it security defense against the digital dark arts week 4 answers
Secure Network Architecture
1. Why is normalizing log data important in a centralized logging setup?
- Log normalizing detects potential attacks.
- Uniformly formatted logs are easier to store and analyze.
- The data must be decrypted before sending it to the log server.
- It’s difficult to analyze abnormal logs.
2. What type of attacks does a flood guard protect against? Check all that apply.
- DDoS attacks
- SYN floods
- Man-in-the-middle attacks
- Malware infections
3. What does DHCP Snooping protect against?
- DDoS attacks
- Rogue DHCP server attacks
- Brute-force attacks
- Data theft
4. What does Dynamic ARP Inspection protect against?
- Malware infections
- ARP poisoning attacks
- Rogue DHCP server attacks
- DDoS attacks
5. What does IP Source Guard protect against?
- Brute-force attacks
- Rogue DHCP server attacks
- IP spoofing attacks
- DDoS attacks
6. What does EAP-TLS use for mutual authentication of both the server and the client?
- Digital certificates
- Usernames and passwords
- One-time passwords
- Biometrics
7. Why is it recommended to use both network-based and host-based firewalls? Check all that apply.
- For protection for mobile devices, like laptops
- For protection against man-in-the-middle attacks
- For protection against DDoS attacks
- For protection against compromised hosts on the same network