1.4.2 Identifying and Preventing Vulnerabilities

Cards (78)

Addressing network security vulnerabilities helps maintain the confidentiality, integrity, and availability of a network. 
True
What is an example of a hardware vulnerability?
Flaws in routers
What are two common methods for identifying network vulnerabilities?
Penetration testing, security audits
What do security audits examine in a network?
Configurations, access controls
Human vulnerabilities result from user mistakes, negligence, or lack of security awareness. 
True
What are network security vulnerabilities?
Weaknesses in a network system
Into how many main areas can network vulnerabilities be categorized?
Four
Bugs in software are classified as software
Penetration testing involves simulating real-world attacks
What type of vulnerability arises from flaws in physical network components like routers or servers?
Hardware
What type of vulnerability occurs when there is a lack of physical security controls allowing unauthorized access to network infrastructure?
Physical
Ethical hackers are involved in penetration testing to exploit vulnerabilities and gain unauthorized access.
True
Match the method with its primary focus:
Penetration Testing ↔️ Uncover hidden flaws
Security Audits ↔️ Identify misconfigurations
Intrusion Detection Systems (IDS) monitor network traffic for suspicious activities.
What is a limitation of Intrusion Detection Systems (IDS) in network security?
May produce false positives
What is one benefit of effective patch management in network security?
Reduced security breaches
What is the primary focus of incident response planning compared to other security measures?
Handling threats after they occur
What are network security vulnerabilities used for by attackers?
Gain unauthorized access
Phishing scams are an example of a human vulnerability. 
True
What is the primary function of a firewall?
Control network traffic
Match the security measure with its limitation:
Firewall ↔️ Can be bypassed by sophisticated attacks
IDS ↔️ May produce false positives
Why are software updates important in network security?
1️⃣ Fix security flaws
2️⃣ Improve functionality
3️⃣ Maintain compliance
Software updates fix security flaws
Effective patch management reduces the risk of security breaches
Steps in the patch management process
1️⃣ Identify software vulnerabilities
2️⃣ Acquire updates and fixes
3️⃣ Install updates
4️⃣ Verify installation
Ensuring updates work seamlessly with existing software and hardware is a challenge known as compatibility
Compliance with industry standards is maintained by keeping software up to date
Organizations reduce the risk of phishing attempts by educating users on recognizing suspicious
Containment involves isolating affected systems to prevent further damage. 
True
Incident response planning complements other security measures like firewalls and intrusion detection systems. 
True
Penetration testing uses ethical hackers to probe the network for hidden flaws
What does penetration testing simulate to discover network weaknesses?
Real-world attacks
Penetration testing and security audits both proactively address vulnerabilities to ensure network confidentiality.
What is the primary purpose of firewalls in network security?
Control network traffic
What is a limitation of firewalls in preventing network vulnerabilities?
Can be bypassed
Software updates fix security flaws and improve functionality in a network system. 
True
User training and security awareness are essential for addressing human vulnerabilities in a network. 
True
What is the main objective of attackers exploiting network security vulnerabilities?
Unauthorized access
What is an example of a hardware vulnerability?
Lack of firmware updates
Match the method for identifying vulnerabilities with its description:
Penetration Testing ↔️ Simulates real-world attacks to exploit weaknesses
Security Audits ↔️ Reviews configurations and security policies for gaps