Network Security Concepts and Techniques, Exams of Cybercrime, Cybersecurity and Data Privacy

This document covers a wide range of network security topics, including tools for monitoring and analysis, encryption methods, security threats and vulnerabilities, incident response, and various attack types. It provides insights into the fundamental components required for building a secure networking environment, the importance of security awareness training, and the role of external entities in investigating network attacks. The document also explores encryption, access control, digital signatures, network address translation, and different attack vectors and their mitigation measures. This comprehensive coverage can be valuable for students, security professionals, and IT administrators.

Typology: Exams

2023/2024

Available from 09/13/2024

Emma_Johnson
Emma_Johnson 🇬🇧

2.1K documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
C837 - CIW: 2024 Web Security Associate
Questions and Answers)
What tool allows network administrators to capture and analyze data
traversing
their networks? - Solution Protocol analyzer
Following a natural or manmade incident at your organization that involved
loss of
data from local HDDs and storage, what entity should you contact to enable
recovery of
data? - Solution Backup service
What is a disadvantage of creating hashes of each file on an attached
storage
device? - Solution Places a performance burden on the host and slows its
ability to respond to
requests
What is a primary disadvantage of asymmetric-key encryption? - Solution
Slow speed due to high processing burden
What defensive action will allow you to reduce severity of attacks involving
specific services and protocols coming from outside of your network? -
Solution Configure your firewall to filter out unwanted traffic based on
protocol or services
What is considered to be the most secure default firewall policy? - Solution
Implicit Deny (Blocking all access by default, then allowing only specific,
necessary
connections)
Common security threats to Web servers include, but are not limited to: -
Solution CGI Scripts, SQL injections, Cross site scripting (XSS), DDOS
What is the foundational component needed to be in place FIRST when
creating a
secure networking environment? - Solution Security Policy
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Network Security Concepts and Techniques and more Exams Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!

C837 - CIW: 2024 Web Security Associate

Questions and Answers)

What tool allows network administrators to capture and analyze data traversing their networks? - Solution Protocol analyzer Following a natural or manmade incident at your organization that involved loss of data from local HDDs and storage, what entity should you contact to enable recovery of data? - Solution Backup service What is a disadvantage of creating hashes of each file on an attached storage device? - Solution Places a performance burden on the host and slows its ability to respond to requests What is a primary disadvantage of asymmetric-key encryption? - Solution Slow speed due to high processing burden What defensive action will allow you to reduce severity of attacks involving specific services and protocols coming from outside of your network? - Solution Configure your firewall to filter out unwanted traffic based on protocol or services What is considered to be the most secure default firewall policy? - Solution Implicit Deny (Blocking all access by default, then allowing only specific, necessary connections) Common security threats to Web servers include, but are not limited to: - Solution CGI Scripts, SQL injections, Cross site scripting (XSS), DDOS What is the foundational component needed to be in place FIRST when creating a secure networking environment? - Solution Security Policy

In considering authentication using HTTP vs HTTPS, which operates fully in the clear and introduces susceptibility man-in-the-middle attacks? - Solution HTTP What malicious logic, when installed on a system, replaces or modifies legitimate programs preventing them from functioning as expected in effort to hide malicious programs and activity? - Solution A root kit What organization maintains information about how to solve specific security problems and publishes security advisories? - Solution CERT When considering symmetric vs asymmetric encryption, and encryption speed is your #1 priority for the endeavor, which type would you choose? - Solution Symmetric In addition to normal day-to-day security scanning and operations conducted to protect your networked devices and systems, what action is imperative to compliment those actions and ensure you are protected against new threats, vulnerabilities and newly discovered bugs? - Solution Implement all regular and emergency system and software updates MD5 and SHA are examples of what type of mechanisms? - Solution Hash Algorithms What type of malicious logic contains programming code enabling it to execute differently each time it is run to evade detection by anti-virus software? - Solution Polymorphic What Public Key Infrastructure standard is used for digital certificates? - Solution X. Regarding IPSEC, which activity occurs during the Internet Key Exchange (IKE) before keys are exchanged (during main mode)? - Solution Authentication method and encryption type negotiation

When considering reconnaissance for a network attack, references to potential target areas such as boot sector files, System32 DLL files, shared libraries, SAM file, and registry are indicative of what operation systems? - Solution Windows systems What type of attack involves an attacker sending a succession of SYN requests to a target system in an attempt to consume enough resources to make the system unresponsive to legitimate traffic? - Solution SYN Flood What is the best way to defend against (or at least make it more difficult for the attacker) password brute force and dictionary attacks? - Solution Implement and enforce a strong, organization-wide, password policy. A vulnerability that is unknown to those interested in mitigating it, is called what? - Solution Zero Day What are some standard details that should be included in documentation of an attack from an incident response perspective? - Solution The time and date of the attack, nature of attack, and the names of personnel contacted during the response, servers involved, applications used During incident response actions, system administrators and response team members should NOT panic and make snap decisions, but rather do what? - Solution Review and respond to the incident according to the established company policy and protocol If you are concerned with managing which objects are allowed to interact with which resources and to what extent, you are concerned with managing what? - Solution Access control What entity external to your organization can you leverage to assist you in investigating attacks involving high volumes of traffic flooding your network? - Solution Your Internet Service Provider (ISP) What is the name of the trusted entity that manages and issues security certificates and public keys in cryptography and can be leveraged for verifying the identities? - Solution Certificate Authority

What does stateful multi-layer inspection consist of? - Solution Inspecting packets in all layers of the OSI stack with a packet filter Basic firewall functions include what? - Solution Logging, creating a choke point, limit network host exposure, log internet activity Which encryption standard, also known as the Rijndael standard can use a 128-bit key, and has been adopted as a standard by various governments and corporations? - Solution Advanced Encryption Standard (AES) What is the major difference between the Smurf and Fraggle attacks? - Solution Smurf utilizes ICMP, Fraggle utilizes UDP What practice involves labeling and compartmentalizing data by importance or some other criteria to enable you to appropriately align protection mechanisms commensurate with different resources? - Solution Classifying systems In considering the following potential security issues, which would not be considered a physical security problem: faulty door lock, logic bomb, false ceiling, malfunctioning mantrap - Solution logic bomb What tool or program is used to assess your network, applications or systems for known weaknesses? - Solution A vulnerability scanner During an attack happening on one of your servers in real time, what action can you take to stop the attack, while still preserving volatile data on the system? - Solution Disconnect the system's network cable What combo of applications or tools can help you diagnose DOS and DDOS traffic targeting your network? - Solution netstat, packet sniffers, protocol analyzer What application can you install to inform you when a directory of file has been altered or removed? - Solution Tripwire

guesses: 0 time: 0:00:00:09 (2) c/s: 6170 trying: apple guesses: 0 time: 0:00:00:09 (2) c/s: 6114 trying: @pple guesses: 0 time: 0:00:00:09 (2) c/s: 6148 trying: !@#$%p guesses: 0 time: 0:00:00:09 (2) c/s: 6121 trying: aabbcc guesses: 0 time: 0:00:00:09 (2) c/s: 6017 trying: p@ssword - Solution Brute force When considering user use of active vs passive FTP sessions, which is easier for firewalls to process? - Solution Passive A typical session establishment sequence using a TCP handshake consists of a SYN, a SYN/ACK, and an ACK. Passive Open communication using this sequence leaves the session susceptible to what attack? - Solution Man-in the middle What is the name of the list containing certificates that have expired before their normal due dates, due to server compromise, or because the owner no longer wants the certificate to be used? - Solution Certificate revocation list What is the name of the router to inspect traffic just before that traffic enters your internal network from the internet? - Solution Choke router A circuit-level gateway operates at what layer of the OSI model? - Solution Layer 4 What is the name given to one type of network address translation that allows all of the hosts on a private network to use the Internet at the price of a single IP address? - Solution IP masquerading What standard involves placing protective coatings or sheaths on computer connectors and cables to help control electromagnetic transmissions? - Solution TEMPEST What security principle involves determining what system resources a user or service may use, view, or change? - Solution Access control

What action in encryption allows users to prove that an information exchange actually occurred and essentially allow one to achieve non- repudiation? - Solution Using digital signatures What impact on network proxy server performance will implementing caching introduce? - Solution Improve performance by speeding up web- based resource requests and responses The screened subnet firewall configuration creates a fairly secure subnetwork between the Internet and your internal network called a what? - Solution Demilitarized zone (DMZ) What is an inexpensive solution requiring minimum human effort to have login activity recorded that you can in turn use for security purposes or investigations? - Solution Running custom login scripts PGP is a security measure primarily concerned with protections to what service? - Solution SMTP What type of encryption algorithm involves relatively fast Speed, and a Single Secret key? - Solution Symmetric What are two main vulnerabilities of IPsec? - Solution Compromised keys, compromised certificates The Application layer of the TCP/IP stack performs the functions of which OSI model layers? - Solution 7, 6, and 5 (application, presentation, and session) Blowfish, Twofish, Serpent, and Skipjack are examples of which type of algorithms (Symmetric OR Asymmetric)? - Solution Symmetric What is the primary function of Diffie-Hellman, and with what type of algorithm (Symmetric OR Asymmetric) would its use be most beneficial? - Solution Diffe-Hellman is a protocol that provides secure key exchange, asymmetric

What is a list of individual users and groups associated with an object, and the rights that each user or group has when accessing that object? - Solution Access Control List (ACL) What type of attack involves code being intentionally and secretly inserted into an application or operating systems by developers? - Solution Back door What malware involves code that activates only when a certain condition is met? - Solution logic bomb What type of flooding attack involves overwhelming a system with massive amounts ICMP packets? - Solution Ping Flood What attack involves an attacker injecting false information into the database of a DNS server during a zone transfer? - Solution DNS Poisoning What is a widely used technique that is effective in distinguishing between a human user and a bot. - Solution Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) What process attempts to verify the identity of a user, system, or system process? - Solution Authentication