Network Security Fundamentals

Question 1

What is confidentiality in data security?

Answer 1

Ensures data privacy using encryption and authentication

Confidentiality is a fundamental principle in data security, safeguarding sensitive information from unauthorized access.

Question 2

What is symmetric encryption?

Answer 2

Both sender and receiver use the same key for encryption and decryption

Symmetric encryption is faster but poses challenges for key management.

Question 3

What is asymmetric encryption?

Answer 3

Involves a key pair: a public key known to everyone and a private key known only to the owner

Asymmetric encryption is commonly used for secure data exchange.

Question 4

How does asymmetric encryption ensure confidentiality?

Answer 4

Sender uses the receiver’s public key to encrypt the data

This method allows secure communication without sharing private keys.

Question 5

What is the key exchange process in secure communication?

Answer 5

1. Client requests secure website using HTTPS
2. Server provides public key with digital certificate
3. Client encrypts random number with server’s public key and sends it back
4. Server decrypts using its private key
5. Both parties use the random number as a symmetric key for secure communication

This process establishes a secure session between the client and server.

Question 6

What is data integrity?

Answer 6

Verifies data is not modified in transit or storage, preventing spoofing and unauthorized data changes

Data integrity is crucial for maintaining the accuracy and consistency of data.

Question 7

What is hashing in the context of data security?

Answer 7

Algorithm creates a unique fingerprint for data, allowing verification of data integrity

Hashing is used to ensure that data has not been altered during transmission.

Question 8

What does availability mean in data security?

Answer 8

Ensures data accessibility

Availability is essential for users to access information and services when needed.

Question 9

How can availability be achieved?

Answer 9

Through redundant network design and components

Redundancy helps prevent downtime and ensures continuous service.

Question 10

What are common threats to availability?

Answer 10

• Network floods
• Hardware failures
• Power outages
• Other disruptions

Understanding these threats is vital for implementing effective mitigation strategies.

Question 11

What is a threat in the context of network security?

Answer 11

Person or event that has the potential to negatively impact valuable resources

Examples include hackers and natural disasters.

Question 12

What is a vulnerability?

Answer 12

Weakness in system design, implementation, or lack of preventive mechanisms

Vulnerabilities can often be mitigated with proper security practices.

Question 13

What is the risk in cybersecurity?

Answer 13

Occurs when a threat exploits a vulnerability

Understanding the interplay between threats and vulnerabilities is crucial for risk management.

Question 14

What is an internal threat?

Answer 14

Originates from within the organization, such as malicious employees or unknowing end users

Internal threats can be harder to detect and mitigate.

Question 15

What is an external threat?

Answer 15

Originates from outside the organization, such as hackers or environmental events

External threats often require different defense strategies compared to internal threats.

Question 16

What are environmental vulnerabilities?

Answer 16

Weaknesses in the surrounding area affecting services, such as hurricanes or earthquakes

These vulnerabilities can impact infrastructure and service delivery.

Question 17

What are physical vulnerabilities?

Answer 17

Weaknesses in the building infrastructure, such as unlocked doors or misconfigured systems

Physical security is critical for protecting assets.

Question 18

What are operational vulnerabilities?

Answer 18

Weaknesses in policies and procedures, such as poorly enforced policies

Operational vulnerabilities can lead to security lapses.

Question 19

What are technical vulnerabilities?

Answer 19

System-specific weaknesses, such as misconfigurations, outdated hardware, or malicious software

Regular updates and configurations are essential for minimizing technical vulnerabilities.

Question 20

What is a Common Vulnerabilities and Exposures (CVE)?

Answer 20

List of publicly disclosed vulnerabilities – known vulnerabilities

CVEs provide details on vulnerabilities and affected software to help organizations manage risk.

Question 21

What are zero-day vulnerabilities?

Answer 21

Newly discovered vulnerabilities exploited before a patch is available

Zero-day vulnerabilities represent a significant risk as they are often unknown to the software vendor.

Question 22

What is an exploit?

Answer 22

Software code that takes advantage of a vulnerability

Exploits can lead to unauthorized access and data breaches.

Question 23

What are key practices for prevention in cybersecurity?

Answer 23

• Keep systems updated with latest patches
• Use up-to-date anti-malware software

Regular maintenance and updates are crucial for security.

Question 24

What is risk management?

Answer 24

Involves identifying, evaluating, and prioritizing risks

Aims to minimize, monitor, and control the probability or impact of vulnerabilities being exploited.

Question 25

What is a risk assessment?

Answer 25

Process to identify potential hazards and analyze their likelihood and consequences ## Footnote Determines an organization's tolerance for risks.

Question 26

What is a security risk assessment?

Answer 26

Identifies, assesses, and implements key security controls within an application, system, or network ## Footnote This assessment is crucial for maintaining a secure environment.

Question 27

What is the MITRE ATT&CK Framework?

Answer 27

A knowledge base of adversary tactics and techniques, derived from real-world observations ## Footnote Helps organizations understand threat methods and improve defenses.

Question 28

What is a vulnerability assessment?

Answer 28

Identifies, quantifies, and prioritizes risks and vulnerabilities ## Footnote Typically uses vulnerability scanner tools such as Nessus or OpenVAS.

Question 29

What is a penetration test?

Answer 29

Attempts to exploit vulnerabilities within the system or network for evaluation of IT infrastructure security ## Footnote Validates the effectiveness of defensive mechanisms.

Question 30

What is a posture assessment?

Answer 30

Assesses an organization's attack surface to understand its cyber risk posture and exposure to threats ## Footnote Helps identify areas needing improvement in security.

Question 31

What are the four main steps in a business risk assessment?

Answer 31

* Defining mission-critical components * Identifying strengths, weaknesses, and security issues * Strengthening security position * Staying in control ## Footnote This process ensures comprehensive risk management within an organization.

Question 32

What is data locality?

Answer 32

Refers to geographic location where data is stored and processed ## Footnote Influenced by legal and regulatory requirements governing data protection.

Question 33

What is the Payment Card Industry Data Security Standard (PCI DSS)?

Answer 33

Security standards for companies handling credit card information ## Footnote Not a law but a contractual requirement for handling cardholder data.

Question 34

What is the General Data Protection Regulation (GDPR)?

Answer 34

European Union regulation focusing on data protection and privacy ## Footnote Applies to all organizations operating within the EU or offering goods/services to individuals inside the EU.

Question 35

What are key practices for implementation and compliance?

Answer 35

* Implement continuous monitoring and auditing programs * Regular audits to ensure compliance with relevant standards and regulations * Employee training on auditing and compliance processes ## Footnote These practices help organizations meet legal obligations and maintain security.

Question 36

What is device hardening?

Answer 36

Ensuring that a device has had any unnecessary application or port disabled or removed from the host ## Footnote Reducing the attack surface is crucial for improving security.

Question 37

What are some key practices for device hardening?

Answer 37

* Run only necessary services * Install monitoring software for malware protection * Establish a maintenance schedule for system patching ## Footnote Device hardening applies to a variety of devices including endpoints and servers.

Question 38

What is endpoint security software?

Answer 38

Install anti-malware, antivirus, spam filters, host-based firewalls, and log collection agents ## Footnote Enhances security posture and threat detection capabilities.

Question 39

What is the importance of physical security in networking?

Answer 39

Protecting networking equipment is crucial to prevent unauthorized access and tampering ## Footnote Physical security measures are necessary to safeguard infrastructure.

Question 40

What are detection mechanisms in security?

Answer 40

Security controls used during an event to find out whether something malicious has happened ## Footnote Examples include cameras and intrusion detection systems.

Question 41

What are access control hardware types?

Answer 41

* Badge Readers * Biometric Readers * Access Control Vestibules ## Footnote These mechanisms control access to secure areas and enhance security.

Question 42

What is active defense in cybersecurity?

Answer 42

Practice of responding to threats by destroying or deceiving the threat actor's capabilities ## Footnote Active defense involves proactive measures to counter threats.

Question 43

What is a honeypot?

Answer 43

A host or server set up to attract attackers, allowing organizations to observe and learn from their attack methods ## Footnote Honeypots help organizations understand threat tactics.

Question 44

What are annoyance strategies in active defense?

Answer 44

Use techniques like obfuscation to waste attackers' time and resources ## Footnote These strategies aim to frustrate and deter attackers.

Question 45

What are the legal considerations of active defense strategies?

Answer 45

Active defense strategies, especially hack back, have significant legal implications ## Footnote Organizations must comply with local laws before engaging in such tactics.

Question 46

PKI or Public Key Infrastructure

Answer 46

Encrypts info and facilities key exchange using asymmetric encryption like RSA