Chapter 12 - Industrial and Enterprise Networking Flashcards
1
Q
3 unlicensed bands by the FCC
A
900Mhz, 2.4Ghz, 5Ghz
2
Q
ISM Bands
A
Industrial, scientific, and medial. 900Mhz, 2.4Ghz
3
Q
UNII Bands
A
Unlicensed National Information Infrastructure. 5GHz
4
Q
Number of channels FCC released for the 2.4GHz band
A
14
5
Q
Number of configurable channels in the 2.4GHz band
A
11
6
Q
Non overlapping channels in the 2.4GHz band
A
1,6,11
7
Q
Max Data speeds for 802.11b
A
11mbps
8
Q
Data rate shifting
A
Ability to reduce transmission speeds without restarting a connection to accommodate for various distances from an AP. EXAMPLE: 1mbps when farthest. 11mbps when a little closer. All 802.11 WLAN technologies have this
9
Q
Frequency and max speed of 802.11g
A
2.4GHz, 54mbps
10
Q
Frequency and max speed of 802.11a
A
5Ghz, 54mbps
11
Q
Frequency and max speed of 802.11b
A
2.4GHz, 11mbps
12
Q
Frequency and max speed of 802.11n
A
2.4GHz or 5GHz, up to 250mbps
13
Q
Although 802.11g devices operate on the same frequency as 802.11b devices, 801.11b devices can’t be software upgraded to 802.11g because
A
802.11g uses a different chipset to attain the 54mbps speeds at 2.4GHz
14
Q
Although you can use 802.11b equipment in an 802.11g environment, what happens?
A
All clients must use the 802.12b modulation technique, DSSS. This is not as efficient and results in speeds
15
Q
DSSS
A
Direct sequence spread spectrum. Modulation technique used by 802.11b devices.
16
Q
OFDM
A
Orthogonal frequency division multiplexing. Modulation technique used by 802.11g devices
17
Q
How wide are each of the 14 channels in the 2.4Ghz range?
A
22MHz wide
18
Q
Common devices that operate on (and interfere with) the 2.4Ghz bamd
A
Microwaves, cordless phones, Bluetooth devices
19
Q
Number of channels available to 802.11a devices, which operate on the 5Ghz band
A
12 non-overlapping channels at first. 11 more added in 2004
20
Q
DFS
A
Dynamic frequency selection. Feature of 802.11a that detects radar signals operating at the 5GHz band and marks that specific channel as unavailable to clients
21
Q
TPC
A
Transmit power control. Feature of 802.11a devices that allows for changing the power of transmission. Example: reducing to 5mW reduces transmission radius and improves performance for clients in I,mediate area
22
Q
MIMO
A
Multiple input, multiple output. Feature of 802.11n that allows for multiple trams,otters and recovers to increase data throughout.
23
Q
802 standard that introduced DFS, TPC
A
802.11h
24
Q
Max antennae on an 802.11n device
A
8
25
Year 802.11 ratified
1997
26
Band for 802.11
2.4GHz
27
Number of channels for 802.11
3
28
Data transmission rates of 802.11
1, 2 Mbps
29
Year 802.11a ratified
1999
30
Band for 802.11a
5Ghz
31
Number of channels for 802.11a
Up to 23
32
Data transmission rates of 802.11a
54mbps
33
Year 802.11b ratified
1999
34
Band for 802.11b
2.4GHz
35
Number of channels for 802.11b
3
36
Data transmission rates of 802.11b
11mbps
37
Year 802.11g ratified
2003
38
Band for 802.11g
2.4Ghz
39
Number of channels for 802.11g
3
40
Data transmission rates of 802.11g
54GHz
41
Year 802.11n ratified
2010
42
Band for 802.11n
2.4GHz or 5GHz
43
Number of channels for 802.11n
Varies
44
Data transmission rates of 802.11n
100+ Mbps
45
2 installation types of all 802.11 WLAN stamdards
Ad hoc and infrastructure
46
Ad hoc wlan network
No access point. PCs connect directly to each other
47
Downsides of ad hoc wlan
Doesn't scale well
48
BSS / BSA
Basic service set or basic service area. Describes the services provided to clients connected to an Ap in infrastructure mode, in a defined area
49
Distribution system
Connection from the AP to the wired network
50
SSID
Security Set Identifier. 32 character Id that refers to a wireless network and defines its BSS
51
ESS
Extended service set. When two or more APs use the same SSID on different channels, with overlapping BSA of 10% or more. This allows clients to roam in the same network from one AP to another.
52
Factors that affect signal strenth
Distance, barriers, protocols used, interference
53
RADIUS
Security protocol that manages authorization, central access, accounting supervision. Users connect to the network by being authenticated by the radius server
54
What is the maximum data rate of IEEE 802.11b?
11Mbps
55
What is the maximum data rate of IEEE 802.11g?
54Mbps
56
What is the maximum data rate of IEEE 802.11a?
54Mbps
57
What is the frequency range of IEEE 802.11b?
2.4GHz
58
What is the frequency range of IEEE 802.11g?
2.4GHz
59
What is the frequency range of IEEE 802.11a?
5GHz
60
APs come set up with what type of security enabled by default?
None
61
Why would we use WPA instead of basic WEP?
Values of WPA keys can change dynamically while the system is being used. Also WEP sucks.
62
Which IEEE committee has been sanctioned by WPA and is called WPA2?
IEE 802.11i standard
63
The IEEE 802.11b/g basic standard has how many non-overlapping channels?
Three
64
The first step in asset management is to inventory all the components on the network.
(A) True
(B) False
Answer : (A)
65
Cipher locks are not designed for physical security, such as on an outside door.
(A) True
(B) False
Answer : (A)
66
Any device in an ICS that is motorized and can control the physical system is called a fieldbus.
(A) True
(B) False
Answer : (B)
67
Every security policy should include a response policy, which specifically defines the characteristics of an event that qualifies as a formal incident and the steps that should be followed as a result.
(A) True
(B) False
Answer : (A)
68
The first step of a response policy should be to secure the area.
(A) True
(B) False
Answer : (B)
69
A ______________ is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi.
Answer : Faraday cage
70
A _____________ is a small network that is segmented from the rest of the network, and contains computers, called test beds.
Answer : testing lab
71
Microsoft sometimes releases a major group of patches to Windows or a Microsoft application, which it calls a __________________.
Answer : service pack
72
The goal of a disaster recovery plan is to ensure ______________.
Answer : business continuity
73
________________ is a process of investigating deeper data on a computer and will essentially autopsy the computer to discover hidden data, such as deleted files and file fragments, and who has accessed that data and when.
Answer : Computer forensics
74
```
An active card, which contains an internal battery, can provide a usable range of up to what distance?
(A) 100 m
(B) 150 m
(C) 200 m
(D) 250 m
```
Answer : (B)
75
```
What type of software is a correction, improvement, or enhancement to a piece of software?
(A) patch
(B) upgrade
(C) rollback
(D) kludge
```
Answer : (A)
76
```
In computer forensics, hidden data such as deleted files and file fragments are known as what term?
(A) ambient data
(B) transient data
(C) tombstone data
D) low level data
```
Answer : (A)
77
```
Which team role is the person on call who first notices or is alerted to a problem?
(A) manager
(B) dispatcher
(C) technical support specialist
(D) public relations specialist
```
Answer : (B)
78
```
What team member role coordinates the resources necessary to solve a problem?
(A) dispatcher
(B) manager
(C) technical support specialist
(D) public relations specialist
```
Answer : (B)
79
```
What team member role focuses on only one thing: solving the problem as quickly as possible?
(A) dispatcher
(B) manager
(C) technical support specialist
(D) public relations specialist
```
Answer : (C)
80
```
What team member role, if necessary, learns about the situation and the response and then acts as official spokesperson for the organization to the public or other interested parties?
(A) dispatcher
(B) manager
(C) technical support specialist
(D) public relations specialist
```
Answer : (D)
81
Which of the following is NOT a step that should be taken as part of a response policy?
(A) Secure the area and disconnect devices from the network
(B) Create documentation detailing the scene
(C) Attempt to access files to determine if they are compromised
(D) Protect the chain of custody of evidence
Answer : (C)
82
What should be the first step of a response policy?
(A) Determine if escalation is necessary
(B) Secure the area
(C) Document the scene
(D) Monitor evidence and data collection )
Answer : (A
83
```
At what type of recovery site would computers, devices, and connectivity necessary to rebuilt a network exist, and all are appropriately configured, updated, and connected to match your network's current state?
(A) cold site
(B) warm site
C) temp site
(D) hot site
```
Answer : (D)
84
```
Which type of recovery site is a place where computers, devices, and connectivity necessary to rebuild a network exist, with some pieces appropriately configured, updated, or connected?
(A) cold site
(B) warm site
(C) hot site
(D) temp site
```
Answer : (B)
85
```
Which type of disaster recovery site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, but they are not appropriately configured, updated, or connected?
(A) cold site
(B) temp site
(C) warm site
(D) hot site
```
Answer : (A)
86
```
What type of physical security solution involves a device that scans an individual's unique physical characteristics?
(A) proximity access
(B) biorecognition access
(C) AIT access
(D) keypad access
```
Answer : (B)
87
```
The time period in which a change can be implemented is known as what option below?
(A) change period
(B) maintenance window
(C) work order time
(D) service affecting work interval
```
Answer : (B)
88
```
In order to provide access to a historian by personnel working on the corporate network that are not authorized to work on the ICS network, where should the historian be placed?
(A) DMZ
(B) corporate network
(C) Internet
(D) private network
```
Answer : (A)
89
What is a historian?
(A) A centralized database of collected and analyzed data and control activities.
(B) A server that collects and stores raw data.
(C) A supervisory computer or server, which can control the physical system.
(D) Computers, including hardware and software, that people use to monitor and manage the physical systems.
Answer : (A)
90
```
What type of device can be used to erase contents of a hard drive using a magnetic field?
(A) electromagnetic resonance chamber
(B) degausser
(C) targeted magneto-wipe
(D) polarized magnet Answer : (B)
```
Answer : (B)
91
If a destructive program is running that might be destroying evidence, what should be done?
(A) Perform an immediate full backup
(B) Attempt to end the process
(C) Pull the power cable
D) Record the destruction using a video capture of the screen
Answer : (C)
92
```
Upon receipt of what type of notification is a company required to activate a defensible policy for the preservation of relevant data?
(A) subpoena
(B) legal hold
(C) discovery request
(D) chain of custody notice
```
Answer : (B)
93
Which of the following is responsible for acquiring real-time data from the physical system and managing the physical system or presenting the data to humans?
a. RTU
b. PLC
c. SCADA
d. HMI
Answer: C
94
The ________ is a centralized database of collected and analyzed data and control activities.
Answer: historian
95
True or False: It is considered best practice to segment your ICS/SCADA network from the corporate network.
Answer: True
96
Which of the following is an enclosure made of a conductive material that is designed to block electromagnetic signals, including Wi-Fi?
a. human machine interface
b. Faraday cage
c. closed loop system
d. programmable logic controller
Answer: B
97
The first step in asset management is to determine the cost and benefits of certain types of hardware and software.
Answer: False
98
Which of the following terms best describe a major change to a software package that enhances the functionality and features of the software, while also correcting bugs and vulnerabilities?
a. service pack
b. rollback
c. backlevel
d. upgrade
Answer: D
99
After a major change is approved, a _______ is usually assigned to the project.
Answer: change coordinator
100
Which of the following collect power from a badge reader’s power field in order to transmit data? a. passive cards b. fingerprint scanner c. active cards d. mantraps
Answer: A
101
True or False. A cold site is a place where the computers, devices, and connectivity necessary to rebuild a network exist, and all are appropriately configured, updated, and connected to match a network’s current state.
Answer: False
102
A _____ plan accounts for the worst-case scenarios, from a far-reaching hurricane to a military or terrorist attack. a. continuity b. contingency c. disaster recovery d. survivability
Answer: C
103
Which ICS component senses attributes of the physical system and converts analog data to
digital data, but cannot control the physical system?
A. SCADA
B. RTU
C. PLC
D. HMI
Answer: B. RTU
104
```
Which server controls the physical system in an ICS system?
A. Acquisitions server
B. I/O server
C. MTU
D. Historian
```
Answer: C. MTU
105
```
What should you place between the corporate network and the ICS network?
A. VLAN
B. Dial-up connection
C. Redundant RTUs
D. DMZ
```
Answer: D. DMZ
106
```
Which business document fills the gap between an informal handshake and the legally
binding signatures on contracts?
A. SLA
B. SOW
C. MOU
D. RFP
```
Answer: C. MOU
107
Your company has developed a Web site that includes a small program that collects real-time
data on mortgage rates in specific geographic areas, and uses that information to calculate
mortgage payment amounts based on the user’s inputted data. The program was written by an
independent software developer, who has granted your company a license to incorporate the
program into your Web site for your customers’ use. Which document was used?
A. SLA
B. MLA
C. RFP
D. SOW
Answer: B. MLA
108
Your team is in the process of implementing what you thought would be a relatively minor
update to the NOS. You’ve hit a small but time-consuming snag, and it’s now obvious that
the update won’t be completed until about an hour after your maintenance window passes.
What should you do immediately?
A. Consult the vendor documentation.
B. Roll back the update and try again later.
C. Bring the system back online and allow users to access any services that are available.
D. Inform technical staff and users of the problem and what to expect.
Answer: D. Inform technical staff and users of the problem and what to expect.
109
```
Which of the following cards specifically contains an internal lithium battery?
A. Smart card
B. Active card
C. Passive card
D. Proximity card
```
Answer: B. Active card
110
```
Which type of disaster recovery site is the most expensive?
A. Hot site
B. Ambient site
C. Warm site
D. Cold site
```
Answer: A. Hot site
111
```
What process ensures that exact duplicates of servers are available if needed in the event of a
disaster?
A. Business continuity
B. Server mirroring
C. Network redundancy
D. Contingency plan
```
Answer: B. Server mirroring
112
While troubleshooting a network connection issue on a corporate workstation, you’ve just
discovered that the workstation has been used for illegal gambling activities. You’ve notified
your supervisor, and she said she’s on her way to collect the computer for an investigation.
While you’re waiting for your supervisor to arrive, what should you do?
A. Play games on the computer to pass the time.
B. Close all running programs.
C. Start investigating browser history.
D. On a separate device or on a sheet of paper, make notes on everything that you’ve seen
and done so far.
Answer: D. On a separate device or on a sheet of paper, make notes on everything that you’ve
seen and done so far. Answer: They use the Internet for connectivity
113
Industrial systems become part of the IoT when ________________.
Answer: They use the Internet for connectivity.
114
What is the primary difference between an open loop system and a closed loop system?
Answer: An open loop system has no sensors and makes decisions based on predetermined
expectations, events, or past history. A closed loop system makes decisions based on real-time
data.
115
Which network components should be documented in asset management documentation?
Answer: Nodes or hardware devices on the network, and each software package purchased by
the organization
116
A service pack is a collection of ____________________.
Answer: Patches
117
What is the basic process for backleveling an operating system upgrade?
Answer: Prior to the upgrade, make a complete backup of the system; to backlevel, restore the
entire system from the backup; uninstall an operating system upgrade only as a last resort.
118
How can a mantrap provide multifactor authentication?
Answer: A separate form of identification might be required for each door, such as a badge for
the first door and a fingerprint scan for the second door
119
What kind of device erases the contents of a magnetic hard drive?
Answer: Degausser
120
What kind of information can computer forensics recover that eDiscovery cannot?
Answer: Ambient data, such as deleted files and file fragments, and who has accessed that data
and when
121
While upgrading a sales rep’s corporate desktop computer, you notice some HR files for
several coworkers from several different departments. You’re pretty sure the sales rep
shouldn’t have access to this information, so you call your supervisor for assistance. He says
he’s on his way. Should you shut down the computer? Why or why not?
Answer: No. There is no evidence of ongoing damage from a running program, so the computer
should remain powered up until your supervisor decides how to transport it.
122
When your supervisor arrives, she has a document with her for you to sign, indicating the
condition of the computer, how you kept it secure while you waited for her, and the transfer
of responsibility for the computer from you to her. What kind of document is it?
Answer: Chain of custody
Answer: Chain of custody
123
The first step in asset management is to inventory all the components on the network. (A) True (B) False
Answer : (A)
