Security Fundamentals

Questions and Answers

An organization implements security awareness training, enforces strong password policies, and conducts regular background checks. Which category of security controls does this represent?

• Operational controls
• Administrative controls (correct)
• Technical controls
• Physical controls

A network administrator notices unusually high traffic volumes directed at a company's web server originating from numerous distinct IP addresses, rendering the server unavailable. Which type of attack is most likely occurring?

• Distributed Denial-of-Service (DDoS) attack (correct)
• SQL Injection attack
• Man-in-the-Middle attack
• Phishing attack

Which network security device is designed to examine network traffic for suspicious patterns and can automatically take action to block or prevent identified threats?

• Router
• Firewall
• Intrusion Detection System (IDS)
• Intrusion Prevention System (IPS) (correct)

Which security protocol provides secure communication at the network layer, protecting data transmitted between different networks?

Internet Protocol Security (IPsec) (A)

An organization divides its network into separate segments. What is the primary security benefit of implementing network segmentation?

Isolate security breaches (A)

Which endpoint security solution is typically used to monitor endpoint activity for malicious behavior and provide advanced threat detection?

Endpoint Detection and Response (EDR) (B)

An organization needs to collect and analyze security logs from various sources to identify and respond to potential threats. Which type of system would best fulfill this requirement?

Security Information and Event Management (SIEM) (D)

What is the primary goal of vulnerability scanning?

Identifying security weaknesses (B)

Which access control mechanism requires users to provide multiple forms of identification to verify their identity?

Multi-Factor Authentication (MFA) (C)

What is the purpose of an Acceptable Use Policy (AUP)?

Defining the rules and guidelines for using network resources. (B)

An organization wants to allow external users to securely access specific internal resources. Which technology would be most suitable for this purpose?

Port Forwarding (A)

In which network topology does each device connect to multiple other devices, providing redundancy and high availability?

Mesh topology (C)

What is the primary purpose of subnetting a network?

Improve network performance and security (D)

Which protocol is used to translate domain names into IP addresses, enabling users to access resources using human-readable names?

Domain Name System (DNS) (B)

An organization experiences a security incident. Which key step should be taken first, according to incident response best practices?

Identification (D)

Which type of intrusion detection technique involves monitoring network traffic and identifying deviations from established normal behavior?

Anomaly-based detection (B)

Which wireless encryption protocol is considered the most secure and current standard for wireless networks?

WPA3 (C)

After identifying a vulnerability in a critical application, what is the most appropriate next step within a robust vulnerability management program?

Applying a software update or security patch to fix the vulnerability. (B)

What is the purpose of regularly performing network security audits?

To identify vulnerabilities and weaknesses (B)

What is the main goal of security awareness training for network users?

To educate users about security threats and best practices (D)

Flashcards

Network Security

Protects the usability, reliability, integrity, and safety of a network and data.

Confidentiality

Ensures data is accessible only to authorized individuals, protecting privacy.

Integrity

Maintains the completeness and accuracy of information, preventing corruption.

Availability

Ensures that authorized users have reliable and timely access to resources when needed.

Security Controls

Safeguards to avoid, detect, counteract, or minimize security risks.

Administrative Controls

Policies, procedures, security awareness training, and background checks.

Technical Controls

Hardware or software mechanisms used to protect resources, like firewalls and encryption.

Physical Controls

Measures to protect physical access to facilities and resources, like locks and security guards.

Malware

Viruses, worms, Trojans, ransomware, and spyware that can disrupt network operations or steal data.

Phishing

Deceiving individuals into revealing sensitive information through fraudulent means.

Denial-of-Service (DoS)

Floods a network with traffic, making it unavailable to legitimate users.

Man-in-the-Middle (MitM) Attack

Intercepts communication between two parties, allowing the attacker to eavesdrop or manipulate data.

SQL Injection

Exploits vulnerabilities in databases to gain unauthorized access or modify data.

Insider Threats

Individuals within the organization who have authorized access to systems and data but misuse it.

Zero-Day Exploits

Target vulnerabilities that are unknown to the software vendor or public.

Firewall

Acts as a barrier, filtering network traffic based on predefined rules.

Intrusion Detection System (IDS)

Monitors network traffic for suspicious activity and alerts administrators.

Intrusion Prevention System (IPS)

Actively blocks or prevents malicious activity from reaching the network.

Virtual Private Network (VPN)

Creates secure connections over a public network, encrypting data to protect confidentiality.

Transport Layer Security (TLS)

Encrypts communication between a client and a server, ensuring confidentiality and integrity.

Study Notes

These study notes are already up-to-date with the provided text. No updates are necessary as it contains identical content.