10 Questions
What is the primary function of a network-based firewall?
To block unauthorized access to or from the network
What type of encryption uses the same key for encryption and decryption?
Symmetric encryption
What is the purpose of access control in computer systems?
To control and limit access to computer resources
What is the primary goal of a vulnerability assessment?
To identify, classify, and prioritize vulnerabilities
What type of firewall is installed on a local computer to control incoming and outgoing network traffic?
Host-based firewall
What is the purpose of asymmetric encryption?
To provide digital signatures and authentication
What is the process of controlling and limiting access to computer resources based on user identity, role, or permissions?
Access control
What is the primary goal of incident response?
To detect and respond to security incidents
What type of vulnerability assessment is used to identify vulnerabilities in a specific application?
Application-based vulnerability assessment
What is the purpose of logging and auditing in access control?
To track and monitor user activity
Study Notes
Digital Security
Firewalls
- A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules
- Acts as a barrier between a trusted network and an untrusted network (e.g., the internet)
- Types:
- Network-based firewalls (e.g., Cisco ASA)
- Host-based firewalls (e.g., Windows Defender Firewall)
- Functions:
- Blocks unauthorized access to or from the network
- Hides internal IP addresses and network segments from the outside world
- Logs and alerts on suspicious traffic
Encryption
- The process of converting plaintext data into unreadable ciphertext to protect it from unauthorized access
- Types:
- Symmetric encryption (e.g., AES): uses the same key for encryption and decryption
- Asymmetric encryption (e.g., RSA): uses a public key for encryption and a private key for decryption
- Uses:
- Secure online transactions (HTTPS)
- Protecting data at rest (e.g., encrypted hard drives) and in transit (e.g., encrypted emails)
- Digital signatures and authentication
Access Control
- The process of controlling and limiting access to computer resources based on user identity, role, or permissions
- Types:
- Mandatory Access Control (MAC): access is controlled by the operating system
- Discretionary Access Control (DAC): access is controlled by the owner of the resource
- Role-Based Access Control (RBAC): access is controlled based on user roles
- Components:
- Authentication (e.g., username/password, biometrics)
- Authorization (e.g., access control lists, permissions)
- Accounting (e.g., logging and auditing)
Vulnerability Assessment
- The process of identifying, classifying, and prioritizing vulnerabilities in computer systems or networks
- Types:
- Network-based vulnerability assessment (e.g., Nessus)
- Host-based vulnerability assessment (e.g., OpenVAS)
- Application-based vulnerability assessment (e.g., OWASP ZAP)
- Steps:
- Information gathering (e.g., network scanning, system profiling)
- Vulnerability identification (e.g., using vulnerability scanners, exploit databases)
- Risk assessment and prioritization (e.g., CVSS scoring)
Incident Response
- The process of responding to and managing security incidents (e.g., data breaches, malware outbreaks) to minimize damage and restore normal operations
- Steps:
- Preparation (e.g., incident response plan, training)
- Identification (e.g., monitoring, detection, reporting)
- Containment (e.g., isolating affected systems, shutting down services)
- Eradication (e.g., removing malware, patching vulnerabilities)
- Recovery (e.g., restoring systems, data, and services)
- Post-incident activities (e.g., lessons learned, incident report)
Digital Security
Firewalls
- Monitors and controls incoming and outgoing network traffic based on predetermined security rules
- Acts as a barrier between a trusted network and an untrusted network (e.g., the internet)
- Types of firewalls:
- Network-based firewalls (e.g., Cisco ASA) - monitors and controls traffic between networks
- Host-based firewalls (e.g., Windows Defender Firewall) - monitors and controls traffic on a single host or device
- Firewalls perform three key functions:
- Block unauthorized access to or from the network
- Hide internal IP addresses and network segments from the outside world
- Log and alert on suspicious traffic
Encryption
- The process of converting plaintext data into unreadable ciphertext to protect it from unauthorized access
- Types of encryption:
- Symmetric encryption (e.g., AES) - uses the same key for encryption and decryption
- Asymmetric encryption (e.g., RSA) - uses a public key for encryption and a private key for decryption
- Uses of encryption:
- Secure online transactions (HTTPS)
- Protecting data at rest (e.g., encrypted hard drives) and in transit (e.g., encrypted emails)
- Digital signatures and authentication
Access Control
- The process of controlling and limiting access to computer resources based on user identity, role, or permissions
- Types of access control:
- Mandatory Access Control (MAC) - access is controlled by the operating system
- Discretionary Access Control (DAC) - access is controlled by the owner of the resource
- Role-Based Access Control (RBAC) - access is controlled based on user roles
- Components of access control:
- Authentication (e.g., username/password, biometrics)
- Authorization (e.g., access control lists, permissions)
- Accounting (e.g., logging and auditing)
Vulnerability Assessment
- The process of identifying, classifying, and prioritizing vulnerabilities in computer systems or networks
- Types of vulnerability assessment:
- Network-based vulnerability assessment (e.g., Nessus) - scans networks for vulnerabilities
- Host-based vulnerability assessment (e.g., OpenVAS) - scans individual hosts or devices for vulnerabilities
- Application-based vulnerability assessment (e.g., OWASP ZAP) - scans applications for vulnerabilities
- Steps in vulnerability assessment:
- Information gathering (e.g., network scanning, system profiling)
- Vulnerability identification (e.g., using vulnerability scanners, exploit databases)
- Risk assessment and prioritization (e.g., CVSS scoring)
Incident Response
- The process of responding to and managing security incidents (e.g., data breaches, malware outbreaks) to minimize damage and restore normal operations
- Steps in incident response:
- Preparation (e.g., incident response plan, training)
- Identification (e.g., monitoring, detection, reporting)
- Containment (e.g., isolating affected systems, shutting down services)
- Eradication (e.g., removing malware, patching vulnerabilities)
- Recovery (e.g., restoring systems, data, and services)
- Post-incident activities (e.g., lessons learned, incident report)
Learn about firewalls, a crucial network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free