Network Security Basics Quiz

Questions and Answers

What is the main purpose of network security?

• To monitor network traffic
• To secure physical documents
• To prevent unauthorized access and attacks on a computer network (correct)
• To increase internet speed

What type of attacks involve changing or modifying the content of messages?

• Reactive Attacks
• Inactive Attacks
• Passive Attacks
• Active Attacks (correct)

Which aspect of security does a passive attack pose a danger to?

• Availability
• Confidentiality (correct)
• Integrity
• Authorization

What is the primary concern in an active attack?

Integrity and availability compromise (D)

Why are security breaches considered expensive?

In terms of business disruption and financial losses (A)

In which type of attack is the victim typically not informed about the attack?

Passive Attacks (B)

What does authenticity refer to in the field of information security?

Verifying the genuineness of documents and data (C)

Which stage of an attack involves an attacker trying to gain root or administrator access?

Gaining Unauthorized Access (A)

Why is it important to verify all parties in a transaction?

To reduce instances of fraud (B)

What is the purpose of network probing in the stages of an attack?

Assessing which systems are alive (B)

Which action reduces instances of fraud by misrepresentation?

Verifying all parties in a transaction (A)

What is the primary aim of an attacker in capturing the network during an attack?

Attacking other systems in the network (B)

How can attackers make it difficult for Security Administrators to determine the source of an attack?

By using poorly secured or incorrectly configured proxy servers (A)

Which technique can be employed to evade detection by an Intrusion Detection System (IDS) that relies on 'pattern matching'?

Changing the data used in the attack slightly (B)

In terms of security control implementation, which category includes policy and procedural controls?

Administrative controls (C)

What type of controls are described as electronic, hardware, and software controls?

Physical controls (A)

If attackers change the data in their attacks to avoid detection, what method are they utilizing?

Pattern matching evasion (C)

Which type of control involves mechanical aspects in security implementation?

Physical controls (A)

What is the primary reason for the increasing popularity of networks that use internet links?

To reduce costs compared to dedicated leased lines (A)

Which of the following best describes the term 'Interception' in the context of information security?

Unauthorized user gaining access to a service (C)

What is the main focus of the CIA Triad in information security?

Confidentiality, Integrity, and Availability (D)

What does the term 'Integrity' mean in the context of the CIA Triad?

Data is protected from unauthorized changes to ensure it is reliable and correct (B)

What type of attack involves the creation of wrong or counterfeit data?

Fabrication (A)

Which component of the CIA Triad ensures that data, objects, and resources are protected from unauthorized viewing and other access?

Confidentiality (D)

What is the primary function of an Intrusion Detection System (IDS)?

To monitor and analyze network activities for potential intrusions (C)

What is the main disadvantage of a Knowledge-Based IDS?

It requires significant resources for database storage (D)

What advantage does a Behaviour-Based IDS have over a Knowledge-Based IDS?

It can detect new kinds of vulnerabilities (B)

What is the primary function of a Network-based intrusion prevention system (NIPS)?

To monitor the entire network for suspicious traffic by analyzing protocol activity (B)

What is the main disadvantage of a Behaviour-Based IDS?

It has a high false alarm rate (B)

What is the primary function of a Wireless intrusion prevention system (WIPS)?

To monitor a wireless network for suspicious traffic by analyzing wireless networking protocols (A)

Flashcards are hidden until you start studying

Study Notes

Network Security

• Network security involves policies and practices to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Types of Attacks

• Active Attacks:
  • Efforts to change or modify message content
  • Danger to integrity and availability
  • System is always damaged and resources can be changed
  • Victim is informed about the attack
• Passive Attacks:
  • Observing or copying message content
  • Danger to confidentiality
  • No harm to the system
  • Victim is not informed about the attack

Importance of Effective Network Security Strategies

• Security breaches can be expensive in terms of business disruption and financial losses
• Importance of availability, authenticity, and confidentiality

Stages of an Attack

• Initial Information Gathering:
  • Gathering information about a company's website, machines, IP addresses, and ranges
• Network Probe:
  • Pinging systems to see which are alive
  • Port scanning to identify unused ports
• Gaining Unauthorized Access:
  • Guessing passwords to gain root or administrator access
• Capturing the Network:
  • Installing hacking tools in the system
• Grabbing/Destroying data:
  • Stealing confidential information and destroying files

Address Spoofing/Proxying

• Using poorly secured or incorrectly configured proxy servers to bounce an attack
• Making it difficult for Security Administrators to determine the source of the attack

Pattern Change Evasion

• Modifying attack data to evade detection by IDS
• IDS relies on pattern matching to detect attacks

Categories that Control the Implementation of Security Control

• Administrative: Policy and procedural controls
• Technical: Electronic, hardware, and software controls
• Physical: Mechanical controls

Important Terminology

• Interruption: Denying service to legitimate users (attack on availability)
• Interception: Unauthorized access to a service (attack on confidentiality)
• Modification: Unauthorized access and tampering of data (attack on integrity)
• Fabrication: Creation of wrong or counterfeit data (attack on authenticity)

The CIA Triad

• Confidentiality: Protecting data from unauthorized viewing and access
• Integrity: Protecting data from unauthorized changes to ensure reliability and correctness
• Availability: Ensuring authorized users have access to systems and resources

Intrusion Detection Systems (IDS)

• Hardware/software that monitors and analyses network activities for unauthorized intrusions
• Reports alerts in real-time for network administrators to take corrective action

IDS Types

• Knowledge-Based IDS:
  • Uses previous knowledge about attacks (signatures stored in databases) to detect and report current attempts of intrusion
  • Advantage: low false alarm rates
  • Disadvantage: requires more resources for database storage
• Behaviour-Based IDS:
  • Monitors user behavior to detect any anomaly (unusual behavior) to identify intrusion
  • Advantage: can detect new kinds of vulnerabilities
  • Disadvantage: high false alarm rate