1.4.2 Identifying and Preventing Vulnerabilities

    Cards (78)

    • Addressing network security vulnerabilities helps maintain the confidentiality, integrity, and availability of a network.

      True
    • What is an example of a hardware vulnerability?
      Flaws in routers
    • What are two common methods for identifying network vulnerabilities?
      Penetration testing, security audits
    • What do security audits examine in a network?
      Configurations, access controls
    • Human vulnerabilities result from user mistakes, negligence, or lack of security awareness.

      True
    • What are network security vulnerabilities?
      Weaknesses in a network system
    • Into how many main areas can network vulnerabilities be categorized?
      Four
    • Bugs in software are classified as software
    • Penetration testing involves simulating real-world attacks
    • What type of vulnerability arises from flaws in physical network components like routers or servers?
      Hardware
    • What type of vulnerability occurs when there is a lack of physical security controls allowing unauthorized access to network infrastructure?
      Physical
    • Ethical hackers are involved in penetration testing to exploit vulnerabilities and gain unauthorized access.
      True
    • Match the method with its primary focus:
      Penetration Testing ↔️ Uncover hidden flaws
      Security Audits ↔️ Identify misconfigurations
    • Intrusion Detection Systems (IDS) monitor network traffic for suspicious activities.
    • What is a limitation of Intrusion Detection Systems (IDS) in network security?
      May produce false positives
    • What is one benefit of effective patch management in network security?
      Reduced security breaches
    • What is the primary focus of incident response planning compared to other security measures?
      Handling threats after they occur
    • What are network security vulnerabilities used for by attackers?
      Gain unauthorized access
    • Phishing scams are an example of a human vulnerability.

      True
    • What is the primary function of a firewall?
      Control network traffic
    • Match the security measure with its limitation:
      Firewall ↔️ Can be bypassed by sophisticated attacks
      IDS ↔️ May produce false positives
    • Why are software updates important in network security?
      1️⃣ Fix security flaws
      2️⃣ Improve functionality
      3️⃣ Maintain compliance
    • Software updates fix security flaws
    • Effective patch management reduces the risk of security breaches
    • Steps in the patch management process
      1️⃣ Identify software vulnerabilities
      2️⃣ Acquire updates and fixes
      3️⃣ Install updates
      4️⃣ Verify installation
    • Ensuring updates work seamlessly with existing software and hardware is a challenge known as compatibility
    • Compliance with industry standards is maintained by keeping software up to date
    • Organizations reduce the risk of phishing attempts by educating users on recognizing suspicious
    • Containment involves isolating affected systems to prevent further damage.

      True
    • Incident response planning complements other security measures like firewalls and intrusion detection systems.

      True
    • Penetration testing uses ethical hackers to probe the network for hidden flaws
    • What does penetration testing simulate to discover network weaknesses?
      Real-world attacks
    • Penetration testing and security audits both proactively address vulnerabilities to ensure network confidentiality.
    • What is the primary purpose of firewalls in network security?
      Control network traffic
    • What is a limitation of firewalls in preventing network vulnerabilities?
      Can be bypassed
    • Software updates fix security flaws and improve functionality in a network system.

      True
    • User training and security awareness are essential for addressing human vulnerabilities in a network.

      True
    • What is the main objective of attackers exploiting network security vulnerabilities?
      Unauthorized access
    • What is an example of a hardware vulnerability?
      Lack of firmware updates
    • Match the method for identifying vulnerabilities with its description:
      Penetration Testing ↔️ Simulates real-world attacks to exploit weaknesses
      Security Audits ↔️ Reviews configurations and security policies for gaps
    See similar decks