WGU Network-and-Security-Foundation - Network-and-Security-Foundation

TheNetwork or Internet layerof the TCP/IP model is responsible for addressing, routing, and delivering packets across networks. TheInternet Protocol (IP)operates at this layer, ensuring thatdata is correctly routed from the source to the destination.

Physical or network access layerdeals with hardware transmission (e.g., Ethernet, Wi-Fi).

Application layerincludes end-user services (e.g., HTTP, FTP).

Transport layermanages data flow using protocols like TCP and UDP but does not handle IP addressing.

Accounting(also known asauditing or logging) is a network security concept that tracks user activities, includingsuccessful and failed authentication attempts, system changes, and resource access. This helps in detecting and mitigating security breaches.

Authenticationverifies user identity but does not track activity.

Availabilityensures systems remain operational.

Authorizationcontrols user permissions but does not log activities.

Confidentialityin IT security ensures that sensitive data remains private and protected from unauthorized access. Encryption is a key measure used to maintain confidentiality by encoding data so that only authorized users can access it.

Integrityensures that data remains accurate and unchanged.

Availabilityensures that data is accessible when needed.

Consistencyis not a component of the CIA triad.

AType 2 hypervisor(hosted hypervisor) runs on top of an existing operating system and allows for the creation of virtual machines. Examples include VMware Workstation and Oracle VirtualBox.

Type 1 hypervisorsrun directly on hardware without an OS (e.g., VMware ESXi, Microsoft Hyper-V).

Open-source and proprietarydescribe licensing models, not hypervisor types.

Session hijackingoccurs when an attacker takes over an established connection between two devices, often by stealing session tokens or manipulating network traffic. This allows the attacker to impersonate a legitimate user and gain unauthorized access.

Dictionary attackinvolves password guessing, not hijacking active connections.

Social engineeringtricks users into providing information but does not hijack sessions.

IP address spoofingdisguises the attacker's identity but does not necessarily take over a session.

TheNetwork layer(Layer 3 of the OSI model) includes theInternet Control Message Protocol (ICMP), which is used for network diagnostics (e.g.,pingcommand). ICMP helps in error reporting and network troubleshooting.

Transport layerhandles reliable data delivery (e.g., TCP, UDP).

Session layermanages communication sessions.

Application layerprovides end-user services.

A violation ofintegrityoccurs whendata is modified incorrectly, whether intentionally or by accident. In this case, anemployee modifying a customer account incorrectlydemonstrates a breach of data integrity.

A and Crelate toavailability, as they describe system downtime.

Drelates toconfidentiality, as it describes improper data protection.

Multifactor authentication (MFA)requires users to verify their identity usingmultiple factors, such assomething they know (password), something they have (a token or phone), or somewhere they are (geolocation-based access control). Requiring both location verification andpassword authentication demonstrates MFA.

Certificate verificationchecks digital certificates for security but does not use multiple authentication factors.

User-based accountinglogs user activities but does not verify identity.

Single sign-on (SSO)allows access to multiple systems with one login but is not necessarily MFA.