Network-and-Security-Foundation Exam Dumps - Network-and-Security-Foundation

Credential stuffingis a cyberattack where attackers use stolen username-password combinations from one breach to try logging into other services, exploiting users who reuse passwords. Automated tools test multiple credentials against multiple sites, leading to unauthorized access.

Brute-force attacksystematically tries all possible passwords but does not use breached data.

Session hijackingintercepts active user sessions but does not use stolen credentials.

Social engineeringmanipulates users into revealing credentials, rather than using breached data.

Human-centerednessin security design prioritizesuser experience and productivitywhile implementing security measures. It ensures that security policies are intuitive and do not excessively burden users, reducing resistance to security compliance.

Least common mechanismminimizes shared resources to enhance security.

Fail-safeensures secure defaults in case of system failure.

Zero-trust modelassumes no inherent trust in users or devices.

Social engineeringinvolves manipulating people into divulging confidential information, often by impersonation, deception, or psychological tactics. Using aforged ID cardto gain trust and extract sensitive information is a classic example of social engineering.

Brute-force attackattempts to guess passwords through automated methods.

Man-in-the-middle attackintercepts communication but does not rely on deception.

Pharmingtricks users into visiting fraudulent websites but does not involve impersonation.

Data encryptionprotects sensitive information by encoding it into an unreadable format, ensuring that even if attackers intercept the data, they cannot decipher it without the proper decryption key. This is crucial forprotecting stored and transmitted data.

RBACcontrols user access but does not secure data in transit.

2FAstrengthens authentication but does not secure stored or transmitted data.

Patch managementfixes software vulnerabilities but does not directly protect intercepted data.

Integrityin theCIA (Confidentiality, Integrity, Availability) triadensures that data is not altered in an unauthorized manner. In networking, integrity mechanisms such as checksums, message authentication codes (MACs), and digital signatures verify that transmitted data has not been tampered with. If an IP packet has an invalid checksum, the system detects corruption and requests retransmission, ensuring data integrity.

Confidentialityprotects against unauthorized access but does not ensure data consistency.

Availabilityensures that resources are accessible but does not verify data correctness.

Consistencyis not a formal component of the CIA triad.

TheNetwork or Internet layerof the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. TheInternet Protocol (IP)operates at this layer, ensuring thatdata is correctly routed from the source to the destination.

Physical or network access layerdeals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layerincludes end-user services (e.g., HTTP, FTP).

Transport layermanages data flow using protocols like TCP and UDP but does not handle IP addressing.

TheTransport layer(Layer 4 of the OSI model) includes theTransmission Control Protocol (TCP), which provides reliable, connection-oriented communication. TCP ensures error-checking, sequencing, and retransmission of lost packets.

Application layerdeals with end-user protocols like HTTP and FTP.

Session layermanages communication sessions but not transport protocols.

Network layerfocuses on IP addressing and routing, not transport mechanisms.

This describes aransomware attack, which falls underdenial of availabilitybecause it prevents users from accessing their data or systems until a ransom is paid. Attackers use encryption to lock files, disrupting operations.

Data modificationrefers to unauthorized changes to information.

Data exportinvolves stealing data rather than disabling access.

Launch pointdescribes an attacker's use of a compromised system to attack others.