deck_598156

Question 2

Exam Question 201 (p.269)Why are weak passwords a significant problem in networks?

Answer 2

Because hackers get in and cause trouble.

Question 3

Exam Question 202 (p.269):List three true measures of password quality.

Answer 3

Is it easy for you to remember? Is it dicult to guess? Is it difficult forothers to remember

Question 4

Exam Question 203 (p.269):What is a dictionary attack?

Answer 4

It is using a long list of likely passwords in hopes of finding one that works

Question 5

Exam Question 204 (p.269):List two types of bad passwords.

Answer 5

a) anything short, (b) anything in a dictionary.

Question 6

Exam Question 205 (p.269):What do I recommend for a password?

Answer 6

initials of a familiar phrase

Question 7

Exam Question 206 (p.269):What is a high-value password?

Answer 7

A password to protect a high-value asset.

Question 8

Exam Question 207 (p.269):What is a low-value password?

Answer 8

A password to protect a low-value asset.

Question 9

Exam Question 208 (p.269):Does it matter if a low-value password is easy to guess?

Answer 9

Not much.

Question 10

Exam Question 209 (p.269):List four ways to prove identity.

Answer 10

What you have. What you know. What you are. What you can do.

Question 11

Exam Question 210 (p.269):What is multi-factor authentication?

Answer 11

Several UNRELATED factors must be presented.

Question 12

Exam Question 211 (p.269):What is single sign-on?

Answer 12

You authenticate once and then receive credentials that are (a) used onrelated websites (b) in place of authenticating again.

Question 13

Exam Question 212 (p.269):What is a hacker?

Answer 13

Someone that goes beyond the routine ways of using a tool.

Question 14

Exam Question 213 (p.269):Is hacking bad?

Answer 14

no

Question 15

Exam Question 214 (p.269):What does black hat mean?

Answer 15

It means a bad-guy hacker

Question 16

Exam Question 215 (p.269):What does white hat mean?

Answer 16

It means a good-guy (ethical) hacker.

Question 17

Exam Question 216 (p.269):What is pen testing?

Answer 17

penetration testing

Question 18

Exam Question 217 (p.269):What are symmetric keys?

Answer 18

Encryption keys that cancel each other out are symmetric.

Question 19

Exam Question 218 (p.269):What does rot13 stand for?

Answer 19

rotate thirteen

Question 20

Exam Question 219 (p.269):How does rot13 work?

Answer 20

Each letter is replaced by the one 13 places away.

Question 21

Exam Question 220 (p.270):Who knows Alice’s public key?

Answer 21

everybody

Question 22

Exam Question 221 (p.270):Who knows Alice’s private key?

Answer 22

Alice

Question 23

Exam Question 222 (p.270):How do you send a private message to Bob?

Answer 23

Encrypt it with Bob’s public key.

Question 24

Exam Question 223 (p.270):What is the purpose of encrypting a message?

Answer 24

Prevent others from understanding it.

Question 25

Exam Question 224 (p.270):What is the purpose of signing a message?

Answer 25

Prove authorship.

Question 26

Exam Question 225 (p.270):How do you sign a message?

Answer 26

Encrypt it with your private key.

Question 27

Exam Question 226 (p.270):How does signing prove authorship?

Answer 27

Only the person with the private key could have encrypted it. They mustbe the source.

Question 28

Exam Question 227 (p.270):How can Bob send a private, authenticated message to Alice?

Answer 28

First, encrypt it with Bob's private key to prove authorship. Second,encrypt the result with Alice's public key to provide privacy.

Question 29

Exam Question 228 (p.270):Why are public-key systems special?

Answer 29

They let us create a shared secret between parties that did not alreadyknow each other

Question 30

Exam Question 229 (p.270):Why is RSA special?

Answer 30

It easily creates good public keys.

Question 31

Exam Question 230 (p.270):What is a prime number?

Answer 31

A number with no proper factors.

Question 32

Exam Question 231 (p.270):Why are prime numbers used in encryption?

Answer 32

It is easy to multiply two large prime numbers, but it is dicult to ndthe original numbers.

Question 33

Exam Question 232 (p.270):What does the RSA private key consist of?

Answer 33

Two large prime numbers are chosen. They are the private key.

Question 34

Exam Question 233 (p.270):What does the RSA public key consist of?

Answer 34

The large prime numbers of the private key are multiplied together. Theresult is the public key.

Question 35

Exam Question 234 (p.270):If RSA is so great, why are other things used?

Answer 35

other things are faster

Question 36

Exam Question 235 (p.270):Is http considered to be secure? Why?

Answer 36

No. Traffic (data) is not encrypted.

Question 37

Exam Question 236 (p.270):Is https considered to be secure? Why?

Answer 37

Yes. Traffic (data) is encrypted.

Question 38

Exam Question 237 (p.270):What does SSL stand for?

Answer 38

secure sockets layer

Question 39

Exam Question 238 (p.270):What does TLS stand for?

Answer 39

transport layer security

Question 40

Exam Question 239 (p.270):How does SSL protect confidentiality of a TCP connection?

Answer 40

Traffic (data) is (a) encrypted to (b) hide its meaning.

Question 41

Exam Question 240 (p.270):What is an Outside Threat?

Answer 41

A threat by a machine outside of your LAN.

Question 42

Exam Question 241 (p.271):What is a botnet?

Answer 42

A network of computers controlled by a hacker, usually without theknowledge of their real owners.

Question 43

Exam Question 242 (p.271):For what two things are botnets commonly used?

Answer 43

Sending spam. Doing attacks.

Question 44

Exam Question 243 (p.271):What does DDOS stand for?

Answer 44

distributed denial of service (attack)

Question 45

Exam Question 244 (p.271):What is a zombie?

Answer 45

A computer that is part of a botnet.

Question 46

Exam Question 245 (p.271):What does PWN stand for?

Answer 46

ownPwn means you have been owned by a hacker. They control your computer.

Question 47

Exam Question 246 (p.271):What is an Inside Threat?

Answer 47

A threat by a machine inside your LAN.

Question 48

Exam Question 247 (p.271):What two things does server mean?

Answer 48

(a) a program (software) that provides a service, (b) a computer (hard-ware) where such a program runs

Question 49

Exam Question 248 (p.271):How can firewalls mitigate network attacks against servers?

Answer 49

They can control the number of incoming requests based on IP address.

Question 50

Exam Question 249 (p.271):How can firewalls mitigate network attacks against clients?

Answer 50

They can prevent all uninvited access from outside the LAN.

Question 51

Exam Question 250 (p.271):What does DMZ stand for?

Answer 51

demilitarized zone

Question 52

Exam Question 251 (p.271):What service does DMZ provide?

Answer 52

It directs unexpected network trac on all ports to one designated ma-chine.

Question 53

Exam Question 252 (p.271):What service does port forwarding provide?

Answer 53

It directs unexpected network trac on a few ports to a designated ma-chine.

Question 54

Exam Question 253 (p.271):How can sharing your Wi-Fi be dangerous?

Answer 54

Bad people might get directly into your LAN. This bypasses your mainfirewall.