Attacks, Threats, and Vulnerabilities
CIA Triad
The order of WiFi security security protocols.
What are WEP, WPA, WPA2, and WPA3?
The two types of firewall filters.
What are inbound and outbound filtering?
Security fencing, access control vestibules, and magnetometers.
What is physical security?
You receive an email claiming to be from your boss asking you to send her a gift card. You suspect it may be a _____ attack because _____.
What are phishing and it has a strange TO: field, request for money, etc?
The practice of controlling access to data in any format, including both digital and physical (paper) records
What is Information Security?
Wireless connection protocol referred to as group authentication.
WPA2 Pre-Shared Key (PSK) Authentication
Steps to secure a SOHO network.
What are changing admin credentials, enabling best encryption, disabling the guest networking, and disabling SSID broadcasting?
Types of equipment locks.
What are Kensington locks (cable tie), Chassis locks (lock usb ports & disks), & lockable rack cabinets?
Someone wants to be able to play video games on their gaming console on their home network, but doesn't understand how to administer the network. You advise them to use _____ .
What is Universal Plug and Play (UPnP)?
Impersonation, Shoulder surfing, Tailgating, and Piggybacking are all forms of:
What is Social Engineering?
Wireless security protocol allowing each user to have their own credentials to log into a network.
What is WPA2/3 Enterprise?
Allowing an inbound connection on a port associated with a particular protocol.
What is port forwarding?
Circuit alarms.
What are alarm systems that sound when a door is opened/closed and may be triggered by a fence being cut?
You are at the mall and want to connect to the internet. You see two networks: CherryVale_2024 and CheryValue_2024. You log into the ____ network because you suspect a ____ attack.
What are CherryVale_2024 and Evil Twin?
An attack that exploits the browser's trust in the website the user has chosen to visit. Variants can affect both clients and servers depending on the variant.
What is cross site scripting (XSS)?
Opening a port on the firewall for a limited period of time while an app needs to communicate. Can also allow an app to access a network on multiple ports.
What is port triggering?
Duress alarms
What are alarms that are triggered manually by staff, like a concealed sensor or a life alert?
Your children are misbehaving and you want to ground them by restricting their access to social media. You set up ____ through the ____ on your network.
What are outbound (content) filtering and firewall?
A message digest encrypted using the sender's private key added to the end of a message to authenticate a sender and prove the integrity of the message.
What is a digital signature?
The primary use for RADIUS, TACACS+, and Kerberos.
What are remote authentication, network device adminstration, and single sign on?
A special subnet designed to isolate servers that will be accessed by external devices from the internet.
What is a screened subnet (also known as a DMZ)?
Proximity alarms
What are alarms that can be set up to track the movement of an RFID tag within an area to sound an alarm?
You want to run a web server on your home network. You decide to enable ____ on through your router and open port ____ which uses ____ protocol.
What are port forwarding (or triggering), 443, and HTTPS?