








Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A wide range of network security concepts, including error reporting, transport layer protocols, application layer protocols, availability, denial of service attacks, arp poisoning, network mapping, access control, cryptography, different types of dos attacks, wi-fi security protocols, wireless attacks, and the fundamentals of cryptography. It also discusses insider threats, such as sabotage and financial theft by employees, and various types of malware, including viruses, worms, trojans, ransomware, and mobile malware. Additionally, it touches on social engineering techniques used in malware distribution and provides examples of well-known malware incidents. The document concludes by briefly mentioning external attackers, such as hackers, and the general anatomy of a hack, including vulnerability scanning.
Typology: Exams
1 / 14
This page cannot be seen from the preview
Don't miss anything!









IT Security Management Process - Answer Involves annual security planning, developing and implementing countermeasures, and handling incidents Compliance Laws and Regulations - Answer Includes FISMA, Sarbanes- Oxley Act, GDPR, HIPAA, and others, requiring specific formal governance frameworks Risk Analysis - Answer Aims to manage risks relative to the organization's assets and information systems by weighing probable costs of incidents against countermeasure costs Technical Security Architecture - Answer Comprises technical countermeasures like firewalls, intrusion detection systems, and follows the principle of defense in depth Policy Driven Implementation - Answer Involves creating security policies, standards, guidelines, and procedures, overseen by the Chief Information Security Officer Governance Frameworks - Answer Specify planning, implementation, and oversight, with examples like NIST Cybersecurity Framework and ISO/IEC 27001/ Weakest-link failure - Answer Occurs when a single security element failure defeats the overall security of a system FISMA - Answer Federal Information Security Management Act, requiring federal agencies to provide security for their information and systems Sarbanes-Oxley Act - Answer Requires firms to have certain practices in financial record keeping and reporting to safeguard financial data
GDPR - Answer EU privacy law outlining data protection regulations for any business with EU customers HIPAA - Answer Addresses data protection requirements at health care organizations Defense in Depth - Answer Resource guarded by several independent countermeasures in series, requiring an attacker to breach them all to succeed Annualized Loss Expectancy (ALE) - Answer Yearly average loss expected from a breach for an asset, calculated as Single Loss Expectancy (SLE) multiplied by Annualized Rate of Occurrence (ARO) Countermeasure - Answer Includes physical security equipment, data protection practices, software security techniques, user access controls, and networking security tools Policy - Answer Statements of what should be done under specific circumstances, not how Governance Framework - Answer Specifies how to do planning, implementation, and oversight, with specific frameworks required by certain compliance laws/regulations Cyberwar consists of computer-based attacks made by ________. - Answer national governments Stage 1 of strategic IT security planning - Answer Identify drives forces such as threat environment, compliance laws and regulations, and corporate structure changes Stage 2 of strategic IT security planning - Answer Identify the company resources that need protection and rate them by sensitivity Stage 3 of strategic IT security planning - Answer Assess and identify gaps in the companies current IT security Stage 4 of strategic IT security planning - Answer Develop a remediation plan for all security gaps and resources
Procedures None of the above - Answer Baselines, processes, procedures (T/F) A policy is a statement of what should be done under specific circumstances. - Answer True Which of the following goals can be achieved using cryptography? - Answer Confidentiality Integrity Authentication Non-repudiation (T/F) Hashing always converts an input of any size into a fixed-size output and given this output you can go back to the original input. - Answer False In public key cryptography, which key will be used by the receiver to decrypt a message from the sender if the sender encrypted it using receiver's public key? - Answer Receiver's private key Which mechanisms ensure authentication and integrity of messages - Answer 1. Digital signature
host-to-host VPN None of the above - Answer Site-to-site VPN Which of the following mechanisms can be used to ensure non- repudiation/accountability (Select the Answer ) A. Digital signature B. Key-hashed message authentication code C. Diffie-Hellman D. SHA - Answer Digital signature (T/F) A digital certificate is used to link the ownership of a public key with the entity that owns it - Answer True If two people are communicating using symmetric key cryptography, how many keys do they need to encrypt and decrypt their communication? - Answer 1 key confidentiality - Answer the act of holding information in confidence, not to be released to unauthorized individuals integrity - Answer Attackers cannot change or destroy information Availability - Answer Assures that systems work promptly and service is not denied to authorized users Authenticity - Answer Verifying that users are who they say they are and that each input arriving at the system came from a trusted source Threat - Answer -Anything that has the potential to cause harm to our assets. -Exists when there is a vulnerability Vulnerability - Answer Refers to a weakness in your hardware, software, or procedures Physical countermeasures - Answer Protect the physical environment in which our systems sit, or where our data is stored
FISMA (Federal Information Security Management Act) - Answer Requires federal agencies to develop, document, and implement an agency-wide program to provide security for the information and systems that support the operations and assets of the agency Sarbanes-Oxley Act - Answer • Created in response to massive corporate financial frauds in 2002
IP spoofing - Answer Technique hiding internal IP addresses from potential attackers Internet Service Providers - Answer Entities providing access to the Internet Local Area Network (LAN) - Answer Network covering a small geographical area like homes, offices, and buildings Wide Area Network (WAN) - Answer Network covering larger geographical areas and connecting multiple LANs Network Host - Answer Any device with an IP address attached to the global Internet, e.g., servers, client PCs, tablets, mobile phones, and appliances Three Core Networking Layers - Answer The layers include physical, data link, and internet layers Frames vs Packets - Answer Frames are for data link layer, packets are for internet layer Physical Layer - Answer Defines transmission of raw bits over a physical data link, translating logical requests into hardware-specific operations Data Link Layer - Answer Concerned with delivering frames between nodes on a LAN, utilizing protocols like Ethernet, PPP, and ARP Address Resolution Protocol (ARP) - Answer Assists in directing datagrams by mapping IP addresses to MAC addresses Internet Layer - Answer Accepts and delivers packets between source and destination networks, using protocols like IP and ICMP Internet Protocol v4 Packet - Answer Packet format for transmitting data over IPv4 networks Internet Protocol v6 Packet - Answer Packet format for transmitting data over IPv6 networks
Cryptography - Answer Provides message confidentiality, authenticity, accountability, and integrity Direct DoS Attack - Answer Flooding a victim with a stream of packets directly from the attacker's machine Indirect DoS Attack - Answer Exploiting third parties to attack the victim, making the attack appear to come from another machine SYN Flood DoS (half-open) Attack - Answer Exploits the normal TCP three-way handshake to consume resources on the target server and render it unresponsive TCP SYN request - Answer A type of packet used in DoS attacks to exploit the TCP three-way handshake Distributed Denial of Service (DDoS) Attacks - Answer Attackers use intermediaries to flood a victim with traffic, often controlling bots to change the type of attack Reflected Denial of Service Attacks - Answer Uses responses from legitimate services to flood a victim Address Resolution Protocol (ARP) - Answer Resolves IPv4 addresses into MAC addresses, used for sending and receiving data within a network ARP Weakness - Answer ARP requests and replies do NOT require authentication or verification, making them prone to ARP spoofing IEEE 802.1X Standard - Answer Provides a central authentication mechanism for devices wishing to join a wired or wireless LAN Remote Authentication Dial-In User Service (RADIUS) - Answer Protocol that provides centralized authentication, authorization, and auditing for users connecting to a network service Extensible Authentication Protocol (EAP) - Answer Passes authentication information between the supplicant and the authentication server
WPA3, WPA2, WPA, WEP - Answer Different Wi-Fi security protocols with varying encryption methods and key sizes Rogue Access Point - Answer Unauthorized access point set up to eavesdrop on wireless communications Man-in-the-middle attack using an evil twin access point - Answer Fraudulent Wi-Fi access point that eavesdrops on wireless communications Wireless Denial of Service Attack - Answer Flooding a wireless network to disrupt normal operation Cryptography - Answer Use of mathematical operations to protect messages or data Cipher - Answer Specific mathematical process used in encryption and decryption Key - Answer Random string of bits (min 128 bits today) used in encryption and decryption Kerckhoffs's principle - Answer Cryptosystem should be secure, even if everything about the system (except the key) is public knowledge Cryptanalysis - Answer Process of breaking the ciphertext to get the plaintext or key Confidentiality - Answer Ensuring data is only accessible to authorized parties Data Integrity - Answer Ensuring data has not been altered or destroyed Data Authentication - Answer Verifying the origin and integrity of data Non-repudiation - Answer Ensuring the sender cannot deny sending a message Symmetric Key Encryption - Answer Using a single key for both encryption and decryption
Malware - Answer Malicious software including viruses, worms, trojans, ransomware, backdoor, rootkit, adware, and mobile malware Viruses - Answer Attach to legitimate host programs, causing infection and damage Worms - Answer Stand-alone programs that spread rapidly without human intervention Stuxnet Worm - Answer Initiated by a worker's USB drive, targeted Windows computers and Siemens software Payloads - Answer Code executed by malware causing damage, e.g., deleting or encrypting files Trojan Horse - Answer Software that looks legitimate but acts maliciously, not reproducing or self-replicating Spyware - Answer Gathers and makes victim's information available to adversaries Ransomware - Answer Prevents access to system or data until ransom is paid, often through encryption Backdoor - Answer Undocumented way of accessing a system, bypassing normal authentication Rootkit - Answer Allows privileged access within a system, hiding intrusion from detection tools Adware - Answer Serves unwanted or malicious advertising, potentially leading to harmful malware downloads Mobile Malware - Answer Targets mobile devices, often spreading through smishing and employing various tactics Social Engineering in Malware - Answer Tricking users into installing malware or violating security policies through spam, phishing, spear phishing, and whaling
WannaCry, ILOVEYOU, MyDoom, Melissa, Slammer - Answer Examples of classified malware External Attackers: Hackers - Answer Individuals motivated by thrill, validation, and reputation, causing damage as a byproduct Anatomy of a Hack - Answer Includes target selection, reconnaissance, and exploit using various techniques and probes Vulnerability Scanning - Answer Gathering information about known vulnerabilities on target services Denial-of-Service (DoS) Attacks - Answer Makes server or network unavailable to legitimate users, including distributed DoS (DDoS) attacks Social Engineering - Answer Tricking individuals into revealing information or performing actions that compromise security Cyberwar - Answer Attacks by national governments to learn secrets and damage financial, government, military, communication, and IT infrastructures Cyberterror - Answer Attacks by organized terrorists to cause harm, further objectives, and intimidate using IT resources Stealing Sensitive Data - Answer Involves carding, bank account theft, online stock account theft, identity theft, intellectual property theft, and extortion Black Markets - Answer Websites for stolen consumer information, vulnerabilities, and exploitation software, often accessed on the dark web Commercial Espionage - Answer Illegally stealing trade secrets through various means including interception, hacking, and bribery What are different ways to implement a security policy? - Answer standard, procedure, guideline