Network-and-Security-Foundation Sample Questions Answers

Disabling ESSID broadcastingprevents the Wi-Fi network name from being publicly visible,making it harder for attackers to discover and target the network. While this is not a foolproof security measure, it adds an additional layer of protection against unauthorized access.

Trusting local hosts by defaultis risky and not a security best practice.

Adding more access pointsimproves coverage but does not enhance security.

WEPis outdated and highly vulnerable to attacks; WPA2 or WPA3 should be used instead.

Detecting code vulnerabilitiesthroughregular security audits, code reviews, and static analysis toolshelps prevent buffer overflow attacks. Developers should implementbounds checking,memory-safe programming languages, and input validationto mitigate risks.

Disabling cachingdoes not prevent buffer overflow attacks.

Server-side validationhelps with input security but does not directly address buffer overflows.

Intrusion protection softwaremay detect attacks but does not prevent vulnerabilities in code.

ABus topologyis a network setup in which all devices share a single communication channel (central wire), and data is transmitted along this cable. Each device listens for data but only processes packets addressed to it. This topology was widely used in older Ethernet networks.

Star topologyuses a central switch or hub, not a shared wire.

Point-to-point topologyinvolves a direct link between two devices, not multiple devices sharing a medium.

Ring topologyconnects each device to two adjacent devices in a circular path, not a single shared bus.

Confidentialityensures that sensitive information is only accessible to authorized individuals.Role-Based Access Control (RBAC)enforces confidentiality by restricting access based on a user's role within an organization, ensuring that only authorized users can view or modify certain data.

Integrityensures data is not altered improperly.

Availabilityensures access to resources but does not manage permissions.

Consistencyis not a CIA triad component.

Confidentialityprotects data from unauthorized access, includingpassive attackslike eavesdropping, wiretapping, and packet sniffing. Encryption, access controls, and secure authentication mechanisms help enforce confidentiality.

Availabilityensures uptime and system accessibility.

Integrityensures data accuracy but does not prevent interception.

Adaptationis not part of the CIA triad.

TheTransport layer(Layer 4 of the OSI model) includes theTransmission Control Protocol (TCP), which provides reliable, connection-oriented communication. TCP ensures error-checking, sequencing, and retransmission of lost packets.

Application layerdeals with end-user protocols like HTTP and FTP.

Session layermanages communication sessions but not transport protocols.

Network layerfocuses on IP addressing and routing, not transport mechanisms.

TheNetwork or Internet layerof the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. TheInternet Protocol (IP)operates at this layer, ensuring thatdata is correctly routed from the source to the destination.

Physical or network access layerdeals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layerincludes end-user services (e.g., HTTP, FTP).

Transport layermanages data flow using protocols like TCP and UDP but does not handle IP addressing.

Session hijackingoccurs when an attacker takes over an established connection between two devices, often by stealing session tokens or manipulating network traffic. This allows the attacker to impersonate a legitimate user and gain unauthorized access.

Dictionary attackinvolves password guessing, not hijacking active connections.

Social engineeringtricks users into providing information but does not hijack sessions.

IP address spoofingdisguises the attacker's identity but does not necessarily take over a session.

Data encryptionprotects sensitive information by encoding it into an unreadable format, ensuring that even if attackers intercept the data, they cannot decipher it without the proper decryption key. This is crucial forprotecting stored and transmitted data.

RBACcontrols user access but does not secure data in transit.

2FAstrengthens authentication but does not secure stored or transmitted data.

Patch managementfixes software vulnerabilities but does not directly protect intercepted data.

Theeconomy of mechanismprinciple states that security systems should beas simple and small as possible. Reducing complexity makes security mechanisms easier to understand, audit, and defend against attacks.

Least common mechanismreduces shared resources to limit security risks.

Least privilegerestricts access based on necessity.

Zero-trust modelassumes no implicit trust in users or devices.

AType 1 hypervisor(bare-metal hypervisor) runs directly on the hardware, providing better security and efficiency compared to Type 2 hypervisors. It reduces attack surfaces and optimizes resource utilization. Examples include VMware ESXi and Microsoft Hyper-V.

Type 2 hypervisorsrely on a host OS, making them less secure and efficient.

Open-source and proprietarydescribe licensing models, not hypervisor types.

Having restoration policies in placeensures that in the event of data breaches, ransomware, or system failures, data can be quickly restored from secure backups. This minimizes downtime and data loss.

Using a variable network topologydoes not directly improve data security.

Changing passwords weeklymay lead to weaker security due to password fatigue.

WEPis obsolete and does not provide strong encryption for data protection.

Multifactor authentication (MFA)requires users to verify their identity usingmultiple factors, such assomething they know (password), something they have (a token or phone), or somewhere they are (geolocation-based access control). Requiring both location verification andpassword authentication demonstrates MFA.

Certificate verificationchecks digital certificates for security but does not use multiple authentication factors.

User-based accountinglogs user activities but does not verify identity.

Single sign-on (SSO)allows access to multiple systems with one login but is not necessarily MFA.

IP address spoofingis a cyberattack where an attacker disguises their system by falsifying its IP address, making it appear as a trusted device in a network. This technique is used for bypassing security controls, launching denial-of-service (DoS) attacks, or impersonating legitimate users.

Pharmingredirects users to fake websites to steal credentials.

Man-in-the-middle attackintercepts communications between two parties.

Session hijackingtakes over an active session but does not involve falsifying an IP address.

Availabilityensures that systems and data remain accessible and operational, even in the event of failures or attacks. Adisaster recovery plan (DRP)focuses on restoring IT infrastructure and operations after incidents like hardware failures, cyberattacks, or natural disasters. Strategies include data backups, failover systems, and redundant architectures.

Confidentialityfocuses on restricting unauthorized access.

Integrityensures data remains unaltered, but does not address service continuity.

Innovationis unrelated to the CIA triad.