









Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
NETWORK SECURITY THREAT ANALYSIS AND MITIGATION STUDY GUIDE 2026
Typology: Exams
1 / 17
This page cannot be seen from the preview
Don't miss anything!










โ Adware Answer: Produces pop-up messages in Internet Explorer, the Windows messenger service, or other applications โ Algorithms Answer: A rule or mechanism used to encrypt data โ Anti-Malware Programs Answer: Help to prevent malicious code from executing on the system โ Asymmetric Key Encryption Answer: Uses a pair of keys, one public and the other private โ Attacker Answer: A person with malicious intent โ Auditing (Accounting)
Answer: A stage involving the tracking of user activities and actions that can include the length of connection time, access types, data transfer, etc. โ Authentication Answer: The process of validating the identity of an individual to the system โ Authorization Answer: The process of determining the level of access that is going to be granted to a user based on their identity โ Backdoor Attack Answer: An attacker creates an alternative way into the system via remote access โ Block Cipher Answer: Encrypts data one block at a time often in 64-bit chunks, which is more secure but generally slower โ Bluejacking Answer: A way of spamming a device with messages using a Bluetooth connection
โ Chain Of Custody Answer: A paper trail that documents the chronological handling of evidence and can be used in criminal cases โ Change Management Answer: Refers to a set of procedures that are followed when network and/or system changes, that are developed by the network staff, are made โ CIA Triad Answer: Three fundamental principles that everyone will seek to implement to ensure the security of corporate assets: confidentiality, which means that private information needs to remain secure and accessible to authorized parties. โ Cipher Answer: A mathematical algorithm or formula that turns plaintext information into ciphertext โ Computer Forensics Answer: The process of determining what actions have taken place on a system in the past โ Cryptography
Answer: The science of encrypting and decrypting data in order to hide information nearly as old as language itself โ Cyber Terrorists Answer: Individuals that use hacking skills as a form of warfare โ Data Emanation Answer: Data can be accessed by unauthorized parties due to the nature of wireless connectivity โ Data Thief Answer: An individual who is intending to steal data to sell to competitors, and would be taking part in a form of corporate espionage โ Default Security Attacks Answer: Leverage the default settings of network devices and operating systems in order to take advantage and exploit them โ Denial-Of-Service Attack Answer: A network attack that is used to consume or disable resources so that the service is unavailable for users and customers
โ Electronic Vandals Answer: Take part in defacing a website for various reasons โ Encryption Answer: The technique that converts source information from plaintext into a form that cannot be read by anyone other than the intended recipients โ Extensible Authentication Protocol (EAP) Answer: Allows for the negotiation of the most secure method of authentication prior to gaining access remotely โ File Transfer Protocol (FTP) Answer: More efficient in transferring files from source to destination than HTTP; has two ports: ports 20 and 21 โ Firewalls Answer: Used to control the types of traffic that are allowed in and out of the system and can exist on an individual host or at the network perimeter โ Four As
Answer: Concepts that are used to achieve security goals for the organization: authentication, authorization, auditing, access control โ Hacker Answer: Somebody who has computer programming skills and the ability to get into systems from the outside, though they may not actually exercise that ability โ Hardening Answer: Ensures that the default configurations are dealt with appropriately โ Hashing Encryption Answer: A one-way type of encryption that takes clear text and turns it into ciphertext, which can not be decrypted โ High-Availability Answer: The implementation of redundancy at various levels to ensure that the loss of a single component or service does not result in a service outage โ HTTPS Answer: Simply HTTP in conjunction with a Secure Sockets Layer (SSL), which adds encryption to the connection
โ Internet Engineering Task Force (IETF) Answer: An open committee of groups that work together to develop and maintain various Internet standards โ IP Security (IPSec) Answer: A suite of protocols that are used to provide mutual authentication and encryption between systems โ IP Spoofing Answer: An attacker creates IP packets with fake addresses in the headers in order to gain unauthorized access to a remote system โ Kerberos Answer: An authentication protocol available for Microsoft and UNIX-like systems โ Key Answer: The piece of information that determines the result of an encryption algorithm โ Logic Bombs Answer: Malicious code attacks where a program with hidden code is designed to run when a particular condition is met, such as a date and time in the future
โ Malicious Code Attacks Answer: A specific type of software attack that uses programming code with malicious intent โ Man-In-The-Middle Attack Answer: A situation where an attacker positions himself between two hosts that are communicating with one another and then listens in on the session โ MS-CHAP Answer: Hashes passwords using the MD5 and SHA algorithms โ Network Access Control Answer: Describes a set of technologies and protocols that are used to enforce system security at the initial time of connection โ Non-Repudiation Answer: The inability of a person or organization to disown its own data โ Patch Management
โ Risk Answer: A concept that is indicative of the exposure to damage or loss, and is a calculated value โ Routers Answer: Operate at layer three and will use IP addresses and routing tables in order to determine the best path that a packet should take โ Secure Shell (SSH) Answer: A secure form of command-line administration primarily used with UNIX and Linux systems โ Security Planning Answer: Involves identifying the various threats, vulnerabilities, and risks that exist for an organization and dealing with those appropriately โ Session Hijacking Answer: An attacker takes over one side of the communication session without the knowledge of the other system โ SFTP
Answer: A secure version of the FTP protocol which accounts for the vulnerabilities of transmitting data in plain text โ Simple Network Management Protocol (SNMP) Answer: A management and monitoring software used to monitor both computers as well as network devices like routers and switches โ Social Engineering Answer: Another type of attack which preys on people rather than systems โ Software Attack Answer: Either an attack against actual software resources or the utilization of software programs to generate an attack โ Spyware Answer: Any program that runs without the knowledge of the user and spies on the actions of that user, like activities taken on webpages or usernames and passwords entered into a website โ Stakeholder Answer: Someone who has an interest in the system and can include end-users, management, and administrative personnel
โ Unintentional Threats Answer: Threats that can occur without malicious intent โ Virus Answer: A type of malicious code that attaches itself to another program or data file โ VLAN Answer: Advanced filtering techniques used by most modern switches to allow computers connected to separate segments to appear and behave as if they are on the same segment โ Volatile Data Answer: Data that is more likely to be eliminated very quickly โ Vulnerability Answer: Any condition would that would make that type of threat increasingly possible โ Vulnerability Scanning Answer: Uses programs to identify things like unnecessary running services, open ports, unencrypted channels, unsecure protocols, etc.
โ Wired Equivalent Privacy (WEP) Answer: Attempts to provide the privacy that matched wired networks by encrypting data across the wireless network using a shared network key and RC4 encryption โ Wireless Access Points (WAP) Answer: A device that provides a connection between the wired and wireless networks โ Worm Answer: A type of malicious code that replicates itself without user intervention โ Zero-Day Exploits Answer: Any attack that is targeting a vulnerability for which a patch is just been released but the administrative personnel haven't had time to patch