Test 3 Flashcards
(128 cards)
1
Q
Installs on a computer before any OS and is called a bare-metal hypervisor
A
Type 1
2
Q
vNic accesses physical network using host machine’s NIC. Obtains own IP address, default gateway, and net mask from DHCP server on physical LAN. VM appears to other nodes as just another client or server on the network
A
Bridged Mode
3
Q
vNic relies on host machine to act as NAT device. Obtains IP addressing information from host. Hypervisor acts as a DHCP server. Appropriate for VMs that do not need to be accessed at a known address by other network nodes.
A
NAT mode
4
Q
Efficient use of resources. Fault and threat isolation.
A
Advantages of Virtualization
5
Q
Compromised performance. Increased licensing costs.
A
Disadvantages of Virtualization.
6
Q
The virtualization of network services
A
SDN (Software-Defined Networking
7
Q
Flexible provision of data storage, applications, and services to multiple clients over a network
A
Cloud Computing
8
Q
Space rented at a data center
A
Point of Presence (PoP)
9
Q
OS, runtime libraries or modules the oS provides to applications, and the hardware on which the OS runs
A
PaaS (Platform as a Service)
10
Q
Applications
A
SaaS (Software as a Service)
11
Q
Cybersecurity as a Service
A
CaaS
12
Q
Anything as a Service or Everything as a Service
A
XaaS
13
Q
Service provided over public transmission lines
A
Public Cloud
14
Q
Service established on an organization’s own servers in its own data center
A
Private Cloud
15
Q
User Known enctryption
A
Private Key
16
Q
Anyone may request encryption
A
Public Key
17
Q
Combination of public and private keys
A
Key Pair
18
Q
Requires 2 different keys
A
Asymmetric Encryption
19
Q
Use of certificate authorities to associate public keys with certain users.
A
PKI (Public Key Infrastructure)
20
Q
Both are methods of encrypting TCP/IP transmissions
A
SSL (Secure Sockets Layer) and TLS (Transport Layer Security)
21
Q
When a client and server establish a SSL/TLS connection, they establish a…
A
Unique Session
22
Q
service that allows a client to connect with and log on to a sever, LAN, or WAN in a different geographical location
A
Remote Access
23
Q
2 types of remote access servers
A
- Dedicated devices
2. Software running on a server
24
Q
A data link layer protocol that directly connects 2 WAN endpoints
A
PPP (Point-to-Point) Protocol
25
Can use an authentication protocol to authenticate a client to a remote system. Can encrypt the transmissions, although PPP encryption is considered weak by today's standards.
PPP
26
Allows a user on one computer to control another computer across a network connection
Terminal Emulation (Remote Virtual Computing)
27
1. Remote Desktop for Windows
| 2. Team Viewer
Examples of GUI-based software
28
A terminal emulation utility that allows an administrator or other user to control a computer remotely. Provides no security for transmitting data (no encryption)
Telnet
29
A collection of protocols that provides for secure authentication and encryption
SSH (Secure Shell)
30
Public key stored in authorization file on host where SSh server is
Terminal Emulation/SSH
31
A Microsoft proprietary protocol used to connect to and control a remote computer
RDP (Remote Desktop Protocol)
32
A network connection encrypted from end to end that creates a private connection to a remote network.
VPN
33
Edge of LAN, establishes connections between sites
VPN gateway
34
Authenticates VPN clients. Establishes tunnels for VPN connections. Manages encryption for VPN transmissions.
VPN concentrator
35
Encapsulates PPP data in a similar manner to PPTP. Can connect a VPN that uses a mix of equipment types. Can connect 2 routers, a router and a RAS, or a client and a RAS. Implemented with IPsec for security.
L2TP (Layer 2 Tunneling Protocol)
36
Open-source VPN protocol that uses a custom security protocol for encryption
Open VPN
37
IT security experts hired by org to identity security vulnerabilities
White Hat Hacker
38
Groups or individuals that cause damage, steal data, or compromise privacy
Black Hat Hacker
39
Common type of social engineering
Phishing
40
Often include legitimate looking logos, buttons, instructions and fine print.
Phishing emails
41
Someone who is trusted by an organization
Insider threat
42
Attackers use fake ARP replies to alter ARP tables in the network
ARP poisoning
43
Relies on intercepted transmission and can take several forms
MitM (man-in-the-middle) attack
44
DHCP messages should be monitored by a security feature on switches called...
DHCP Snooping
45
FTP, HTTP, Telnet, SLIP,TFTP, SNMPv1, SNMPv2
Insecure protocols and services
46
Programs that run independently and travel between computers and across networks
Worms
47
A program that locks a user's data or computer system until a ransom is paid
Ransomware
48
to prevent detection
encryption
49
disguised as legitimate programs
stealth
50
change characteristics every time they transfer to a new system
Polymorphism
51
programs designed to start when certain conditions are met
logic bombs
52
Two types of scans
Vulnerability scanning
53
Attacker is given same access as a trusted user would have
Authenticated
54
1. Red team conducts the attack
| 2. Blue team attempts to defend the network
Red Team-Blue Team Exercise
55
1. Designed to scan large networks.
| 2. Provides information about network and hosts
NMAP (Network Manager)
56
Combines known scanning and exploit techniques to explore potentially new attack routes
Metasploit
57
Decoy system that is purposefully vulnerable
Honeypot
58
Network of Honeypots
Honeynet
59
1. Use secure protocols instead of insecure protocols.
2. Close TCP/IP ports on the local firewall that are not used for ongoing activities.
3. Disable unneeded connection technologies.
Protect Devices. Using these guidelines:
60
Most commonly used hashing algorithm. Advantage: its resistance to collisions
SHA (Secure Hash Algorithm)
61
are often implemented together for increased security and both use the same hash lengths.
SHA-2 and SHA-3
62
The practice of allowing people to bring their smartphones, laptops, or other technology into a facility for the purpose of performing work or school responsibilities.
BYOD (Bring Your Own Device)
63
Choose Your Own Device
CYOD
64
These configurations can be handled automatically by MDM (mobile device management) software
BYOD
65
VMWare Airwatch, Cisco Meraki Systems Manager, Citrix XenMobile, Microsoft InTune
MDM Examples
66
last mile
Local loop
67
portion of the PSTN (Public Switched Telephone Network) connecting residence or business to neared CO
Local Loop (Last mile)
68
Faster download speeds than upload speeds. most common form of DSL
ADSL (Asymmetric DSL)
69
has equal download and upload speeds maxing out around 2 MBps
SDSL (Symmetric DSL)
70
Network use fiber-optic cabling to connect the cable company's distribution center to distribution hubs and then to optical nodes near customers
HFC (Hybrid Fiber Coaxial)
71
Operates at physical and data link layers
Cable Modem
72
An alliance of over 220 industry organizations worldwide. Developing ways to send ethernet traffic across MAN and WAN connections
Metro Ethernet Forum (MEF)
73
An ethernet-based transport solution designed to overcome weaknesses of implementing ethernet outside the LAN environment.
Carrier-Ethernet Transport (CET)
74
Allows organizations to use only some of the channels on a T1 line. Leasing allows organizations to only pay for what they use.
Fractional T1
75
SIP trunking employs VoIP to create virtual connections over an existing data service. Limited only by available bandwidth.
SIP (Session Initial Protocol) Trunk
76
Data rate of a SONET (synchronous optical network) connection is indicated by its...
OC (Optical Carrier) Level
77
Large companies commonly use..
OC-3 Connections
78
Group of Layer 2 protocols originally designed as a fast packet-switched network over ISDN. Today is used as the Data Link protocol for various circuit interfaces and media.
Frame Relay
79
Packet cell
Fixed packet size
80
48 data bytes plus 5-byte header
Packet (cell)
81
uses TDM and FDM
GSM (Global System for Mobile Communications)
82
used CDM
CDMA (Code Division Multiple Access
83
Freq: 3.4 - 6.7 GHz
C-band
84
Freq: 12-18 Ghz
K..u (k-under band)
85
Freq: 26.5 - 40 GHz
Ka - band (K-above band)
86
wildcard mask of 255.255.255.255
"any" keyword
87
access-list acl_2 permit icmp "any"
"any" = wildcard mask of 255.255.255.255
88
Prevents connection to and transmission completion through ports
Port blocking
89
Content-filtering based on data contained in packets
Optional Firewall Functions
90
Security strategy that combines multiple layers of security appliances and technologies into a single safety net
Unified Threat Management (UTM)
91
allows you to modify built-in firewall
iptables command in Linux
92
Protects entire networks
NIPS (network-based intrusion prevention)
93
Protects certain hosts
HIPS (host-based intrusion prevention)
94
Can be configured to evaluate all log data
SIEM systems
95
looking for significant events that require attention from the IT staff
SIEM sytems
96
Operates in data link layer
STP (Spanning Tree Protocol)
97
1. calculating paths avoiding potential loops
| 2. artificially blocking links completing loop
STP (Spanning Tree Protocol)
98
1. Select root bridge bases on Bridge ID (BID)
2. Examine possible paths between network bridge and root bridge.
3. Disables links not part of shortest path
Switch Path Management.
3 Steps
Three Steps
99
STP information is transmitted between switches
(via) BPDUs (Bridge Protocol Data Units)
100
blocks BPDUs on any port serving network hosts. ensures these devices aren't considered as possible paths.
BPDU guard
101
Can be used to disable STP on specific ports
BPDU filter
102
1. A descendent of STP that operates at Layer 3.
| 2. Keeps all potential paths active while managing flow of data
SPB (shortest Path Bridging)
103
Another Cisco command (also used on Arista devices) to secure switch access ports.
Switchport port-security
104
restricts the number of MAC addresses allowed in the MAX address table
mac-limit command
105
Process of verifying user's credentials to grant user access to secured resources
Authentication
106
determines what the user can and cannot do with network resources
authorization
107
to keep an account of the client's system or network usage
Accounting
108
A user can be authenticated to the local device or the network
Authentication
109
most popular authorization protocol
RBAC (role-based access control)
110
can be installed to make it easier to monitor log files for interesting or suspicious events
log file viewer
111
maintains a database of account information, such as, usernames, passwords, and other authentication credentials
Directory Service
112
Example of directory services
AD (Active Directory) in Windows
113
cross-platform authentication protocol
Kerberos
114
uses key encryption
Kerberos
115
ticket (term)
kerberos
116
1. Something you know (password or PIN)
2. Something you have (ATM or smart card)
3. Something you are (fingerprint or facial pattern)
3 categories of authentication factors
117
requires at least one authentication method from at least two different categories
MFA
118
open-source and standardized by the IETF
RADIUS (Remote Authentication Dial-In User Service)
119
a legacy authentication protocol often used with a RADIUS server in Windows networks
Microsoft Challenge-handshake Authentication Protocol version 2 (MS-CHAPv2)
120
Disadvantage of WEP: used a shared key for all clients and the key might never change
Wireless Network Security
121
1 of 2 forms of authentication:
OSA (Open System Authentication
122
Encryption key generation and management scheme
TKIP (Temporal Key Integrity Protocol)
123
defined by IEEE 802.11i
TKIP (Temporal Key Integrity Protocol)
124
helps ensure data confidentiality with both encryption and packet authentication by providing:
1. Message Integrity
| 2. Encryption
125
uses AES (advanced encryption standard) which provides faster and more secure encryption than TKIP
Encryption
126
Enterprise versions of:
WPA and WPA2
127
is used in cooperation with an authentication mechanism called EAP (Extensible Authentication Protocol)
Radius server
128
1. Tunnel based
| 2. Creates an encrypted TLS tunnel between the supplicant and the server
PEAP (Protected EAP)
