NETWORK & SECURITY FOUNDATIONS OVERVIEW Flashcards
(313 cards)
1
Q
What device forwards data packets to all connected ports?
A
HUB
A hub is also known as a multi-port repeater.
2
Q
What is the primary function of a modem?
A
Sending & receiving data, allows computers to transport digital info over analog lines
A modem connects to the internet.
3
Q
Which device amplifies or regenerates signals to extend a network?
A
REPEATER
4
Q
What does a switch do in a network?
A
Connects devices in a specific network and allows them to communicate efficiently using MAC addresses.
5
Q
What is the function of a bridge in networking?
A
Joins 2 separate network segments together.
6
Q
What is the primary role of a router?
A
Forwards data packets between two or more networks and determines the best path for transmission.
7
Q
What does an edge router do?
A
Connects internal networks to external networks (Internet).
8
Q
What is the purpose of a core router?
A
Routes data within a large network (Internet backbone).
9
Q
What is the function of a wireless range extender (WRE)?
A
Extends the coverage of a wireless network.
10
Q
What is a wireless access point (WAP)?
A
Connects wireless devices to a wired network.
11
Q
What is the primary security device on a network?
A
FIREWALL
12
Q
What does an inter-provider border router do?
A
Connects ISP to ISP, forming the core or backbone of the Internet.
13
Q
What type of cable uses a foil or mesh shield to reduce noise and crosstalk?
A
STP (Shielded Twisted Pair)
14
Q
What is a key characteristic of unshielded twisted pair (UTP) cabling?
A
Suitable for both office and home environments.
15
Q
What is coaxial cable primarily used for?
A
Carrying cable TV signals and broadband cable Internet access.
16
Q
How is data transmitted in fiber optic cables?
A
Using pulses of light.
17
Q
What are the two types of fiber optic cables?
A
Single-mode & Multi-mode.
18
Q
What type of fiber optic cable is best for long cable runs?
A
Single-mode.
19
Q
What is a patch cable?
A
A short Ethernet twisted pair cable with RJ 45 connectors on both ends.
20
Q
Which category of twisted pair cable is required for Gigabit network compatibility?
A
Category 5E.
21
Q
What type of network focuses on personal workspace and can use NFC or Bluetooth?
A
PAN (Personal Area Network).
22
Q
What defines a Local Area Network (LAN)?
A
A small computer network typically confined to a single room or building.
23
Q
Which network type connects multiple buildings?
A
CAN (Campus Area Network).
24
Q
What is the characteristic of a Metropolitan Area Network (MAN)?
A
Data network design used for a city, town, or municipality.
25
What type of topology connects all devices to a central hub or switch?
Star topology.
26
In which topology do packets navigate device-to-device until reaching their destination?
Ring topology.
27
What is the advantage of a mesh topology?
Enables multiple data paths between any two devices to safeguard against link failure.
28
Which network architecture is centralized?
Client/Server model.
29
In a Peer-to-Peer (P2P) architecture, how is configuration handled?
Decentralized, with each device requiring individual configuration.
30
What command is used to measure round-trip time to a specific destination?
PING.
31
What does the command TRACERT (or TRACEROUTE) do?
Traces the path packets take to reach a network destination.
32
What command displays IP configuration settings in Windows?
IPCONFIG.
33
What does NSLOOKUP do?
Provides name to IP information (DNS).
34
What is the purpose of the ARP command?
Displays and modifies the ARP table, mapping IP addresses to MAC addresses.
35
Which command identifies active TCP connections?
NETSTAT.
36
What is NMAP used for?
Network scanning to find hosts and open ports.
37
What does ARP stand for?
Address Resolution Protocol
## Footnote
ARP maps IP addresses to MAC addresses.
38
What command is used to display active TCP connections on Windows?
NETSTAT
39
What is the purpose of the NETSTAT command?
Displays network connections and statistics
40
What does NMAP stand for?
Network Mapper
41
What is the primary function of the ROUTE command?
Displays and manipulates the IP routing table
42
What protocol does FTP use for file transfer?
TCP
43
Fill in the blank: TFTP uses ______, which does not guarantee accurate delivery of files.
UDP
44
What is the main security feature of SSH?
Secure remote device management
45
What does WHOIS provide?
Domain information lookup
46
What is TCPDUMP used for?
Packet capturing utility
47
What command is used to display the IP configuration on a Windows computer?
IPCONFIG
48
What command can a user run to test latency to a specific destination?
PING
49
What is the purpose of the IFCONFIG command in Linux?
Views detailed information about network interfaces
50
Which OSI model layer is responsible for network addressing and routing?
Network layer
51
At which layer of the OSI model does TCP operate?
Transport layer
52
What is the primary function of the Data Link layer?
Node-to-node data transfer and error detection
53
What is the highest layer of the OSI model?
Application layer
54
What does the Presentation layer handle in the OSI model?
Formatting and encrypting data
55
Fill in the blank: The IEEE 802.11 wireless standard includes ______.
A, B, G, N, AC, AX
56
What type of hypervisor runs directly on hardware?
Type 1 hypervisor
57
What is a key feature of a Type 2 hypervisor?
Runs on top of a host operating system
58
What does IaaS stand for in cloud computing?
Infrastructure as a Service
59
What is the main responsibility of the user in a PaaS model?
Managing applications and data
60
What type of cloud deployment model is dedicated to a single organization?
Private cloud
61
What defines a public cloud?
Cloud services are shared among multiple organizations over the internet
62
Fill in the blank: SaaS focuses on ______ delivery through the internet.
Application
63
Which command is used for DNS resolution of a domain name?
NSLOOKUP
64
Which layer of the OSI model is responsible for breaking data into packets?
Transport layer
65
What is the primary function of the Session layer in the OSI model?
Establishing, maintaining, and terminating connections
66
What does a hybrid cloud combine?
Private and public clouds
67
What is the OSI layer that includes IPX?
Network layer
68
What is the command to display the mapping of IP addresses to MAC addresses on Windows?
ARP
69
What type of hypervisor is used for maximum virtual machine capacity?
Type 1
70
What is the main advantage of SaaS?
No need for individual installations or updates
71
What is the role of the Presentation layer in the OSI model?
Formatting, encrypting, and decrypting data
72
What is an example of a SaaS application?
Gmail
73
What is a private cloud?
Cloud infrastructure dedicated to a single organization, providing more control & security
## Footnote
Examples include services like Gmail, Google Drive, MS One Drive, and Zoom.
74
What defines a public cloud?
Cloud services provided to multiple organizations over the internet, shared between users but isolated
## Footnote
Accessible over the public internet to anyone interested in subscribing.
75
What is a community cloud?
Cloud infrastructure shared by multiple organizations with common interests or regulatory concerns
76
What is a hybrid cloud?
A combination of private & public clouds, allowing data & applications to move between them
77
What does multi-cloud mean?
The use of multiple cloud services from different providers to meet specific needs or improve redundancy
78
What distinguishes a public cloud model?
Accessible over the public internet to anyone interested in subscribing
79
Which cloud deployment often utilizes exclusive (non-shared) hardware?
Private cloud
80
How is a community cloud defined?
Shared among multiple organizations with similar objectives
81
What defines the hybrid cloud model in terms of IT asset locations?
Mix of on-premises & cloud-based services for IT assets
82
What describes a public cloud?
Provides cloud services to just about anyone
83
In a hybrid cloud, what is known as data in transit?
Data traveling over the WAN connection between private & public clouds
84
What does least privilege mean in security?
Restricts access rights for users to minimum levels necessary for performing their tasks
85
What is risk in the context of security?
The potential or probability that a loss may occur
86
What does anti-malware do?
Helps detect & remove malicious software, such as viruses or malware
87
What is the purpose of a firewall?
Controls incoming & outgoing network traffic based on predetermined security rules
88
What is the definition of a vulnerability?
A weakness or flaw in hardware, software, or facilities that can be taken advantage of to compromise security
89
What is an exploit?
A method or tool used to take advantage of a vulnerability
90
What is a threat in cybersecurity?
Anything that has the potential to cause harm to your assets
91
What is an attack in cybersecurity?
An action taken to harm your assets by exploiting vulnerabilities
92
What is a threat actor?
A person or group that poses a threat, intending to carry out attacks or harm assets
93
What does patch management involve?
Regularly updating software & applying patches to address known vulnerabilities
94
True or False: In a private cloud, companies like AWS and Microsoft Azure are responsible for physical data center security.
False
95
What type of vulnerability is created by setting a password to 'password01'?
Weak password
96
What defines a zero-day attack?
An attack that exploits a previously unknown vulnerability in software or hardware
97
What is a white hat hacker?
IT professionals who specialize in penetrating & compromising network security to help an organization
98
What is a black hat hacker?
Individuals with malicious intent who breach systems for profit
99
What is a gray hat hacker?
Individuals who break laws by not having permission but do not have malicious intent
100
What is a hacktivist?
A hacker who engages in hacking activities to promote a social or political agenda
101
What is an insider threat?
Individuals within an organization who misuse their access privileges to compromise security
102
What is SQL injection?
Allows attackers to take control of a database by inserting special commands into input boxes
103
What is a buffer overflow attack?
An attacker enters text that is too large to fit within a region of memory called a buffer
104
What is the goal of a phishing attack?
To steal sensitive info like usernames & passwords
105
What is a denial of service (DoS) attack?
Aims to disrupt availability of services by overwhelming a network or server with traffic
106
What is a smurf attack?
A DDoS attack where multiple computers reply to ICMP requests, overwhelming the target
107
What is the definition of eavesdropping?
Unauthorized listening to private conversations
108
What is packet sniffing?
Capturing IP packets & analyzing TCP/IP network traffic
109
What is zero-day exploit?
An exploit or vulnerability not known yet, requiring a patch to be remedied
110
What is an advanced persistent threat (APT)?
A network attack where an unauthorized person gains access and stays undetected for a long period
111
What does social engineering involve?
Manipulating individuals to divulge confidential info or perform actions that may compromise security
112
What is a rogue access point?
A fake wireless network set up to trick users into joining, allowing attackers to capture data
113
In a man-in-the-middle attack, where does the attacker position themselves?
Between two communicating parties
114
What is the primary goal of a deauth attack?
To force any client off the network
115
What is a fake access point also known as?
Evil twin
116
What is a security risk that originates from individuals within an organization, such as employees or contractors?
Insider threat
117
What type of attack is performed when an attacker is inserting text that is too large to fit within a region of memory?
Buffer overflow
118
What is an attacker attempting to breach the network remotely considered?
External threat
119
Which type of DoS attack involves sending oversized or malformed ping packets to crash the target system?
Ping of death
120
What exploit includes breaching the network cable and using a packet sniffer to listen and record the traffic on the network?
Wiretapping
121
A wireless deauthentication attack is an example of which type of attack?
Denial of service attack
122
Which attack floods a system with traffic to prevent legitimate activities or transactions from occurring?
Denial of service attack
123
What type of attack targets an SQL database using the input field of a user?
SQL injection
124
Describe man-in-the-middle.
A false server intercepts communications from a client by impersonating the intended server
125
What type of attack does the attacker attempt to send unauthorized commands to a back-end database through a web application?
SQL injection
126
What occurs when an attacker gains unauthorized access to a computer and modifies browser security settings?
Data modification
127
What does an attacker use a Trojan horse for to forward usernames and passwords to an anonymous email address?
Data export
128
What type of attack involves trying all possible combinations of a password and user ID?
Brute-force attack
129
What is it called when an attacker uses exposed data from a data breach to attempt to access accounts of another online retailer?
Credential surfing
130
What attack uses a list of commonly used access credentials to attempt to gain access to an online account?
Dictionary attack
131
What type of attack occurs when an attacker tries to gain access to a system by disguising their computer as another computer?
IP address spoofing
132
What type of attack involves an attacker using a program to take control of a connection by pretending to be each end of the connection?
Session hijacking
133
What occurs when an attacker intercepts messages between two parties before transferring them to the correct destination?
Man-in-the-middle attack
134
What type of attack does an attacker use a false ID to gain physical access to IT infrastructure?
Social engineering
135
What type of email attack involves sending emails claiming that an online account has been locked and provides a fake link?
Phishing
136
What type of attack uses a DNS poisoning strategy to direct users from a legitimate website to the attacker's website?
Pharming
137
What are examples of social engineering?
Impersonation, phishing
138
What is risk avoidance?
Eliminating a particular risk by getting rid of its cause
139
What is risk acceptance?
Not taking any action to reduce risk
140
What is risk mitigation?
Decrease possibility of occurrence of risk
141
What is risk transfer?
Shifting the potential loss to a third party
142
What is a honeypot?
A decoy system that is intentionally vulnerable and filled with fabricated data to lure attackers
143
What risk management strategy involves eliminating the threat or vulnerability to completely eliminate the associated risk?
Risk avoidance
144
What risk management approach is demonstrated by opting to keep a network device operational despite being aware of its risk?
Risk acceptance
145
Which risk management approach entails reducing the likelihood of a risk occurring or reducing the impact if a risk does occur?
Risk mitigation
146
What are two ways to protect a computer from malware?
* Use antivirus software
* Keep software up to date
147
What type of tool should Kyle use to attract an attacker and analyze their activity?
Honeypot
148
If a company installs a state-of-the-art firewall, what are they primarily engaged in?
Risk mitigation
149
What is an example of risk acceptance?
Ignoring minor security risks because the cost to address them would outweigh the potential loss
150
What strategy involves sharing some of the risk burden with someone else, such as an insurance policy?
Risk transference
151
What does the CIA triad help protect?
Information from unauthorized disclosure and modification while ensuring it is accessible to authorized users
152
What does confidentiality in the CIA triad refer to?
Secrecy and privacy of data
153
What is the goal of integrity in the CIA triad?
Ensuring accuracy and trustworthiness of data
154
What is the goal of availability in the CIA triad?
Ensuring authorized users have access to network, systems, applications, or data when required
155
Data encryption at rest primarily addresses which component of the CIA triad?
Confidentiality
156
What accurately defines a security vulnerability?
A defect or imperfection in hardware, software, or infrastructure that could be exploited to undermine security
157
What CIA component is breached when a ransomware attack encrypts all files on a company’s server?
Availability
158
What CIA components are compromised in a man-in-the-middle (MITM) attack?
* Confidentiality
* Integrity
159
What CIA component is affected when sensitive emails are intercepted on a compromised Wi-Fi network?
Confidentiality
160
Ensuring that data is accurate and hasn't been tampered with relates to which CIA triad?
Integrity
161
What is the best practice to secure backup drives containing sensitive information?
Store the devices in an access controlled server room
162
What CIA triad component is affected by a flood in the server room causing significant damage to hardware?
Availability
163
What are checksums and cryptographic hashes primarily used to ensure?
Integrity
164
What CIA triad component is impacted when a critical software application fails to start due to an expired license key?
Availability
165
What CIA triad component is affected when Kim's exam results are accidentally sent to Karen?
Confidentiality
166
In cybersecurity, what does CIA stand for?
Confidentiality, Integrity, Availability
167
What CIA triad component is affected when Cynthia is unable to turn in her application on time due to a website crash?
Availability
168
What CIA triad component is a driver for enabling data encryption?
Confidentiality
169
What CIA triad component is a driver for implementing and monitoring controls?
Confidentiality
170
What CIA triad component requires IP packets to be retransmitted if the receiving host has an invalid checksum value?
Integrity
171
What is an example of a violation of confidentiality?
A company stores sensitive customer data without access controls
172
What is an example of a violation of availability?
A new employee hasn’t been issued access credentials to the company’s network for needed info
173
What does a company use hash value comparisons to determine?
If the data in a database has changed
174
What does a company do when updating devices it provides to employees?
Ensure that each employee has consistent network access
175
What are security policies?
Guidelines and rules set by an organization to protect its information and technology assets
176
What does a data handling policy outline?
Procedures and guidelines for managing and securing company data throughout its lifecycle
177
What does a password policy specify?
Requirements for creating and managing passwords within the organization
178
What does a Bring Your Own Device (BYOD) policy set?
Rules for employees who want to use their personal devices
179
What does a privacy policy document require?
How an organization collects, uses, discloses, and manages both intellectual property and personally identifiable information
180
Which principle in network security design advocates for the use of cryptographic techniques?
Security
181
What must each sub-policy in an information security policy document clearly contain?
The specific compliance obligations the sub-policy fulfills
182
What should we keep up to date?
Office suites, browser plugins, and anti-virus
183
What are the two states of data?
* In transit
* At rest
184
What principle involves limiting user rights and access control permissions to the minimum necessary?
Least privilege
185
What does complete mediation ensure?
Check authentication every time
186
What principle requires that critical tasks involve more than one person?
Separation of privilege/duties
187
What does fail-safe default emphasize?
Default to maximum security, access denied by default
188
What does economy of mechanism suggest?
Keep security systems simple, use proven components
189
What does least common mechanism advocate?
Use separate devices, tools, applications for different users or activities
190
What does human-centered design focus on?
Designing with the user in mind
191
What does psychological acceptability ensure?
Security design is simple and intuitive
192
What does open design emphasize?
Security of the system shouldn’t depend on its design being secret
193
What does the zero trust principle state?
Never trust, always verify
194
What does defense in depth refer to?
A multi-layered approach to security
195
What principle ensures that users are only granted the minimum level of access necessary to perform their tasks?
Least privilege
196
What principle focuses on ensuring the system remains secure even if individual components fail?
Fail-safe
197
Which principle ensures access to resources is checked against the security policy even after initial authentication?
Complete mediation
198
What principle emphasizes the importance of keeping security mechanisms transparent and understandable?
Open design
199
What principle emphasizes the need to verify the identity of users and restrict access based on their roles?
Separation of privilege
200
What principle suggests that security mechanisms should be easy to understand and use?
Psychological acceptability
201
What aspect of zero-trust architecture could have prevented unauthorized access when an employee connected to the company network remotely from a public Wi-Fi hotspot?
Zero trust network access (ZTNA)
202
What aspect of zero-trust architecture could have prevented unauthorized access when connecting to a company network remotely from a public Wi-Fi hotspot?
Zero Trust Network Access (ZTNA)
## Footnote
ZTNA ensures that only authorized users and devices can access specific resources.
203
Which aspect of zero-trust architecture could have mitigated a data breach due to a compromised employee device?
Least Privilege Access
## Footnote
This principle limits user access to only what is necessary for their role.
204
What principle is enforced when a company allows less complex passwords with two-factor authentication for better user-friendliness?
Psychological Acceptability
## Footnote
This principle focuses on making security measures easier for users to comply with.
205
What principle does a mobile banking app utilize by terminating all active sessions after detecting unauthorized access attempts?
Fail-Safe
## Footnote
This principle ensures that systems default to a secure state in case of an error.
206
What technology is essential for achieving effective zero trust architecture?
Multi-Factor Authentication (MFA)
## Footnote
MFA requires multiple forms of verification to enhance security.
207
What practice best exemplifies separation of duties in incident response at a software company?
One team detects & reports security incidents, while a different team analyzes & responds to these incidents
## Footnote
This practice prevents conflicts of interest and enhances security.
208
How does zero trust handle internal and external threats?
Treats all network traffic with the same level of suspicion
## Footnote
This approach minimizes risk from both internal and external sources.
209
What principle enhances security through simplicity by using a simple, well-understood algorithm?
Economy of Mechanism
## Footnote
This principle emphasizes simplicity in design to improve security.
210
Why is separation of duties essential in IT security?
Helps prevent any one individual from having too much control over a critical process
## Footnote
This reduces the risk of fraud and errors.
211
What principle is a development team committed to when designing a web application to protect sensitive info in case of an error?
Fail-Safe
## Footnote
This principle ensures that systems default to a secure state in case of an error.
212
What goal is an organization pursuing when designing an intuitive, user-friendly, and secure info system dashboard?
Human-Centeredness
## Footnote
This approach focuses on user experience and usability.
213
What principle is reinforced when a company holds meetings to inform employees about session timeouts and the risks of workarounds?
Psychological Acceptability
## Footnote
This principle encourages understanding and compliance among users.
214
What practice requires a manager to verify any changes made to a client’s electronic profile by an employee?
Separation of Duties
## Footnote
This ensures oversight and accountability in sensitive operations.
215
What are the factors on which rules in packet filtering firewalls are based?
* Source IP address
* Destination IP address
* Port numbers
* Protocol types (IP, TCP, UDP, ICMP)
## Footnote
These factors help determine whether to allow or block traffic.
216
What does stateful inspection in firewalls track?
The state of active connections
## Footnote
This allows the firewall to determine if incoming packets are part of an established session.
217
What is required before allowing traffic into the network in stateful inspection firewalls?
A prior outbound request
## Footnote
This helps ensure that only legitimate traffic is allowed.
218
What type of firewall inspects the content of packets?
Application-Level Firewall
## Footnote
This firewall filters traffic based on specific application data.
219
What type of firewall acts as intermediaries between internal and external networks?
Proxy Firewall
## Footnote
This firewall hides clients' identities while inspecting traffic.
220
What does Unified Threat Management (UTM) provide?
Single device protection from a variety of threats
## Footnote
UTM consolidates multiple security features into one device.
221
What distinguishes Intrusion Detection Systems (IDS) from Intrusion Prevention Systems (IPS)?
IDS can only detect, whereas IPS can prevent
## Footnote
IDS alerts administrators, while IPS actively blocks threats.
222
What is a solution that can help detect and prevent unauthorized activities by an insider attempting to access sensitive information?
IDS & IPS
## Footnote
These systems work together to monitor and respond to threats.
223
What capability does an IPS have that an IDS lacks?
Blocking detected threats automatically
## Footnote
This allows for immediate response to threats.
224
Which type of firewall can check whether a packet is part of an established connection?
Stateful Inspection Firewall
## Footnote
This type of firewall maintains the state of active connections.
225
Which firewall should an organization use that allows or denies packets based on administrator-defined rules?
Packet Filtering Firewall
## Footnote
This firewall applies specific rules for traffic control.
226
If an IPS detects a threat, what actions can it take?
* Record the details
* Report the threat to security admins
* Take preventative action to stop the threat
## Footnote
These actions help mitigate risks posed by detected threats.
227
What type of firewall inspects all incoming and outgoing messages for harmful content before they reach desktops?
Application-Level Firewall
## Footnote
This firewall focuses on content inspection for security.
228
What is the most effective control against SQL injection attacks on a database?
Application Layer Firewall
## Footnote
This type of firewall can filter and block malicious traffic.
229
What technology can be put in place to detect potential malware traffic on the network?
Firewall
## Footnote
Firewalls can monitor and manage traffic to identify threats.
230
What type of firewall can reject packets that are not part of an active session?
Application-Level Firewall
## Footnote
This firewall applies session state tracking.
231
What restrictions are most commonly implemented in packet-filtering firewalls?
* IP source & destination address
* Direction (inbound or outbound)
* TCP or UDP source & destination port requests
## Footnote
These restrictions help control network access.
232
What are the three states of data concerning encryption?
* At rest
* In transit
* In use
## Footnote
These states define how data is protected during different phases.
233
What is the result of plaintext plus an encryption key?
Ciphertext
## Footnote
This is the encrypted output of the encryption process.
234
What type of encryption uses the same key for both encryption and decryption?
Symmetric Encryption
## Footnote
This method is faster but requires secure key management.
235
What distinguishes asymmetric encryption from symmetric encryption?
Employs different keys for encryption & decryption
## Footnote
Asymmetric encryption uses a public and a private key.
236
In a secure email exchange, which key should Alice use to ensure only Bob can read her message?
Bob’s Public Key
## Footnote
This allows Alice to encrypt the message specifically for Bob.
237
What layer of protection is considered the last line of defense in a well-implemented security in depth strategy?
Data encryption at rest
## Footnote
This protects data even if physical security is compromised.
238
What key does Bob use to decrypt a message received from Alice using an asymmetric cryptography algorithm?
Bob’s Private Key
## Footnote
This key is kept secret and used to decrypt messages encrypted with his public key.
239
What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?
Symmetric
## Footnote
This method simplifies the encryption process.
240
What key should Alice use to encrypt a message to Bob using an asymmetric cryptography algorithm?
Bob’s Public Key
## Footnote
This ensures that only Bob can decrypt the message.
241
True or False: Encryption of data at rest provides an additional layer of protection by keeping data protected and inaccessible to attackers even if the system is physically stolen.
True
## Footnote
This emphasizes the importance of encrypting sensitive data.
242
Which protocol is the best choice for encrypting communication between a website and its users?
TLS
## Footnote
TLS (Transport Layer Security) is widely used for secure web communication.
243
What type of device is designed to handle DDoS attacks and ensure the availability of network services?
DDoS Mitigation Appliances
## Footnote
These devices filter out malicious traffic during attacks.
244
What is not typically considered a part of device hardening?
Increasing the # of open ports
## Footnote
This would actually increase vulnerability rather than enhance security.
245
What strategy should an organization use for Wi-Fi hardening in response to several cyberattacks?
Configure Wi-Fi signal strength to reduce range
## Footnote
This limits the area where unauthorized users can connect.
246
What is an Acceptable Use Policy (AUP)?
Agreement between 2 parties outlining permissible & prohibited use of organization’s IT resources
## Footnote
AUP helps establish clear guidelines for technology use.
247
What does a Security Awareness Policy mandate?
Training & education of employees about organization’s security measures
## Footnote
This policy promotes a culture of security awareness.
248
What is the purpose of an Asset Classification Policy?
Categorizing organization’s assets based on how critical each asset is to the organization’s mission
## Footnote
This helps prioritize security efforts.
249
What does the Asset Protection Policy establish?
Methods & measures required to physically & digitally protect an organization’s assets
## Footnote
This policy outlines security practices for asset protection.
250
What does the Asset Management Policy include?
Security operations & management of all IT assets within seven domains
## Footnote
This policy ensures comprehensive oversight of IT assets.
251
What is involved in Vulnerability Assessment & Management?
Identifying, classifying, & managing vulnerabilities within the organization’s technology environment
## Footnote
This process helps mitigate potential risks.
252
What does Threat Assessment & Monitoring outline?
Processes for continuously monitoring & assessing threats that could impact the organization’s IT infrastructure
## Footnote
This helps in proactive threat management.
253
What threat involves looking for an open wireless network while driving?
War Driving
## Footnote
This activity is often associated with searching for unsecured networks.
254
What is the mitigation for War Driving?
* Decrease wireless range
* Hide SSID
## Footnote
These actions minimize the visibility of the network.
255
What is War Chalking?
Marking an area after SSID & credentials are known
## Footnote
This practice helps others find unsecured networks.
256
What is the mitigation for War Chalking?
* Use WPA2 or WPA3
* Enable MAC filtering
* Hide SSID
## Footnote
These measures enhance network security.
257
What does WEP/WPA cracking involve?
Scanning & determining the pre-shared key
## Footnote
This is a method used to compromise wireless security.
258
What is the mitigation for WEP/WPA cracking?
Use stronger encryption protocols, such as WPA2 or WPA3
## Footnote
Stronger encryption makes it more difficult to crack keys.
259
What is an Evil Twin attack?
Setting up a rogue WAP for legitimate users to sniff data
## Footnote
This attack tricks users into connecting to an unsecured network.
260
What is the mitigation for Evil Twin attacks?
Wireless Intrusion Prevention Systems (WIPS)
## Footnote
WIPS can detect and prevent rogue access points.
261
What is a Rogue Access Point?
An WAP installed on the network without the IT team’s knowledge
## Footnote
This poses a security risk by allowing unauthorized access.
262
What is the mitigation for Rogue Access Points?
* Switch port tracing
* Monitor mode scanning
* Rogue detector
## Footnote
These practices help identify unauthorized devices.
263
What is the threat of DoS/DDoS?
Slowing a computer or network to a halt after saturating its resources
## Footnote
This disrupts normal operations and services.
264
What is the mitigation for DoS/DDoS attacks?
* Monitor normal traffic patterns
* Compare signatures of incoming traffic
* Use an anti-DoS/DDoS device
## Footnote
These actions help manage and mitigate attacks.
265
What is an ICMP (Ping) Flood attack?
Sends a large number of ICMP (Ping) packets to a system
## Footnote
This can overwhelm the target system and disrupt services.
266
What is the mitigation for ICMP Flood attacks?
Block ICMP packets on firewall
## Footnote
This prevents the attack from overwhelming the system.
267
What is a Smurf attack?
Sends a large number of ICMP packets to a network’s broadcast address using a spoofed source IP
## Footnote
This amplifies the attack and floods the target network.
268
What is the mitigation for Smurf attacks?
* Disable IP broadcast
* Block ICMP packets on firewall
## Footnote
These measures prevent the attack from being effective.
269
What is a Fraggle attack?
Sends spoofed UDP packets to a specific broadcast address
## Footnote
This can also flood the target network with traffic.
270
What is the mitigation for Fraggle attacks?
* Disable IP broadcast
* Block ICMP packets on firewall
## Footnote
These actions help control incoming traffic.
271
What is a Buffer Overflow attack?
Puts more data in memory buffer than it can handle
## Footnote
This can lead to crashes or exploitation of vulnerabilities.
272
What is the mitigation for Buffer Overflow attacks?
Detect vulnerabilities in code
## Footnote
Regular code audits can help identify and fix issues.
273
What is an Injection attack?
Injects malicious data or script in a web application
## Footnote
This type of attack targets input validation weaknesses.
274
What is the mitigation for Injection attacks?
User server-side validation and validate & sanitize input data
## Footnote
These practices help secure web applications.
275
What is Broken Authentication?
Uses brute-force & dictionary attacks to gain access
## Footnote
This exploits weak authentication mechanisms.
276
What is the mitigation for Broken Authentication?
* Implement multi-factor authentication
* Implement complex passwords
## Footnote
These measures enhance security against unauthorized access.
277
What is Sensitive Data Exposure?
Theft of encryption keys or MitM attack on clear text data in transit
## Footnote
This compromises data confidentiality.
278
What is the mitigation for Sensitive Data Exposure?
Avoid storing sensitive data (secure data)
## Footnote
This reduces the risk of data breaches.
279
What is an injection vulnerability?
Injects malicious data or script in a web application
280
What is a method to prevent injection vulnerabilities?
Validate & sanitize input data
281
What is broken authentication?
Use brute-force & dictionary attacks to gain access
282
What can be implemented to enhance authentication security?
Implement multi-factor authentication
283
What is sensitive data exposure?
Theft of encryption keys or MITM attack on clear text data in transit
284
How can sensitive data exposure be prevented?
Avoid storing sensitive data (secure data)
285
What is a crucial step to secure data in transit?
Encrypt data in transit
286
What is a common wireless attack that involves unauthorized access?
Evil twin attack
287
What traditional network security tool can mitigate ICMP ping flood attacks?
Firewall with ICMP filtering capabilities
288
What is the primary reason attackers set up rogue access points?
To capture personal & financial information from unsuspecting users
289
What should a library implement to secure its network after war chalking?
WPA2 or WPA3 wireless encryption
290
What is the purpose of a Wireless Intrusion Prevention System (WIPS)?
To detect and prevent rogue access points
291
What strategy can an e-commerce company use to mitigate DoS/DDoS attacks?
Monitor normal traffic patterns
292
What access control model allows the owner of a resource to decide permissions?
DAC (Discretionary Access Control)
293
What defines RBAC?
Permissions assigned based on role or job function
294
What is RUBAC?
Rule-based access control; allowed or denied based on fixed rules
295
What does ABAC stand for?
Attribute-based access control
296
What is the goal of implementing strong encryption algorithms in the cloud?
To ensure that sensitive data is securely stored
297
What is a key feature of multi-factor authentication?
Combines something you know and something you have
298
What does the term 'accounting' refer to in the AAA framework?
Tracks what a user did & accessed
299
What is the purpose of a security question in authentication?
Relies on something you know
300
What access control method uses job function for permissions?
RBAC
301
What does PII stand for?
Personally Identifiable Information
302
What does PIPEDA govern?
How private sector organizations collect, store, use & disclose personal information
303
What is the focus of the GDPR?
Protection & privacy of personal information for individuals within the EU
304
What does HIPAA primarily protect?
Health information
305
What is the purpose of the PCI DSS?
To ensure security of credit & debit card transactions
306
What does the Sarbanes-Oxley Act (SOX) set standards for?
Financial reporting to protect investors from fraudulent practices
307
What is a key aspect of security governance?
Developing security policies & procedures
308
What must organizations do under PIPEDA regarding personal information?
Establish adequate security measures for protection
309
What should be included in an information security policy document?
Compliance requirements the sub-policy is designed to meet
310
Fill in the blank: The weakest wireless security protocol is _______.
WEP
311
True or False: WPA3 is the newest wireless security protocol.
True
312
What does authorization determine in the AAA framework?
What can you do? What can you access?
313
What type of access control is based on context or state of transaction?
CBAC (Context-Based Access Control)
