Network Security Concepts Quiz

Questions and Answers

Which network type is NOT explicitly mentioned in the provided text?

• Small Office and Home Office Networks
• Campus Area Networks
• Wide Area Networks
• Metropolitan Area Networks (correct)

Which of the following is primarily associated with 'inside perimeter security' based on the text?

• Security breach alarms
• On-premise security officers
• Fences and gates
• Electronic motion detectors (correct)

Which of the following is considered a 'modern hacking title'?

• Network Engineer
• System Administrator
• Software Developer
• Vulnerability Broker (correct)

What is one of the security measures listed for both inside and outside perimeters?

Continuous video surveillance (C)

Which of the following topics is listed as part of the objective for section 1.2?

Explaining common network attacks (D)

Which of the following best describes a 'threat' in the context of network security?

A potential danger that could exploit a vulnerability. (D)

What is a primary vector for data loss related to physical media?

Removable media devices or hard copies. (B)

What does 'mitigation' refer to in network security?

Action taken to reduce the risk of a potential threat. (C)

Which of the following is NOT listed as a vector for network attacks?

A malicious actor. (D)

Which of the following is most accurate when considering network security?

All types of networks require protection to ensure confidentiality, integrity, and availability. (B)

Which of the following is used to find weaknesses in a system?

Fuzzers (A)

Which tool is used to capture network traffic?

Packet sniffers (B)

Which of the following is a network hacking attack where an attacker intercepts and potentially alters communication between two parties?

Man-in-the-middle (D)

Which type of attack aims to overwhelm a network or system with traffic, making it unavailable to legitimate users?

Denial-of-service (D)

Which of these is a type of malware that disguises itself as a harmless application?

Trojan horse (A)

Which of these is a common classification or function of a Trojan horse?

Remote-access (C)

Which of these is NOT typically considered a tool for network penetration testing?

Encryption software (D)

An attack that involves an attacker secretly listening to network traffic is known as:

Eavesdropping (D)

Which type of Trojan may be designed to redirect internet traffic through the infected computer?

Proxy (C)

Which tool is used to search for software weaknesses, by providing incorrect inputs?

Fuzzer (D)

Email is considered a possible vector for data loss.

True (A)

Network security risks include vulnerabilities, threats, and mitigations.

True (A)

Hard copy documents are not a risk for data loss.

False (B)

Networks do not require any type of protection.

False (B)

Cloud storage devices cannot contribute to data loss.

False (B)

Campus area networks are a type of network mentioned in the document.

True (A)

Electronic motion detectors are part of outside perimeter security.

False (B)

Script Kiddies, Vulnerability Brokers and Hacktivists are all examples of modern hacking titles.

True (A)

Fences and gates are a measure used for inside perimeter security.

False (B)

Describing how to use security cameras is an objective in section 1.2.

False (B)

Password crackers are tools used for penetration testing.

True (A)

Eavesdropping is a network hacking attack that involves modifying data in transit.

False (B)

IP address spoofing is a method of network hacking that involves taking over a session after initial authentication.

False (B)

Denial-of-service attacks do not aim to make system resources unavailable to legitimate users.

False (B)

A 'Man-in-the-middle' attack involves an attacker intercepting communication between two parties.

True (A)

A compromised key is a type of malware that destroys data on a host machine.

False (B)

A sniffer is a tool used for capturing data packets.

True (A)

A virus is a classification of Trojan horse malware.

False (B)

A proxy Trojan horse does not redirect internet traffic.

False (B)

FTP is not a classification for a Trojan horse.

False (B)

Flashcards

Network Threat

A possible danger to a network's security, such as a virus or hacker attack.

Vulnerability

A weakness in a network system that can be exploited by attackers.

Mitigation

Actions taken to reduce the impact of a threat or vulnerability.

Risk

The likelihood of a threat exploiting a vulnerability and the potential impact of that event.

Vectors of Network Attacks

The ways in which attackers can launch attacks against a network, e.g., by email, webmail, or unencrypted devices.

Hackers

Individuals who exploit vulnerabilities in computer systems for malicious purposes, often seeking personal gain or to cause disruption.

Script Kiddie

A type of hacker with basic skills who uses pre-written scripts to exploit vulnerabilities.

Vulnerability Brokers

Individuals or organizations that identify and report security vulnerabilities to software developers or system administrators.

Hacktivists

Hackers motivated by political or social activism, often using cyberattacks to draw attention to a cause.

State-Sponsored Hackers

Hackers employed by governments to conduct cyber espionage or sabotage operations.

Penetration Testing Tools

Software designed to test and exploit security vulnerabilities in systems.

Forensic Tools

Tools that analyze and reconstruct computer incidents to find evidence of malicious activity.

Packet Sniffers

Tools that allow hackers to intercept and manipulate network traffic, including data modification and eavesdropping.

Fuzzers

Tools that exploit vulnerabilities in software or systems by sending unexpected or malformed data.

Rootkits

Software that enables attackers to gain unauthorized access to a system and hide their presence from standard detection methods.

Viruses

A type of malware designed to spread and replicate itself, often causing harm to the infected system.

Trojan Horses

A program disguised as legitimate software that performs malicious actions when executed.

Security Software Disabler

A Trojan Horse category that disables security software, leaving the system vulnerable to other threats.

Remote Access Trojans

A Trojan Horse category that allows attackers to remotely control the infected system, often for surveillance or data theft.

Data-Sending Trojans

A Trojan Horse category that collects sensitive information from the infected system and sends it to the attacker.

Current State of Network Security

The current state of affairs in network security, highlighting that networks are increasingly vulnerable to attacks and the need for robust security measures is critical.

Vulnerabilities

These are weaknesses in a network's security that attackers can exploit to gain access or cause damage. They represent potential entry points for threats.

Network Hacking Attacks

Techniques used by hackers to steal or interfere with network traffic. This includes eavesdropping, data modification, and man-in-the-middle attacks.

Denial-of-Service Attack

Types of attacks that aim to overwhelm a system or network with excessive traffic, making it unavailable to legitimate users.

Man-in-the-Middle Attack

A network hacking technique where an attacker intercepts communications between two parties, pretending to be one of them to gain access to sensitive information.

Sniffers (Network Capture Tools)

A category of hacking tools that capture network traffic to analyze and potentially steal data. This can be used for eavesdropping, data modification, and network analysis.

Study Notes

Modern Network Security Threats

• Chapter Outline:
  • Introduction to Modern Networks
  • Securing Networks
  • Network Threats
  • Mitigating Threats
  • Summary

Securing Networks

• Learning Objectives:
  • Describe the current network security landscape
  • Explain why all network types require protection

Current State of Affairs

• Networks are targets for various attacks

Networks Are Targets

• Examples of attack origins and targets are displayed on a world map, highlighting countries like China, the United States, Russia, and others as both attack origins and targets. Specific attacks and targets are noted (e.g., service, port).

Drivers for Network Security

• Common Network Security Terms:
  • Threat
  • Vulnerability
  • Mitigation
  • Risk

Vectors of Network Attacks

• External threats originate from the internet.
• Internal threats originate from within the network.
• A compromised host is vulnerable to both internal and external threats.

Data Loss

• Vectors of Data Loss:
  • Email/Webmail
  • Unencrypted Devices
  • Cloud Storage Devices
  • Removable Media
  • Hard Copy
  • Improper Access Control

Network Topology Overview

• Different types of networks exist, including Campus Area Networks, Small Office and Home Office Networks, Wide Area Networks, and Data Center Networks.

Campus Area Networks

• Include AAA servers, firewalls, switches, and various servers like DHCP and web servers.

Small Office and Home Office Networks

• Typically use a wireless router, layer 2 switch, and clients

Wide Area Networks

• Connect multiple locations, including branch sites, regional sites, SOHO sites, and mobile workers to a central corporate network

Data Center Networks

• Outside Perimeter: Features such as security officers, fences, gates, video surveillance, and alarm systems.
• Inside Perimeter: Includes sensors, traps, continuous video surveillance, and biometric access/exit systems.

Network Threats

• Learning Objectives:
  • Describe the evolution of network security
  • Describe the various types of attack tools used by hackers
  • Describe malware
  • Describe common network attacks

Who is Hacking Our Networks?

• Modern Hacking Titles:
  • Script Kiddies
  • Vulnerability Brokers
  • Hacktivists
  • Cyber Criminals
  • State-Sponsored Hackers

Hacker Tools

• Attack tools have become more sophisticated and require more technical knowledge

Evolution of Security Tools

• Penetration testing tools (password crackers, wireless hacking, packet crafting, packet sniffers)
• Forensic tools (debuggers, hacking operating systems)
• Security tools (encryption, vulnerability exploitation, rootkit detectors, vulnerability scanners, fuzzers)

Categories of Attack Tools

• Network Hacking Attacks:
  • Eavesdropping
  • Data Modification
  • IP Address Spoofing
  • Denial-of-Service
  • Man-in-the-Middle
  • Compromised-key
  • Sniffer

Malware

• Various Types of Malware:
  • Virus
  • Worm
  • Trojan Horse

Viruses

• Malicious software that execute specific actions on a computer

Trojan Horse Classification

• Security software disabler
• Remote access
• Data-sending
• Destructive
• Proxy
• FTP
• DoS

Worms

• A self-replicating type of malware that copies itself across a network. Examples given include the Code Red worm

Worm Components

• Enabling vulnerability
• Propagation mechanism
• Payload

Other Malware

• Ransomware
• Spyware
• Adware
• Scareware
• Phishing
• Rootkits

Common Network Attacks

• Types of Network Attacks:
  • Reconnaissance Attacks
  • Access Attacks
  • Social Engineering Attacks
  • Denial-of-Service Attacks
  • DDoS Attacks

Reconnaissance Attacks

• Initial query of a target
• Ping sweep of the target network
• Port scan of active IP addresses
• Vulnerability Scanners
• Exploitation tools

Access Attacks

• Reasons why hackers use access attacks: to retrieve data, to access, to escalate access privileges
• Examples of access attacks: password attacks, port redirection, man-in-the-middle attacks, buffer overflows, IP, MAC, DHCP spoofing

Social Engineering Attacks

• Pretexting
• Phishing
• Spearphishing
• Spam
• Tailgating
• Something for Something

Denial-of-Service Attacks

• Goal is to disrupt services by overwhelming a target with traffic requests

DDoS Attacks

• Uses a network of infected computers (botnet) to attack a target
• Compromised computers (zombies) are controlled by handler systems
• Zombies scan and infect additional targets
• Handler system activates the attack