3.7.3 Network Security Quiz Answers | Module 3 Full 100% 2023
This is 3.7.3 Network Security Quiz Answers Full 100% in 2023 for Module 3: Network Support in the course Network Support and Security releases on SkillsForAll. All questions that have been answered are the best choice for practice to get 100%.
-
What is the level of need for data integrity in an e-commerce organization?
- low
- mid
- high
- critical
Explanation & Hints: The importance of data integrity varies based on how an organization uses the data:
- Critical level of need: Data integrity might be a matter of life or death in a healthcare organization. For example, prescription information must be accurate. Therefore, all data is continuously validated, tested, and verified.
- High need: In an e-commerce or analytics-based organization, transactions and customer accounts must be accurate. All data is validated and verified at frequent intervals.
- Mid-level of need: Online sales and search engines collect data that has been publicly posted. Little verification is performed, and data is not completely trustworthy.
- Low level of need: Blogs, forums, and personal pages on social media are powered by public opinion and open contribution. Data may not be verified at all, and there is a low level of trust in the content.
-
Which three solutions are examples of logical access control? (Choose three.)
- firewall
- access control list
- biometrics
- fence
- laptop lock
- swipe card
Explanation & Hints: Some examples of logical access controls are encryption, smart cards, passwords, biometrics, access control lists, protocols, firewalls, routers, intrusion detection systems, and clipping levels. Some examples of physical access controls are guards, fences, motion detectors, laptop locks, locked doors, swipe cards, guard dogs, video cameras, mantrap-style entry systems, and alarms.
-
Which host-based solution is installed on a device or server to monitor system calls and file system access to detect malicious requests?
- host-based firewall
- host intrusion detection system
- host encryption
- data loss prevention
Explanation & Hints: Host intrusion detection system (HIDS) software is installed on a device or server to monitor suspicious activity. It monitors systems calls and file system access to detect malicious requests. It can also monitor configuration information about the device held in the system registry.
-
What is the purpose of using the Windows BitLocker To Go tool?
- to encrypt removable drives
- to reformat removable drives
- to manage partitions on removable drives
- to manage safely inserting and removing of removable drives
Explanation & Hints: BitLocker to Go is a tool that encrypts removable drives.
-
Which Apple macOS security feature prevents the execution of malware through signature-based malware detection?
- XProtect
- MRT
- Gatekeeper
- Security-focured hardware
Explanation & Hints: Apple macOS security feature XProtect prevents the execution of malware through signature-based malware detection. It also alerts users to malware and provides the option to remove detected malware files.
-
Which type of firewalls will inspect and filter network traffic based on OSI model Layer 3 and 4 information?
- packet filtering
- stateful firewall
- application gateway firewall
- next generation firewall
Explanation & Hints: Packet filtering firewalls are usually part of a router firewall, which permits or denies traffic based on Layer 3 and 4 information. Stateless firewalls use a simple policy table look-up that filters traffic based on specific criteria.
-
What is the benefit of using a stateful firewall in a network?
- It can prevent application layer attacks because it examines the actual contents of the HTTP connection.
- It analyzes traffic at OSI Layer 4 and Layer 5.
- It filters IP traffic between bridged interfaces at OSI layer 7.
- It strengthens packet filtering by providing more stringent control over security.
Explanation & Hints: There are several benefits to using a stateful firewall in a network:
- Stateful firewalls are often used as a primary means of defense by filtering unwanted, unnecessary, or undesirable traffic.
- Stateful firewalls strengthen packet filtering by providing more stringent control over security.
- Stateful firewalls improve performance over packet filters or proxy servers.
- Stateful firewalls defend against spoofing and DoS attacks by determining whether packets belong to an existing connection or are from an unauthorized source.
- Stateful firewalls provide more log information than packet-filtering firewalls.
-
Which statement describes a TCP Wrappers host-based firewall?
- It is a firewall that uses a profile-based approach to firewall functionality.
- It is an application that allows Linux system administrators to configure network access rules that are part of the Linux kernel Netfilter modules.
- It is a firewall application that uses a simple virtual machine in the Linux kernel.
- It is a rule-based access control and logging system for Linux.
Explanation & Hints: TCP Wrappers host-based firewall is a rule-based access control and logging system for Linux. Packet filtering is based on IP addresses and network services.
-
Which authentication method uses AES for encryption?
- WEP
- WPA
- WPA2
- WPA3-Enterprise
Explanation & Hints: WPA2 is the current industry standard for securing wireless networks and uses the Advanced Encryption Standard (AES) for encryption.
-
Which LAN authentication method is recommended for home or small office networks?
- WPA Personal
- WPA Enterprise
- WPA2 Personal
- WPA2 Enterprise
Explanation & Hints: WPA2 Personal is recommended for home or small office networks. Wireless clients authenticate with the wireless router using a pre-shared password.
-
Which authentication method in WPA3 improves the onboarding process for IoT devices to join wireless network?
- DPP
- WPS
- CCMP
- EAP
Explanation & Hints: Although WPA2 included Wi-Fi Protected Setup (WPS) to quickly onboard devices without configuring them first, WPS is vulnerable to various attacks and not recommended. In WPA3, the Device Provisioning Protocol (DDP) addresses this need, providing an easy way for headless IoT devices to connect to the wireless network. Each IoT device has a hardcoded public key typically stamped on the outside of the device or the packaging as a QR code. The network administrator scans the QR code and quickly onboards the device.
-
What statement describes the principle of confidentiality in the CIA information security triad?
- Authorized users must have uninterrupted access to important resources and data.
- Data must be protected from unauthorized alteration.
- Only authorized individuals, entities, or processes can access sensitive information.
- Redundant services, gateways, and links must be implemented.
Explanation & Hints: According to the CIA information security triad, confidentiality means that only authorized individuals, entities, or processes can access sensitive information. It may require using cryptographic encryption algorithms such as AES to encrypt and decrypt data.
-
What statement describes the principle of integrity in the CIA information security triad?
- Authorized users must have uninterrupted access to important resources and data.
- Data must be protected from unauthorized alteration.
- Only authorized individuals, entities, or processes can access sensitive information.
- Redundant services, gateways, and links must be implemented.
Explanation & Hints: According to the CIA information security triad, the principle of integrity means that data must be protected from unauthorized alteration. It requires the use of cryptographic hashing algorithms such as SHA.
-
Which is an example of a physical characteristic?
- ear features
- gestures
- voice
- gait
Explanation & Hints: There are two types of biometric identifiers:
- Physical characteristics: fingerprints, DNA, face, hands, retina, or ear features.
- Behavioral characteristics: behavior patterns such as gestures, voice, gait, or typing rhythm.
-
Which security principle applies to the first dimension of the cybersecurity cube of the CIA triad?
- Accountability
- Availability
- Policy
- Technology
Explanation & Hints: The first dimension of the cybersecurity cube identifies the goals to protect cyberspace. The foundational principles of confidentiality, integrity and data availability provide a focus that enables the cybersecurity expert to prioritize actions when protecting any networked system.