Network Security Basics Quiz

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

What is the main purpose of network security?

  • To monitor network traffic
  • To secure physical documents
  • To prevent unauthorized access and attacks on a computer network (correct)
  • To increase internet speed

What type of attacks involve changing or modifying the content of messages?

  • Reactive Attacks
  • Inactive Attacks
  • Passive Attacks
  • Active Attacks (correct)

Which aspect of security does a passive attack pose a danger to?

  • Availability
  • Confidentiality (correct)
  • Integrity
  • Authorization

What is the primary concern in an active attack?

<p>Integrity and availability compromise (D)</p> Signup and view all the answers

Why are security breaches considered expensive?

<p>In terms of business disruption and financial losses (A)</p> Signup and view all the answers

In which type of attack is the victim typically not informed about the attack?

<p>Passive Attacks (B)</p> Signup and view all the answers

What does authenticity refer to in the field of information security?

<p>Verifying the genuineness of documents and data (C)</p> Signup and view all the answers

Which stage of an attack involves an attacker trying to gain root or administrator access?

<p>Gaining Unauthorized Access (A)</p> Signup and view all the answers

Why is it important to verify all parties in a transaction?

<p>To reduce instances of fraud (B)</p> Signup and view all the answers

What is the purpose of network probing in the stages of an attack?

<p>Assessing which systems are alive (B)</p> Signup and view all the answers

Which action reduces instances of fraud by misrepresentation?

<p>Verifying all parties in a transaction (A)</p> Signup and view all the answers

What is the primary aim of an attacker in capturing the network during an attack?

<p>Attacking other systems in the network (B)</p> Signup and view all the answers

How can attackers make it difficult for Security Administrators to determine the source of an attack?

<p>By using poorly secured or incorrectly configured proxy servers (A)</p> Signup and view all the answers

Which technique can be employed to evade detection by an Intrusion Detection System (IDS) that relies on 'pattern matching'?

<p>Changing the data used in the attack slightly (B)</p> Signup and view all the answers

In terms of security control implementation, which category includes policy and procedural controls?

<p>Administrative controls (C)</p> Signup and view all the answers

What type of controls are described as electronic, hardware, and software controls?

<p>Physical controls (A)</p> Signup and view all the answers

If attackers change the data in their attacks to avoid detection, what method are they utilizing?

<p>Pattern matching evasion (C)</p> Signup and view all the answers

Which type of control involves mechanical aspects in security implementation?

<p>Physical controls (A)</p> Signup and view all the answers

What is the primary reason for the increasing popularity of networks that use internet links?

<p>To reduce costs compared to dedicated leased lines (A)</p> Signup and view all the answers

Which of the following best describes the term 'Interception' in the context of information security?

<p>Unauthorized user gaining access to a service (C)</p> Signup and view all the answers

What is the main focus of the CIA Triad in information security?

<p>Confidentiality, Integrity, and Availability (D)</p> Signup and view all the answers

What does the term 'Integrity' mean in the context of the CIA Triad?

<p>Data is protected from unauthorized changes to ensure it is reliable and correct (B)</p> Signup and view all the answers

What type of attack involves the creation of wrong or counterfeit data?

<p>Fabrication (A)</p> Signup and view all the answers

Which component of the CIA Triad ensures that data, objects, and resources are protected from unauthorized viewing and other access?

<p>Confidentiality (D)</p> Signup and view all the answers

What is the primary function of an Intrusion Detection System (IDS)?

<p>To monitor and analyze network activities for potential intrusions (C)</p> Signup and view all the answers

What is the main disadvantage of a Knowledge-Based IDS?

<p>It requires significant resources for database storage (D)</p> Signup and view all the answers

What advantage does a Behaviour-Based IDS have over a Knowledge-Based IDS?

<p>It can detect new kinds of vulnerabilities (B)</p> Signup and view all the answers

What is the primary function of a Network-based intrusion prevention system (NIPS)?

<p>To monitor the entire network for suspicious traffic by analyzing protocol activity (B)</p> Signup and view all the answers

What is the main disadvantage of a Behaviour-Based IDS?

<p>It has a high false alarm rate (B)</p> Signup and view all the answers

What is the primary function of a Wireless intrusion prevention system (WIPS)?

<p>To monitor a wireless network for suspicious traffic by analyzing wireless networking protocols (A)</p> Signup and view all the answers

Flashcards are hidden until you start studying

Study Notes

Network Security

  • Network security involves policies and practices to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Types of Attacks

  • Active Attacks:
    • Efforts to change or modify message content
    • Danger to integrity and availability
    • System is always damaged and resources can be changed
    • Victim is informed about the attack
  • Passive Attacks:
    • Observing or copying message content
    • Danger to confidentiality
    • No harm to the system
    • Victim is not informed about the attack

Importance of Effective Network Security Strategies

  • Security breaches can be expensive in terms of business disruption and financial losses
  • Importance of availability, authenticity, and confidentiality

Stages of an Attack

  • Initial Information Gathering:
    • Gathering information about a company's website, machines, IP addresses, and ranges
  • Network Probe:
    • Pinging systems to see which are alive
    • Port scanning to identify unused ports
  • Gaining Unauthorized Access:
    • Guessing passwords to gain root or administrator access
  • Capturing the Network:
    • Installing hacking tools in the system
  • Grabbing/Destroying data:
    • Stealing confidential information and destroying files

Address Spoofing/Proxying

  • Using poorly secured or incorrectly configured proxy servers to bounce an attack
  • Making it difficult for Security Administrators to determine the source of the attack

Pattern Change Evasion

  • Modifying attack data to evade detection by IDS
  • IDS relies on pattern matching to detect attacks

Categories that Control the Implementation of Security Control

  • Administrative: Policy and procedural controls
  • Technical: Electronic, hardware, and software controls
  • Physical: Mechanical controls

Important Terminology

  • Interruption: Denying service to legitimate users (attack on availability)
  • Interception: Unauthorized access to a service (attack on confidentiality)
  • Modification: Unauthorized access and tampering of data (attack on integrity)
  • Fabrication: Creation of wrong or counterfeit data (attack on authenticity)

The CIA Triad

  • Confidentiality: Protecting data from unauthorized viewing and access
  • Integrity: Protecting data from unauthorized changes to ensure reliability and correctness
  • Availability: Ensuring authorized users have access to systems and resources

Intrusion Detection Systems (IDS)

  • Hardware/software that monitors and analyses network activities for unauthorized intrusions
  • Reports alerts in real-time for network administrators to take corrective action

IDS Types

  • Knowledge-Based IDS:
    • Uses previous knowledge about attacks (signatures stored in databases) to detect and report current attempts of intrusion
    • Advantage: low false alarm rates
    • Disadvantage: requires more resources for database storage
  • Behaviour-Based IDS:
    • Monitors user behavior to detect any anomaly (unusual behavior) to identify intrusion
    • Advantage: can detect new kinds of vulnerabilities
    • Disadvantage: high false alarm rate

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team
Use Quizgecko on...
Browser
Browser