Network Security Fundamentals Quiz

Questions and Answers

What is a DDoS attack primarily aimed at achieving?

Accessing confidential data

Spreading malware through downloads

Overwhelming a destination to limit its resource responsiveness (correct)

Stealing user credentials

What refers to a network of compromised computers controlled by a threat actor in a DDoS attack?

Zombie Network

Phishing Network

Botnet (correct)

Rogue Network

Which security strategy emphasizes securing all devices on a network?

User education and awareness

Restricted access policies

Single-layer security

Defense in depth (correct)

Which of the following is NOT typically considered a layer in network attack mitigation?

Data encryption only

What does the acronym AAA stand for in network security?

Authentication, Authorization, Accountability

How can network attack mitigation provide quick responses to security threats?

Through real-time data analysis and logs

What method can be used to restore systems after a security breach?

Regular backups

Which of the following best describes a man-in-the-middle attack?

An attack where an intermediary secretly relays and possibly alters the communication

What could be considered a maintenance threat?

Poor handling of electrical components

Which of the following is NOT classified as a hardware threat?

Malicious software

What is a significant risk associated with viruses?

They replicate via storage insertion

Which type of malware presents a deceptive front but contains a backdoor?

Trojan horse

What are the consequences of electrical threats such as non-stable power?

Inconsistent performance of devices

Which of the following is an example of an environmental threat?

Overheating from excessive computing

What is a primary purpose of network security fundamentals in the course?

To identify security threats and vulnerabilities

What is the primary characteristic of a worm compared to a virus?

Self-replicates without user intervention

Which of the following is considered a common security threat on a network?

Data loss and manipulation

What is often overlooked in a physical security plan?

Location of critical spare parts

What type of vulnerability encompasses misconfigured Internet services?

Configuration vulnerabilities

What is a major consequence of not having appropriate security policies in place?

Difficulties in verifying and auditing technical controls

Which of the following describes a threat actor in the context of network security?

Anyone acting on a threat or vulnerability

Which of these vulnerabilities relates to technology rather than configuration?

Weaknesses in protocols and operating systems

What role does physical security play in network security?

It protects against unauthorized personal access.

What is a significant risk associated with using default settings in network equipment?

Increased vulnerability to security threats

What is the main goal of a ransomware attack?

To encrypt data and demand payment for decoding

Which method is commonly used to gain access to a system in an access attack?

User impersonation through social engineering

What distinguishes a denial of service attack from access attacks?

Denial of service attacks attempt to disrupt access to resources

What is a common technique employed in password attacks?

Guessing or brute forcing passwords

How does a man-in-the-middle attack operate?

By capturing and potentially manipulating data between two parties

What is a trust exploit in the context of access attacks?

Gaining access through unauthorized privileges

What is typically involved in a reconnaissance attack?

Mapping services and identifying vulnerabilities

Which of the following best describes port redirection?

Using a compromised host to divert traffic from its original destination

What is the primary function of firewalls in network security?

To dictate what type of traffic is allowed in the network

Which of the following is NOT one of the common types of firewalls mentioned?

Network intrusion prevention system

What does the 'Authorization' component of AAA do?

Grants permission to perform specific tasks

Which mitigation technique is focused on inspecting all incoming packets to ensure they are legitimate responses?

Stateful Packet Inspection

What aspect of system maintenance is often overlooked as a means of mitigating attacks?

Ensuring that software and antivirus are updated

What is the role of a demilitarized zone (DMZ) in network architecture?

To allow access to certain resources while providing additional security

Which method allows for filtering website access based on keywords or URLs?

URL filtering

What does accounting in the context of AAA involve?

Recording user activities for auditing purposes

What is a critical aspect of device security mentioned in the content?

Regularly updating and scanning endpoints

What is the preferred length for passwords according to the guidelines discussed?

Ten characters or more

Which of the following best represents a method of password complexity mentioned?

Combining uppercase, lowercase, numbers, and symbols

What does 'hardening' a system involve?

Disabling unnecessary services and applications

What is considered a poor password practice according to the content?

Writing the password on a sticky note

What is the function of Cisco's auto secure setting features?

To adjust security settings based on specific criteria

Which of the following is a suggested method for creating a memorable password?

Replacing letters with numbers in specific ways (elite speak)

What should be done immediately upon accessing a new system?

Change default usernames and passwords

Study Notes

Networking Security Fundamentals

• CCNA version 7 curriculum, module 16
• Focuses on security threats, vulnerabilities, mitigation techniques, and device security.

Common Security Threats and Vulnerabilities

• Direct service disruption: Taking down or slowing network services.
• Data loss and manipulation: Stealing credentials, data manipulation, identity theft, and intellectual property theft.
• Threat actors: Individuals or entities acting maliciously on systems.
• Technology vulnerabilities: Problems with protocols and operating systems.
• Configuration vulnerabilities: Weaknesses in system configurations (e.g., unsecured accounts, misconfigured services).
• Administrative vulnerabilities: Lack of adequate security policies.

Network-Based Attacks

• Malware: Malicious software (viruses, worms, Trojan horses).
• Ransomware: Encrypts data to demand payment for decryption.
• Spyware: Collects and transmits information.
• Adware: Displays unwanted advertisements.
• Reconnaissance attacks: Mapping services and systems for vulnerabilities.
• Access attacks: Gaining control of a system.
• Password attacks: Guessing or brute-forcing passwords.
• Trust exploits: Leveraging unauthorized privileges.
• Port redirection: Redirecting connections to exploit vulnerabilities.
• Man-in-the-middle (MitM) attacks: Intercepting communications between systems.

Network Attack Mitigation

• Defense in depth: Layered security approach for mitigating attacks.
• Device security: Securing routers, switches, servers, and other network devices.
• Network intrusion detection and prevention systems (IDS/IPS): Monitoring and blocking malicious activity.
• Network segmentation: Dividing a network into smaller, isolated parts to limit the effects of breaches.
• Security devices: Firewalls, email security, web security, AAA servers, VPNs.

Device Security and Password Management

• Hardening: Securing devices by disabling unnecessary services and applying security updates.
• Strong passwords: Complex passwords with a mixture of uppercase and lowercase letters, numbers, and symbols.
• Password policies: Setting up policies to control password complexity.
• Multi-factor authentication (MFA): Using multiple authentication methods.
• Regular authentication updates: Keeping current on security updates.

Other Security Considerations

• Backups: Ensuring regular backups of critical data.
• Endpoints: Protecting all devices connected to the network.
• Job training: Educating users on security procedures.
• Job rotation: Minimizing administrative risk by changing user responsibilities.

Description

Test your knowledge on key concepts of network security with this quiz. From understanding DDoS attacks to the AAA framework, assess your grasp of important security strategies and mitigation techniques. Ideal for students and professionals in cybersecurity.