Network-and-Security-Foundation Network-and-Security-Foundation Questions and Answers

TheTransport layerin the TCP/IP model includes theUser Datagram Protocol (UDP)andTransmission Control Protocol (TCP). UDP is a connectionless protocol used for fast, lightweight data transmission where reliability is not the priority (e.g., video streaming, VoIP).

Application layerhandles end-user services but not transport mechanisms.

Network or internet layerdeals with IP addressing and routing, not UDP.

Physical or network access layerconcerns hardware transmission methods.

Confidentialityensures that sensitive information is protected from unauthorized access.Encryptionis a key mechanism used to maintain confidentiality by converting readable data into a secure format that can only be accessed with a decryption key.

Integrityensures data is not altered improperly but does not directly relate to encryption.

Availabilityfocuses on system uptime and accessibility.

Applicationis not a component of the CIA triad.

This scenario describes adata exportattack, where an attacker steals sensitive information (e.g., personal data, trade secrets, or financial records) and transfers it to another entity, often for malicious purposes.

Launch pointrefers to using a compromised system for further attacks.

Denial of availabilitydisrupts access to resources.

Data modificationinvolves unauthorized changes rather than theft.

AType 1 hypervisor(bare-metal hypervisor) runs directly on the hardware, providing better security and efficiency compared to Type 2 hypervisors. It reduces attack surfaces and optimizes resource utilization. Examples include VMware ESXi and Microsoft Hyper-V.

Type 2 hypervisorsrely on a host OS, making them less secure and efficient.

Open-source and proprietarydescribe licensing models, not hypervisor types.

Server-side validationhelps preventSQL injection, command injection, and other input-based attacksby ensuring that user input is properly sanitized before being processed by the system.Parameterized queries and input validationshould also be implemented to further reduce risk.

Detecting code vulnerabilitiesis helpful but not a direct mitigation technique.

Decreasing wireless rangedoes not affect injection attacks.

Using WPA2secures wireless networks but does not prevent injection attacks.

Confidentialityprotects data from unauthorized access, includingpassive attackslike eavesdropping, wiretapping, and packet sniffing. Encryption, access controls, and secure authentication mechanisms help enforce confidentiality.

Availabilityensures uptime and system accessibility.

Integrityensures data accuracy but does not prevent interception.

Adaptationis not part of the CIA triad.

IP address spoofingis a cyberattack where an attacker disguises their system by falsifying its IP address, making it appear as a trusted device in a network. This technique is used for bypassing security controls, launching denial-of-service (DoS) attacks, or impersonating legitimate users.

Pharmingredirects users to fake websites to steal credentials.

Man-in-the-middle attackintercepts communications between two parties.

Session hijackingtakes over an active session but does not involve falsifying an IP address.

PIPEDArequires businesses in Canada to protectpersonal informationthrough security measures andproper disposal practices. This includessecure deletion of personal data when no longer neededto prevent unauthorized access.

Compensating individuals for data salesis not a legal requirement.

Notifying individuals of each data accessis unnecessary unless required by a breach.

Disclosing security softwareis not mandated by PIPEDA.

Theipconfigcommand in Windows provides details about a computer's network adapters, including IP addresses, subnet masks, default gateways, and DNS settings. It is particularly useful for troubleshooting connectivity issues.

traceroute(or tracert in Windows) is used to trace the path packets take to a destination.

nslookupis used for querying DNS records.

netstatprovides details about active network connections and listening ports, but not adapter configurations.

Availabilityensures that systems, applications, and data remain accessible and operational for authorized users when needed. Organizations implement redundancy, failover mechanisms, and backup systems to maintain availability.

Integrityensures that data remains accurate and unchanged.

Confidentialityprotects sensitive data from unauthorized access.

Innovationis not a component of the CIA triad.

TheSession layer(Layer 5 of the OSI model) is responsible for establishing, maintaining, and terminating communication sessions between network applications. It ensures that data exchanges remain synchronized and structured.

Data link layerhandles error detection and frame transmission.

Physical layerdeals with hardware-level transmission.

Transport layerensures reliable data delivery but does not manage sessions.

Alaunch point attackoccurs when an attacker compromises a system and uses it as a foothold to spread malware, conduct reconnaissance, or launch further attacks against other systems. Botnets and command-and-control (C2) servers operate this way.

Denial of availabilitydisrupts service, but does not spread attacks.

Data exportsteals data instead of launching further attacks.

Data modificationchanges existing information but does not involve propagating threats.

UnderGDPR, individuals have the right to:

Accesstheir personal data

Request modifications or deletions(right to be forgotten)

Restrict processing of their data

Companies must also ensuretransparency and data protectionby implementing encryption and security controls.

Compensating individualsis not a GDPR requirement.

Disclosing security softwareis not mandatory, only security measures in place.

Notifying individuals every time data is viewedis unnecessary unless required by a breach.

Data encryptionprotects sensitive information by encoding it into an unreadable format, ensuring that even if attackers intercept the data, they cannot decipher it without the proper decryption key. This is crucial forprotecting stored and transmitted data.

RBACcontrols user access but does not secure data in transit.

2FAstrengthens authentication but does not secure stored or transmitted data.

Patch managementfixes software vulnerabilities but does not directly protect intercepted data.

Authorizationis the process of granting specific access rights and permissions based on user roles. By implementingRole-Based Access Control (RBAC), organizations ensure that users only have access to resources necessary for their job functions, reducing the risk of insider threats.

Authenticationverifies identity but does not control access.

Accountinglogs activities but does not restrict access.

Availabilityensures system uptime but is unrelated to permissions.