networking chapter 16 - network security fundamentals
Which device is used by other network devices to authenticate and authorize management access?
AAA server
This zone is used to house servers that should be accessible to outside users.
DMZ
Which type of network threat is intended to prevent authorized users from accessing resources?
DoS attack
unauthorized manipulation of data, system access, or user privileges
access attack
Which is appropriate for providing endpoint security?
antivirus software
Which three services are provided by the AAA framework? (Choose three.)
authentication, authorization, accounting
breaking into a computer to destroy or alter data records
data loss and manipulation
What kind of threat is described when a threat actor alters data records?
data loss or manipulation
What kind of threat is described when a threat actor sends you a virus that can reformat your hard drive?
data loss or manipulation
disabling or corruption of networks, systems, or services
denial of service
What is the objective of a network reconnaissance attack?
discovery and mapping of systems
What kind of threat is described when a threat actor overloads a network to deny other users network access?
disruption of service
What kind of threat is described when a threat actor prevents legal users from accessing data services?
disruption of service
preventing legitimate users from accessing services to which they are entitled
disruption of service
voltage spikes, insufficient supply voltage (brownouts), unconditioned power (noise), and total power loss
electrical threats
what service might be used in a DMZ server
Which benefit does SSH offer over Telnet for remotely managing a router?
encryption
Some routers and switches in a wiring closet malfunctioned after an air conditioning unit failed. What type of threat does this situation describe?
environmental
temperature extremes (too hot or too cold) or humidity extremes (too wet or too dry)
environmental threats
Which component is designed to protect against unauthorized communications to and from a computer?
firewall
Which device controls traffic between two or more networks to help prevent unauthorized access?
firewall
For security reasons a network administrator needs to ensure that local computers cannot ping each other. Which settings can accomplish this task?
firewall settings
What is one of the most effective security tools available for protecting users from external threats?
firewalls
physical damage to servers, routers, switches, cabling plant, and workstations
hardware threats
What kind of threat is described when a threat actor impersonates another person to obtain credit information about that person?
identity theft
What kind of threat is described when a threat actor makes illegal online purchases using stolen credit information?
identity theft
form of information theft where personal information is stolen for the purpose of taking over the identity of someone
identity theft
What kind of threat is described when a threat actor is stealing the user database of a company?
information theft
What kind of threat is described when a threat actor steals scientific research data?
information theft
breaking into a computer to obtain confidential information
information theft
The threat actor is looking for initial information about a target. Various tools can be used, including Google search, the websites of organizations, whois, and more.
internet queries
reconnaissance attacks
internet queries, ping sweeps, port scans
Which command will block login attempts on RouterA for a period of 30 seconds if there are 2 failed login attempts within 10 seconds?
login block for 30 attempts 2 within 10
poor handling of key electrical components (electrostatic discharge), lack of critical spare parts, poor cabling, and poor labeling
maintenance threats
the threat actor is positioned in between two legitimate entities in order to read or modify the data that passes between the two parties.
man-in-the-middle
For reconnaissance attacks, external threat actors can use internet tools, such as the ___ and ___ utilities, to easily determine the IP address space assigned to a given corporation or entity
nslookup, whois
Brute-force attacks Trojan horse attacks Packet sniffers
password attacks
access attacks
password attacks, trust exploitation, port redirection, man in the middle
a threat actor uses a compromised system as a base for attacks against other targets. The example in the figure shows a threat actor using SSH (port 22) to connect to a compromised host A. Host A is trusted by host B and, therefore, the threat actor can use Telnet (port 23) to access it.
port redirection
What type of attack may involve the use of tools such as nslookup and fping?
reconnaissance attack
discovery and mapping of systems, services, or vulnerabilities
reconnaissance attacks
A network administrator establishes a connection to a switch via SSH. What characteristic uniquely describes the SSH connection?
remote access to a switch where data is encrypted during the session
three primary vulnerabilities
technological, configuration, and security policy
What is the purpose of the network security accounting function?
to keep track of the actions of a user
In the animation, System A trusts System B. System B trusts everyone. The threat actor wants to gain access to System A. Therefore, the threat actor compromises System B first and then can use System B to attack System A.
trust exploitation
What three configuration steps must be performed to implement SSH access to a router? (Choose three.)
unique hostname, ip domain name, user account
Which backup policy consideration is concerned with using strong passwords to protect the backups and for restoring data?
validation
a weakness that makes a target susceptible to an attack
vulnerability
Which malicious code attack is self-contained and tries to exploit a specific vulnerability in a system being attacked?
worm
