Network-and-Security-Foundation Network-and-Security-Foundation Questions and Answers

Thedigcommand in Linux is used for DNS troubleshooting. It queries DNS records and provides detailed information about domain name resolutions.

traceroutetracks the path packets take to a destination but does not diagnose DNS.

netstatlists active connections, not DNS records.

ifconfigis used for managing network interfaces.

Alaunch point attackoccurs when an attacker compromises a system and uses it as a foothold to spread malware, conduct reconnaissance, or launch further attacks against other systems. Botnets and command-and-control (C2) servers operate this way.

Denial of availabilitydisrupts service, but does not spread attacks.

Data exportsteals data instead of launching further attacks.

Data modificationchanges existing information but does not involve propagating threats.

Monitor mode scanningallows administrators to detect unauthorized or rogue access points broadcasting in the network. This technique, along withwireless intrusion detection systems (WIDS), helps identify and block unauthorized devices.

Requiring complex passwordsenhances security but does not prevent rogue APs.

Server-side validationsecures applications, not wireless networks.

Disallowing ICMP packetsis a security measure but does not address rogue APs.

Confidentialityensures that sensitive information is only accessible to authorized individuals.Role-Based Access Control (RBAC)enforces confidentiality by restricting access based on a user's role within an organization, ensuring that only authorized users can view or modify certain data.

Integrityensures data is not altered improperly.

Availabilityensures access to resources but does not manage permissions.

Consistencyis not a CIA triad component.

Data modification attacksinvolve unauthorized changes to stored data, altering information to mislead, disrupt, or destroy integrity. Attackers may modify logs, transactions, or records for fraud or sabotage.

Launch pointis when a system is used to attack others.

Data exportis the theft of data.

Denial of availabilitymakes data inaccessible, but does not necessarily modify it.

Theipconfigcommand in Windows provides details about a computer's network adapters, including IP addresses, subnet masks, default gateways, and DNS settings. It is particularly useful for troubleshooting connectivity issues.

traceroute(or tracert in Windows) is used to trace the path packets take to a destination.

nslookupis used for querying DNS records.

netstatprovides details about active network connections and listening ports, but not adapter configurations.

TheNetwork or Internet layerof the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. TheInternet Protocol (IP)operates at this layer, ensuring thatdata is correctly routed from the source to the destination.

Physical or network access layerdeals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layerincludes end-user services (e.g., HTTP, FTP).

Transport layermanages data flow using protocols like TCP and UDP but does not handle IP addressing.

Configuring RADIUS authenticationenhances Wi-Fi security by requiring user authentication before granting access to the network. This prevents unauthorized users from connecting and mitigates risks from rogue access points.

WEPis outdated and insecure; WPA2/WPA3 with RADIUS should be used instead.

A bus topologyis a network design choice, not a security measure.

Avoiding asymmetric encryptionweakens security rather than improving it.

Anaccess point (AP)is a network device that extends the coverage of a wireless network by acting as a bridge between wired and wireless devices. It allows users to connect to a network without needing a direct wired connection. APs are particularly useful in large office spaces where Wi-Fi signals may not reach all areas.

Routersprimarily manage network traffic but do not directly extend network range unless they include built-in AP functionality.

Serversare used for hosting applications and storing data but do not extend network connectivity.

Switchesconnect wired devices within a local network but do not extend wireless network range.

Infrastructure as a Service (IaaS)provides virtualized computing resources over the cloud, including virtual machines where users can install and configure their own operating systems and applications. It offers flexibility and scalability without requiring hardware investment. Examples include AWS EC2 and Microsoft Azure Virtual Machines.

FaaSexecutes small code functions without infrastructure management.

PaaSprovides a managed platform but not full OS control.

SaaSoffers ready-to-use applications without infrastructure control.

Confidentialityin IT security ensures that sensitive data remains private and protected from unauthorized access. Encryption is a key measure used to maintain confidentiality by encoding data so that only authorized users can access it.

Integrityensures that data remains accurate and unchanged.

Availabilityensures that data is accessible when needed.

Consistencyis not a component of the CIA triad.

ARing topologyis a network setup where each device is connected to two adjacent devices, forming a circular path for data transmission. This topology ensures that data travels in a single orbidirectional loop.

Point-to-pointtopology refers to a direct connection between two devices without forming a larger network structure.

Bus topologyhas all devices connected to a single central cable, rather than forming a ring.

Star topologyfeatures a central hub or switch that connects all devices, rather than direct device-to-device links.

A broadband router is a type of network router that connects multiple computers within a local network while also providing internet access. It functions as a gateway between the local network and the internet by handling data packet transmission and routing. Broadband routers are widely used in small offices and homes because they offer essential networking services, including DHCP, NAT, and sometimes wireless connectivity.

Inter-provider border routersare used by ISPs to route data between different providers and do not serve as an internet gateway for end users.

Subscriber edge routersare typically deployed at the edge of an ISP's network to connect subscriber networks but do not provide full internet routing functionalities.

Core routersoperate at the backbone level of a network, facilitating high-speed data transfer but not connecting end-user devices directly.

AWireless Local Area Network (WLAN)enables wireless connectivity within a defined geographic area, such as a library, office, or coffee shop. WLANs use Wi-Fi technology to allow users to access the internet without physical cables.

Storage Area Networks (SANs)are used for data storage and do not provide internet connectivity to users.

Metropolitan Area Networks (MANs)cover larger areas, such as cities, and are not used within a single building.

Personal Area Networks (PANs)connect personal devices like smartphones and laptops over short distances, such as via Bluetooth, but do not support public internet access.

Availabilityensures that systems and data remain accessible and operational, even in the event of failures or attacks. Adisaster recovery plan (DRP)focuses on restoring IT infrastructure and operations after incidents like hardware failures, cyberattacks, or natural disasters. Strategies include data backups, failover systems, and redundant architectures.

Confidentialityfocuses on restricting unauthorized access.

Integrityensures data remains unaltered, but does not address service continuity.

Innovationis unrelated to the CIA triad.