CIS102B Network Fundamentals Security in Network Design
What characteristic of ARP makes it vulnerable to DoS attacks?
ARP performs no authentication.
What is the shared responsibility model in cloud security?
Cloud security is partially the responsibility of the cloud provider and partially the responsibility of the user.
What is firmware corruption?
Corruption of the software that is embedded in a device.
What can log evaluation systems do?
Evaluate all data logs for analysis.
Active Directory and 389 Directory Server are both compatible with which directory access protocol?
LDAP
At what layer of the OSI model do proxy servers operate?
Layer 7
What firewall placement approach offers performance and failover benefits?
Load-balanced
What does MFA stand for?
MFA stands for multifactor authentication
What is malware?
Malicious software designed to harm or exploit a computer system.
What type of port does a NIDS connect to capture network traffic?
SPAN
What does SSO stand for?
SSO stands for single sign-on
What is SIEM?
Security Information and Event Management
Which principle ensures auditing processes are managed by someone other than the employees whose activities are being audited?
Separation of duties
What does SoD stand for?
Separation of duties.
What model is utilized in cloud security where security is divided between the customer and the provider?
Shared Responsibility
What information in a transmitted message might an IDS use to identify network threats?
Signature
What is encryption?
The process of converting data into a form that cannot be easily understood by unauthorized individuals.
What is a vulnerability assessment?
The process of identifying and assessing vulnerabilities in a system or network.
Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?
access-list acl_2 permit https any any
What is Kerberos?
A cross-platform authentication protocol that uses key encryption to verify client identity and securely exchange information
What is separation of duties?
A division of labor that prevents one person from compromising data security.
What is a security policy?
A document that outlines an organization's security rules and procedures.
What is a defective firewall?
A firewall that is not functioning properly.
What is single sign-on?
A form of authentication where a client signs on once to access multiple systems or resources
What is a firewall?
A network security device that monitors and controls incoming and outgoing network traffic.
Which access control technique detects an intruder who accesses a network?
Accounting
Which device would allow an attacker to make network clients use an illegitimate default gateway?
DHCP server
Which policy ensures messages are discarded when they don't match a specific firewall rule?
Implicit deny
What device can be used to increase network performance by caching websites?
Proxy server
Which features are integrated into CoPP?
QoS and ACLs
Which defense addresses a weakness of IPv6?
RA guard
What authentication protocol is optimized for wireless clients?
RADIUS
Which authentication protocol is optimized for wireless clients?
RADIUS
Which authorization method allows access to email but not accounting?
RBAC
What does TACACS+ stand for?
TACACS+ stands for Terminal Access Controller Access Control System Plus
What ACL rule will prevent pings from a host at 192.168.2.100?
access-list acl_2 deny icmp host 192.168.2.100 any
What are network-based firewalls also called?
b. hardware
What acts as an intermediary between internal and external networks accessing Internet resources on behalf of a client while protecting IP addresses from disclosure?
d. Proxy Server
Any traffic that is not explicitly permitted in the ACL is __, which is called the ____.
denied, implicit deny rule
What is a penetration test?
A simulated attack on a system or network to identify vulnerabilities.
Which of the following is not one of the AAA services provided by RADIUS and TACACS+?
Administration
What tool is built-in to Windows to view network security 'Accounting' logs?
Event Viewer
What monitors and reports suspicious activity while the other can actively react to suspicious activity?
IDS, IPS
Which security device relies on a TAP or port mirroring?
NIDS
What is NIPS?
Network-based intrusion prevention system.
Who is responsible for the security of hardware on which a public cloud runs?
The cloud provider
What does a client present to a network server to access a resource?
Ticket
What type of firewall can inspect a packet and address a threat and filter out not just that packet but the entire connection or session of packets?
c. stateful
What can protect against rogue DHCP servers?
d. DHCP Snooping
What is the utility in Windows that controls user access and system usage?
gpedit.msc (Group Policy).
Which firewall type can protect a home network from adult content?
Application layer firewall
What does AAA stand for in network access control?
Authentication, authorization, and accounting.
What are the three major elements of access control to network resources?
Authorization, Accounting, Authentication
What is the process that determines user access to network resources?
Authorization.
What is the term for a packet whose characteristics match a firewall access or deny rule?
b. explicit
Which of the following criteria can a packet-filtering firewall not use to determine whether to accept or deny traffic?
Application data
What causes MOST firewall failures?
Firewall misconfiguration
What is the most popular authorization method?
Role-based access control (RBAC).
What does RBAC stand for?
Role-based access control.
What is a large source of router troubles?
b. misconfigured ACLs
What can a router's Access Control List filter network traffic based on?
c. Destination web page
What is TACACS+?
A system that offers network administrators the option of separating authentication, authorization, and auditing capabilities
What is a VPN?
A virtual private network that provides secure remote access to a private network.
What is MFA?
An authentication process that requires two or more pieces of information
What is a security incident?
An event that violates an organization's security policies.
What is port mirroring?
An intrusion prevention system that prevents traffic from reaching a network or host.
What is the difference between an IPS and a HIPS?
IPS protects entire networks, while HIPS protects a specific host.
What does SIEM stand for?
SIEM stands for Security Information Event Management