Chapter 4

Question 1

is two or more computers linked together to share data, information or resources.

Answer 1

Networking

Question 2

2 basic types of networks

Answer 2

Local Area Network (LAN)
Wide Area Network (WAN)

Question 3

It is a network typically spanning a single floor or building. This is commonly a limited geographical area.

Answer 3

Local Area Network (LAN)

Question 4

Is the term usually assigned to the long-distance connections between geographically remote networks.

Answer 4

Wide Area Network (WAN)

Question 5

They are used to connect multiple devices in a network.

Answer 5

Hubs

Question 6

are wired devices and are not as smart as switches or routers.

Answer 6

Hubs

Question 7

are wired devices that know the addresses of the devices connected to them and route traffic to that port/device rather than retransmitting to all devices.

Answer 7

Switches

Question 8

are used to control traffic flow on networks and are often used to connect similar networks and control traffic flow between them.

Answer 8

Routers

Question 9

are essential tools in managing and controlling network traffic and protecting the network.

Answer 9

Firewall

Question 10

is a network device used to filter traffic

Answer 10

Firewalls

Question 11

is a computer that provides information to other computers on a network.

Answer 11

Server

Question 12

what are the common servers?

Answer 12

web servers
email servers
print servers
Database servers
file servers

Question 13

are the ends of a network communication link

Answer 13

endpoints

Question 14

is a standard that defines wired connections of networked devices.

Answer 14

ethernet

Question 15

represents the network interface within the network and can be useful to maintain communications when a physical device is swapped with new hardware.

Answer 15

Internet Protocol (IP) Address

Question 16

also known as the host or application layer, is responsible for managing the integrity of a connection and controlling the session as well as establishing, maintaining and terminating communication sessions between two computers.

Answer 16

upper layer

Question 17

is often referred to as the media or transport layer and is responsible for receiving bits from the physical connection medium and converting them into a frame.

Answer 17

lower layer

Question 18

are grouped into standardized sizes.

Answer 18

frames

Question 19

it was developed to establish a common way to describe the communication structure for interconnected computer systems.

Answer 19

Open Systems Interconnection(OSI) model

Question 20

it serves as an abstract framework, or theoretical model, for how protocols should function in an ideal world, on ideal hardware.

Answer 20

OSI model

Question 21

it has become a common conceptual reference that is used to understand the communication of various hierarchical components from software interfaces to physical hardware.

Answer 21

OSI model

Question 22

it is the addition of header and possibly a footer (trailer) data by a protocol used at that layer of the OSI model.

Answer 22

Encapsulation

Question 23

The inverse action occurs as data moves up the OSI model layers from Physical to Application. This process is known as?

Answer 23

De-encapsulation (or decapsulation).

Question 24

what is TCP/IP?

Answer 24

Transmission Control Protocol/Internet Protocol

Question 25

it defines the protocols for the transport layer

Answer 25

application layer

Question 26

it permits data to move among devices

Answer 26

transport layer

Question 27

it creates/inserts packets

Answer 27

internet layer

Question 28

it refers to how data moves through the network

Answer 28

network interface layer

Question 29

what is UDP?

Answer 29

User Datagram Protocol

Question 30

it is a popular method of connecting corporate and home systems because of the ease of deployment and relatively low cost.

Answer 30

wireless networking

Question 31

There are physical ports that you connect wires to and logical ports that determine where the data/traffic goes.

Answer 31

Ports and Protocols (Applications/Services)

Question 32

are the ports on the routers, switches, servers, computers, etc. that you connect the wires

Answer 32

Physical ports

Question 33

(also called a socket) is little more than an address number that both ends of the communication link agree to use when transferring data.

Answer 33

logical port

Question 34

allow a single IP address to be able to support multiple simultaneous communications, each using a different port number.

Answer 34

ports

Question 35

A standard tcp/ip ports that sends the username and password using plaintext from the client to the server.

Answer 35

21 - FTP

Question 36

A standard tcp/ip ports that is used by many Linux systems as a basic text-based terminal.

Answer 36

23-telnet

Question 37

A standard tcp/ip ports that the default unencrypted port for sending email messages.

Answer 37

25 - SMTP

Question 38

A standard tcp/ip ports that, may be in use by legacy equipment and has mostly been replaced by using port 123 for Network Time Protocol.

Answer 38

37 - Time

Question 39

A standard tcp/ip ports that is still used widely. however, using this over TLS (DoT) on port 853 protects DNS information from being modified in transit.

Answer 39

53 - DNS

Question 40

A standard tcp/ip ports that is the basis of nearly all web browser traffic on the internet, information sent via HTTP is not encrypted and is susceptible to sniffing attacks.

Answer 40

80 - HTTP

Question 41

A standard tcp/ip ports that is a protocol used for retrieving emails.

Answer 41

143 - IMAP

Question 42

A standard tcp/ip ports which is commonly used to send and received data used for managing infrastructure devices.

Answer 42

161/162 - SNMP

Question 43

A standard tcp/ip ports that is used by many versions of Windows for accessing files over the network.

Answer 43

445 - SMB

Question 44

A standard tcp/ip ports that is used to communicate directory information from servers to clients.

Answer 44

389 - LDAP

Question 45

An attack with the goal of gaining access to a target system through the use of a falsified identity.

Answer 45

Spoofing

Question 46

it can be used against IP addresses, MAC address, usernames, system names, wireless network SSIDs, email addresses, and many other types of logical identification.

Answer 46

spoofing

Question 47

An attack that attempts to misdirect legitimate users to malicious websites through the abuse of URLs or hyperlinks in emails could be considered phishing.

Answer 47

phishing

Question 48

is a network resource consumption attack that has the primary goal of preventing legitimate activity on a victimized system.

Answer 48

DOS/DDOS

Question 49

is perhaps the earliest form of malicious code to plague security administrators.

Answer 49

Computer virus

Question 50

it is a self-replicating piece of code that spreads without the consent of a user, but frequently with their assistance (a user has to click on a link or open a file).

Answer 50

virus

Question 51

it pose a significant risk to network security. They contain the same destructive potential as other malicious code objects with an added twist—they propagate themselves without requiring any human intervention.

Answer 51

worms

Question 52

is a software program that appears benevolent but carries a malicious, behind-the-scenes payload that has the potential to wreak havoc on a system or network.

Answer 52

trojan

Question 53

attackers place themselves between two devices, often between a web browser and a web server, to intercept or modify information that is intended for one or both of the endpoints.

Answer 53

on path-attack

Question 54

it is also known as main-in-the-middle (MITM) attacks.

Answer 54

on path-attack

Question 55

it is a passive, noninvasive attack to observe the operation of a device

Answer 55

side-channel

Question 56

refers to threats that demonstrate an unusually high level of technical and operational sophistication spanning months or even years. APT attacks are often conducted by highly organized groups of attackers.

Answer 56

Advanced persistent threat (APT)

Question 57

are threats that arise from individuals who are trusted by the organization.

Answer 57

insider threats

Question 58

A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity or availability of the victim’s data, applications or operating system or otherwise annoying or disrupting the victim.

Answer 58

malware

Question 59

often use cryptography to “lock” the files on an affected computer and require the payment of a ransom fee in return for the “unlock” code.

Answer 59

ransomware

Question 60

it automates the inspection of logs and real-time system events to detect intrusion attempts and system failures.

Answer 60

intrusion detection system (IDS)

Question 61

it monitors activity on a single computer, including process calls and information recorded in system, application, security and host-based firewall logs.

Answer 61

Host-based Intrusion Detection System (HIDS)

Question 62

it monitors and evaluates network activity to detect attacks or event anomalies.

Answer 62

Network Intrusion Detection System (NIDS)

Question 63

it is usually able to detect the initiation of an attack or ongoing attacks, but they can’t always provide information about the success of an attack.

Answer 63

Network Intrusion Detection System (NIDS)

Question 64

involves the use of tools that collect information about the IT environment from many disparate sources to better examine the overall security of the organization and streamline security efforts.

Answer 64

security management

Question 65

is usually associated with an internet-based set of computing resources, and typically sold as a service, provided by a cloud service provider (CSP).

Answer 65

Cloud computing

Question 66

enumerate the service models (3)

Answer 66

1. software as a service (saas) 2. platform as a service (paas) 3. infrastructure as a service (iaas)

Question 67

A cloud provides access to software applications such as email or office productivity tools.

Answer 67

Software as a Service (SaaS)

Question 68

it is a distributed model where software applications are hosted by a vendor or cloud service provider and made available to customers over network resources.

Answer 68

Software as a Service (SaaS)

Question 69

A cloud provides an environment for customers to use to build and operate their own software.

Answer 69

Platform as a Service (PaaS)

Question 70

is a way for customers to rent hardware, operating systems, storage and network capacity over the internet from a cloud service provider.

Answer 70

Platform as a Service

Question 71

A cloud provides network access to traditional computing resources such as processing power and storage. IaaS models provide basic computing resources to consumers. This includes servers, storage, and in some cases, networking resources.

Answer 71

Infrastructure as a Service (IaaS)

Question 72

Enumerate the 4 deployment models

Answer 72

1. public 2. private 3. hybrid 4. community

Question 73

is a company that manages information technology assets for another company.

Answer 73

managed service provider (MSP)

Question 74

is an agreement between a cloud service provider and a cloud service customer based on a taxonomy of cloud computing– specific terms to set the quality of the cloud services delivered.

Answer 74

cloud computing service-level agreement (cloud sla)

Question 75

it involves controlling traffic among networked devices.

Answer 75

network segmentation

Question 76

it is a network area that is designed to be accessed by outside visitors but is still isolated from the private network of the organization

Answer 76

DMZ

Question 77

they are created by switches to logically segment a network without altering its physical topolgy.

Answer 77

VLANs

Question 78

is a communication tunnel that provides point to point transmission of both authentication and data traffic over an untrusted network.

Answer 78

virtual private network (vpn)

Question 79

it uses multiple types of access controls in literal or theoretical layers to help an organization avoid a monolithic security stance

Answer 79

defense in depth

Question 80

is a concept of controlling access to an environment through strict adherence to and implementation of security policy

Answer 80

network access control (nac)

Question 81

are often micro segmented networks, with firewalls at nearly every connecting point.

Answer 81

zero trust network

Question 82

encapsulates information assets, the services that apply to them and their security properties.

Answer 82

Zero trust

Question 83

is a computer implemented as part of a larger system.

Answer 83

embedded system

Question 84

is typically designed around a limited set of specific functions in relation to the larger product of which it is a component.

Answer 84

embedded system

Question 85

is the collection of devices that can communicate over the internet with one another or with a control console in order to affect and monitor the real world.

Answer 85

Internet of Things (IoT)

Question 86

The toolsets of current adversaries are polymorphic in nature and allow threats to bypass static security controls.

Answer 86

Microsegmentation

Question 87

allow network administrators to use switches to create software-based LAN segments, which can segregate or consolidate traffic across multiple switch ports.

Answer 87

Virtual local area networks (VLANs)