3.7.3 Network Security Quiz Answers

Explanation: The importance of data integrity varies based on how an organization uses the data:

• Critical level of need: Data integrity might be a matter of life or death in a healthcare organization. For example, prescription information must be accurate. Therefore, all data is continuously validated, tested, and verified.
• High need: In an e-commerce or analytics-based organization, transactions and customer accounts must be accurate. All data is validated and verified at frequent intervals.
• Mid-level of need: Online sales and search engines collect data that has been publicly posted. Little verification is performed, and data is not completely trustworthy.
• Low level of need: Blogs, forums, and personal pages on social media are powered by public opinion and open contribution. Data may not be verified at all, and there is a low level of trust in the content.

Explanation: Some examples of logical access controls are encryption, smart cards, passwords, biometrics, access control lists, protocols, firewalls, routers, intrusion detection systems, and clipping levels. Some examples of physical access controls are guards, fences, motion detectors, laptop locks, locked doors, swipe cards, guard dogs, video cameras, mantrap-style entry systems, and alarms.

Explanation: Host intrusion detection system (HIDS) software is installed on a device or server to monitor suspicious activity. It monitors systems calls and file system access to detect malicious requests. It can also monitor configuration information about the device held in the system registry.

Explanation: BitLocker to Go is a tool that encrypts removable drives.

Explanation: Apple macOS security feature XProtect prevents the execution of malware through signature-based malware detection. It also alerts users to malware and provides the option to remove detected malware files.

Explanation: Packet filtering firewalls are usually part of a router firewall, which permits or denies traffic based on Layer 3 and 4 information. Stateless firewalls use a simple policy table look-up that filters traffic based on specific criteria.

Explanation: There are several benefits to using a stateful firewall in a network:

• Stateful firewalls are often used as a primary means of defense by filtering unwanted, unnecessary, or undesirable traffic.
• Stateful firewalls strengthen packet filtering by providing more stringent control over security.
• Stateful firewalls improve performance over packet filters or proxy servers.
• Stateful firewalls defend against spoofing and DoS attacks by determining whether packets belong to an existing connection or are from an unauthorized source.
• Stateful firewalls provide more log information than packet-filtering firewalls.

Explanation: TCP Wrappers host-based firewall is a rule-based access control and logging system for Linux. Packet filtering is based on IP addresses and network services.

Explanation: WPA2 is the current industry standard for securing wireless networks and uses the Advanced Encryption Standard (AES) for encryption.

Explanation: WPA2 Personal is recommended for home or small office networks. Wireless clients authenticate with the wireless router using a pre-shared password.

Explanation: Although WPA2 included Wi-Fi Protected Setup (WPS) to quickly onboard devices without configuring them first, WPS is vulnerable to various attacks and not recommended. In WPA3, the Device Provisioning Protocol (DDP) addresses this need, providing an easy way for headless IoT devices to connect to the wireless network. Each IoT device has a hardcoded public key typically stamped on the outside of the device or the packaging as a QR code. The network administrator scans the QR code and quickly onboards the device.

Explanation: According to the CIA information security triad, confidentiality means that only authorized individuals, entities, or processes can access sensitive information. It may require using cryptographic encryption algorithms such as AES to encrypt and decrypt data.

Explanation: According to the CIA information security triad, the principle of integrity means that data must be protected from unauthorized alteration. It requires the use of cryptographic hashing algorithms such as SHA.

Explanation: There are two types of biometric identifiers:

• Physical characteristics: fingerprints, DNA, face, hands, retina, or ear features.
• Behavioral characteristics: behavior patterns such as gestures, voice, gait, or typing rhythm.

Explanation: The first dimension of the cybersecurity cube identifies the goals to protect cyberspace. The foundational principles of confidentiality, integrity and data availability provide a focus that enables the cybersecurity expert to prioritize actions when protecting any networked system.