What does a non-transparent proxy require from its clients?

No configuration

Configuration with the proxy server address and port number

Only encryption

A special browser

In a Role-Based Access Control (RBAC) system, how are permissions typically assigned?

Based on employee tasks performed

Randomly for security purposes

According to the sensitivity of the data

Directly to individual users

A university is collaborating with several external research institutions to provide a shared research platform. The platform hosts sensitive data and requires secure access control. The university and each of the research institutions have their own identity management systems.

To facilitate secure and seamless access to the shared platform, the university proposes using federated identity management.

What is a critical consideration the university must address to ensure the success of this federated identity management implementation?

The shared platform should be the sole Identity Provider (IdP), and all institutions must migrate their accounts to this platform.

Each institution, including the university, should become a SAML Identity Provider (IdP), and the shared platform should act as a SAML Relying Party (RP).

All participating institutions should abandon their existing identity management systems in favor of a new, unified system.

The university should centralize all user accounts into a single database managed by the university

A network administrator has just installed a new wireless access point for their company. The device came with a default management password.

What should the network administrator do first to ensure the device is secured?

Share the default password with their team for easy management.

Change the default password to something more complex.

Leave the default password as it is for convenience.

Disable the password requirement for easier access.

What does "defense in depth" refer to in network security design?

Focusing solely on physical security measures

A single, impenetrable layer of security at the network's edge

Ignoring internal threats and focusing on external attacks

Placing security controls throughout the network

What is the primary purpose of deploying a firewall in a network environment?

To filter traffic entering or leaving a network segment

To serve as a primary storage device

To increase the network speed

To manage user access to the internet

How does RBAC differ from using security groups for assigning permissions?

Security groups encrypt data, while RBAC does not.

RBAC focuses on job roles, while security groups are about user identity.

RBAC assigns permissions directly to users, while security groups do not.

RBAC is discretionary, while security groups are nondiscretionary.

^{An employee logs into their computer when they arrive at work and, regardless of what network resources they access throughout the day, they do not have to log in to anything else.}

^{What type of authentication is this?}

Windows network sign-in

Single sign-on

Remote sign-in

Windows local sign-in

An IT security specialist is conducting an audit of their company's network devices. The specialist discovers that several unused services, including Telnet and FTP, are enabled on some devices.

What should the IT security specialist do to enhance the security of these devices?

Replace Telnet and FTP with more services of the same security level.

Enable additional services to obscure the unused ones.

Leave the services enabled for potential future use.

Disable the unused services to reduce the attack surface.

In the context of port security, what is a "sticky MAC"?

A MAC address that is permanently hard-coded into the switch's firmware

A MAC address that is blocked from connecting to any port on the switch

A MAC address that is dynamically learned and stored until the switch is rebooted

A MAC address that can only be used for wireless connections

Which port is often configured for a non-transparent proxy server to accept client connections?

Port 8080

Port 22

Port 80

Port 443

Port 8080

Port 22

Port 80

Port 443

What does role-based access control aim to achieve?

answer

Allow all users equal access.

Reduce the complexity of permissions.

Increase the number of administrators.

Limit permissions based on administrative roles

What can be included in a digital certificate?

The subject's password

Information about the subject and the issuer

The private key of the subject

A list of authorized users

Why should the native VLAN have a different ID than any user-accessible VLAN?

To improve network performance

To mitigate against double tagging attacks

To enable faster VLAN switching

To allow for easier network management

What is the advantage of stateful firewall rules over stateless rules?

Stateful rules can differentiate between new and established connections.

Stateless rules are easier to configure.

Stateful rules require less processing power.

Stateless rules offer better security.