NETWORK SECURITY

least common mechanism

It emphasizes reducing shared components or failure modes between subsystems to avoid cascading failures.

fail-safe mechanism

It defaults the system to a safe state in the event of a failure to minimize harm or risk.

economy of mechanism principle

Keeping the design as simple and minimal as possible to reduce complexity and minimize the chance of failure.

physiological acceptability

It ensures that a system is designed with the user’s physical and psychological needs in mind.

packet-filtering firewall

It inspects packets of data and allows or blocks them based on predefined rules like IP addresses and ports.

stateful inspection firewalls?

 Tracks the state of active connections and makes decisions based on the context (e.g., whether the packet is part of an established session).  Allows the firewall to monitor and record the state of network connections (like TCP handshakes) and ensures that incoming packets are part of a legitimate, established communication session.

proxy firewall

Acts as an intermediary between the client and the server, hiding the internal network and inspecting traffic at the application layer.

next-generation firewalls (NGFW)

They combine traditional capabilities with advanced features like deep packet inspection and intrusion prevention.

web application firewall (WAF)?

To protect web applications by filtering and monitoring HTTP/HTTPS traffic.

zero trust

The principle of 'never trust, always verify' for all users and systems attempting access.

authentication in the AAA triad

The process of verifying the identity of a user, device, or system.

authorization in the AAA triad

To grant or deny access to resources based on an authenticated entity's permissions.

accounting (or auditing) in the AAA triad

To track and record user activities for auditing, monitoring, and compliance purposes.

discretionary access control (DAC)

The resource owner has full control over who can access their resources.

role-based access control (RBAC)

RBAC assigns permissions based on roles within an organization, simplifying permission management.

rule-based access control (RBAC)

Access is granted based on a set of predefined rules that specify conditions like time or location.

attribute-based access control (ABAC)

It grants access based on attributes of the user, the resource, and the environment.

malware?

Malicious software designed to damage or gain unauthorized access to systems.

phishing

Fraudulent attempts to acquire sensitive information via deceptive communication.

denial of service (DoS)

disrupt the normal functioning of a server, network, or service by overwhelming it with a flood of traffic or sending data that causes it to crash. The goal is to make the targeted resource unavailable to legitimate users.

SQL injection

By inserting malicious SQL queries into a database to access or manipulate data.

What differentiates a Smurf Attack from a Ping Flood?

A Smurf Attack uses broadcast addresses and IP spoofing to amplify the attack.

WEP?

WEP uses RC4 encryption and is considered obsolete and insecure.

What improvements does WPA2 provide over its predecessors?

Uses AES for encryption and mandatory CCMP for enhanced security.

What defines the differences between symmetric and asymmetric encryption?

Symmetric uses a single key for encryption and decryption, while asymmetric uses two keys: a public and a private key.

Acceptable Use Policy (AUP)

To define acceptable behaviors related to the use of an organization's IT resources.

Security Awareness Policy.

To educate employees on security practices and how to recognize and prevent security threats.

Asset Management Policy

To establish procedures for identifying, tracking, and managing the organization’s assets.

PIPEDA

To protect individuals' privacy by governing how organizations handle personal information.

Intrusion Detection System (IDS)

To monitor network traffic for suspicious behavior and alert administrators.