Network-and-Security-Foundation Network-and-Security-Foundation Questions and Answers

Disabling ESSID broadcastingprevents the Wi-Fi network name from being publicly visible,making it harder for attackers to discover and target the network. While this is not a foolproof security measure, it adds an additional layer of protection against unauthorized access.

Trusting local hosts by defaultis risky and not a security best practice.

Adding more access pointsimproves coverage but does not enhance security.

WEPis outdated and highly vulnerable to attacks; WPA2 or WPA3 should be used instead.

Platform as a Service (PaaS)provides a pre-configured computing environment that includes an operating system, runtime, and development tools, making it ideal for developers who want a ready-to-use platform. Examples include Google App Engine and Microsoft Azure App Services.

SaaSprovides fully hosted applications, not just pre-configured virtual machines.

IaaSprovides infrastructure without pre-installed software.

FaaSexecutes specific functions without persistent infrastructure.

Accounting(also known asauditing or logging) is a network security concept that tracks user activities, includingsuccessful and failed authentication attempts, system changes, and resource access. This helps in detecting and mitigating security breaches.

Authenticationverifies user identity but does not track activity.

Availabilityensures systems remain operational.

Authorizationcontrols user permissions but does not log activities.

Session hijackingoccurs when an attacker takes over an established connection between two devices, often by stealing session tokens or manipulating network traffic. This allows the attacker to impersonate a legitimate user and gain unauthorized access.

Dictionary attackinvolves password guessing, not hijacking active connections.

Social engineeringtricks users into providing information but does not hijack sessions.

IP address spoofingdisguises the attacker's identity but does not necessarily take over a session.

Thenetstatcommand in Linux displays active network connections, listening ports, and network statistics. It is useful for diagnosing network issues and identifying open connections.

nslookupis for DNS queries.

digprovides DNS information, not network connection status.

ifconfigshows network interface details but does not list active connections.

A broadband router is a type of network router that connects multiple computers within a local network while also providing internet access. It functions as a gateway between the local network and the internet by handling data packet transmission and routing. Broadband routers are widely used in small offices and homes because they offer essential networking services, including DHCP, NAT, and sometimes wireless connectivity.

Inter-provider border routersare used by ISPs to route data between different providers and do not serve as an internet gateway for end users.

Subscriber edge routersare typically deployed at the edge of an ISP's network to connect subscriber networks but do not provide full internet routing functionalities.

Core routersoperate at the backbone level of a network, facilitating high-speed data transfer but not connecting end-user devices directly.

TheApplication layer(Layer 7 of the OSI model) includesHypertext Transfer Protocol (HTTP), which is used for web communication. This layer provides network services directly to applications and users.

Network layerdeals with IP addressing and packet routing.

Session layermanages connections but does not include HTTP.

Transport layerensures reliable data transmission but does not handle application protocols.

Role-Based Access Control (RBAC)assigns permissions based on a user's role within an organization, such as department, job function, or hierarchy. This ensures that usersonly have access to resources necessary for their duties.

Attribute-based access control (ABAC)considers dynamic attributes like time, location, and device.

Context-based access controlrestricts access based on environmental conditions.

Discretionary access control (DAC)allows data owners to determine access rights.

Confidentialityin IT security ensures that sensitive data remains private and protected from unauthorized access. Encryption is a key measure used to maintain confidentiality by encoding data so that only authorized users can access it.

Integrityensures that data remains accurate and unchanged.

Availabilityensures that data is accessible when needed.

Consistencyis not a component of the CIA triad.

Theipconfigcommand in Windows provides details about a computer's network adapters, including IP addresses, subnet masks, default gateways, and DNS settings. It is particularly useful for troubleshooting connectivity issues.

traceroute(or tracert in Windows) is used to trace the path packets take to a destination.

nslookupis used for querying DNS records.

netstatprovides details about active network connections and listening ports, but not adapter configurations.

Integrityin IT security ensures that data remains accurate, unaltered, and trustworthy throughout its lifecycle. This means that data transmission should occurwithout errorsand should not be modified by unauthorized parties. Mechanisms like checksums, hashing, and digital signatures help maintain integrity.

Encryption (B)enhances confidentiality, not integrity.

Accessibility (C and D)relates to availability, not integrity.

Thedigcommand in Linux is used for DNS troubleshooting. It queries DNS records and provides detailed information about domain name resolutions.

traceroutetracks the path packets take to a destination but does not diagnose DNS.

netstatlists active connections, not DNS records.

ifconfigis used for managing network interfaces.

PIPEDArequires businesses in Canada to protectpersonal informationthrough security measures andproper disposal practices. This includessecure deletion of personal data when no longer neededto prevent unauthorized access.

Compensating individuals for data salesis not a legal requirement.

Notifying individuals of each data accessis unnecessary unless required by a breach.

Disclosing security softwareis not mandated by PIPEDA.

Adictionary attackis a password-cracking method that systematically tries common words, phrases, and predictable passwords (e.g., "password123", "admin2024") to gain access to an account. Attackers often compile large lists of weak or reused passwords.

Phishingtricks users into revealing passwords but does not systematically test multiple words.

Credential stuffinguses breached passwords rather than guessing from a list.

Social engineeringmanipulates users but does not rely on automated password attempts.

IP address spoofingis a cyberattack where an attacker disguises their system by falsifying its IP address, making it appear as a trusted device in a network. This technique is used for bypassing security controls, launching denial-of-service (DoS) attacks, or impersonating legitimate users.

Pharmingredirects users to fake websites to steal credentials.

Man-in-the-middle attackintercepts communications between two parties.

Session hijackingtakes over an active session but does not involve falsifying an IP address.