Network Security Operations

Question 1

packet filtering firewall

Answer 1

inspects source and destination IP, limit placed on packets that can enter the network - operates at layer 3 and 4

Question 2

stateful inspection firewall

Answer 2

every packet is analyzed, categorized, and a security decision is made - operates at layers 3, 4, 5

Question 3

stateless firewalls

Answer 3

does not keep track of traffic flows, needs 2 rules to reach destination point

Question 4

application level firewall

Answer 4

blocks program-level traffic and analyzes packet content - operates at level 7 (and below)

Question 5

application layer attack - SQL injection attack solution

Answer 5

leverage a reverse proxy system and scan incoming packets for malicious behavior

Question 6

presentation layer attack - man in the middle attack solution

Answer 6

mitigate using an application-layer proxy or IPS, and train users about fake security certificates

Question 7

session layer attack - RPC solution

Answer 7

mitigate with regular OS and application patching

Question 8

transport layer attack - port scanner solution

Answer 8

mitigate by using a packet filtering firewall

Question 9

network layer attack - ping sweep attack solution

Answer 9

mitigate by using packet filtering firewall

Question 10

data link layer - VLAN hopping solution

Answer 10

configure the VLAN tagging per the switch vendor’s recommendations

Question 11

physical layer - wiretapping solution

Answer 11

look for physical vulnerabilities, check locks on doors, racks, wiring closets

Question 12

WEP

Answer 12

use pre-shared key and RC4 algorithms, weak

Question 13

WPA

Answer 13

uses RC4 algorithms and TKIP which rekeys every 10,000 packets (better than WEP)

Question 14

WPA2

Answer 14

uses AES and CCMP (most used)

Question 15

WPA3

Answer 15

strongest but newer, not so much used

Question 16

ad-hoc wireless infrastructure mode

Answer 16

all wireless communication is performed in a peer-to-peer fashion and does not require a WAP

Question 17

infrastructure wireless network infrastructure mode

Answer 17

a WAP or wireless router is used to connect wireless devices to the network

Question 18

symmetric encryption

Answer 18

uses the same key

Question 19

asymmetric encryption

Answer 19

one public and one private key

Question 20

SSL - secure socket layer

Answer 20

uses an asymmetric key pair, end-to-end encryption

Question 21

TLS - transport layer security

Answer 21

successor to SSL

Question 22

IDS (intrusion detection system)

Answer 22

designed to monitor both inbound and outbound data traffic and report on any suspicious activity

Question 23

IPS (intrusion preventions system)

Answer 23

has capability to stop or prevent malicious attacks that is detects in real time by integrating with the firewall

Question 24

packet shaper

Answer 24

device that sits between a campus network and an outside network and is configured with a set of rules used to prioritize data traffic for shaping bandwidth

Question 25

PIPEDA requires orgs to do this with people's information

Answer 25

explain how personal identifiable info is collected, used, and disclosed

Question 26

wireless encryption method that includes each device using a unique encryption key

Answer 26

WPA3

Question 27

primary goal of separation of duties in IT security

Answer 27

prevent fraud and unauthorized data access by requiring more than one person to complete certain tasks

Question 28

redesigning protocols to fit more naturally into daily workflows for people serves what security principle?

Answer 28

psychological acceptability

Question 29

in discretionary access control systems, who typically has authority to set or change permissions?

Answer 29

owner of the resource

Question 30

wireless encryptions from weakest to strongest

Answer 30

WEP -> WPA -> WPA2 -> WPA3

Question 31

sophisticated firewall that examines individual packets and their collective grouping represents what type of access control?

Answer 31

context based