Network Security Concepts and Threats, Exams of Nursing

A wide range of network security concepts, including error reporting, transport layer protocols, application layer protocols, availability, denial of service attacks, arp poisoning, network mapping, access control, cryptography, different types of dos attacks, wi-fi security protocols, wireless attacks, and the fundamentals of cryptography. It also discusses insider threats, such as sabotage and financial theft by employees, and various types of malware, including viruses, worms, trojans, ransomware, and mobile malware. Additionally, it touches on social engineering techniques used in malware distribution and provides examples of well-known malware incidents. The document concludes by briefly mentioning external attackers, such as hackers, and the general anatomy of a hack, including vulnerability scanning.

Typology: Exams

2023/2024

Available from 10/17/2024

vincent-prince
vincent-prince 🇺🇸

3.5

(2)

4.5K documents

1 / 14

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
IT 250 INFORMATION ASSURANCE AND
SECURITY EXAM 1 QUESTIONS AND
ANSWERS 2024 UPDATED GRADED A+
IT Security Management Process - Answer Involves annual security
planning, developing and implementing countermeasures, and handling
incidents
Compliance Laws and Regulations - Answer Includes FISMA, Sarbanes-
Oxley Act, GDPR, HIPAA, and others, requiring specific formal governance
frameworks
Risk Analysis - Answer Aims to manage risks relative to the organization's
assets and information systems by weighing probable costs of incidents
against countermeasure costs
Technical Security Architecture - Answer Comprises technical
countermeasures like firewalls, intrusion detection systems, and follows the
principle of defense in depth
Policy Driven Implementation - Answer Involves creating security policies,
standards, guidelines, and procedures, overseen by the Chief Information
Security Officer
Governance Frameworks - Answer Specify planning, implementation, and
oversight, with examples like NIST Cybersecurity Framework and ISO/IEC
27001/2
Weakest-link failure - Answer Occurs when a single security element
failure defeats the overall security of a system
FISMA - Answer Federal Information Security Management Act, requiring
federal agencies to provide security for their information and systems
Sarbanes-Oxley Act - Answer Requires firms to have certain practices in
financial record keeping and reporting to safeguard financial data
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe

Partial preview of the text

Download Network Security Concepts and Threats and more Exams Nursing in PDF only on Docsity!

IT 250 INFORMATION ASSURANCE AND

SECURITY EXAM 1 QUESTIONS AND

ANSWERS 2024 UPDATED GRADED A+

IT Security Management Process - Answer Involves annual security planning, developing and implementing countermeasures, and handling incidents Compliance Laws and Regulations - Answer Includes FISMA, Sarbanes- Oxley Act, GDPR, HIPAA, and others, requiring specific formal governance frameworks Risk Analysis - Answer Aims to manage risks relative to the organization's assets and information systems by weighing probable costs of incidents against countermeasure costs Technical Security Architecture - Answer Comprises technical countermeasures like firewalls, intrusion detection systems, and follows the principle of defense in depth Policy Driven Implementation - Answer Involves creating security policies, standards, guidelines, and procedures, overseen by the Chief Information Security Officer Governance Frameworks - Answer Specify planning, implementation, and oversight, with examples like NIST Cybersecurity Framework and ISO/IEC 27001/ Weakest-link failure - Answer Occurs when a single security element failure defeats the overall security of a system FISMA - Answer Federal Information Security Management Act, requiring federal agencies to provide security for their information and systems Sarbanes-Oxley Act - Answer Requires firms to have certain practices in financial record keeping and reporting to safeguard financial data

GDPR - Answer EU privacy law outlining data protection regulations for any business with EU customers HIPAA - Answer Addresses data protection requirements at health care organizations Defense in Depth - Answer Resource guarded by several independent countermeasures in series, requiring an attacker to breach them all to succeed Annualized Loss Expectancy (ALE) - Answer Yearly average loss expected from a breach for an asset, calculated as Single Loss Expectancy (SLE) multiplied by Annualized Rate of Occurrence (ARO) Countermeasure - Answer Includes physical security equipment, data protection practices, software security techniques, user access controls, and networking security tools Policy - Answer Statements of what should be done under specific circumstances, not how Governance Framework - Answer Specifies how to do planning, implementation, and oversight, with specific frameworks required by certain compliance laws/regulations Cyberwar consists of computer-based attacks made by ________. - Answer national governments Stage 1 of strategic IT security planning - Answer Identify drives forces such as threat environment, compliance laws and regulations, and corporate structure changes Stage 2 of strategic IT security planning - Answer Identify the company resources that need protection and rate them by sensitivity Stage 3 of strategic IT security planning - Answer Assess and identify gaps in the companies current IT security Stage 4 of strategic IT security planning - Answer Develop a remediation plan for all security gaps and resources

Procedures None of the above - Answer Baselines, processes, procedures (T/F) A policy is a statement of what should be done under specific circumstances. - Answer True Which of the following goals can be achieved using cryptography? - Answer Confidentiality Integrity Authentication Non-repudiation (T/F) Hashing always converts an input of any size into a fixed-size output and given this output you can go back to the original input. - Answer False In public key cryptography, which key will be used by the receiver to decrypt a message from the sender if the sender encrypted it using receiver's public key? - Answer Receiver's private key Which mechanisms ensure authentication and integrity of messages - Answer 1. Digital signature

  1. Key-hashed message authentication code (T/F) A certificate authority creates a digital certificate for an entity and signs it using certificate authority's private key - Answer True What pieces of information is present in a digital certificate of a webserver?
  • Answer 1. Public key of web server
  1. Digital signature of certificate authority (CA) Which of the following can be used to securely exchange a symmetric/session key? AES Diffie-Hellman RC4 - Answer Diffie-Hellman In which of the following types of VPN, the data is only encrypted between the gateways? client-to-site/Remote VPN Site-to-site VPN

host-to-host VPN None of the above - Answer Site-to-site VPN Which of the following mechanisms can be used to ensure non- repudiation/accountability (Select the Answer ) A. Digital signature B. Key-hashed message authentication code C. Diffie-Hellman D. SHA - Answer Digital signature (T/F) A digital certificate is used to link the ownership of a public key with the entity that owns it - Answer True If two people are communicating using symmetric key cryptography, how many keys do they need to encrypt and decrypt their communication? - Answer 1 key confidentiality - Answer the act of holding information in confidence, not to be released to unauthorized individuals integrity - Answer Attackers cannot change or destroy information Availability - Answer Assures that systems work promptly and service is not denied to authorized users Authenticity - Answer Verifying that users are who they say they are and that each input arriving at the system came from a trusted source Threat - Answer -Anything that has the potential to cause harm to our assets. -Exists when there is a vulnerability Vulnerability - Answer Refers to a weakness in your hardware, software, or procedures Physical countermeasures - Answer Protect the physical environment in which our systems sit, or where our data is stored

FISMA (Federal Information Security Management Act) - Answer Requires federal agencies to develop, document, and implement an agency-wide program to provide security for the information and systems that support the operations and assets of the agency Sarbanes-Oxley Act - Answer • Created in response to massive corporate financial frauds in 2002

  • This act requires firms to have certain practices in financial record keeping and reporting to ensure that a company's financial data accurate and adequate controls are in place to safeguard financial data
  • Applies only to companies whose stock is traded on public exchanges. The Gramm-Leach-Bliley Act - Answer addresses data protection requirements at financial institutions The Health Insurance Portability and Accountability Act (HIPAA) - Answer addresses data protection requirements at health care organization GDPR - Answer EU privacy law that outlines data protection regulations for any business with EU customers What is the difference between substitution and permutation? - Answer substitution changes the symbols themselves, while permutation changes their positions. Many modern encryption algorithms, such as AES, use both substitution and permutation in combination to create strong and secure encryption. Router - Answer Device transferring messages between computers, providing wireless access, connecting to the global Internet, and managing IP addresses Dynamic Host Configuration Protocol (DHCP) - Answer Server assigning IP addresses to hosts in a network

IP spoofing - Answer Technique hiding internal IP addresses from potential attackers Internet Service Providers - Answer Entities providing access to the Internet Local Area Network (LAN) - Answer Network covering a small geographical area like homes, offices, and buildings Wide Area Network (WAN) - Answer Network covering larger geographical areas and connecting multiple LANs Network Host - Answer Any device with an IP address attached to the global Internet, e.g., servers, client PCs, tablets, mobile phones, and appliances Three Core Networking Layers - Answer The layers include physical, data link, and internet layers Frames vs Packets - Answer Frames are for data link layer, packets are for internet layer Physical Layer - Answer Defines transmission of raw bits over a physical data link, translating logical requests into hardware-specific operations Data Link Layer - Answer Concerned with delivering frames between nodes on a LAN, utilizing protocols like Ethernet, PPP, and ARP Address Resolution Protocol (ARP) - Answer Assists in directing datagrams by mapping IP addresses to MAC addresses Internet Layer - Answer Accepts and delivers packets between source and destination networks, using protocols like IP and ICMP Internet Protocol v4 Packet - Answer Packet format for transmitting data over IPv4 networks Internet Protocol v6 Packet - Answer Packet format for transmitting data over IPv6 networks

Cryptography - Answer Provides message confidentiality, authenticity, accountability, and integrity Direct DoS Attack - Answer Flooding a victim with a stream of packets directly from the attacker's machine Indirect DoS Attack - Answer Exploiting third parties to attack the victim, making the attack appear to come from another machine SYN Flood DoS (half-open) Attack - Answer Exploits the normal TCP three-way handshake to consume resources on the target server and render it unresponsive TCP SYN request - Answer A type of packet used in DoS attacks to exploit the TCP three-way handshake Distributed Denial of Service (DDoS) Attacks - Answer Attackers use intermediaries to flood a victim with traffic, often controlling bots to change the type of attack Reflected Denial of Service Attacks - Answer Uses responses from legitimate services to flood a victim Address Resolution Protocol (ARP) - Answer Resolves IPv4 addresses into MAC addresses, used for sending and receiving data within a network ARP Weakness - Answer ARP requests and replies do NOT require authentication or verification, making them prone to ARP spoofing IEEE 802.1X Standard - Answer Provides a central authentication mechanism for devices wishing to join a wired or wireless LAN Remote Authentication Dial-In User Service (RADIUS) - Answer Protocol that provides centralized authentication, authorization, and auditing for users connecting to a network service Extensible Authentication Protocol (EAP) - Answer Passes authentication information between the supplicant and the authentication server

WPA3, WPA2, WPA, WEP - Answer Different Wi-Fi security protocols with varying encryption methods and key sizes Rogue Access Point - Answer Unauthorized access point set up to eavesdrop on wireless communications Man-in-the-middle attack using an evil twin access point - Answer Fraudulent Wi-Fi access point that eavesdrops on wireless communications Wireless Denial of Service Attack - Answer Flooding a wireless network to disrupt normal operation Cryptography - Answer Use of mathematical operations to protect messages or data Cipher - Answer Specific mathematical process used in encryption and decryption Key - Answer Random string of bits (min 128 bits today) used in encryption and decryption Kerckhoffs's principle - Answer Cryptosystem should be secure, even if everything about the system (except the key) is public knowledge Cryptanalysis - Answer Process of breaking the ciphertext to get the plaintext or key Confidentiality - Answer Ensuring data is only accessible to authorized parties Data Integrity - Answer Ensuring data has not been altered or destroyed Data Authentication - Answer Verifying the origin and integrity of data Non-repudiation - Answer Ensuring the sender cannot deny sending a message Symmetric Key Encryption - Answer Using a single key for both encryption and decryption

Malware - Answer Malicious software including viruses, worms, trojans, ransomware, backdoor, rootkit, adware, and mobile malware Viruses - Answer Attach to legitimate host programs, causing infection and damage Worms - Answer Stand-alone programs that spread rapidly without human intervention Stuxnet Worm - Answer Initiated by a worker's USB drive, targeted Windows computers and Siemens software Payloads - Answer Code executed by malware causing damage, e.g., deleting or encrypting files Trojan Horse - Answer Software that looks legitimate but acts maliciously, not reproducing or self-replicating Spyware - Answer Gathers and makes victim's information available to adversaries Ransomware - Answer Prevents access to system or data until ransom is paid, often through encryption Backdoor - Answer Undocumented way of accessing a system, bypassing normal authentication Rootkit - Answer Allows privileged access within a system, hiding intrusion from detection tools Adware - Answer Serves unwanted or malicious advertising, potentially leading to harmful malware downloads Mobile Malware - Answer Targets mobile devices, often spreading through smishing and employing various tactics Social Engineering in Malware - Answer Tricking users into installing malware or violating security policies through spam, phishing, spear phishing, and whaling

WannaCry, ILOVEYOU, MyDoom, Melissa, Slammer - Answer Examples of classified malware External Attackers: Hackers - Answer Individuals motivated by thrill, validation, and reputation, causing damage as a byproduct Anatomy of a Hack - Answer Includes target selection, reconnaissance, and exploit using various techniques and probes Vulnerability Scanning - Answer Gathering information about known vulnerabilities on target services Denial-of-Service (DoS) Attacks - Answer Makes server or network unavailable to legitimate users, including distributed DoS (DDoS) attacks Social Engineering - Answer Tricking individuals into revealing information or performing actions that compromise security Cyberwar - Answer Attacks by national governments to learn secrets and damage financial, government, military, communication, and IT infrastructures Cyberterror - Answer Attacks by organized terrorists to cause harm, further objectives, and intimidate using IT resources Stealing Sensitive Data - Answer Involves carding, bank account theft, online stock account theft, identity theft, intellectual property theft, and extortion Black Markets - Answer Websites for stolen consumer information, vulnerabilities, and exploitation software, often accessed on the dark web Commercial Espionage - Answer Illegally stealing trade secrets through various means including interception, hacking, and bribery What are different ways to implement a security policy? - Answer standard, procedure, guideline