Chapter 2 - Telecommunications and Network Security Flashcards Preview

Question 1

121

Syn Attack

Answer

high number of half open connections

Question 2

122

Macro Virus

Answer

Not depending on size of packet

Question 3

123

Distributed Denial of Service

Answer

First Phase - compromise as many machines as possible. Components - client, handler, agent, target

Question 4

124

VPN Software

Answer

Does not encrypt

Question 5

125

Bots and Botnets

Answer

Bots are zombies controlled by shadowy figures - largest shource of spam e-mail

Question 6

126

Teardrop

Answer

ip fragments are constructed so that the target host calculates a negative fragment length

Question 7

127

Overlapping fragment attack

Answer

subvert packet filters that only inspect the first fragment of a fragmented packet.

Question 8

128

Source Routing Exploitation

Answer

sender specifies path

Question 9

129

Smurg and Fraggle attacks

Answer

use broadcasts to create DoS attacks. Smurf misuses ICMP. Fraggel uses UDP

Question 10

130

NFS Attacks

Answer

basic authentication method easy to exploit

Question 11

131

Network Nws Transport Protocol Secuirty

Answer

NNTP - main shortcoming authentication

Question 12

132

Finger Use Information Protocol

Answer

last log in time of a user and whether currently logged in

Question 13

133

Network Time Protocol

Answer

NTP sychronizes computer clocks

Question 14

134

DoS

Answer

overload with excessive traffic

Question 15

135

Syn Flood Attack

Answer

DoS against the inital handshake - overloads the target's connection table

Question 16

136

Spoofing

Answer

bogus source address

Question 17

137

Session Highjack

Answer

unatuhorized insertion of packets into a data stream

Question 18

138

Layer Ethernet 802.3 is placed on

Answer

Data Link Layer

Question 19

139

Best Proactive Network Defense

Answer

Perimeter Surveillance and intelligence gathering

Question 20

140

Network is not the target of attack in

Answer

man in the middle attack

Question 21

141

Most effective against a distribute DoS attack

Answer

Traffic Filtering

Question 22

142

Optimal placement for network based intrusion detection systems

Answer

On the network perimeter to alert the network administrator of all suspicious activity

Question 23

143

End-point devices most likely be considered part of a converged IP network

Answer

fileserver, ip phone, security camera

Question 24

144

an advantage of fiber-optic over copper cables from a security perspective

Answer

more difficult to wiretap

Question 25

145

Part of a network's perimeter defense

Answer

firewall, proxy server, host based intrusion detection system

Question 26

146

Principal Security Risk of wireless LANs

Answer

Lack of physical access controls

Question 27

147

WLAN's SSID configured with adequate security protection

Answer

SSIDs are not for authentication

Question 28

148

IPSec

Answer

provides mechanisms for authentication and encryption

Question 29

149

Security Event Manager

Answer

aggreagates logs from security devices and application servers looking for suspiious activity

Question 30

150

DNS weakness

Answer

lack of authenticationof servers and therby the authenticity of records

Brainscape's Knowledge GenomeTM