Provide Network System Administration

Self Checks Assignment

Self Check 1:Client Access and Security

Part I:- Say True if the given statement is correct else say False

_______1. When determining access privileges in a network system, factors such as user's physical
location and job title should be considered.
_______2. Granting all users the highest level of access possible is a recommended approach for
determining access privileges.
_______3. Storing sensitive data in plain text files is a secure practice for maintaining system
integrity and security.
Part II: - Select the appropriate answer from the given alternative

1. When referring to accounts and files privilege in network system administration, what
does the term "privilege escalation" mean?
A. Granting additional permissions to a user
B. Revoking all access privileges from a user
C. Assigning a new username to a user
D. Changing the file ownership to a different user

2. In the context of determining access privileges, what is the principle of "least

privilege"?
A. Granting users the highest level of access possible
B. Assigning access privileges based on job titles
C. Limiting user access to only the resources necessary for their tasks
D. Providing all users with equal access privileges
3. Which of the following is an example of a multifactor authentication method for
determining access privileges?
A. Using a username and password combination
B. Requiring a fingerprint scan and a password
 C. Granting access based solely on IP address
D. Sharing a single password among multiple users
4. What is the purpose of implementing intrusion detection systems (IDS) in network
system administration?
A. To prevent unauthorized access to the system
B. To monitor network traffic and detect potential security breaches
C. To encrypt sensitive data during transmission
D. To manage user accounts and access privileges
5. Which of the following is an example of a security measure for maintaining system
integrity and security?
A. Regularly updating antivirus software
B. Sharing passwords with coworkers for convenience
C. Allowing unrestricted remote access to the system
D. Storing sensitive data in plain text files
Part II: - Give short answer

1. What are the responsibilities of system administrator?

2. Demonstrate the difference between system security and system integrity with example?

3. List and explain Network administration key areas?

Self Check 2: Disseminate disaster recovery plan

 Part I:- Say True if the given statement is correct else say False

_______1. A disaster recovery plan (DRP) only focuses on recovering data and does not address other
aspects of business operations.
_______2. Backup and restore processes are only necessary for natural disasters and do not apply to other
types of disruptions.
_______3. Having a backup solution in place guarantees instant recovery of data and systems in the event of
a disaster.
_______4. Data backup and replication are interchangeable terms, representing the same process.
Part II: - Select the appropriate answer from the given alternative

What is the primary goal of a disaster recovery plan (DRP)?

A. Preventing disasters from occurring
B. Minimizing the impact of disasters on business operations
C. Recovering data and systems instantly after a disaster
D. Eliminating the need for regular backups

2. What is the purpose of conducting a business impact analysis (BIA) in the context of a
disaster recovery plan?
A. Identifying critical business functions and their dependencies
B. Assessing the likelihood of specific disaster events occurring
C. Implementing cybersecurity measures to prevent data breaches
D. Evaluating the effectiveness of backup and restore processes
3. Which of the following is an example of an off-site backup location?
A. An external hard drive connected to the same server
B. A cloud storage service hosted by a third-party provider
C. shared network folder on the same local network
D. An additional internal hard drive within the same computer
4. What does the term "recovery point objective" (RPO) refer to in backup and restore?
A. The maximum tolerable downtime after a disaster
B. The amount of data that can be recovered within a specific timeframe
C. The point in time to which data can be restored after a disaster
D. The frequency at which backups are performed
5. Which of the following is a common backup strategy for ensuring redundancy and data
availability?
 A. Full backup performed daily
B. Incremental backup performed weekly
C. Differential backup performed monthly
D. Snapshot backup performed hourly
Part II: - Give short answer

1. List and explain types of backups?

2. Demonstrate the main purpose of network disaster recovery in large and small
organization?

3. Demonstrate disaster restore phase?

Self check 3:Monitor network performance

Part I:- Say True if the given statement is correct else say False

_______1. Performing diagnostic tests involves analyzing and responding to information.

_______2. Monitoring software and files is not a part of the diagnostic testing process.
_______3. Diagnostic testing does not involve monitoring performance indicators.

Part II: - Select the appropriate answer from the given alternative

1.What is the purpose of analyzing and responding to information in network administration

A. Improving network aesthetics C. Identifying performance bottlenecks

B. Monitoring software license usage D. Ensuring Physical security measures
2.Which of the following is a common performance indicator monitored in network
administration.
 A. Keyboard typing speed
B. Server room temperature
C. File compression ratio
D. Network bandwidth utilization
3.How does improving network and system contribute to network administration?

A.Increasing software licensing costs

B.Enhancing data backup and recover
C.Monitoring physical server dimension
D.Optimizing network configurations

4. How does improving network and systems contribute to network administration?

A. Monitoring office supply inventory
B. Increasing software licensing compliance
C. Enhancing network security measures
D. Optimizing printer paper tray configurations
Part III: - Give short answer

1. List and explain ways of analyze and respond to information in a network?

2. Demonstrate the way of improve network and systems?

3. Demonstrate the technic of monitor software and files using a network?

Self Check 4: Migrate to New Technology

Part I: - Say True if the given statement is correct else say False

_______1. Upgrading technology skills involves identifying upgraded equipment.

_______2. Understanding sources of information for new or upgraded equipment is
necessary when upgrading technology skills.
_______3. Using new or upgraded equipment is not important in the process of upgrading
technology skills.
Part II: - Select the appropriate answer from the given alternative

1. Which of the following is a benefit of identifying upgraded equipment when upgrading

technology skills?

A. It improves physical fitness C. It boosts creativity in art and design

B. It enhances problem-solving abilities D. It promotes healthy eating habits

2.How does using new or upgraded equipment contribute to upgrading technology skills?
A. It improves social interaction skills
B. It enhances critical thinking abilities
C. It promotes physical well-being
D. It develops musical talent

3.Which of the following is an example of upgraded equipment in the context of upgrading technology
skills?

A.Pencil and paper B.Typewriter C.Smartphone D.Abacus

4.Which of the following is a direct outcome of upgrading technology skills?

A.Building a sandcastle C.Writing poetry

B.Solving complex technological D.Playing sports

Part III: - Give short answer

1. List and explain Sources of information for new or upgraded equipment?

2. Demonstrate the way of develop new skills in emerging technologies?

3. List and explain upgraded equipment in ICT?

 Manage Network Security Self Checks
Assignment
Self Check 1: Define a Process for Designing Security
Part I: True/False Questions:
1. Risk assessment involves evaluating potential risks and threats to the network, including
understanding the value of assets, potential vulnerabilities, and the likelihood of
security incidents.
2. Security goals and objectives should be defined in alignment with the organization's
overall business objectives and may include factors such as confidentiality, integrity,
availability, and compliance with industry regulations.
3. A defense-in-depth strategy in network security involves implementing multiple layers
of security controls, combining technologies, policies, and procedures to mitigate risks
at various levels.
Part II: Choice
1. Which of the following is a key purpose of strategically deploying firewalls in network
security?
A. Enhancing user authentication C. Controlling and monitoring network traffic
B. Encrypting sensitive data D. Managing incident response plans
2. What is the primary purpose of implementing VPNs in network security?
A. Enhancing firewall configurations C. Securing remote access and communication
B. Conducting security audits D. Managing incident response plans
Part III : Essay Questions:

1. Discuss the importance of using encryption protocols to protect sensitive data during
transmission and storage in network security. Provide examples of situations where data
encryption is crucial.
 2. Outline the key components of a well-defined incident response plan in network
security. Discuss the roles and responsibilities, communication plans, and strategies for
recovery during a security incident.

3. Discuss the concept of continuous improvement in the context of network security design
phases.

Self Check 2: Threats to network security

Part I : True/False Questions:

1. Malware includes types such as viruses, worms, trojan horses, ransomware, and spyware.
2. Phishing attacks can take the form of vishing, which involves voice interactions.
3. Denial-of-Service (DoS) attacks aim to increase the availability of network services.
4. Man-in-the-Middle attacks may involve SSL stripping as one of their forms.

Part II : Multiple-Choice Questions:

1. Which type of attack involves overloading a system with excessive traffic to disrupt
normal functioning?
A) Phishing
B) Denial-of-Service (DoS)
C) Man-in-the-Middle
D) SQL Injection
2. What is the primary impact of Cross-Site Scripting (XSS) attacks?
A) Unauthorized access
B) Data manipulation
C) Cookie theft and session hijacking
D) System disruption
3. Which vulnerability involves exploiting weaknesses in web applications by injecting
malicious SQL code into input fields?
A) Weak Passwords
B) SQL Injection
C) Outdated Software
 D) Phishing

Part III : Essay Questions:

1. Explain the potential impact of a Zero-Day Exploit on a network. How can

organizations prepare for such attacks?

2. Discuss the role of user and access controls in network security. How does the
principle of least privilege contribute to a more secure network environment?

3. Describe the steps involved in an effective incident response plan. How does it
contribute to minimizing the impact of security incidents on a network?

Self Check 3: Analyze security risks

Part I : True or False Questions:
1. Risk Identification involves assigning numerical values to potential threats and
vulnerabilities.
2. Asset Valuation includes prioritizing assets based on their importance to the
organization.
3. Threat Modeling focuses on developing and implementing strategies to reduce the
impact of identified risks.
4. Continuous Monitoring involves conducting tabletop exercises to test the incident
response plan.
Part II : Choice Questions:
1. Which activity is associated with Risk Assessment?
A. Security awareness training C. Encryption of sensitive data
B. Quantitative risk analysis D. Establishing an incident response team

2. What is the outcome of Threat Modeling?

 A. Prioritized list of network risks
B. Implemented measures to enhance network security
C. A model illustrating potential threats and attack scenarios
D. Documented incident response plan
3. Which is considered a Hardware Asset?
A. Security Policies
B. Operating Systems
C. Servers
D. Encryption Keys
Part III : Essay Questions:
1. Explain the significance of Asset Valuation in the context of network security risk
management.

2. Describe the steps involved in creating a comprehensive Incident Response Plan.

Highlight the key elements that should be included in the plan for an efficient response
to network security incidents.

Self Check 4: Create a security design

Part I - True/False Questions:

1. Phishing is a social engineering technique that may lead to unauthorized access and
data breaches.
2. Credential stuffing involves using previously stolen usernames and passwords to gain
unauthorized access.
3. Brute force attacks systematically try all possible combinations of passwords to gain
unauthorized access.

Part II - Multiple-Choice Questions:

1. What is a key component of feedback sessions?

A. Incident response evaluations

B. Anonymous surveys
 C. Security patching
D. Continuous improvement discussions
2. Why are incident response evaluations important for feedback?

A. To assess network security

B. To evaluate the effectiveness of monitoring systems
C. To understand what worked well and areas for improvement
D. To review documentation related to security measures
3. What is the objective of risk assessment in developing security policies?
A. To develop comprehensive security policies
B. To ensure regulatory compliance
C. To identify and prioritize security risks
D. To conduct incident response evaluations

Part III - Essay Questions:

1. Discuss the significance of social engineering in cybersecurity.

2. Explain the key steps involved in designing effective security measures for an
organization.

3. Describe the feedback mechanisms outlined in the document for obtaining insights into
the effectiveness of security measures.

Self Check 5: Design and implement responses to security incidents

Part I. True or False
1. Regularly conducting risk assessments is a key component of applying audit procedures
for information security.
2. An incident response plan should be regularly reviewed and updated to align with
emerging threats.
3. Simulated phishing exercises are effective for testing and improving employees' security
awareness.
4. Centralized logging systems are essential for aggregating logs from various sources for
analysis and compliance.
Part II. Multiple-Choice
1. What is the primary purpose of intrusion detection systems (IDPS) in the context of
incident response?
a. Monitor network traffic for anomalies and known attack patterns.
b. Restore affected systems and data from backups.
c. Conduct regular vulnerability assessments.
d. Document compliance with legal and regulatory requirements.
2. Which configuration measure is recommended to enforce the principle of least
privilege?
a. Multi-Factor Authentication (MFA)
b. Logging Configuration
c. Identity and Access Management (IAM)
d. Incident Tracking System
3. What is the purpose of conducting a tabletop exercise in the incident response
process?
a. Simulate an actual incident in a controlled environment.
b. Verify the resolution and effectiveness of the incident response process.
c. Assess the impact of the incident on confidentiality, integrity, and availability.
d. Review and validate the actions taken, communication protocols, and coordination
among team members.
4. Why is documentation important in the incident response process?
a. To create realistic scenarios for testing.
b. To maintain detailed records of audit activities.
c. To assess and document the impact of the incident.
d. To provide communication updates to stakeholders.