Network Security Fundamentals Quiz

Questions and Answers

What is a DDoS attack primarily aimed at achieving?

• Accessing confidential data
• Spreading malware through downloads
• Overwhelming a destination to limit its resource responsiveness (correct)
• Stealing user credentials

What refers to a network of compromised computers controlled by a threat actor in a DDoS attack?

• Zombie Network
• Phishing Network
• Botnet (correct)
• Rogue Network

Which security strategy emphasizes securing all devices on a network?

• User education and awareness
• Restricted access policies
• Single-layer security
• Defense in depth (correct)

Which of the following is NOT typically considered a layer in network attack mitigation?

Data encryption only (C)

What does the acronym AAA stand for in network security?

Authentication, Authorization, Accountability (B)

How can network attack mitigation provide quick responses to security threats?

Through real-time data analysis and logs (B)

What method can be used to restore systems after a security breach?

Regular backups (C)

Which of the following best describes a man-in-the-middle attack?

An attack where an intermediary secretly relays and possibly alters the communication (D)

What could be considered a maintenance threat?

Poor handling of electrical components (A)

Which of the following is NOT classified as a hardware threat?

Malicious software (D)

What is a significant risk associated with viruses?

They replicate via storage insertion (D)

Which type of malware presents a deceptive front but contains a backdoor?

Trojan horse (A)

What are the consequences of electrical threats such as non-stable power?

Inconsistent performance of devices (A)

Which of the following is an example of an environmental threat?

Overheating from excessive computing (C)

What is a primary purpose of network security fundamentals in the course?

To identify security threats and vulnerabilities (A)

What is the primary characteristic of a worm compared to a virus?

Self-replicates without user intervention (D)

Which of the following is considered a common security threat on a network?

Data loss and manipulation (A)

What is often overlooked in a physical security plan?

Location of critical spare parts (D)

What type of vulnerability encompasses misconfigured Internet services?

Configuration vulnerabilities (D)

What is a major consequence of not having appropriate security policies in place?

Difficulties in verifying and auditing technical controls (A)

Which of the following describes a threat actor in the context of network security?

Anyone acting on a threat or vulnerability (C)

Which of these vulnerabilities relates to technology rather than configuration?

Weaknesses in protocols and operating systems (D)

What role does physical security play in network security?

It protects against unauthorized personal access. (B)

What is a significant risk associated with using default settings in network equipment?

Increased vulnerability to security threats (C)

What is the main goal of a ransomware attack?

To encrypt data and demand payment for decoding (C)

Which method is commonly used to gain access to a system in an access attack?

User impersonation through social engineering (C)

What distinguishes a denial of service attack from access attacks?

Denial of service attacks attempt to disrupt access to resources (B)

What is a common technique employed in password attacks?

Guessing or brute forcing passwords (D)

How does a man-in-the-middle attack operate?

By capturing and potentially manipulating data between two parties (B)

What is a trust exploit in the context of access attacks?

Gaining access through unauthorized privileges (A)

What is typically involved in a reconnaissance attack?

Mapping services and identifying vulnerabilities (B)

Which of the following best describes port redirection?

Using a compromised host to divert traffic from its original destination (B)

What is the primary function of firewalls in network security?

To dictate what type of traffic is allowed in the network (B)

Which of the following is NOT one of the common types of firewalls mentioned?

Network intrusion prevention system (B)

What does the 'Authorization' component of AAA do?

Grants permission to perform specific tasks (C)

Which mitigation technique is focused on inspecting all incoming packets to ensure they are legitimate responses?

Stateful Packet Inspection (B)

What aspect of system maintenance is often overlooked as a means of mitigating attacks?

Ensuring that software and antivirus are updated (D)

What is the role of a demilitarized zone (DMZ) in network architecture?

To allow access to certain resources while providing additional security (D)

Which method allows for filtering website access based on keywords or URLs?

URL filtering (A)

What does accounting in the context of AAA involve?

Recording user activities for auditing purposes (D)

What is a critical aspect of device security mentioned in the content?

Regularly updating and scanning endpoints (A)

What is the preferred length for passwords according to the guidelines discussed?

Ten characters or more (B)

Which of the following best represents a method of password complexity mentioned?

Combining uppercase, lowercase, numbers, and symbols (D)

What does 'hardening' a system involve?

Disabling unnecessary services and applications (C)

What is considered a poor password practice according to the content?

Writing the password on a sticky note (B)

What is the function of Cisco's auto secure setting features?

To adjust security settings based on specific criteria (A)

Which of the following is a suggested method for creating a memorable password?

Replacing letters with numbers in specific ways (elite speak) (D)

What should be done immediately upon accessing a new system?

Change default usernames and passwords (D)

Flashcards

Threat Actors

Actions or individuals that exploit vulnerabilities in a network to cause harm.

Technology Vulnerabilities

Weaknesses in network protocols, operating systems, or equipment that can be exploited by threat actors.

Configuration Vulnerabilities

Weaknesses arising from poor configuration of network devices, services, or user accounts.

Administrative Vulnerabilities

Vulnerabilities arising from the lack of written security policies or inadequate administrative controls.

Physical Security

The ability to physically access network equipment, potentially allowing for tampering or data theft.

Disruption of Service

Making a network unusable by disrupting services or significantly slowing down performance.

Data Loss or Manipulation

Unauthorized access or manipulation of data stored or transmitted over a network.

Credential Theft

Theft of sensitive information, such as passwords, usernames, or financial details.

Electrical Threats

Unstable or malfunctioning power supply causing voltage fluctuations, outages, or noise.

Maintenance Threats

Improper handling of hardware, causing damage or reducing lifespan.

Malware

Malicious software designed to harm or disrupt systems.

Virus

Malware that spreads by attaching itself to files and programs.

Worm

Malware that replicates itself and spreads across networks.

Trojan Horse

Malware disguised as legitimate software, providing a hidden way for attackers to access a system.

Ransomware

Malware that encrypts data and demands payment for decryption.

Spyware

Malware that secretly collects data about users and their activities.

Authentication

A process that verifies who you are accessing a system.

Authorization

A process that verifies your permissions to perform specific actions on a system.

Accounting

A process that logs and records all actions performed by a user on a system.

Firewall

A network security device that determines which traffic is allowed to enter or leave a network.

DMZ (Demilitarized Zone)

A temporary network zone between the internal network and the external internet.

Packet Filtering Firewall

A firewall type that inspects and filters network packets based on their source and destination IP addresses.

Application Filtering Firewall

A firewall type that examines application data within packets and can block specific applications or ports.

Stateful Packet Inspection Firewall

A firewall type that monitors incoming network traffic and checks if responses to requests from internal hosts are legitimate.

Man-in-the-Middle attack

A type of attack where an attacker intercepts communication between two parties, potentially modifying or stealing data.

Denial of Service (DoS) attack

An attack that aims to overwhelm a target system with excessive requests, making it unavailable to legitimate users.

Distributed Denial of Service (DDoS) attack

A type of DDoS attack where multiple compromised computers (zombies) are controlled by an attacker to launch an attack.

Zombies

Computers controlled remotely by an attacker in a DDoS attack.

Botnet

A network of compromised computers controlled by an attacker.

Defense-in-Depth

A security approach that involves implementing multiple layers of security controls to protect a network.

Network Security Devices

Security devices like firewalls, email security, and VPNs.

AAA (Authentication, Authorization, and Accounting)

A security feature that allows identification, authentication, and authorization of users and devices.

Reconnaissance Attack

A cyberattack aimed at gathering information about a target network or system. This involves identifying potential vulnerabilities and mapping services, systems, and potential entry points.

Access Attack

Cyberattacks aimed at gaining unauthorized access to a system. Attackers might use techniques like social engineering, phishing emails, or manipulating data access to achieve their goal.

Denial of Service Attack (DoS)

A cyberattack that aims to disrupt the availability of a system or service for legitimate users. The attacker overwhelms the system with traffic, effectively rendering it unavailable to others.

Password Attacks

A group of techniques used to gain unauthorized access to a system by guessing, brute-forcing, or intercepting passwords. It's like trying every key until the lock opens.

Trust Exploitation

A cyberattack that uses a compromised system to gain unauthorized access to other systems, often leveraging trusted connections.

Port Redirection

An attacker uses a compromised host to connect to other systems, taking advantage of the trusted port connections.

Device Hardening

A process of securing a device by disabling unnecessary services and applications, updating the system and applications to the latest versions, and applying security settings to prevent unauthorized access or modification of system resources.

Job Rotation

A security practice that involves rotating employees between different roles or tasks to reduce the risk of any single individual gaining excessive power or access to sensitive information.

Administrative Policies

A set of rules and guidelines that outline acceptable and unacceptable behavior for employees and users within an organization, including security policies and procedures.

Complex Password

A password that is a minimum of 8 characters long, containing a mix of uppercase and lowercase letters, numbers, and symbols. It should not be a common word or easily guessed combination.

Elite Speak

Using a word or phrase and then deliberately misspelling it or adding symbols to create a more unique and secure password.

Default Password Change

Ensuring that any default usernames and passwords on a system or device are reset immediately after installation or deployment to prevent unauthorized access.

Password Security Habits

It's important to have password habits that minimize the risk of unauthorized access. This includes avoiding writing passwords down, keeping passwords private, and using strong and unique passwords for different accounts.

Regular System Updates

A security practice that involves regularly checking for updates and patches for operating systems, applications, and software to protect against known vulnerabilities and exploit.

Study Notes

Networking Security Fundamentals

• CCNA version 7 curriculum, module 16
• Focuses on security threats, vulnerabilities, mitigation techniques, and device security.

Common Security Threats and Vulnerabilities

• Direct service disruption: Taking down or slowing network services.
• Data loss and manipulation: Stealing credentials, data manipulation, identity theft, and intellectual property theft.
• Threat actors: Individuals or entities acting maliciously on systems.
• Technology vulnerabilities: Problems with protocols and operating systems.
• Configuration vulnerabilities: Weaknesses in system configurations (e.g., unsecured accounts, misconfigured services).
• Administrative vulnerabilities: Lack of adequate security policies.

Network-Based Attacks

• Malware: Malicious software (viruses, worms, Trojan horses).
• Ransomware: Encrypts data to demand payment for decryption.
• Spyware: Collects and transmits information.
• Adware: Displays unwanted advertisements.
• Reconnaissance attacks: Mapping services and systems for vulnerabilities.
• Access attacks: Gaining control of a system.
• Password attacks: Guessing or brute-forcing passwords.
• Trust exploits: Leveraging unauthorized privileges.
• Port redirection: Redirecting connections to exploit vulnerabilities.
• Man-in-the-middle (MitM) attacks: Intercepting communications between systems.

Network Attack Mitigation

• Defense in depth: Layered security approach for mitigating attacks.
• Device security: Securing routers, switches, servers, and other network devices.
• Network intrusion detection and prevention systems (IDS/IPS): Monitoring and blocking malicious activity.
• Network segmentation: Dividing a network into smaller, isolated parts to limit the effects of breaches.
• Security devices: Firewalls, email security, web security, AAA servers, VPNs.

Device Security and Password Management

• Hardening: Securing devices by disabling unnecessary services and applying security updates.
• Strong passwords: Complex passwords with a mixture of uppercase and lowercase letters, numbers, and symbols.
• Password policies: Setting up policies to control password complexity.
• Multi-factor authentication (MFA): Using multiple authentication methods.
• Regular authentication updates: Keeping current on security updates.

Other Security Considerations

• Backups: Ensuring regular backups of critical data.
• Endpoints: Protecting all devices connected to the network.
• Job training: Educating users on security procedures.
• Job rotation: Minimizing administrative risk by changing user responsibilities.

Description

Test your knowledge on key concepts of network security with this quiz. From understanding DDoS attacks to the AAA framework, assess your grasp of important security strategies and mitigation techniques. Ideal for students and professionals in cybersecurity.