2101 Ch16: Network Security Fundamentals Quiz

Questions and Answers

What should be done immediately after installing a new OS on a device for better security?

• Set the firewall to the lowest security level
• Install as many applications as possible
• Change default usernames and passwords (correct)
• Allow all default settings to remain unchanged

Which of the following is a recommended practice for securing passwords?

• Share passwords with colleagues
• Encrypt plaintext passwords (correct)
• Use short and simple passwords
• Always write passwords down

What is the role of the Cisco AutoSecure feature?

• To provide wireless network security
• To automatically install applications
• To assist in securing Cisco routers (correct)
• To manage user permissions

How can network access control enhance endpoint security?

By restricting access to authorized users only (D)

What should be done to reduce the risk of brute-force password guessing attacks?

Set a minimum acceptable password length (D)

What should be done with unnecessary services and applications on a device?

They should be turned off and uninstalled when possible (C)

What is an important step to take to support SSH on routers and switches?

Configure appropriate devices (A)

What technique allows or denies access based on IP or MAC addresses?

Packet filtering (B)

Which method prevents or allows access based on specific application types?

Application filtering (B)

What type of filtering makes decisions based on specific URLs or keywords?

URL filtering (D)

Which technique requires incoming packets to be legitimate responses to internal requests?

Stateful packet inspection (D)

What is considered one of the greatest challenges in securing endpoint devices?

Involvement of human nature (D)

What should a company implement to help secure endpoint devices effectively?

Well-documented policies (B)

What is a common security policy that companies should enforce on endpoint devices?

Use of antivirus software (D)

Which aspect is crucial for employees regarding network use?

Understanding security policies (A)

What essential capability can stateful packet inspection include?

Recognition of specific attacks (A)

What is a recommended minimum password length for network security?

8 characters (B)

Which of the following is a characteristic of a strong password?

A mix of uppercase and lowercase letters, numbers, and symbols (B)

What is a key advantage of using a passphrase for a password?

It is often easier to remember and harder to guess (B)

What is the purpose of the service password-encryption command in Cisco devices?

To encrypt plaintext passwords in the configuration file (D)

What strategy can be used to deter brute-force password guessing attacks?

Setting a minimum password length (D)

Why should users avoid using identifiable personal information in their passwords?

It can be easily guessed or obtained by attackers (D)

What is one way to ensure passwords remain secret on network devices?

Encrypt all plaintext passwords (A)

How often should passwords ideally be changed to enhance security?

Every few months (D)

What can be included in a strong password to improve its complexity?

A mix of letters, numbers, symbols, and spaces (A)

Flashcards

Endpoint Device Security

Protecting devices connected to a network to prevent unauthorized access and attacks.

Default OS Security

Security settings are usually weak when a new operating system is installed.

Strong Passwords

Long, complex passwords are crucial for device protection.

Password Length

Setting a minimum acceptable password length to prevent easy guessing attacks.

Password Encryption

Encrypting passwords that are not already encrypted.

Disable Unnecessary Services

Turning off or uninstalling unused applications and services.

Network Access Control

A comprehensive security strategy that controls access to network resources.

Packet filtering

A network security technique that allows or denies network access based on IP or MAC addresses.

Application filtering

A network security technique controlling access based on application type and port number.

URL filtering

A network security technique that allows or blocks access to websites based on specific URLs or keywords.

Stateful Packet Inspection (SPI)

A network security technique that verifies if incoming packets are legitimate responses to internal requests. It blocks unsolicited packets, unless allowed.

Endpoint

An individual computer system or device connected to a network.

Endpoint Security

Protecting individual computer systems and devices that connect to a network.

Antivirus Software

Software to prevent and remove viruses from a computer.

Host Intrusion Prevention

Security measures on individual computers to detect and prevent malicious activity.

Strong Password Criteria

Strong passwords are long (at least 8 characters, ideally 10+), complex (mix of upper/lower case, numbers, symbols, spaces where allowed), unique (avoid common words or patterns), deliberately misspelled, and changed frequently.

Passphrase

A long, memorable password consisting of multiple words, better than a simple, random password.

Minimum Password Length

Setting a rule for the shortest allowed length for passwords on the Cisco device (router/switch).

Brute-force Attack

An attack that tries many different passwords until the right one is found.

Service password-encryption

Cisco command to encrypt all plain-text passwords to protect them from unauthorized access.

Security passwords min-length

Cisco command to set minimum acceptable password length.

Plaintext Passwords

Passwords that are in readable format.

Study Notes

Network Security Fundamentals

• Network security is crucial for protection from threat actors
• Opening all doors and windows is like having unsecured network
• Individuals and organizations depend on computer networks
• Network intrusions can lead to costly outages and data loss
• Threat actors gain access through software vulnerabilities, hardware attacks or guessed passwords

Types of Threats

• Information theft: Gaining confidential information (e.g., research data)
• Data loss/manipulation: Destroying or altering data records (e.g., reformatting disks)
• Identity theft: Stealing personal information for fraudulent purposes
• Disruption of service: Preventing legitimate use of services (e.g., denial of service attacks)

Types of Vulnerabilities

• Technological: Weaknesses in the technology itself
• Configuration: Weaknesses due to how a system is configured
• Security policy: Weaknesses in the policies outlining how a system functions

Physical Security

• Hardware threats: Physical damage to devices
• Environmental threats: Extreme temperatures or humidity
• Electrical threats: Voltage spikes, insufficient/total power loss
• Maintenance threats: Poor handling of equipment, lack of parts, poor cabling
• Security protocols to limit damage

Malware

• Viruses: Copy themselves into other programs causing varying levels of damage
• Worms: Standalone software that replicates themselves and cause harm similar to viruses
• Trojan Horses: Seem legitimate but cause harm to a host/system (e.g., by deleting files or stealing data)

Network Attacks

• Recononnaissance attacks: Identify systems, services, or vulnerabilities
• Access attacks: Unauthorized manipulation of data, system access or user privileges
• Denial of service attacks: Disrupting or corrupting services

Trust Exploitation

• Port redirection: Using a compromised system to attack other targets
• Man-in-the-middle attacks: Intercepting data between two legitimate entities. Steps:1.Victim requests page 2.Threat actor gets page 3.Threat actor modifies page 4.Threat actor sends page to victim

Denial of Service Attacks

• DoS attacks: Attack that attempts to make a machine or network resource unavailable
• DDoS attacks: A distributed denial-of-service (DDoS) attack is a type of DoS attack where multiple compromised systems are used to target a single victim to make the target unavailable. 

Mitigation

• Secure all devices (routers, switches, servers, hosts)
• Employ updated data backups, including network device configurations as appropriate
• Implement security systems like Firewalls, Intrusion Prevention Systems (IPS), Email Security Appliances (ESAs), AAA/authentication authorization/accounting servers, to prevent attacks
• Monitor devices for threats
• Regularly update software
• Comply with security policies