Network Defense (NetDef) Module 1 – 3 Group Test Online

Hint

Security risks can be reduced through secure device configuration. Configuration management addresses the inventory and control of hardware and software configurations of systems.

Hint

In a defense-in-depth approach, the edge router would form the first line of defense. The firewall would be the second line of defense followed by the internal router making up the third line of defense.

Hint

Continuous video surveillance is a security measure found both inside and outside a data center facility. A gate provides outside perimeter security. Security traps, biometrics access, and exit sensors provide inside perimeter security.

Hint

In the security artichoke, defense-in-depth approach not every layer needs to be penetrated by the threat actor in order to get to the data or systems. Each layer provides a layer of protection while simultaneously providing a path to attack.

Hint

Many companies now support employees and visitors attaching and using wireless devices that connect to and use the corporate wireless network. This practice is known as a bring-your-own-device policy or BYOD. Commonly, BYOD security practices are included in the security policy. Some best practices that mitigate BYOD risks include the following: Use unique passwords for each device and account. Turn off Wi-Fi and Bluetooth connectivity when not being used. Only connect to trusted networks. Keep the device OS and other software updated. Backup any data stored on the device. Subscribe to a device locator service with a remote wipe feature. Provide antivirus software for approved BYODs. Use Mobile Device Management (MDM) software that allows IT teams to track the device and implement security settings and software controls.

Hint

Business policies set a baseline of acceptable use. Company policies establish the rules and conduct and the responsibilities of both employees andthe employer. Company policies protect the rights of the workers as well as the business interests of the company.

Hint

Place the options in the following order:

assets	information or equipment valuable enough to an organization to warrant protection
threats	potential dangers to a protected asset
vulnerabilities	weaknesses in a system or design

Hint

Wireshark is a network protocol analyzer used to capture network traffic. The traffic captured by Wireshark is saved in PCAP files and includes interface information and timestamps.

Hint

Understanding the properties of a hash function shows its applicability such as one-way function, arbitrary input length, and fixed output.

Hint

Hashing is a method to ensure integrity and ensures that the data is not changed.

Hint

VLANs are used on a network to separate user traffic based on factors such as function, project team, or application, without regard for the physical location of the user or device.

Hint

RAID 5 striping with parity would be the best choice.

Hint

Hypertext Transfer Protocol (HTTP) provides web connectivity and website services. HTTP does not use encryption when transmitting content, leaving the data in transit vulnerable to monitoring and attack. HTTPS uses SSL/TLS to encrypt communication between the client and the server, thus providing confidentiality and preventing eavesdropping and tampering.

Hint

Asset management is a critical component of a growing organization from a security aspect. Asset management consists of inventorying all assets, and then developing and implementing policies and procedures to protect them. As an organization grows, so does the attack surface in terms of security threats. Each of these assets can attract different threat actors who have different skill levels and motivations. Asset management can help mitigate these threats by inventorying the risks as the attack surface grows.

Hint

Encrypting data, keeping software up to date, and the use of personal firewalls are all security precautions, but will not restrict physical access to secure areas by only authorized people.

Hint

When 802.1X is used in conjunction with EAP for authentication, a wireless device first uses Open Authentication to associate with the AP. Then, the wireless controller becomes the middleman in the authentication process between the end device and the authentication server. The wireless client cannot pass data onto the wireless network until successful authentication with the authentication server has occurred.

Hint

Administrative access controls are defined by organizations to implement and enforce all aspects of controlling unauthorized access and include the following: Policies Procedures Hiring practices Background checks Data classification Security training Reviews

Hint

Military and mission critical applications typically use mandatory access control which applies the strictest access control to protect network resources.

Hint

Authentication, authorization, and accounting are network services collectively known as AAA. Authentication requires users to prove who they are. Authorization determines which resources the user can access. Accounting keeps track of the actions of the user.

Hint

RADIUS authentication supports the following features: RADIUS authentication and authorization as one process Encrypts only the password Utilizes UDP Supports remote-access technologies, 802.1X, and Session Initiation Protocol (SIP)

Hint

Authentication methods are used to strengthen access control systems. It is important to understand the available authentication methods.

Hint

Local policies are not group policies and only work on the local machine. Local policies can, however, be overridden if the machine is part of a Windows domain.

Hint

With privilege escalation, vulnerabilities are exploited to grant higher levels of privilege. After the privilege is granted, the threat actor can access sensitive information or take control of the system.

Hint

In the discretionary access control (DAC) model, users can control access to data as owners of the data.