Dfn5033 Network Security Test Dis 2017

Stability is not a characteristic of information that needs to be protected by information security. The three characteristics that must be protected are availability, confidentiality, and integrity. Availability ensures that information is accessible and usable when needed. Confidentiality ensures that information is only accessed by authorized individuals. Integrity ensures that information is accurate and reliable, and has not been tampered with or altered. Stability, on the other hand, refers to the consistency and reliability of a system or network, rather than a characteristic of information itself.

The phrase "Malware" describes viruses, worms, Trojan horse attack applets, and attack scripts. Malware is a broad term used to refer to any malicious software designed to harm or exploit computer systems. This includes various types of harmful programs such as viruses, worms, Trojan horses, and attack scripts. These malicious software can cause damage to computer systems, steal sensitive information, or disrupt normal operations.

A combination of hardware components and appropriate software that controls or filters access between two networks is called a firewall. Firewalls act as a barrier between a trusted internal network and an untrusted external network, such as the internet. They monitor and control incoming and outgoing network traffic based on predetermined security rules. Firewalls help protect against unauthorized access, malicious attacks, and the spread of malware.

Network security is the correct answer because it refers to the measures taken to protect networks and their services from unauthorized access, modification, destruction, or disclosure. It involves implementing various security protocols, such as firewalls, encryption, and intrusion detection systems, to ensure the confidentiality, integrity, and availability of network resources. Network security aims to prevent unauthorized individuals or entities from gaining access to sensitive information or causing harm to the network infrastructure.

During the night the high contrast between the bright moon and the night's dark skies make the Moon look white.

A Denial of Service (DoS) attack is a type of cyber attack that aims to disrupt or deny authorized users access to network resources. This is typically achieved by overwhelming the targeted network or system with a flood of illegitimate requests or traffic, causing it to become unavailable to legitimate users. The attacker does not gain unauthorized access or steal information, but rather renders the network or system unusable for its intended users.

Encryption is a technique used to protect data and passwords by converting them into a coded form that can only be deciphered with a specific key or password. It ensures that even if unauthorized individuals gain access to the data, they will not be able to understand or use it without the encryption key. Encryption provides an additional layer of security to prevent data breaches and unauthorized access, making it an effective technique for protecting sensitive information.

In VPNs, tunneling refers to the process of encapsulating packets inside packets of a different protocol. This technique is used to create a virtual circuit between the sender and receiver, allowing secure transmission of data over an untrusted network. By encapsulating the original packets, the VPN protocol ensures that the data remains private and protected from potential eavesdropping or tampering. The encapsulated packets are then transmitted through the network, creating a secure tunnel for the data to travel through. This process helps maintain the confidentiality and integrity of the transmitted data in a VPN.

Internal threats refer to risks and vulnerabilities that come from within an organization or company. These threats can include actions by employees, such as data breaches, unauthorized access to sensitive information, or intentional sabotage. Internal threats are considered serious because they can cause significant damage to an organization's reputation, financial stability, and overall security. It is crucial for organizations to have robust security measures in place to mitigate and prevent internal threats.

Port scanning is a method used to search for open ports on a computer or network. It involves sending network requests to various ports to determine which ones are open and potentially vulnerable to attack. Unlike the other options listed, port scanning itself is not considered an attack, but rather a reconnaissance technique to identify potential vulnerabilities that could be exploited in a future attack.

A firewall needs to be scalable so that it can accommodate the growth of the network it is protecting. As the network expands and more devices are added, the firewall should be able to handle the increased traffic and workload without compromising its effectiveness. A scalable firewall can easily adapt to the changing needs of the network, allowing for seamless expansion and ensuring that the network remains secure.

A honey pot should be implemented in this scenario. A honey pot is a decoy system that is designed to attract and deceive attackers. By deploying a honey pot, the network administrator can monitor and collect information on the attackers without risking the security of the actual company website. This information can then be used as evidence for legal action against the attackers.

IP spoofing is the technique attackers use to gain unauthorized access to a network by sending messages to a computer with an IP address indicating that the message is coming from a trusted host. This allows the attacker to deceive the target system into thinking that the communication is legitimate and from a trusted source. By spoofing the IP address, the attacker can bypass security measures and potentially gain control over the targeted network.

VPN technology uses two simultaneous techniques to guarantee privacy for an organization: IPSec and tunneling. IPSec (Internet Protocol Security) is a protocol suite that provides secure communication over IP networks. It ensures the confidentiality, integrity, and authentication of data transmitted between devices. Tunneling, on the other hand, is the process of encapsulating data packets within other packets to create a secure "tunnel" through which the data can travel. By combining IPSec and tunneling, VPNs can establish secure connections and protect sensitive information from unauthorized access.

The given statement describes the Close Security Model. This security model is considered the most difficult to implement as it assumes that all security measures are implemented, all users are not trustworthy, threats are frequent, and the protected assets are of high value. In this model, access to resources is tightly controlled, and only authorized individuals are granted access. It emphasizes strict controls and restrictions to ensure the highest level of security for the protected assets.

A DDoS (Distributed Denial of Service) attack is a type of cyber attack where multiple compromised computers or devices flood a target system with a high volume of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. The correct answer accurately describes this type of attack, as it involves flooding a listening port on a machine with packets to disrupt its resources.

Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of attack prior to launching an attack. During this phase, the attacker aims to identify vulnerabilities, weaknesses, and potential entry points in the target's system or network. This information gathering process helps the attacker to plan and execute the attack more effectively, increasing the chances of success. Scanning, sniffing, and access are not the correct answers as they do not specifically refer to the information gathering phase of an attack.

The correct answer is "Hackers" because activities such as breaking into someone else's computer system, bypassing passwords, or licenses in computer programs are typically associated with individuals who have advanced computer skills and use them to gain unauthorized access or manipulate systems. These individuals are commonly referred to as hackers.

SSL (Secure Sockets Layer) is a protocol that provides secure communication over a network. It encrypts the data transmitted between a client and a server, ensuring that it cannot be intercepted or tampered with by unauthorized parties. In the context of a VPN tunnel, SSL can be used to protect the traffic flowing between the client and the VPN server, making it an appropriate choice for ensuring the confidentiality and integrity of the data being transmitted. Telnet, SSH, and SMTP are not specifically designed for securing VPN traffic, making them less suitable options.

IDS stands for Intrusion Detection System. Unlike preventative measures such as NAT (Network Address Translation), Proxy, and DMZ (Demilitarized Zone), IDS acts more like a detective. It monitors network traffic and system activities to identify any suspicious or malicious behavior. IDS detects and alerts administrators about potential security breaches or attacks, allowing them to take appropriate actions to mitigate the risks. However, IDS alone does not actively prevent or block these attacks, making it more of a detective tool rather than a preventative measure.

Dynamic Network Address Translation (DNAT) is not a component of a firewall. A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Packet Filter, Network Address Translation (NAT), and Proxy Server are all components commonly found in firewalls. Packet Filter examines individual packets of data and filters them based on specific criteria. NAT translates IP addresses between different networks to allow for communication. Proxy Server acts as an intermediary between client devices and the internet, providing additional security and anonymity. DNAT, on the other hand, is a technique used in network routing and does not directly relate to firewall functionality.

SMTP (Simple Mail Transfer Protocol) is a communication protocol that defines the way in which email messages are transmitted over the Internet. It is responsible for sending and receiving emails between mail servers. SMTP ensures that emails are properly formatted, addressed, and delivered to the intended recipients. It works in conjunction with other protocols like POP (Post Office Protocol) and IMAP (Internet Message Access Protocol) to enable users to access and manage their emails. Therefore, SMTP is the correct answer as it specifically deals with the transmission of messages over the Internet.

The correct answer is "Criminal element" because criminals are actually considered a potential risk to network security. Criminals can engage in activities such as hacking, identity theft, and fraud, which can compromise the security of a network. Therefore, they should be considered as a potential risk to network security.

Social engineering does not require deep technical knowledge because it relies on manipulating human psychology and exploiting human trust rather than exploiting technical vulnerabilities or weaknesses. It involves tricking or deceiving individuals into revealing sensitive information or performing actions that may compromise security. This can be done through techniques such as impersonation, deception, or manipulation, without the need for advanced technical skills or knowledge.

Installing a firewall is the first step to take when considering securing your network. A firewall acts as a barrier between your internal network and the external network, filtering incoming and outgoing traffic based on predetermined security rules. By installing a firewall, you can control and monitor network traffic, preventing unauthorized access and potential security breaches. It is a fundamental security measure that helps protect your network from external threats and provides a basic level of network security.

A DMZ (Demilitarized Zone) is a network segment that is isolated from the internal network and exposed to the external network. It acts as a buffer zone between the internet and the internal network, providing an additional layer of security. Placing a web server in the DMZ allows external users to access the website while keeping the internal network protected. The web server handles incoming HTTP requests and serves web pages to users, making it an ideal candidate for placement in the DMZ.

A bastion host is a computer that is intentionally exposed to the internet and is designed to be the first line of defense against attacks. It is typically hardened and has minimal services running, making it more vulnerable to attacks compared to other servers. The purpose of a bastion host is to monitor and log incoming traffic, as well as provide a secure gateway for remote access to internal networks.

Intrusion prevention systems (IPS) operate in inline mode, which means that they actively monitor and inspect network traffic in real-time. Unlike intrusion detection systems (IDS), which only passively monitor and alert on suspicious activity, IPS can take immediate action to prevent or block any detected intrusions. By operating in inline mode, IPS can actively intervene and stop malicious activities before they can cause any harm to the data segment being monitored. This makes IPS a more proactive and effective security solution compared to IDS.

A proxy server is used in a network to provide security against unauthorized users. It acts as an intermediary between clients and servers, allowing clients to make requests for web pages or database access through the proxy server instead of directly connecting to the target server. This helps to hide the client's IP address, making it difficult for unauthorized users to track or access the client's information. The proxy server can also implement various security measures such as authentication, encryption, and filtering to ensure that only authorized users can access the network resources.

A virus is a type of malware that can exploit vulnerabilities in a system's security and replicate itself to other systems running the same software. Unlike other types of malware such as spyware, trojans, or worms, viruses specifically target security holes and use them to spread and infect other systems. They can cause damage to files, steal information, and disrupt the normal functioning of a computer system.