Bash, the Crucial Exams Chat Bot
AI Bot
Network Security Essentials Flashcards
ISC2 Certified in Cybersecurity (CC) Flashcards
| Front | Back |
| Define a VPN | A Virtual Private Network encrypts data and maintains privacy by creating a secure tunnel between devices. |
| Define MAC address filtering | A security measure that restricts device access based on their unique hardware addresses. |
| Define malware | Malicious software designed to infiltrate, damage, or disrupt systems and networks. |
| Define phishing | A cyber attack where attackers trick individuals into sharing sensitive information via deceptive emails or websites. |
| Define SQL injection | A web attack that manipulates SQL queries to access or alter a database improperly. |
| Define zero-day vulnerability | A security flaw unknown to the vendor, exploited by attackers before it is addressed. |
| Describe RADIUS in network security | Remote Authentication Dial-In User Service is a protocol for centralized authentication, authorization, and accounting of users. |
| Explain a brute-force attack | This is an attempt to guess passwords through exhaustive trial-and-error. |
| Explain the concept of zero-trust architecture | A security model that requires verification for every user and device trying to access resources, regardless of their location. |
| Explain the difference between IDS and IPS | IDS detects threats while IPS prevents and blocks them. |
| Explain the difference between TCP and UDP | TCP is connection-oriented and ensures reliable data transfer, while UDP is connectionless and faster but less reliable. |
| How do public-key cryptography protocols enhance security | By using asymmetric encryption, allowing secure key exchange and data encryption. |
| How does encryption differ from hashing | Encryption secures data for two-way communication, while hashing creates a fixed-length representation for data integrity checks. |
| What are botnets used for in cyber attacks | Botnets are networks of compromised systems used to launch distributed denial-of-service (DDoS) attacks or spread malware. |
| What does HTTPS ensure during web communication | Secure and encrypted data transfer using SSL/TLS protocols. |
| What does IDS stand for | Intrusion Detection System. |
| What is a DDoS attack | A distributed denial-of-service attack overwhelms a server or network with traffic, causing service disruption. |
| What is a DMZ in network security | A Demilitarized Zone is a separate network that acts as a buffer between internal and external networks. |
| What is an example of a symmetric encryption protocol | AES (Advanced Encryption Standard). |
| What is data encryption | The process of converting data into a secure format to prevent unauthorized access. |
| What is endpoint security | Security measures taken to protect the devices that connect to a network. |
| What is social engineering in cybersecurity | Manipulating individuals to gain unauthorized access to systems or sensitive information. |
| What is the function of a security certificate | It validates the identity of a website and ensures secure communication using encryption. |
| What is the main benefit of a honeypot system | To distract and study attackers by luring them to a decoy system. |
| What is the primary function of a packet sniffer | To analyze and capture packets traversing a network for troubleshooting or security purposes. |
| What is the primary purpose of a firewall | To monitor and filter network traffic to prevent unauthorized access. |
| What is the principle of least privilege | Granting users and devices minimal access necessary to perform their tasks to reduce security risks. |
| What is the purpose of a security audit in networking | To assess vulnerabilities, ensure compliance, and evaluate the effectiveness of security measures in a network. |
| What is the purpose of a VLAN | A Virtual Local Area Network segments network traffic to enhance security and optimize efficiency. |
| What is the purpose of network access control (NAC) | To enforce security policies and grant network access based on the user and device compliance level. |
| What is the role of a network proxy | A proxy acts as an intermediary between clients and servers, enhancing security and privacy. |
| What is the role of DNSSEC in network security | DNS Security Extensions add authenticity to DNS responses, reducing risks of spoofing or poisoning. |
| What is the role of intrusion prevention systems (IPS) | To actively block or reject malicious activity detected in network traffic. |
| What is the role of network segmentation | To isolate sections of a network to improve security and limit potential breaches. |
| What is the significance of a strong password policy | It reduces the risk of unauthorized access by ensuring complexity and length in passwords. |
| What layer of the OSI model does SSL operate at | SSL operates at the Transport Layer. |
| Why are port scans used by attackers | To identify open ports that may be vulnerable to exploitation. |
| Why is network monitoring important | To continuously observe network traffic for suspicious activity and performance issues. |
| Why is patch management vital for network security | Regularly updating software and systems removes vulnerabilities and prevents exploitation. |
| Why is two-factor authentication critical | It adds an extra layer of security by requiring two forms of verification. |
Front
Explain the concept of zero-trust architecture
Click the card to flip
Back
A security model that requires verification for every user and device trying to access resources, regardless of their location.
Front
Explain the difference between IDS and IPS
Back
IDS detects threats while IPS prevents and blocks them.
Front
What is the primary purpose of a firewall
Back
To monitor and filter network traffic to prevent unauthorized access.
Front
Why are port scans used by attackers
Back
To identify open ports that may be vulnerable to exploitation.
Front
What is the primary function of a packet sniffer
Back
To analyze and capture packets traversing a network for troubleshooting or security purposes.
Front
What is the purpose of network access control (NAC)
Back
To enforce security policies and grant network access based on the user and device compliance level.
Front
What is the main benefit of a honeypot system
Back
To distract and study attackers by luring them to a decoy system.
Front
Define phishing
Back
A cyber attack where attackers trick individuals into sharing sensitive information via deceptive emails or websites.
Front
What is the significance of a strong password policy
Back
It reduces the risk of unauthorized access by ensuring complexity and length in passwords.
Front
What is the function of a security certificate
Back
It validates the identity of a website and ensures secure communication using encryption.
Front
How do public-key cryptography protocols enhance security
Back
By using asymmetric encryption, allowing secure key exchange and data encryption.
Front
How does encryption differ from hashing
Back
Encryption secures data for two-way communication, while hashing creates a fixed-length representation for data integrity checks.
Front
Define a VPN
Back
A Virtual Private Network encrypts data and maintains privacy by creating a secure tunnel between devices.
Front
Define SQL injection
Back
A web attack that manipulates SQL queries to access or alter a database improperly.
Front
What is data encryption
Back
The process of converting data into a secure format to prevent unauthorized access.
Front
Define zero-day vulnerability
Back
A security flaw unknown to the vendor, exploited by attackers before it is addressed.
Front
What layer of the OSI model does SSL operate at
Back
SSL operates at the Transport Layer.
Front
What is the role of network segmentation
Back
To isolate sections of a network to improve security and limit potential breaches.
Front
What is social engineering in cybersecurity
Back
Manipulating individuals to gain unauthorized access to systems or sensitive information.
Front
Why is patch management vital for network security
Back
Regularly updating software and systems removes vulnerabilities and prevents exploitation.
Front
Explain the difference between TCP and UDP
Back
TCP is connection-oriented and ensures reliable data transfer, while UDP is connectionless and faster but less reliable.
Front
Explain a brute-force attack
Back
This is an attempt to guess passwords through exhaustive trial-and-error.
Front
What is the purpose of a security audit in networking
Back
To assess vulnerabilities, ensure compliance, and evaluate the effectiveness of security measures in a network.
Front
What is the role of DNSSEC in network security
Back
DNS Security Extensions add authenticity to DNS responses, reducing risks of spoofing or poisoning.
Front
What is a DMZ in network security
Back
A Demilitarized Zone is a separate network that acts as a buffer between internal and external networks.
Front
What is the role of intrusion prevention systems (IPS)
Back
To actively block or reject malicious activity detected in network traffic.
Front
What are botnets used for in cyber attacks
Back
Botnets are networks of compromised systems used to launch distributed denial-of-service (DDoS) attacks or spread malware.
Front
What does IDS stand for
Back
Intrusion Detection System.
Front
Why is two-factor authentication critical
Back
It adds an extra layer of security by requiring two forms of verification.
Front
Define malware
Back
Malicious software designed to infiltrate, damage, or disrupt systems and networks.
Front
What is the role of a network proxy
Back
A proxy acts as an intermediary between clients and servers, enhancing security and privacy.
Front
What is a DDoS attack
Back
A distributed denial-of-service attack overwhelms a server or network with traffic, causing service disruption.
Front
What is the principle of least privilege
Back
Granting users and devices minimal access necessary to perform their tasks to reduce security risks.
Front
What is an example of a symmetric encryption protocol
Back
AES (Advanced Encryption Standard).
Front
Describe RADIUS in network security
Back
Remote Authentication Dial-In User Service is a protocol for centralized authentication, authorization, and accounting of users.
Front
Why is network monitoring important
Back
To continuously observe network traffic for suspicious activity and performance issues.
Front
Define MAC address filtering
Back
A security measure that restricts device access based on their unique hardware addresses.
Front
What is endpoint security
Back
Security measures taken to protect the devices that connect to a network.
Front
What is the purpose of a VLAN
Back
A Virtual Local Area Network segments network traffic to enhance security and optimize efficiency.
Front
What does HTTPS ensure during web communication
Back
Secure and encrypted data transfer using SSL/TLS protocols.
1/40
This deck focuses on network security protocols, firewalls, VPNs, intrusion detection systems, and their roles in preventing and detecting attacks.