Domain 4: Network Security

Question 1

What is a common network device used to connect networks?

Answer 1

Router

Question 2

What is a common network device used to filter traffic?

Answer 2

Firewall

Question 3

What connects all devices behind the firewall in a small business network?

Answer 3

Switch

Question 4

What is a potential drawback associated with the freedom provided by wireless networking?

-Additional vulnerabilities
-Enhanced physical access control
-Limited signal range
-Reduced deployment cost

Answer 4

Additional vulnerabilities

Question 5

What does micro-segmentation aid in protecting against?

Answer 5

Advanced persistent threats

Question 6

Which of the following tools can be used to both identify and prevent threats? Select three options
-Anti-malware/antivirus
-Firewalls
-Intrusion Protection System (IPS)
-SIEM

Answer 6

Anti-malware/antivirus
Firewalls
Intrusion Protection System (IPS)

Question 7

What does microsegmentation enforce in terms of business functions/units/offices/departments?

Answer 7

The concept of Least Privilege

Question 8

What term describes a portion of the organization’s network that interfaces directly with the outside world and typically has more security controls and restrictions compared to the rest of the internal IT environment?

Answer 8

Demilitarized zone (DMZ)

Question 9

What is a potential alternative to expensive dedicated point-to-point connections?

Answer 9

Gateway-to-gateway VPNs

Question 10

How does a Web Application Firewall (WAF) function in a network?

Answer 10

It monitors all traffic from the outside for malicious behavior before passing commands to a web server

Question 11

What is the primary purpose of Virtual Local Area Networks (VLANs)?

Answer 11

Consolidate traffic across multiple switch ports

Question 12

Which of the following tools can be used to grant remote users access to the internal IT environment?

Answer 12

VPN (virtual private network)

Question 13

What is the function of transfer switches or transformers in a redundant power system?

Answer 13

Enable seamless transition between power sources

Question 14

In a scenario requiring full redundancy, what should devices have in terms of power supplies?

Answer 14

Two power supplies connected to diverse sources

Question 15

Why is an abnormal system shutdown in a data center a concern?

Answer 15

It may result in the loss or corruption of data

Question 16

What is network monitoring or sniffing?

Answer 16

Monitoring traffic patterns to obtain information about a network

Question 17

What is the purpose of the three-way handshake in networking?

Answer 17

Synchronizing and acknowledging requests

Question 18

What are well-known ports (0-1023) associated with?

Answer 18

Common protocols at the core of TCP/IP

Question 19

What is resource pooling in the context of cloud computing?

Answer 19

Sharing physical servers with other organizations

Question 20

What is a cloud arrangement in which the provider owns and manages the hardware, operating system, and applications in the cloud, while the customer retains ownership of the data?

Answer 20

Software as a service (SaaS)

Question 21

What is one of the services offered by many MSPs, where they monitor firewalls and other security tools to provide expertise in triaging events?

Answer 21

Managed Detection and Response (MDR) Service

Question 22

Which cloud computing model allows an enterprise to scale up new software or data-based services/solutions quickly without massive hardware installation?

Answer 22

Infrastructure as a Service (IaaS)

Question 23

Which organization’s definition of cloud computing is commonly used globally?

Answer 23

National Institute of Standards and Technology (NIST)

Question 24

What is the main purpose of a Service Level Agreement (SLA)?

Answer 24

To document specific parameters and minimum service levels

Question 25

What distinguishes Memoranda of Understanding (MOU) or Memoranda of Agreement (MOA) from Service Level Agreements (SLA)?

Answer 25

MOUs/MOAs are more directly related to what can be done with a system or information, while SLAs specify more intricate aspects of services

Question 26

What might a user typically need to acknowledge before being allowed to access the internet in a hotel network?

Answer 26

Acceptable use policy

Question 27

How are VLANs used in Network Access Control (NAC) systems?

Answer 27

VLANs control whether devices connect to the corporate network or a guest network

Question 28

What is the primary responsibility of the upper layer (host or application layer) in a network model?

Answer 28

Managing the integrity of a connection, controlling the session, and transforming data into a format that any system can understand

Question 29

Which layer of the OSI model corresponds to the Internet Layer in the TCP/IP protocol architecture?

Answer 29

Network Layer

Question 30

What protocol is often used by embedded systems when connected to a corporate network?

Answer 30

TCP/IP

Question 31

What information would be removed from a threat alert to maintain anonymity?

Answer 31

Host name and username

Question 32

What is the common term used to describe the mechanisms that control the temperature and humidity in a data center?

Answer 32

HVAC (heating, ventilation and air conditioning)

Question 33

How many layers does the OSI model have?

Answer 33

Seven

Question 34

What does the NAC device provide for access security and incident response?

Answer 34

Network visibility

Question 35

Which cloud deployment model allows an organization to retain control of its IT environments, use public cloud services for non-mission critical workloads, and benefit from flexibility, scalability, and cost savings?

Answer 35

Hybrid cloud

Question 36

How does microsegmentation in zero-trust networks enhance security?

Answer 36

By enforcing frequent re-authentication of user ID

Question 37

How can logical network segmentation be imposed on embedded systems and IoT devices?

Answer 37

Through traffic-control means, including VLANs, MAC addresses, IP addresses, physical ports, protocols, or application filtering

Question 38

An attack against the availability of a network/system; typically uses many attacking machines to direct traffic against a given target. What is the name of this?

Answer 38

Distributed-denial-of-service (DDOS)

Question 39

What is a security solution installed on an endpoint to detect potentially anomalous activity?

Answer 39

Host-based intrusion prevention system

Question 40

What is the purpose of a subnet mask in IPv4?

Answer 40

It defines the part of the address used for the subnet ## Footnote Allows networks to be divided into subnets.

Question 41

Endpoint <------> Web server Which port number is associated with the protocol typically used in this connection?

Answer 41

80

Question 42

Application programming interface (API)

Answer 42

A set of routines, standards, protocols, and tools for building software applications to access a web-based software application or web tool.

Question 43

Bit

Answer 43

The most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model.

Question 44

Broadcast

Answer 44

Broadcast transmission is a one-to-many (one-to-everyone) form of sending internet traffic.

Question 45

Byte

Answer 45

The byte is a unit of digital information that most commonly consists of eight bits.

Question 46

Cloud computing

Answer 46

A model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Question 47

Community cloud

Answer 47

System where the cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy and compliance considerations). It may be owned, managed and operated by one or more of the organizations in the community,

Question 48

De-encapsulation

Answer 48

The opposite process of encapsulation, in which bundles of data are unpacked or revealed.

Question 49

Denial-of-Service (DoS)

Answer 49

The prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours,

Question 50

Domain Name Service (DNS)

Answer 50

This acronym can be applied to three interrelated elements: a service, a physical server and a network protocol.

Question 51

Encapsulation

Answer 51

Enforcement of data hiding and code hiding during all phases of software development and operational use. Bundling together data and methods is the process of encapsulation; taking any set of data and packaging it or hiding it in another data structure,

Question 52

Encryption

Answer 52

The process and act of converting the message from its plaintext to ciphertext.

Question 53

File Transfer Protocol (FTP)

Answer 53

The internet protocol (and program) used to transfer files between hosts.

Question 54

Fragment attack

Answer 54

In a fragment attack, an attacker fragments traffic in such a way that a system is unable to put data packets back together.

Question 55

Hardware

Answer 55

The physical parts of a computer and related devices.

Question 56

Hybrid cloud

Answer 56

A combination of public cloud storage and private cloud storage where some critical data resides in the enterprise's private cloud while other data is stored and accessible from a public cloud storage provider.

Question 57

Infrastructure as a Service (IaaS)

Answer 57

The provider of the core computing, storage and network hardware and software that is the foundation upon which organizations can build and then deploy applications. ## Footnote Popular in data center where software and servers are purchased as a fully outsourced service and usually billed on usage

Question 58

Internet Control Message Protocol (ICMP)

Answer 58

An IP network protocol standardized by the Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available.

Question 59

Internet Protocol (IPv4)

Answer 59

Standard protocol for transmission of data from source to destinations in packet-switched communications networks and interconnected systems of such networks.

Question 60

Man-in-the-Middle

Answer 60

An attack where the adversary positions himself in between the user and the system so that he can intercept and alter data traveling between.

Question 61

Microsegmentation

Answer 61

Part of a zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies. At the limit, this places firewall at every connection point.

Question 62

Oversized Packet Attack

Answer 62

Purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly.

Question 63

Packet

Answer 63

Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model.

Question 64

Payload

Answer 64

The primary action of a malicious code attack.

Question 65

Payment Card Industry Data Security Standard (PCI DSS)

Answer 65

An information security standard administered by Payment Card Industry Security Standards Council applies to services who process credit or debit card transactions.

Question 66

Platform as a Service (PaaS)

Answer 66

The web-authoring or application development middleware environment that allows applications to be built in the cloud before they're deployed as SaaS assets.

Question 67

Private cloud

Answer 67

The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department. removes a number of objections, including control over enterprise and customer data, worries about security, and issues connected to regulatory compliance.

Question 68

Protocols

Answer 68

A set of rules (formats and procedures) to implement and control some type of communication between systems.

Question 69

Public cloud

Answer 69

The cloud infrastructure is provisioned for open use by the general public. It exists on the premises of the cloud provider.

Question 70

Simple Mail Transport Protocol (SMTP)

Answer 70

The standard communication protocol for sending and receiving emails between senders and receivers.

Question 71

Software

Answer 71

Computer programs and associated data that may be dynamically written or modified during execution.

Question 72

Software as a Service (SaaS)

Answer 72

The cloud customer uses the cloud provider's applications running within a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser or a program interface.

Question 73

Spoofing

Answer 73

Faking the sending address of a transmission to gain illegal entry into a secure system.

Question 74

Transport Control Protocol/Internet Protocol (TCP/IP) Model (layers)

Answer 74

Internetworking protocol model created by the IETF, which specifies four layers of functionality: Link layer (physical communications), Internet Layer (network-to-network communication), Transport Layer (basic channels for connections and connectionless exchange of data between hosts) Application Layer, where other protocols and user applications programs make use of network services.

Question 75

VLAN

Answer 75

A virtual local area network (VLAN) is a logical group of workstations, servers, and network devices that appear to be on the same LAN .

Question 76

VPN

Answer 76

A virtual private network (VPN), built on top of existing networks, that can provide a secure communications mechanism for transmission between networks.

Question 77

WLAN

Answer 77

A wireless area network (WLAN) is a group of computers and devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired connections. ## Footnote Example: Wifi network

Question 78

Zenmap

Answer 78

The graphical user interface (GUI) for the Nmap Security Scanner, an open-source application that scans networks to determine everything that is connected

Question 79

Zero Trust

Answer 79

Removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset.

Question 80

Application Layer of TCP/IP Architecture What does it do and protocols

Answer 80

Defines the protocols for the transport layer. Simple mail transfer protocol (SMTP). Hypertext transfer protocol/secure (HTTP/HTTPS). File transfer protocol (FTP). Secure shell (SSH).

Question 81

Transport Layer of TCP/IP Architecture What does it do and protocols

Answer 81

Permits data to move among devices User datagram protocol (UDP). Transmission control protocol (TCP).

Question 82

Internet Layer of TCP/IP Architecture What does it do and protocols

Answer 82

Creates/inserts packets. Internet protocol versions 4 and 6 (IPv4/IPv6). Internet control message protocol (ICMP). Address resolution protocol (ARP).

Question 83

Network Interface Layer of TCP/IP Architecture What does it do?

Answer 83

Network Interface Layer How data moves through the network. Transmits data between applications or devices over the network.

Question 84

A tool that inspects outbound traffic to reduce potential threats.

Answer 84

DLP (data loss prevention)