Network Security Study Guide & Review Sheet

Practice questions covering network security concepts, authentication protocols, types of attacks, and physical security measures based on the Unit 4 transcript.

What are the three components of the CIA Triad?

Confidentiality, Integrity, and Availability.

In the CIA Triad, which control ensures data has not been unknowingly tampered with using file hashes and digital signatures?

Integrity

Which type of security threat is considered more dangerous due to physical access and network knowledge?

Internal Threats (Employees, contractors, or trusted partners).

What is the range for a CVSS (Common Vulnerability Scoring System) severity score?

$$1-10$$

What term refers to an unknown vulnerability that has not yet been patched and is hard to defend against?

Zero-Day

What is the difference between a vulnerability and an exploit?

A vulnerability is a weakness in software, hardware, or personnel, while an exploit is the tool or code used to attack that weakness.

What core principle of Zero Trust involves denying all access by default and verifying identity every time?

Implicit deny and least privilege.

Which layer of defense includes policies and procedures?

Administrative controls

What is a Screened Subnet (DMZ)?

A perimeter buffer zone that separates the internal network from the external internet using routers or firewalls.

What is the difference between Separation of Duties and Split Knowledge?

Separation of Duties ensures no single person can perform a sensitive task alone, while Split Knowledge is a type of separation where no individual has all the information needed (e.g., two people each holding half a code).

What system attracts attackers to gather intelligence and protect the real network?

Honeypot

What are the five factors of multi-factor authentication (MFA)?

Something you ARE, Something you HAVE, Something you KNOW, Something you DO, and Somewhere you ARE.

Which authentication protocol is most common, uses UDP, and centralizes authentication for devices like VPNs and routers?

RADIUS

What authentication protocol provides Single Sign-On (SSO) in Windows environments using tickets and timestamps?

Kerberos

Which EAP type is considered the most secure because it requires certificates on both the server and the client side?

EAP-TLS

In a Penetration Test, what is the difference between a Blind Test and a Double-Blind Test?

In a Blind Test, the pentest team knows nothing but admins know it is coming; in a Double-Blind Test, neither the team nor the admins have warning or prior knowledge.

Which specific attack involves an attacker lying about their MAC address in the ARP table to intercept traffic?

ARP Spoofing

What wireless attack uses an AP with the same SSID and password as a real AP to enable AiTM attacks?

Evil Twin

What is the difference between Tailgating and Piggybacking in social engineering?

Tailgating is following someone through a door without their knowledge, whereas Piggybacking is when an authorized person knowingly holds the door for the attacker.

What is the benefit of using SNMPv3 over earlier versions?

SNMPv3 encrypts, hashes, and authenticates traffic, while v1 and v2 do NOT encrypt.

How do Implicit Deny and Explicit Deny differ in ACL or firewall rules?

Implicit Deny whitelists (all traffic denied unless specifically allowed), while Explicit Deny blacklists (all traffic allowed unless specifically denied).

What is the definition of Remanence?

Magnetic induction that remains after a device is no longer under magnetic influence, meaning residual data survives a full format.

What physical asset disposal method uses a counteractive magnetic field to erase data?

Degaussing

What is an Access Control Vestibule (Mantrap)?

A two-door holding room where a user must authenticate at the first door and undergo visual inspection before passing through the second door.

Why is Out-of-Band (OOB) Management more secure than In-Band Management?

It uses a separate connection (isolated from the main network) so an attacker who compromises the main network cannot reach the device management consoles.