Network Security Basics Quiz

Questions and Answers

What is the main purpose of network security?

To monitor network traffic

To secure physical documents

To prevent unauthorized access and attacks on a computer network (correct)

To increase internet speed

What type of attacks involve changing or modifying the content of messages?

Reactive Attacks

Inactive Attacks

Passive Attacks

Active Attacks (correct)

Which aspect of security does a passive attack pose a danger to?

Availability

Confidentiality (correct)

Integrity

Authorization

What is the primary concern in an active attack?

Integrity and availability compromise

Why are security breaches considered expensive?

In terms of business disruption and financial losses

In which type of attack is the victim typically not informed about the attack?

Passive Attacks

What does authenticity refer to in the field of information security?

Verifying the genuineness of documents and data

Which stage of an attack involves an attacker trying to gain root or administrator access?

Gaining Unauthorized Access

Why is it important to verify all parties in a transaction?

To reduce instances of fraud

What is the purpose of network probing in the stages of an attack?

Assessing which systems are alive

Which action reduces instances of fraud by misrepresentation?

Verifying all parties in a transaction

What is the primary aim of an attacker in capturing the network during an attack?

Attacking other systems in the network

How can attackers make it difficult for Security Administrators to determine the source of an attack?

By using poorly secured or incorrectly configured proxy servers

Which technique can be employed to evade detection by an Intrusion Detection System (IDS) that relies on 'pattern matching'?

Changing the data used in the attack slightly

In terms of security control implementation, which category includes policy and procedural controls?

Administrative controls

What type of controls are described as electronic, hardware, and software controls?

Physical controls

If attackers change the data in their attacks to avoid detection, what method are they utilizing?

Pattern matching evasion

Which type of control involves mechanical aspects in security implementation?

Physical controls

What is the primary reason for the increasing popularity of networks that use internet links?

To reduce costs compared to dedicated leased lines

Which of the following best describes the term 'Interception' in the context of information security?

Unauthorized user gaining access to a service

What is the main focus of the CIA Triad in information security?

Confidentiality, Integrity, and Availability

What does the term 'Integrity' mean in the context of the CIA Triad?

Data is protected from unauthorized changes to ensure it is reliable and correct

What type of attack involves the creation of wrong or counterfeit data?

Fabrication

Which component of the CIA Triad ensures that data, objects, and resources are protected from unauthorized viewing and other access?

Confidentiality

What is the primary function of an Intrusion Detection System (IDS)?

To monitor and analyze network activities for potential intrusions

What is the main disadvantage of a Knowledge-Based IDS?

It requires significant resources for database storage

What advantage does a Behaviour-Based IDS have over a Knowledge-Based IDS?

It can detect new kinds of vulnerabilities

What is the primary function of a Network-based intrusion prevention system (NIPS)?

To monitor the entire network for suspicious traffic by analyzing protocol activity

What is the main disadvantage of a Behaviour-Based IDS?

It has a high false alarm rate

What is the primary function of a Wireless intrusion prevention system (WIPS)?

To monitor a wireless network for suspicious traffic by analyzing wireless networking protocols

Study Notes

Network Security

• Network security involves policies and practices to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Types of Attacks

• Active Attacks:
  • Efforts to change or modify message content
  • Danger to integrity and availability
  • System is always damaged and resources can be changed
  • Victim is informed about the attack
• Passive Attacks:
  • Observing or copying message content
  • Danger to confidentiality
  • No harm to the system
  • Victim is not informed about the attack

Importance of Effective Network Security Strategies

• Security breaches can be expensive in terms of business disruption and financial losses
• Importance of availability, authenticity, and confidentiality

Stages of an Attack

• Initial Information Gathering:
  • Gathering information about a company's website, machines, IP addresses, and ranges
• Network Probe:
  • Pinging systems to see which are alive
  • Port scanning to identify unused ports
• Gaining Unauthorized Access:
  • Guessing passwords to gain root or administrator access
• Capturing the Network:
  • Installing hacking tools in the system
• Grabbing/Destroying data:
  • Stealing confidential information and destroying files

Address Spoofing/Proxying

• Using poorly secured or incorrectly configured proxy servers to bounce an attack
• Making it difficult for Security Administrators to determine the source of the attack

Pattern Change Evasion

• Modifying attack data to evade detection by IDS
• IDS relies on pattern matching to detect attacks

Categories that Control the Implementation of Security Control

• Administrative: Policy and procedural controls
• Technical: Electronic, hardware, and software controls
• Physical: Mechanical controls

Important Terminology

• Interruption: Denying service to legitimate users (attack on availability)
• Interception: Unauthorized access to a service (attack on confidentiality)
• Modification: Unauthorized access and tampering of data (attack on integrity)
• Fabrication: Creation of wrong or counterfeit data (attack on authenticity)

The CIA Triad

• Confidentiality: Protecting data from unauthorized viewing and access
• Integrity: Protecting data from unauthorized changes to ensure reliability and correctness
• Availability: Ensuring authorized users have access to systems and resources

Intrusion Detection Systems (IDS)

• Hardware/software that monitors and analyses network activities for unauthorized intrusions
• Reports alerts in real-time for network administrators to take corrective action

IDS Types

• Knowledge-Based IDS:
  • Uses previous knowledge about attacks (signatures stored in databases) to detect and report current attempts of intrusion
  • Advantage: low false alarm rates
  • Disadvantage: requires more resources for database storage
• Behaviour-Based IDS:
  • Monitors user behavior to detect any anomaly (unusual behavior) to identify intrusion
  • Advantage: can detect new kinds of vulnerabilities
  • Disadvantage: high false alarm rate

Description

Test your knowledge on the fundamentals of network security including policies, practices, preventive measures, and types of attacks. Learn about protecting computer networks from unauthorized access and threats.