How do wireless IDSs get their data?
Answer: In centralized wireless intrusion detection system, each access point becomes a wireless IDS agent,...
How do wireless IDSs get their data?
What is the purpose of a wireless IDS?
What is the purpose of a wireless IDS?
Answer: It is to collect data from wireless access points that can be used to detect attacks...
How long must passphrases be for adequate security?
How long must passphrases be for adequate security?
Answer: Passphrases must be at least 20 characters long for adequate security, but preferably...
How are PSK/personal keys generated?
How are PSK/personal keys generated?
Answer: The administrator types a passphrase into every client and into the access point...
Why is using a shared initial key not dangerous?
Why is using a shared initial key not dangerous?
Answer: This key is used only briefly, when a client first authenticates itself to the access...
How do users in this mode authenticate themselves to the access point?
How do users in this mode authenticate themselves to the access point?
Answer: In the PSK mode, users authenticate themselves to the access point...
What mode was created for homes or very small businesses with a single access point?
What mode was created for homes or very small businesses with a single access point?
Answer: PSK/personal mod...
Despite its security weaknesses, why do many companies continue to use WPA instead of 802.11i?
Despite its security weaknesses, why do many companies continue to use WPA instead of 802.11i?
Answer: Companies still use WPA instead of WPA2...
What does the Wi-Fi Alliance call 802.11i?
What does the Wi-Fi Alliance call 802.11i?
Answer: WPA...
Compare WPA and 802.11i security.
Compare WPA and 802.11i security.
Answer: WPA uses the relatively weak RC4 cipher in encryption for confidentiality and uses the only moderately...
What prompted the Wi-Fi Alliance to create WPA?
What prompted the Wi-Fi Alliance to create WPA?
Answer: The inadequacy of WEP (which can be cracked in minutes) caused many companies to freeze...
Should corporations today use WEP for security today?
Should corporations today use WEP for security today?
Answer: No. Given how easily and quickly WEP can be cracked, it makes no sense for corporations...
How long may WEP take to crack today?
How long may WEP take to crack today?
Answer: If a company encrypts a large enough volume of traffic with the same secret key, the attacker can...
What mistake did the 802.11 Working Group make in selecting the length of the IV?
What mistake did the 802.11 Working Group make in selecting the length of the IV?
Answer: The 802.11 Working Group's mistake was making IVs too...
What per-frame key does a WEP computer or access point use to encrypt when it transmits?
What per-frame key does a WEP computer or access point use to encrypt when it transmits?
Answer: WEP encrypts each frame with a per-frame key...
Why are permanent shared keys undesirable?
Why are permanent shared keys undesirable?
Answer: Permanent shared keys are undesirable because in large firms that have many access points...
What encryption algorithm does it use?
What encryption algorithm does it use?
Answer: WEP uses RC4...
What was the first core wireless security standard?
What was the first core wireless security standard?
Answer: Wired equivalent privacy (WEP...
Is 802.11i security strong? Explain.
Is 802.11i security strong? Explain.
Answer: 802.11i security is very strong. 802.11i not only provides authentication, but it supplies all of...
Distinguish between their options for inner authentication.
Distinguish between their options for inner authentication.
Answer: For EAP/TLS, the inner authentication also uses TLS. For PEAP, the client...
What two extended EAP protocols are popular today?
What two extended EAP protocols are popular today?
Answer: EAP/TLS and PEA...
What authentication method or methods does outer authentication use?
What authentication method or methods does outer authentication use?
Answer: Outer authentication uses SSL/TSL...
For 802.11i, distinguish between outer and inner authentication.
For 802.11i, distinguish between outer and inner authentication.
Answer: Outer authentication in 802.11i consists of the client authenticating...
What standard did the 802.3 Working Group create to extend 802.1X operation to WLANs with security for EAP?
What standard did the 802.3 Working Group create to extend 802.1X operation to WLANs with security for EAP?
Answer: 802.11...
Why is it impossible to extend 802.1X operation using EAP directly to WLANs?
Why is it impossible to extend 802.1X operation using EAP directly to WLANs?
Answer: EAP assumes that the connection between the supplicant and...
What would happen if a wireless network were flooded with CTS frames?
What would happen if a wireless network were flooded with CTS frames?
Answer: A flood of CTS frames with long transmission durations keeps other...
What type of attack commands could be sent to cause a wireless DoS attack?
What type of attack commands could be sent to cause a wireless DoS attack?
Answer: An attacker could use packet injection to send spoofed deauthenticate...
What device could be used to identify a DoS flood if the entire frequency is being flooded by EMI?
What device could be used to identify a DoS flood if the entire frequency is being flooded by EMI?
Answer: Network administrators can use wireless...
What type of devices could be used to flood the transmission frequency for a WLAN?
What type of devices could be used to flood the transmission frequency for a WLAN?
Answer: Attackers can use common household items such as baby...
How would a wireless DoS attack be carried out?
How would a wireless DoS attack be carried out?
Answer: Wireless DoS attacks can be carried out by 1) flooding the frequency being used, 2) flooding...
How can the danger of evil twin attacks be addressed?
How can the danger of evil twin attacks be addressed?
Answer: The danger of evil twin attacks can be eliminated by requiring remote clients to...
In what two types of attacks can the evil twin engage?
In what two types of attacks can the evil twin engage?
Answer: It can capture credentials transmissions and keys and it can also send packets...
What happens when the legitimate supplicant sends credentials to the legitimate access point?
What happens when the legitimate supplicant sends credentials to the legitimate access point?
Answer: The evil twin access point will intercept...
Physically, what is an evil twin access point?
Physically, what is an evil twin access point?
Answer: An evil twin access point is simply a PC that has software to allow it to masquerade as...
What man-in-the-middle attack is a danger for 802.11 WLANs?
What man-in-the-middle attack is a danger for 802.11 WLANs?
Answer: The most dangerous man-in-the-middle attack for 802.11 WLANs is the evil...
Are you liable if someone else uses your wireless network to commit a crime? Why, or why not?
Are you liable if someone else uses your wireless network to commit a crime? Why, or why not?
Answer: At the time of this writing, it appears...
Give examples of both internal and external harm caused by unauthorized wireless access.
Give examples of both internal and external harm caused by unauthorized wireless access.
Internally, attackers have greater access to information,...
Who would set up a rogue access point? Why?
Who would set up a rogue access point? Why?
Answer: Rogue access points are unauthorized access points set up by individuals or departments with...
What is the difference between an open network and a private network?
What is the difference between an open network and a private network?
Answer: Open networks can be legally accessed by anyone, but private networks...
What is the typical range of a WLAN?
What is the typical range of a WLAN?
Answer: Wireless 802.11 networks typically have a range of 30 to 100 meters extending in all directions...
Which device acts as a relay between wired and wireless networks?
Which device acts as a relay between wired and wireless networks?
Answer: An access poin...
Which IEEE standard governs WLAN transmission?
Which IEEE standard governs WLAN transmission?
Answer: IEEE 802.1...
What is the most common attack against wireless networks? Why?
What is the most common attack against wireless networks? Why?
Answer: The most common attack against wireless networks is unauthorized access,...
What authentication method does RADIUS use?
What authentication method does RADIUS use?
Answer: EA...
How are EAP and RADIUS related in terms of functionality?
How are EAP and RADIUS related in terms of functionality?
Answer: RADIUS is an AAA server that uses EAP for authentication...
What standard do most central authentication servers follow?
What standard do most central authentication servers follow?
Answer: Most central authentication servers are governed by the RADIUS standard...
Why is there no need to change the operation of the authenticator when a new EAP authentication method is added or an old EAP authentication mode is dropped?
Why is there no need to change the operation of the authenticator when a new EAP authentication method is added or an old EAP authentication mode is...
Why is this freedom from the need to make changes in the switch beneficial?
Why is this freedom from the need to make changes in the switch beneficial?
Answer: The freedom to make changes in authentication protocols is...
When a new authentication method is added, what device software must be changed to use the new method?
When a new authentication method is added, what device software must be changed to use the new method?
When a new authentication method is added,...
When a new authentication method is added, what device software must be changed to use the new method?
When a new authentication method is added, what device software must be changed to use the new method?
Answer: When a new authentication method...
In what sense is EAP extensible?
In what sense is EAP extensible?
EAP is considered extensible because it is easy to add new authentication methods to EAP (such as smart cards, MS-CHAP,...
How does the authenticator pass this information on to the supplicant?
How does the authenticator pass this information on to the supplicant?
Answer: How the authenticator notifies the client of authentication success...
Describe how the central authentication server tells the authenticator that the supplicant is acceptable.
Describe how the central authentication server tells the authenticator that the supplicant is acceptable.
It sends an EAP accept message if the supplicant...
What types of messages carry requests for authentication information and responses to these requests?
What types of messages carry requests for authentication information and responses to these requests?
Answer: EAP request and response messa...
How does an EAP session start?
How does an EAP session start?
Answer: When a switch senses a connection, it sends an EAP Start message to the RADIUS server. This begins the...
Which device is called the authenticator?
Which device is called the authenticator?
The Extensible Authentication Protocol (EAP...
Which device is the verifier? Explain. (Tricky question.)
Which device is the verifier? Explain. (Tricky question.)
There is no verifier in 802.1X. Instead, the verifier responsibilities are shared between...
What are the three benefits of using a central authentication server?
What are the three benefits of using a central authentication server?
Reduced cost: Having a central authentication server reduces the work required...
Where is the heavy authentication work done?
Where is the heavy authentication work done?
The heavy authentication work is done on a central authentication server, rather than on the switch...
Why is 802.1X called Port-Based Access Control?
Why is 802.1X called Port-Based Access Control?
802.1X is called Port-Based Access Control because security is implemented on specific ports of an...
Is eavesdropping usually a concern for wired LANs, wireless LANs, or both? It is a concern in both, but it is a rare concern in wired LANs and a common concern with wireless LANs.
Is eavesdropping usually a concern for wired LANs, wireless LANs, or both?
It is a concern in both, but it is a rare concern in wired LANs and a common...
Why is the access threat to wireless LANs more severe? The intruder does not even have to enter the building, as he or she needs to do in wired LANs. In WLANs, attackers can connect to unprotected (or poorly protected) wireless access points and bypass border router security from outside of the physical premises of the company.
Why is the access threat to wireless LANs more severe?
The intruder does not even have to enter the building, as he or she needs to do in wired LANs....
What is the main access threat to wireless LANs?
What is the main access threat to wireless LANs?
An intruder can connect by radio to an unprotected wireless access point...
What is the main access threat to Ethernet LANs?
What is the main access threat to Ethernet LANs?
Traditionally, Ethernet LANs offered no access security. Any intruder who entered a corporate building...
Could a rogue router direct internal traffic to an outside rogue DNS server? How?
Could a rogue router direct internal traffic to an outside rogue DNS server? How?
Yes, the rogue router can assign a false DNS server to internal...
Would a SLAAC attack work on an existing IPv6 network? Why not?
Would a SLAAC attack work on an existing IPv6 network? Why not?
No, the attack would only work on existing IPv4 networks. If the attack were tried...
What has to be introduced to a network for a SLAAC attack to work?
What has to be introduced to a network for a SLAAC attack to work?
With the physical introduction of a rogue IPv6 router, all internal traffic is...
Why do host automatically prefer IPv6 addressing?
Why do host automatically prefer IPv6 addressing?
Traffic on the existing IPv4 network is rerouted through the rogue IPv6 router because all newer...
What is a SLAAC attack?
What is a SLAAC attack?
A Stateless Address Auto Configuration (SLAAC) attack is an attack on the functionality and confidentiality of a network....
Why would limiting local access prevent DoS attacks?
Why would limiting local access prevent DoS attacks?
Limiting local access would prevent ARP DoS attacks because foreign hosts would not be able to...
Can static IP and ARP tables be effectively used in large networks? Why not?
Can static IP and ARP tables be effectively used in large networks? Why not?
Most organizations are too large, change too quickly, and lack the experience...
How can static IP and ARP tables be used to prevent ARP poisoning?
How can static IP and ARP tables be used to prevent ARP poisoning?
ARP poisoning can be prevented by using static IP tables and static ARP tables....
How can ARP poisoning be used as a DoS attack?
How can ARP poisoning be used as a DoS attack?
Spoofed ARP replies can be used to stop all traffic on the local network as part of an ARP DoS attack....
Why does all network traffic go through the attacker after poisoning the network?
Why does all network traffic go through the attacker after poisoning the network?
If the attacker has successfully used spoofed ARP replies to record...
Does the attacker have to poison the gateway's ARP tables too? Why?
Does the attacker have to poison the gateway's ARP tables too? Why?
Yes, after the attacker has successfully rerouted the host traffic, it needs to...
Do switches record IP addresses? Why not?
Do switches record IP addresses? Why not?
Switches only look at MAC addresses. They cannot identify the incorrect ARP resolution being pushed out...
Why does the attacker have to send a continuous stream of unrequested ARP replies?
Why does the attacker have to send a continuous stream of unrequested ARP replies?
The attacker must send a continuous stream of unsolicited ARP replies...
Explain ARP poisoning? ARP poisoning can be used to reroute traffic for a MITM attack by sending unsolicited false ARP replies to all other hosts. An attacker can force hosts to erroneously mismatch MAC addresses and IP addresses. Essentially, the attacker can reroute all internal traffic as desired.
Explain ARP poisoning?
ARP poisoning can be used to reroute traffic for a MITM attack by sending unsolicited false ARP replies to all other hosts....
How could an attacker use ARP spoofing to manipulate host ARP tables?
How could an attacker use ARP spoofing to manipulate host ARP tables?
ARP requests and replies do not require authentication or verification. All...
What is ARP spoofing?
What is ARP spoofing?
ARP spoofing uses false ARP replies to map any IP address to any MAC address. Spoofed ARP replies can be broadcast to other...
Why do hosts send ARP requests?
Why do hosts send ARP requests?
If a host (gateway) receives a packet addressed to an internal host (10.0.0.1) it sends an ARP request to every host...
Can ARP poisoning be used outside the LAN? Why not?
Can ARP poisoning be used outside the LAN? Why not?
Typically not. Packets with IP addresses not on that LAN are redirected out of the network. ARP...
Why do hosts use ARP?
Why do hosts use ARP?
Address Resolution Protocol (ARP) is used to resolve 32-bit IP addresses (e.g., 55.91.56.21) into 48-bit local MAC addresses...
Why is DoS protection a community problem, not just a problem for individual victim firms to solve?
Why is DoS protection a community problem, not just a problem for individual victim firms to solve?
DoS attacks are community problems that can only...
Why is it limited in effectiveness?
Why is it limited in effectiveness?
Rate limiting frustrates both attackers and legitimate users. It helps, but it does not solve the problem...
Why is rate limiting a good way to reduce the damage of some DoS attacks?
Why is rate limiting a good way to reduce the damage of some DoS attacks?
Rate limiting can be used to reduce a certain type of traffic to a reasonable...
What is a false opening?
What is a false opening?
False opens occur when a SYN segment arrives and the firewall itself sends back a SYN/ACK segment without passing the SYN...
How can the effects of SYN floods be mitigated?
How can the effects of SYN floods be mitigated?
The effects of SYN floods can be mitigated by validating the TCP handshake, rate limiting, or even...
Is black holing an effective defense against DoS attacks? Why?
Is black holing an effective defense against DoS attacks? Why?
Black holing an attacker is not a good long-term strategy because attackers can quickly...
What is black holing?
What is black holing?
Black holing is when a firm drops all IP packets from an attacker...
How could a malformed packet cause a host to crash?
How could a malformed packet cause a host to crash?
An attacker could send a malformed packet that will cause the victim to crash. For example, ping...
What type of packet is sent in a Smurf flood? Why?
What type of packet is sent in a Smurf flood? Why?
ICMP, the attacker benefits from a multiplier effect because a single ICMP request is responded...
What is a Smurf flood?
What is a Smurf flood?
A Smurf flood is a variation of a reflected attack that takes advantage of an incorrectly configured network device (router)...
What is a DRDoS attack, and how does it work?
What is a DRDoS attack, and how does it work?
Using a botnet in a reflected attack using legitimate services is known as a distributed reflected denial-of-service...
How does a reflected attack work?
How does a reflected attack work?
A reflected attack uses responses from legitimate services to flood a victim. The attacker sends spoofed requests...
How does a P2P attack work?
How does a P2P attack work?
A peer-to-peer (P2P) redirect attack uses many hosts to overwhelm a victim using normal P2P traffic (Figure 4-7, Step...
What does a handler do?
What does a handler do?
Handlers are an additional layer of compromised hosts that are used to manage large groups of bots. Handlers can direct bots...
How does a DDoS attack work?
How does a DDoS attack work?
DDoS attacks are the most common form of DoS attack that uses intermediaries to attack the victim. The attacker's identity...
Describe a SYN flood.
Describe a SYN flood.
A SYN flood, or half-open TCP attack, happens when the attacker sends a large number of TCP SYN segments to the victim server....
What types of packets can be sent as part of a DoS attack?
What types of packets can be sent as part of a DoS attack?
A few of the types of packets that could be sent in a DoS attack include SYN, ICMP, and...
What is backscatter?
What is backscatter?
Backscatter occurs when a victim sends responses to the spoofed IP address used by the attacker, and inadvertently floods an...
What is the difference between a direct and indirect DoS attack?
What is the difference between a direct and indirect DoS attack?
A direct attack occurs when an attacker tries to flood a victim with a stream of...
Is a slow degradation of service worse than a total stoppage? Why?
Is a slow degradation of service worse than a total stoppage? Why?
An attack that slowly degrades services is more difficult to detect because there...
What are the main goals of DoS attacks?
What are the main goals of DoS attacks?
The ultimate goal of a DoS attack is to cause harm. For corporations, this can come in the form of losses...
Other than a DoS attack, what could cause a company's webserver crash?
Other than a DoS attack, what could cause a company's webserver crash?
Faulty coding or referrals from large site...
What is a denial-of-service attack?
What is a denial-of-service attack?
A DoS attack attempts to make a server or network unavailable to legitimate users. In terms of the general goals...
How does the city model relate to secure networking?
How does the city model relate to secure networking?
The city model has no distinct perimeter, and there are multiple ways of entering the network....
What is meant by "death of the perimeter?"
What is meant by "death of the perimeter?"
The "death of the perimeter" is a phrase used by network administrators to convey the idea that creating...
How does the castle model relate to secure networking?
How does the castle model relate to secure networking?
The traditional castle model of network defense had the good guys on the inside, and the attackers...
Give an example of how new technology has made networks less secure.
Give an example of how new technology has made networks less secure.
For example, newer cell phones have the ability to allow wireless laptops to...
How can information be gathered from encrypted network traffic?
How can information be gathered from encrypted network traffic?
Information transmitted during an SSL session cannot be viewed. However, the sender's...
Explain the four general goals for secure networking.
Explain the four general goals for secure networking.
These four goals include availability, confidentiality, functionality, and access control.
Availability...
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
a. Trojan horse
b. sniffing
c. tunneling
d....
To snare intruders, many organizations now use _________ techniques.
To snare intruders, many organizations now use _________ techniques.
a. entrapment
b. hacker
c. Trojan horse
d. cracker
e. DES
Answer: a. entra...
A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint Answer: a. anomaly detection
A fundamental technique to determine if an intrusion is in progress in a stable network is:
a. anomaly detection
b. armoring cable
c. RSA algorithm
d....
Which of the following is not a type of intrusion prevention system?
Which of the following is not a type of intrusion prevention system?
a. network-based
b. data link-based
c. application-based
d. host-based
e. none...
Which of the following is not true about one-time passwords?
Which of the following is not true about one-time passwords?
a. Users' pagers can receive them.
b. They can be used in conjunction with a token system.
c....
Which of the following is a mode that is used by IPSec?
Which of the following is a mode that is used by IPSec?
a. exchange
b. sniffer
c. tunnel
d. creeper
e. firefighter
Answer: c. tunn...
IP Security Protocol:
IP Security Protocol:
a. is focused on Web applications
b. is primarily used to encrypt e-mail
c. is a policy which makes public key encryption work...
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
a. disaster...
__________ provide authentication which can legally prove who sent a message over a network.
__________ provide authentication which can legally prove who sent a message over a network.
a. Digital signatures
b. DES keys
c. Directory keys
d....
DES:
DES:
a. is maintained by ISO
b. refers to Date Electronic Security
c. is a commonly used symmetric encryption algorithm that was developed in...
A brute force attack against an encryption system:
A brute force attack against an encryption system:
a. tries to gain access by trying every possible key
b. is called RC4
c. is also known as...
A symmetric encryption system has two parts: the key and the ____________.
A symmetric encryption system has two parts: the key and the ____________.
a. algorithm
b. spamming method
c. IP spoofer
d. clearance code
e. smart...
Encryption is the process of:
Encryption is the process of:
a. transmission of information over secure lines in analog form to prevent illegal access
b. detecting errors...
A way to prevent intrusion by disguising information through algorithms is:
A way to prevent intrusion by disguising information through algorithms is:
a. spoofing
b. call-back access
c. encryption
d. disk elevatoring
e....
Spyware, adware and DDOS agents are three types of:
Spyware, adware and DDOS agents are three types of:
a. IP spoofing attacks
b. Denial-of-service attacks
c. Trojans
d. Physical security threats
e....
A security hole is a(n):
A security hole is a(n):
a. malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users
b. small...
A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
a. ANI system
b....
A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
a. application level...
IP spoofing means to:
IP spoofing means to:
a. fool the target computer and any intervening firewall into believing that messages from the intruder's computer are...
A(n) ____________ examines the source and destination address of every network packet that passes through it.
A(n) ____________ examines the source and destination address of every network packet that passes through it.
a. packet level firewall
b. mullion...
A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's...
__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.
a....
With ANI security control, the network manager:
With ANI security control, the network manager:
a. uses the Authorization Notation Investigation protocol to trace only authorized user passwords
b....
The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound calling from prespecified phone numbers.
The use of a(n) _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via inbound...
A sniffer program is a:
A sniffer program is a:
a. type of macro-virus
b. small peep-hole in a door or wall to allow a security guard to sniff the area with his or...
Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities?
Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities?
a....
For Ethernet networks, a _______ switch can make eavesdropping more difficult.
For Ethernet networks, a _______ switch can make eavesdropping more difficult.
a. secure
b. Trojan horse
c. proxy
d. spoofing
e. spamming
Answer:...
Which of the following are usually the first choice for eavesdropping?
Which of the following are usually the first choice for eavesdropping?
a. unshielded twisted pair
b. shielded twisted pair
c. local cables owned...
Which of the following type of media is least susceptible to eavesdropping?
Which of the following type of media is least susceptible to eavesdropping?
a. fiber optics
b. twisted pair
c. microwave
d. infrared
e. coaxial...
The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.
The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.
a....
Which of the following is not a method for deterring intrusion?
Which of the following is not a method for deterring intrusion?
a. training end users not to divulge passwords
b. using a smart card in conjunction...
Which of the following is not a type of intruder who attempts to gain intrusion to computer networks?
Which of the following is not a type of intruder who attempts to gain intrusion to computer networks?
a. Delphi team member
b. script kiddies
c....
A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed.
A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages...
A (n) ______ is a special type of virus that spreads itself without human intervention.
A (n) ______ is a special type of virus that spreads itself without human intervention.
a. snake
b. worm
c. Trojan horse
d. boot sector virus
e. stealth...
A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.
A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.
a. network cloaking...
The key principle in preventing disruption, destruction and disaster is ___________.
The key principle in preventing disruption, destruction and disaster is ___________.
a. redundancy
b. control spreadsheet
c. IDS
d. anti-virus software
e....
Threat of intrusion comes from ____________.
Threat of intrusion comes from ____________.
a. the government
b. crackers
c. outside of the organization
d. both inside and outside of the organization
e....
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization.
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization.
a....
A(n) ____________, is an information system that is critical to the survival of an organization.
A(n) ____________, is an information system that is critical to the survival of an organization.
a. network plan
b. accounting system
c. IDS
d....
A(n) _________ is something of value and can be either hardware or software.
A(n) _________ is something of value and can be either hardware or software.
a. asset
b. service level agreement
c. threat
d. security plan
e. network...
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce...
_______ controls fix a trespass into the network.
_______ controls fix a trespass into the network.
a. corrective
b. detective
c. preventive
d. mitigating
e. backup
Answer: a. correcti...
________ controls discover unwanted events.
________ controls discover unwanted events.
a. preventive
b. corrective
c. detective
d. mitigating
e. backup
Answer: a. preventi...
________ controls stop a person from acting.
________ controls stop a person from acting.
a. detective
b. corrective
c. mitigating
d. preventive
e. backup
Answer: d. preventi...
Developing _______ helps develop a secure network.
Developing _______ helps develop a secure network.
a. rules
b. controls
c. network maps
d. vendor documentation
e. service level agreements
Answer:...
A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.
A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.
a. disruptive
b. controlled chaos
c....
A network switch failure is an example of a(n) ________ threat.
A network switch failure is an example of a(n) ________ threat.
a. internal
b. disruptive
c. causal
d. intrusion
e. disaster
Answer: b. disrupt...
Often, incidents of ___________ involve employees of the organization, surprisingly enough.
Often, incidents of ___________ involve employees of the organization, surprisingly enough.
a. intrusion
b. disruption
c. controlled chaos
d. destruction
e....
A tornado that eliminates a network control center would be an example of a natural __________
A tornado that eliminates a network control center would be an example of a natural __________
a. disaster
b. disruption
c. controlled chaos
d. destruction
e....
An example of _____ of data would be if a computer virus eliminated files on that computer.
An example of _____ of data would be if a computer virus eliminated files on that computer.
a. disruption
b. controlled chaos
c. intrusion
d. destruction
e....
In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:
In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:
a....
Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?
Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?
a. disruption
b....
A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console.
A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console.
Answer: True...
The most common authentication protocol used today is Kerberos.
The most common authentication protocol used today is Kerberos.
Answer: True&nbs...
Social engineering refers to creating a team that solves virus problems.
Social engineering refers to creating a team that solves virus problems.
Answer: False
...
Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account.
Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account.
Answer: True&nbs...
In transport mode, IPSec encrypts the entire IP packet.
In transport mode, IPSec encrypts the entire IP packet.
Answer: False&nbs...
Secure Sockets Layer is an encryption standard designed for use on the Web.
Secure Sockets Layer is an encryption standard designed for use on the Web.
Answer: True&nbs...
A certificate authority is a trusted organization that can vouch for the authenticity of a person or organization.
A certificate authority is a trusted organization that can vouch for the authenticity of a person or organization.
Answer: True&nbs...
When using a digital signature, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key.
When using a digital signature, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public...
DES is a commonly used symmetric encryption algorithm developed in the mid-1990s by the American government in conjunction with IBM.
DES is a commonly used symmetric encryption algorithm developed in the mid-1990s by the American government in conjunction with IBM.
Answer: Fal...
A brute-force attack is a method of trying to guess the correct password by trying every possible key.
A brute-force attack is a method of trying to guess the correct password by trying every possible key.
Answer: True&nbs...
Asymmetric encryption uses the same key to encrypt and decrypt an message..
Asymmetric encryption uses the same key to encrypt and decrypt an message..
Answer: Fal...
Decryption is the process of converting plaintext into ciphertext.
Decryption is the process of converting plaintext into ciphertext.
Answer: False&nbs...
A Trojan horse allows a user to access a computer from a remote location.
A Trojan horse allows a user to access a computer from a remote location.
Answer: True&nbs...
Microsoft's Windows operating system meets A1 level security.
Microsoft's Windows operating system meets A1 level security.
Answer: False&nbs...
A patch is a software solution to correct a security hole
A patch is a software solution to correct a security hole
Answer: True&nbs...
A security hole is a bug that permits intrusion to a computer. Answer: True
A security hole is a bug that permits intrusion to a computer.
Answer: True&nbs...
A NAT proxy server uses an address table to translate private IP addresses used inside the organization into proxy data link layer addressed used on the Internet.
A NAT proxy server uses an address table to translate private IP addresses used inside the organization into proxy data link layer addressed used on...
With application level firewalls, any access that has not been disabled is permitted.
With application level firewalls, any access that has not been disabled is permitted.
Answer: Fal...
A packet-level firewall examines the source and destination address of every network packet that passes though the firewall
A packet-level firewall examines the source and destination address of every network packet that passes though the firewall
Answer: True&nbs...
An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user.
An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user.
Answer: False&nbs...
Automatic number identification accepts a login from a user if that user's incoming phone call comes from a pre-authorized list of phone numbers.
Automatic number identification accepts a login from a user if that user's incoming phone call comes from a pre-authorized list of phone numbers.
Answer:...
Network cables are the easiest target for eavesdropping.
Network cables are the easiest target for eavesdropping.
Answer: Fal...
Physical security of an organization's IT resources is not an important element in preventing intrusion to an internal LAN.
Physical security of an organization's IT resources is not an important element in preventing intrusion to an internal LAN.
Answer: Fal...
The most common access point used by attackers to gain access to an organization's network is the dial-up access via a modem.
The most common access point used by attackers to gain access to an organization's network is the dial-up access via a modem.
Answer: Fal...
Crackers are casual hackers with a limited knowledge of computer security.
Crackers are casual hackers with a limited knowledge of computer security.
Answer: False&nbs...
Fault-intolerant servers contain many redundant components to prevent failure.
Fault-intolerant servers contain many redundant components to prevent failure.
Answer: False&nbs...
DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.
DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.
Answer: True&nbs...
The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.
The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.
Answer: Tr...
Researchers estimate that only one or two new viruses are developed every week.
Researchers estimate that only one or two new viruses are developed every week.
Answer: False&nbs...
Macro viruses can spread when an infected file is opened.
Macro viruses can spread when an infected file is opened.
Answer: True&nbs...
The best solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or man-made disaster that would destroy the original network.
The best solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened...
With the passage of HIPAA and the Sarbanes-Oxley Act, more and more regulations are addressing security.
With the passage of HIPAA and the Sarbanes-Oxley Act, more and more regulations are addressing security.
Answer: True&nbs...
Disk mirroring writes duplicate copies of all data on at least two different disks.
Disk mirroring writes duplicate copies of all data on at least two different disks.
Answer: True&nbs...
An uninterruptible power supply utilizes a second redundant disk for every disk on the server.
An uninterruptible power supply utilizes a second redundant disk for every disk on the server.
Answer: Fal...
A Delphi team that helps the network manager assess the security risks to the organization should always have at least 20 members.
A Delphi team that helps the network manager assess the security risks to the organization should always have at least 20 members.
Answer: False&...
A denial-of-service attack occurs when someone external blocks access to your network.
A denial-of-service attack occurs when someone external blocks access to your network.
Answer: True&nbs...
Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.
Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.
Answer: True&nbs...
A threat to the data communications network is any potential adverse occurrence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.
A threat to the data communications network is any potential adverse occurrence that can do harm, interrupt the systems using the network, or cause...
A control spreadsheet lists threats to the network across the top of the spreadsheet and lists the network assets down the side of the sheet.
A control spreadsheet lists threats to the network across the top of the spreadsheet and lists the network assets down the side of the sheet.
Answer:...
Preventive controls mitigate or stop a person from acting or an event from occurring.
Preventive controls mitigate or stop a person from acting or an event from occurring.
Answer: True&nbs...
Corrective controls reveal or discover unwanted events.
Corrective controls reveal or discover unwanted events.
Answer: False&nbs...
Controls are mechanisms that reduce or eliminate threats to network security.
Controls are mechanisms that reduce or eliminate threats to network security.
Answer: Tr...
Intrusion refers to confidentiality and integrity of data.
Intrusion refers to confidentiality and integrity of data.
Answer: True&nbs...
Confidentiality is not a threat to business continuity.
Confidentiality is not a threat to business continuity.
Answer: False&nbs...
Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.
Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.
Answer: Tr...
Integrity is not a primary goal of security.
Integrity is not a primary goal of security.
Answer: False&nbs...
Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data.
Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data.
Answer: True&n...
A recent study by CSO Magazine and the Computer Security Institute stated that the average loss suffered by businesses because of computer security breaches was approximately $350,000.
A recent study by CSO Magazine and the Computer Security Institute stated that the average loss suffered by businesses because of computer security...
The CERT at Carnegie Mellon University was established by the U.S. Department of Agriculture in 1988.
The CERT at Carnegie Mellon University was established by the U.S. Department of Agriculture in 1988.
Answer: False&nbs...
The rise of the Internet has increased significantly the potential vulnerability of an organization's assets.
The rise of the Internet has increased significantly the potential vulnerability of an organization's assets.
Answer: Tr...
Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters.
Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary...
Subscribe to:
Posts (Atom)