Communication and Network Security Questions

Questions and Answers

What is the main purpose of using Encapsulating Security Payload (ESP) in network security?

To negotiate and establish connections with other nodes

To determine packet formats for Point-to-Point Protocol (PPP)

To intercept network traffic without authorization

To provide confidentiality, integrity, and authenticity for data in transit (correct)

What is the primary function of Layer 2 Tunneling Protocol (L2TP) in a network environment?

To negotiate and establish connections with other nodes

To disguise the destination address from IP filtering devices

To determine packet formats for Point-to-Point Protocol (PPP)

To facilitate virtual private network (VPN) connections (correct)

In a disaster recovery scenario, what type of drill focuses on testing the activation of backup systems and the restoration of data?

Tabletop drill

Simulation drill

Structured walk-through drill

Full-scale drill (correct)

Which security mechanism is commonly used to restrict the execution of privileged procedures in a system?

Challenge Handshake Authentication Protocol (CHAP)

What role does Port services filtering play in network security at the Network Layer of the OSI model?

Ensuring only authorized processes can communicate over specific ports

If an organization wants to secure its SAN traffic within a TCP/IP environment, which protocol would be most suitable for achieving this goal?

Transport layer protocol

What is the primary purpose of documenting business processes in Business Continuity Planning (BCP)?

Defines who will perform which functions during a disaster or emergency

Which security mechanism is used to implement Discretionary Access Controls (DAC) in Structured Query Language (SQL)?

GRANT and REVOKE

How does File Transfer Protocol (FTP) pose a security limitation in terms of authentication?

Authentication is not encrypted.

In the OSI model, which layer adds information about the logical connection between the sender and receiver?

Transport

What is the network intrusion detection technique that focuses on analyzing anomalies in network traffic?

Behavior-based detection

How does Encapsulating Security Payload (ESP) contribute to securing network traffic?

It encrypts data payloads within IP packets.

Why is it important for programs to write to user directories rather than system resources?

System resources are more accessible than user directories.

In Disaster Recovery (DR) and business continuity training, what is a full-scale simulation of an emergency and the subsequent response functions called?

Functional evacuation of personnel

Why is the confidentiality of traffic protected by allowing storage communications to run on top of Transmission Control Protocol/Internet Protocol (TCP/IP) with a Storage Area Network (SAN)?

Storage devices are protected against availability attacks.

What does the Encapsulating Security Payload (ESP) primarily provide?

Confidentiality and privacy

Why is a system's criticality classification important in large organizations according to the text?

It provides for proper prioritization and scheduling of security and maintenance tasks.

What is the BEST way to ensure that privileged procedures are restricted from execution within a system?

Implement strong access controls and privilege separation mechanisms.

Study Notes

IP Spoofing and Network Security

• The purpose of an IP spoofing attack is to disguise the source IP address to make it appear as if it is coming from a trusted entity, in order to bypass security filters.

OSI Model

• In the OSI model, data at rest on a Storage Area Network (SAN) is located at the Application layer.
• Packet filtering operates at the Network Layer of the OSI model.

TCP/IP and PPP

• In a TCP/IP stack, the Transport layer is responsible for negotiating and establishing a connection with another node.
• The Point-to-Point Protocol (PPP) uses the Link Control Protocol (LCP) to determine packet formats.

Network Security

• An external attacker can compromise an organization's network security perimeter by installing a sniffer onto an inside computer, allowing them to access programs that write to system resources.
• In a system's criticality classification, it provides for proper prioritization and scheduling of security and maintenance tasks.

Storage and Transmission

• By allowing storage communications to run on top of TCP/IP with a Storage Area Network (SAN), the opportunity to sniff network traffic exists.
• The Encapsulating Security Payload (ESP) provides confidentiality of the traffic.

Disaster Recovery and Business Continuity

• A functional drill in Disaster Recovery (DR) and business continuity training is a specific test by response teams of individual emergency response functions.
• In Business Continuity Planning (BCP), documenting business processes is important to provide an understanding of the organization's interdependencies.

Information Protection Policy

• When constructing an Information Protection Policy (IPP), the stated rules should be necessary, adequate, and achievable.

File Transfer Protocol

• A security limitation of File Transfer Protocol (FTP) is that authentication is not encrypted.

Access Controls

• The Structured Query Language (SQL) implements Discretionary Access Controls (DAC) using GRANT and REVOKE.

OSI Model Implementation

• The Transport layer of the OSI model implementation adds information concerning the logical connection between the sender and receiver.

Network Intrusion Detection

• A network intrusion detection technique is to monitor network traffic for signs of unauthorized access or malicious activity.

Description

Test your knowledge of communication and network security with these questions. Learn about Internet Protocol (IP) spoofing attacks and Open System Interconnection (OSI) model levels.