Section 9: Securing IT Assets Flashcards
(24 cards)
Type: Question & Answer
Question: What is the practice of dividing a network into smaller, distinct segments or subnets, often achieved using Virtual LANs (VLANs), primarily to improve security and enhance performance?
Answer: Network Segmentation
Type: Question & Answer
Question: What refers to completely separating different parts of a network, system, or application to prevent unauthorised access and minimise the spread of malicious attacks?
Answer: Isolation
Type: True/False
Question: Isolated environments typically have a high level of controlled interaction with each other.
Answer: False (Isolated environments typically have no interaction with each other.)
Type: Multiple Choice Question (Select ALL that apply)
Question: Which of the following statements accurately describes key differences between Isolation and Segmentation?
A) Isolation implies complete separation, while segmentation involves dividing a larger network into smaller, managed parts.
B) Isolated environments typically allow for controlled interaction, whereas segmented networks have no interaction.
C) Isolation is chosen for highly sensitive operations, while segmentation is a more common approach for general network security.
D) Segmentation prevents unauthorised access, but isolation allows limited unauthorised access.
Answer: A, C
Type: Question & Answer
Question: What is the process of either granting or denying requests for individuals or systems (subjects) to obtain and use information and related services (objects)?
Answer: Access Control
Type: Question & Answer
Question: What security practice limits users, accounts, and computing processes to only the essential resources and permissions required to perform their specific functions?
Answer: Principle of Least Privilege (PoLP)
Type: True/False
Question: The Principle of Least Privilege dictates that all users should have administrative access for ease of management.
Answer: False (It dictates individuals or systems should have the absolute minimum access necessary.)
Type: Multiple Choice Question (Select ALL that apply)
Question: Which of the following are applications of the Principle of Least Privilege (PoLP)?
A) Granting all employees full access to all financial systems.
B) Requiring system administrators to use standard, limited accounts for daily tasks.
C) Ensuring applications operate with only the necessary permissions for their functioning.
D) Allowing users to install any software they wish on work devices.
Answer: B, C
Type: Question & Answer
Question: What is a set of rules used by network devices like routers to permit or deny network traffic based on IP addresses, also employed in file systems to manage permissions?
Answer: Access Control List (ACL)
Type: Question & Answer
Question: What settings are applied to files and directories that dictate who can read, write, or execute them, and are crucial for a file system’s security?
Answer: Filesystem Permissions
Type: Multiple Choice Question (Select ALL that apply)
Question: Which of the following are common user categories for filesystem permissions?
A) Owner
B) Administrator
C) Group
D) Others
Answer: A, C, D
Type: Question & Answer
Question: What is a strict security measure that only permits programs personally approved and placed on a specific list to run, automatically blocking everything else?
Answer: Application Allow List
Type: True/False
Question: An application allow list is generally considered a less strong defence compared to blacklisting.
Answer: False (It’s considered a stronger defence because it only allows explicitly approved programs.)
Type: Question & Answer
Question: What is the process of applying updates (“patches”) to software or systems to fix security vulnerabilities, correct bugs, or introduce new features?
Answer: Patching
Type: Question & Answer
Question: What involves setting up and adhering to rules for an organisation’s computer hardware and software configurations, actively managing these setups to keep them secure and compliant?
Answer: Configuration Enforcement
Type: Question & Answer
Question: What is the formal process of safely and systematically taking an IT asset out of use for good, ensuring no new security holes are created during or after its removal?
Answer: Decommissioning
Type: Question & Answer
Question: What is the continuous and active checking of your network, systems, and applications to ensure they are running securely and efficiently, including tracking performance and spotting suspicious activities?
Answer: Monitoring
Type: Multiple Choice Question (Select ALL that apply)
Question: Which of the following tools are commonly used for security monitoring?
A) IDS/IPS (Intrusion Detection/Prevention Systems)
B) SIEMs (Security Information and Event Management)
C) DLP (Data Loss Prevention)
D) Standard web browsers
Answer: A, B, C
Type: Question & Answer
Question: What are techniques aimed at making a system or network tougher to break into by reducing vulnerabilities and minimising the attack surface, often through specific configuration settings?
Answer: Hardening Techniques
Type: Multiple Choice Question (Select ALL that apply)
Question: Which of the following are specific hardening techniques?
A) Encryption of data at rest and in transit
B) Disabling unnecessary network ports/protocols
C) Keeping all default passwords on new hardware
D) Implementing Endpoint Protection software
Answer: A, B, D
Type: Question & Answer
Question: What type of firewall is a software application that sits on a single device and controls all network traffic going in and out of it, offering fine control over an individual machine?
Answer: Host-Based Firewall
Type: Question & Answer
Question: What comprehensive security solution is installed on individual hosts to constantly watch and analyse system behaviour and settings to stop unauthorised access and unusual activities?
Answer: HIPS (Host Intrusion Prevention System)
Type: True/False
Question: Changing default passwords on new hardware and software is a crucial hardening practice.
Answer: True
Type: True/False
Question: Removing unnecessary software increases the attack surface of a system.
Answer: False (It shrinks the attack surface.)
