Application

Question 22

________ in a network ensures reliability by creating backup pathways or components

Answer 22

Redundancy

Question 23

Redundancy can be achieved ______ (duplicate hardware) or ______ (backup routes)

Answer 23

Physically
Logically

Question 24

allow multiple routers in a subnet mask to share a virtual IP address which can be assigned as a default gateway for end devices. This ensures connectivity if a gateway router fails

Answer 24

Redundancy Protocols

Question 25

a group of multiple servers functioning as a single system, thereby ensuring uninterrupted service through automatic failover

Answer 25

Failover Cluster

Question 26

If one server encounters an issue, another takes over swiftly, maintaining service availability (failover cluster). This setup is also called a _____

Answer 26

high-availability cluster

Question 27

Failover clusters offer high availability for applications and services. ______ are interconnected and share storage. ______ request services via a load balancer, which redirects requests to another server if one fails

Answer 27

Servers Clients

Question 28

evenly distributes network traffic among servers in a cluster, preventing overload

Answer 28

Load balancing

Question 29

Load balancers come in two type:

Answer 29

- Physical (hardware) - Virtual (software)

Question 30

_______________is the process of planning and implementing measures to protect computer networks from unauthorized access, breaches, and cyberthreats

Answer 30

Network Security Design

Question 31

What is the objective of Network Security Design?

Answer 31

to effectively mitigate security risks

Question 32

- safeguards the internal network by isolating it from external traffic - where external users first access the network

Answer 32

demilitarized zone (DMZ)

Question 33

______ are in the LAN, _____ in the DMZ, and ______ in a WAN

Answer 33

Databases web servers Clients

Question 34

Devices providing sensitive services should not be placed in the DMZ due to _____ ______, while public web servers are often placed there

Answer 34

internet exposure

Question 35

the hardware and software that are used to protect computer networks from unauthorized access, breaches, and cyberthreats

Answer 35

Network security systems

Question 36

acts as a mediator between clients and servers, hiding the origin of server requests. It’s used for anonymity, DDoS protection, and load balancing by companies

Answer 36

proxy server

Question 37

2 types of proxy servers:

Answer 37

- forward proxy - reverse proxy

Question 38

Connects private network computers to the public internet, serving as the exit point for accessing external resources

Answer 38

Forward Proxy

Question 39

Acts as a single entry point for external systems to access private subnet resources

Answer 39

Reverse Proxy

Question 40

- utilize SMTP to store and forward messages, ensuring the delivery of emails from the sender to the receiver - They act as middlemen, verify the sender’s identity, and encrypt messages between the source and destination - can also be used for anti-spam, allow and deny lists

Answer 40

Mail Relay Servers

Question 41

- act as a security layer that controls traffic on one or more subnets - It enforces rules that determine traffic allowances or restrictions, taking into account ports, protocols, and source and destination IP address

Answer 41

Access-control Lists (ACLs)

Question 42

- a network security system that monitors and controls incoming and outgoing traffic - are typically deployed at Layer 3 (Network Layer) to control network communication, securing connections between internal and external networks

Answer 42

Firewall

Question 43

_______ & ______ work with predefined rules based on traffic analysis to detect network attacks

Answer 43

Intrusion prevention systems (IPS) and intrusion detection systems (IDS)

Question 44

Monitor and analyze network traffic for malicious activity. They can block or drop packets to prevent or mitigate attacks

Answer 44

IPS

Question 45

Monitor and analyze network traffic for malicious activity

Answer 45

IDS

Question 46

- filters and blocks unwanted HTTP/HTTPS traffic based on predefined rules to and from a web server - can be a stand-alone device or server plug-in, usually positioned between the firewall and web server

Answer 46

web application firewall (WAF)

Question 47

a vital framework in network security that allows admins to manage access, control users, and track audits

Answer 47

Authentication, Authorization, and Accounting (AAA)

Question 48

AAA security has three functional components:

Answer 48

Authentication, Authorization, and Accounting

Question 49

The process of verifying a user’s identity

Answer 49

Authentication

Question 50

The process of determining what resources a user can access

Answer 50

Authorization

Question 51

This is the process of tracking user activity

Answer 51

Accounting

Question 52

Users can use usernames, passwords, token cards, security questions, and biometrics to gain access. This process is known as ____

Answer 52

authentication

Question 53

stores user credentials on devices like PCs, switches, routers, and firewalls

Answer 53

Local authentication

Question 54

a database found on Windows-based computers that verifies credentials when a user logs into a computer

Answer 54

Security Account Manager (SAM)

Question 55

A ______ ______ checks the username and password to gain access to the computer

Answer 55

local database

Question 56

- involves storing user credentials on a remote server for authentication - Devices ask the server to authenticate users based on the user data stored on the server - This method allows centralization of stored usernames and passwords

Answer 56

Remote authentication

Question 57

________ & _______ are prominent protocols in AAA

Answer 57

RADIUS and TACACS+

Question 58

To ensure secure access management, RADIUS and TACACS+ provide seamless communication between ______ & _______

Answer 58

clients and servers

Question 59

a network protocol that offers centralized AAA services for network access, often used in remote access like wireless networks (WI-FI) and VPN, as well as in local networks

Answer 59

Remote Authentication Dial-In User Service (RADIUS)

Question 60

RADIUS uses ___ for its operation

Answer 60

UDP

Question 61

Common RADIUS features include:

Answer 61

- Operates on multiple platforms - Can be standalone or on an existing system - Integrates with Active Directory - Suitable for wired and wireless networks - Allows Cisco routers to authenticate via Microsoft servers - Originally developed to authenticate via Layer 2 - Only encrypts the password in the packet - UDP ports 1812/1813 ro 1645/1646

Question 62

- It’s worthwhile to note that RADIUS has alternatives, such as ______. - This alternative has gained popularity for its enhanced capabilities and scalability in modern network environments - _____ offers improvements over RADIUS, rendering it a consideration for organizations seeking more advanced AAA solutions

Answer 62

Diameter

Question 63

- a network protocol developed by Cisco that provides centralized AAA services for network access - It is designed for a wide range of applications, including network access, device management, and application access - can be employed in diverse network setups, from small-scale to enterprise environments

Answer 63

Terminal Access Controller Access-Control System Plus (TACACS+)

Question 64

TACACS+ uses ___ of its operation

Answer 64

TCP

Question 65

Common TACACS+ features include:

Answer 65

- Supported by Cisco and other vendors - AAA is implemented as separate functions - Encrypts the entire packet - TCP port 49

Question 66

- a security protocol defined by the Institute of Electrical and Electronics Engineers (IEEE) - This security protocol authenticates users and devices seeking network access, applicable in wired or wireless LANs, campuses, and enterprises

Answer 66

802.1X

Question 67

802.1X features include:

Answer 67

- Access Control - Network Security - Intelligent and Flexible

Question 68

Secure, identity-based access control

Answer 68

Access Control

Question 69

Ensures security with minimal disruption

Answer 69

Network Security

Question 70

Secure operation

Answer 70

Intelligent and Flexible

Question 71

802.1X has three components:

Answer 71

- Supplicant - Authenticator - Authentication Server

Question 72

The device that wants to connect to the network

Answer 72

Supplicant

Question 73

The device that controls network access

Answer 73

Authenticator

Question 74

The device that verifies the supplicant’s identity

Answer 74

Authentication Server

Question 75

- an authentication framework that transports request and response parameters - is extensible and new methods can be added as needed

Answer 75

Extensible Authentication Protocol (EAP)

Question 76

Some common EAP methods include:

Answer 76

- EAP-MD5 - EAP-TLS - EAP-PEAP