Network Security Exam Review

Questions and Answers

What is the primary goal of network security?

• To increase network speed
• To protect the integrity, confidentiality, and accessibility of computer networks (correct)
• To enhance network connectivity for devices
• To allow unrestricted access for all users

Which of the following is NOT a reason why network security is important?

• Preventing unauthorized access
• Protecting data integrity
• Ensuring business continuity
• Enhancing file storage capacity (correct)

What kind of threats can network security help mitigate?

• Cyberattacks such as DDoS attacks (correct)
• Natural disasters
• Performance monitoring issues
• Software installation challenges

Which statement best describes a cyber attack?

An intentional act to gain unauthorized access or cause damage (A)

How does network security assist organizations in complying with regulations?

By implementing data protection measures (B)

Which of the following is a type of malware?

Virus (D)

What is one of the main consequences of failing to secure a network?

Increased vulnerability to cyber threats (C)

What does the acronym GDPR stand for?

General Data Protection Regulation (D)

What is a primary method by which a drive-by download infects a system?

By exploiting security flaws in systems (A)

What characterizes a DNS attack?

It targets vulnerabilities in the domain name system (D)

Which of the following is a common source of misconfiguration exploits?

Insecure default settings (D)

What challenge does the rapid evolution of the cyber threat landscape present?

It requires businesses to frequently update and enhance defenses (A)

How does a Bring Your Own Device (BYOD) policy complicate network security?

It increases the attack surface significantly (B)

Which of the following is NOT a reason for vulnerabilities resulting from misconfiguration?

Timely updates to system configurations (D)

What is the impact of insufficiently securing communications between clients and DNS servers?

It exposes networks to DNS attacks (A)

Why is building a unified security strategy for all network users challenging?

Different users require different security measures (A)

What is the primary goal of ransomware?

To encrypt files and demand a ransom for access (A)

Which of the following best describes phishing?

A fraud where a perpetrator impersonates a reputable entity (D)

What is a bot primarily designed to do?

Automate web requests to perform various tasks (A)

What is a defining characteristic of a DDoS attack?

It employs multiple compromised systems to deny service (A)

What distinguishes an Advanced Persistent Threat (APT) from other attacks?

APTs are targeted and prolonged, remaining undetected for long periods (B)

What does a drive-by download typically involve?

The automatic downloading of malicious code without user intervention (A)

Which of the following is NOT an objective of using malware?

Encrypting files for data safety (A)

What might be a consequence of a bot attack?

Manipulation of web applications and denial of service (D)

Flashcards

What is network security?

It's a way of protecting the integrity, confidentiality, and accessibility of computer networks. It uses various technologies, processes, and devices to create a secure environment.

Why is network security important?

It safeguards against unauthorized access, maintains data integrity, ensures business continuity, and complies with regulations.

What is a cyber attack?

A cyber attack is a set of actions by threat actors aiming to gain unauthorized access, steal data, or cause damage to computer systems.

How do cyber attacks happen?

Cyber attackers can use various tactics, techniques, and procedures (TTPs) to launch attacks. They might target a system, steal data, or spread malware.

How does network security prevent unauthorized access?

Network security protocols limit access to critical systems and data, ensuring only legitimate users can enter.

How does network security protect data integrity?

Network security measures prevent data tampering and ensure the accuracy and reliability of data.

How does network security ensure business continuity?

Effective network security strategies help mitigate risks, keeping services and operations running smoothly.

How does network security facilitate compliance with regulations?

Network security helps organizations comply with standards like GDPR, HIPAA, and PCI-DSS, preventing legal issues and maintaining customer trust.

What is ransomware?

Ransomware is a type of malware that encrypts a victim's files and demands payment (ransom) for their decryption.

What is spyware?

Spyware is malicious software that covertly monitors a victim's computer activity, stealing sensitive data like passwords, financial details, and browsing history.

What is a Trojan horse?

A Trojan horse is a type of malware disguised as legitimate software. It can be used to steal data, control a system, or install other malware.

What is phishing?

Phishing is a type of social engineering attack where attackers impersonate trusted entities (like banks or websites) to trick victims into revealing sensitive information.

What is a bot?

A bot is a program that automates tasks on the internet, often used for spamming, scraping websites, or launching attacks.

What is a DDoS attack?

A DDoS (Distributed Denial of Service) attack uses multiple compromised systems to overwhelm a target server with traffic, effectively preventing legitimate users from accessing it.

What is an APT (Advanced Persistent Threat)?

An APT is a sophisticated and targeted attack where intruders gain unauthorized access to a network and stay undetected for a long time, often aiming to steal data.

What is a drive-by download?

A drive-by download is a malicious code that gets installed on a computer without the user's knowledge, often by visiting a compromised website.

Drive-by Download

A type of attack where malware is automatically downloaded onto a user's device without their knowledge or consent. This happens when a system's vulnerabilities are exploited, often due to outdated software or unpatched security flaws.

DNS Attack

A cyberattack that targets the Domain Name System (DNS) to redirect users to fake websites or steal sensitive information. Attackers might exploit vulnerabilities in DNS protocols or manipulate DNS records.

Misconfiguration Exploits

An attack that exploits vulnerabilities created by misconfigured network systems, applications, or devices. These vulnerabilities can arise due to default settings, lack of updates, or human error.

Rapidly Evolving Threat Landscape

The ongoing and fast-paced development of new cyber threats and attack techniques. This requires constant vigilance and adaptation of security measures.

Bigger Attack Surface

An increased number of potential entry points for attackers due to expanding networks, devices, and applications. This makes security more challenging.

Bring Your Own Device (BYOD)

A policy where employees can use their personal devices for work, which increases security risks due to a larger number of devices needing protection.

What are the challenges of network security?

Maintaining robust network security is challenging due to the rapid evolution of threats, the increasing attack surface, and the complexities introduced by remote work and Bring Your Own Device (BYOD) policies.

Study Notes

Course Information

• Course Title: Network Security
• Course Code: ITNETW1
• Exam Dates: December 2nd, 4th, 9th, 11th, and 12th, 2024

Exam Details

• Exam Type: Pen and Paper
• Topics: IP Addresses and Subnets, Network Simulation, and Network Security

Guide Questions

• What is Network Security?
• Why do we need to secure the network?
• What makes a secured network?

Network Security Definition

• Network security uses technologies, processes, and devices to protect the integrity, confidentiality, and accessibility of computer networks.
• Important for organizations of all sizes to protect against evolving cyber threats.

Cyber Attack Definition

• A cyber attack is a set of actions performed by threat actors.
• These actors aim to gain unauthorized access, steal data, or cause damage to computer networks or systems.
• Attacks can be launched from any location and involve individuals or groups utilizing multiple tactics, techniques, and procedures (TTPs).

Importance of Network Security

• Preventing Unauthorized Access: Security protocols ensure only authorized users can access critical systems and data.
• Protecting Data Integrity: Security measures prevent data tampering, ensuring data accuracy and reliability. This is crucial for sensitive info like financial data, personal records, and intellectual property.
• Ensuring Business Continuity: Effective network security strategies help mitigate risks from cyberattacks like DDoS attacks, ensuring the continued operation of services and maintaining availability.
• Compliance with Regulations: Many industries require strict data protection measures. Network security helps organizations comply with standards like GDPR, HIPAA, and PCI-DSS; avoiding penalties and maintaining customer trust.

Network Security Threats and Attacks

• Malware: Programs designed to attack information systems. Various types include ransomware (encrypts files), spyware (spies on victims), and Trojans (infiltrate systems).
• Phishing: A type of fraud where threat actors impersonate reputable entities (e.g., via email) to spread malicious attachments or links and extract account info or login credentials.
• Bots: Small programs that automate web requests with various malicious goals, disrupting applications, websites, end-users, or APIs.
• DDoS Attacks: Employ multiple compromised systems to flood a target with messages or requests, causing a denial of service and disrupting operations. DDoS attacks target websites, servers, and other network resources.
• Advanced Persistent Threats (APTs): Targeted and prolonged attacks involving unauthorized access to a network. Threat actors typically aim to steal data rather than cause immediate damage. They remain undetected for extended periods.
• Drive-by Downloads: Unintentional download of malicious code to a device (computer or mobile) exposing the user to a cyberattack; not requiring user interaction to enact the malicious code.
• DNS Attacks: Exploiting vulnerabilities in the domain name system; aiming to disrupt systems or cause issues. Communication between clients and servers is vulnerable and can be exploited by threat actors.
• Misconfiguration Exploits: Improper configuration of network systems, applications, or devices. Common sources include default settings, lack of updates, and human error.

Challenges of Network Security

• Rapidly Evolving Threat Landscape: Attackers constantly develop new methods to exploit networks and organizations must implement new defenses.
• Bigger Attack Surface: The broader scope of organizations' security strategies can be challenging to manage. All network users play a role in security maintenance.
• BYOD (Bring Your Own Device) and Remote Work: Distributed nature, personal devices (increased attack surface), and the reliance on public networks makes security management more complex.
• Cloud Security: Organizations need to address cloud security, managing the responsibility of cloud vendors versus the organization's security policies for the data and applications running in the cloud.

Firewall (Triad)

• How Firewalls function
• Use of firewalls within home networks
• Security mechanisms used in typical home networks
• Reasoning for implementation
• Practical procedures for setup

Types of Firewall (Part 2)

• Detailed Information on firewall types.

Description

Prepare for your exam on Network Security with this quiz. It covers essential topics such as IP Addresses, Subnets, and the importance of securing networks against cyber threats. Test your knowledge on the definitions and practices vital for maintaining network integrity.