Test Your Security Terminology Knowledge!

Security Terminology

“,”questions”:”[{“sortOrder”:1,”text”:”Starting with your security perimeter, what is the purpose of using DMZs in a network?”,”answers”:[{“sortOrder”:1,”text”:”a. DMZs allow users to access content on the network based on the type of file.”},{“sortOrder”:2,”text”:”b. DMZs create secure sub-networks that help isolate external facing services while protecting your internal network.”},{“sortOrder”:3,”text”:”c. DMZs are used to trap unsuspecting hackers by logging malicious activity and reporting it to your security staff.”}],”trueAnswer”:2,”answerExplanation”:”b. Demilitarized Zones are used to fence off risky portions of your network that have external access such as web mail or web servers in order to better protect your internal network. The military term DMZ refers to an area of land between two opposing forces. In the same respect a network DMZ isolates your internal protected network from the outside by placing a buffer zone or DMZ in between. Potential attackers would need to get through both your DMZ and internal network perimeter before they could attack internal systems.\n”},{“sortOrder”:2,”text”:”As a possible alternative to putting servers in a DMZ, you can allow secure service access such as email and file services for remote employees by having them connect to your network through your firewall or a separate security appliance. What is this technology called?”,”answers”:[{“sortOrder”:1,”text”:”a. Terminal Service”},{“sortOrder”:2,”text”:”b. Remote Desktop”},{“sortOrder”:3,”text”:”c. VPN – Virtual Private Network”}],”trueAnswer”:3,”answerExplanation”:”c. VPNs allow remote workers to connect to your network in a secure manner while giving them access to the typical services you offer inside your office. VPN services can be provided by an all in one firewall and VPN or a single purpose VPN appliance. Newer VPN appliances allow for web-based initiation and are thus called SSL VPNs. This makes it easier on end users and administrators since users don’t need to have a separate client installed. They simply visit a secure web site, enter credentials and are granted access to the network.\n”},{“sortOrder”:3,”text”:”What is a RODC?”,”answers”:[{“sortOrder”:1,”text”:”a. Random Online Domain Controller”},{“sortOrder”:2,”text”:”b. Read Only Domain Controller”},{“sortOrder”:3,”text”:”c. Random Output Digital Cache”}],”trueAnswer”:2,”answerExplanation”:”b. A Read Only Domain Controller allows you to give domain access to external customers or employees without putting a writable domain controller in a DMZ. RODCs are a new feature offered in Microsoft Windows Server 2008. By implementing a RODC you can offer read-only access to your domain on a DMZ. This allows external parties such as customers or partners to be able to log into an external site without putting your entire domain out in the DMZ.\n”},{“sortOrder”:4,”text”:”When allowing computers on your network, either remotely or internally, you may want to implement NAC – a solution that can check for the presence of security software and up to date operating system patches before allowing a computer on the network. What does NAC stand for?”,”answers”:[{“sortOrder”:1,”text”:”a. Network Access Control”},{“sortOrder”:2,”text”:”b. NIC Applet Controller”},{“sortOrder”:3,”text”:”c. Nybble Array Client”}],”trueAnswer”:1,”answerExplanation”:”a. NAC stands for Network Access Control – a suite of protocols that help manage and enforce access to a computer network based on strict policies. Although there isn’t a strict standard for what every NAC should do, most useful NACs include scanning of connecting computers to look for appropriate security software and operating system updates. If these clients pass the test, they are allowed onto the network. If they fail, they can be quarantined on a safe part of the network until the issues can be resolved.”},{“sortOrder”:5,”text”:”True or False: Every server you wish to access outside of your network must have its own public IP Address.”,”answers”:[{“sortOrder”:1,”text”:”a. True”},{“sortOrder”:2,”text”:”b. False”}],”trueAnswer”:2,”answerExplanation”:”False. Network Address Translation, also known as NAT, can be used to map a single or few number of external “public” IP addresses to many internal IP addresses based on the incoming TCP port. In addition to NAT, PAT – Port Address translation also exists and allows users to share a single public IP address with multiple nodes by using port addresses to specify which host a client desires to connect to.\n”},{“sortOrder”:6,”text”:”This standards based security suite can be used to create a tunnel between two distinct networks, effectively making a static virtual private network.”,”answers”:[{“sortOrder”:1,”text”:”a. OSPF”},{“sortOrder”:2,”text”:”b. MGCP”},{“sortOrder”:3,”text”:”c. IPsec”}],”trueAnswer”:3,”answerExplanation”:”c. IPsec can be used in both transport or tunnel modes. As an example, using IPsec in tunnel mode allows you to securely connect two remote offices together. For remote offices, IPSec can be a lifesaver, but you do need to be careful in that once a VPN tunnel is set up you must treat the remote office like it is part of your main office from a network security standpoint. Remember that the main purpose of having a VPN tunnel between sites is for traffic to flow easily. If your security is too lax, you may just start transferring data you don’t want moved between sites.\n”},{“sortOrder”:7,”text”:”Which protocol below can secure websites by encrypting traffic between the host and client?”,”answers”:[{“sortOrder”:1,”text”:”a. HTTP”},{“sortOrder”:2,”text”:”b. SSL”},{“sortOrder”:3,”text”:”c. FTP”}],”trueAnswer”:2,”answerExplanation”:”b. SSL – Secure Sockets Layer – is the go-to standard for protecting web sites containing secure information. SSL was developed in the mid-1990’s by Netscape as a means to protect data from interception by 3rd parties. TLS is SSLs successor. Although SSL and TLS are similar protocols, they are not interchangeable. The Internet Engineering Task Force created the TLS standard by building off of Netscape’s SSL standard but improved it in several ways to allow for easier management and better security.\n”},{“sortOrder”:8,”text”:”For the next few questions, let’s go over some internal tools you can use to help monitor your network. What tool can be used to detect network intrusions or otherwise suspicious behavior on your network?”,”answers”:[{“sortOrder”:1,”text”:”a. ARP”},{“sortOrder”:2,”text”:”b. IDS”},{“sortOrder”:3,”text”:”c. SNMP”}],”trueAnswer”:2,”answerExplanation”:”b. IDS – Intrusion Detection Systems can help protect your network by spotting intrusions before you do. IDSs come in many different flavors. While some IDS will only scan the network looking for intrusions, other packages will actively seek to thwart intrusions. A lot of flak came around when IDS were coming of age – many security professionals disliked that an IDS could detect intrusions, but would do nothing to prevent them. Today, IPS are the spiritual successors to IDS. IPS are Intrusion Prevention Systems and use advanced techniques to not only detect intrusions but also prevent them. For example, some IPS can disable network ports on a switch if it detects a possible intrusion.”},{“sortOrder”:9,”text”:”This is an example of a type of passive IDS system.”,”answers”:[{“sortOrder”:1,”text”:”a. SmartNet”},{“sortOrder”:2,”text”:”b. NetWerk”},{“sortOrder”:3,”text”:”c. Honeypot”}],”trueAnswer”:3,”answerExplanation”:”c. Honeypots are set up as decoys to detect malicious activity on your network in order to better understand potential vulnerabilities in your network. Honeypots can detect malicious activity or even act as a SPAM catcher. SPAM honeypots are used to capture bulk loads of SPAM for security vendors to analyze. Although this hasn’t stopped spammers, it doesn’t make their job any easier.”},{“sortOrder”:10,”text”:”What is the benefit of using a syslog?”,”answers”:[{“sortOrder”:1,”text”:”a. Syslogs can capture and aggregate log information from numerous sources in order to have a better understanding of what is happening on your network.”},{“sortOrder”:2,”text”:”b. Syslogs can help prevent server instability by purging old system logs.”},{“sortOrder”:3,”text”:”c. Syslogs can retain a copy of detailed network packet-level activity for historical archival.”}],”trueAnswer”:1,”answerExplanation”:”a. For this reason, syslogs are a powerful and inexpensive means to track important network information. As a general rule, try to set up any managed network devices to forward their logs to a central syslog server. This will allow you to keep an eye on things such as nodes attempting to come in through your firewall or which people are using your VPN.\n”},{“sortOrder”:11,”text”:”What is SNMP?”,”answers”:[{“sortOrder”:1,”text”:”a. Simple Network Management Protocol”},{“sortOrder”:2,”text”:”b. System Network Media Protocol”},{“sortOrder”:3,”text”:”c. Scalable Network Mount Point”}],”trueAnswer”:1,”answerExplanation”:”a. SNMP allows you to capture data from network and system devices in order to track the health and status of such devices. This data can then be aggregated and reported on using a 3rd party tool. SNMP enabled devices and applications make use of a password called a ‘community string’ to allow access to the data the device or software hold. By default community strings are set to ‘public’ to allow for easy read-only access to devices.”},{“sortOrder”:12,”text”:”This is one example of a tool that can gather data and create reports and alerts from network devices by using SNMP.”,”answers”:[{“sortOrder”:1,”text”:”a. Pixy”},{“sortOrder”:2,”text”:”b. SoRT”},{“sortOrder”:3,”text”:”c. MRTG”}],”trueAnswer”:3,”answerExplanation”:” c. MRTG – the Multi Router Traffic Grapher can use SNMP to gather and graph data from network devices. Examples of the data gathered include server uptime, service availability and network usage for each server. These graphs and reports can be extremely useful in order to view some history of your network. Take a report of your server uptime and give it to your boss – maybe you’ll be commended on your hard work. On the other hand if uptime isn’t so good, you should figure out what’s going wrong and fix it!”}]”}; _newQuiz.quizTitle = ”; _newQuiz.quizNumber = 2; var _quizzes = _quizzes || []; _quizzes.push(_newQuiz); incljQueryTempl = true; incljQueryUi = true;

Article Source

Leave a Reply

Your email address will not be published. Required fields are marked *