final review

Question 1

Mobile devices

Answer 1

requires a non-wired means of connection to a network

Question 2

How mobile devices connect to a network?

Answer 2

Manageable by the enterprise architecting the connection aspect of the wireless network

Question 3

Cellular

Answer 3

Connections use mobile telephony circuits (4G,LTE,3G,5G)

Question 4

WI-FI

Answer 4

Radio communication methods developed under the Wi-Fi alliance

Question 5

Where do wi-fi systems exist?

Answer 5

Exist on 2.4GHz and 5GHz frequency spectrums

Question 6

Bluetooth

Answer 6

Short-to-medium-range, low-power wireless protocol that transmits in the 2.4GHz band

Question 7

Wireless Protocol Bands

Wi-Fi series

Answer 7

Most Common, 802.11 Wireless LAN standards certified by Wi-Fi Alliance

Question 8

Wireless Protocol Bands

WiMax

Answer 8

802.16 wireless network standards ratified by the WiMax Forum

Question 9

Wireless Protocol Bands
Zigbee

Answer 9

Low-Power, personal area network, described by the IEEE 802.15.4 series

Question 10

Access Point

Answer 10

AP

Point of entry for radio-based network signals into and out of a network

Can operate in several different modes

Question 11

Service Set Identifier

Answer 11

SSID
Name of wireless network
Setting should limit access only to authorized users

Question 12

Fat Access points

Answer 12

Standalone access point

Question 13

Thin Access points

Answer 13

Controller based Access points

Question 14

Controller Based

Answer 14

Controller-based solutions allow for centralized management and control

Question 15

Standalone

Answer 15

Standalone points have substantial capabilities with respect to authentication, encryption, and channel management

Question 16

Signal Strength

Answer 16

Wireless signal usability is directly related to signal strength

Question 17

Band Selection/Width

Answer 17

Today’s wireless environments employ multiple different bands, each with different bandwidths

Question 18

Antenna Types and Placement

Answer 18

Standard Access point is equipped with an omnidirectional antenna

Question 19

How can you solve wireless networking problems caused by weak signal strength

Answer 19

Weak signal strength can sometimes be solved by installing upgraded-Wi-Fi radio antennas on the access points.

Question 20

Power Level Controls

Answer 20

Wi-Fi power levels can be controlled by the hardware for a variety of reasons

The lower the power used, the less opportunity for interference

Question 21

How does a replay attack occur?

Answer 21

A replay attack occurs when the attacker captures a portion of a communication between two parties and retransmits it at a later times.

Question 22

How to prevent a replay attack?

Answer 22

The best way to prevent a replay attack is with encryption, cryptographic authentication, and timestamps

Question 23

What is an evil twin?

Answer 23

An evil twin attack against the wireless protocol via substitute hardware

Question 24

How does an evil twin attack occur?

Answer 24

Uses an access point owned by an attacker that usually has been enhanced to look like a better connection

Question 25

intrusion detection system

Answer 25

(IDS) is a security system that detects inappropriate or malicious activity on a computer or network?

Question 26

Foundation for a layered network security approach

Answer 26

Starts with a well-secured system Some of the more complicated and interesting types of network/data security devices are IDSs

Question 27

IDS categories

Answer 27

HIDS and NIDS

Question 28

Host-Based IDS

Answer 28

Examines activity on an individual system (or host) Concerned with an individual system

Question 29

Network-based IDS

Answer 29

Examines Activity on the Network itself It has visibility only into the traffic crossing the network link it is monitoring and typically has no idea of what is happening on individual systems

Question 30

IDS Traffic Collector (or sensor)

Answer 30

Collects activity/events for the IDS to examine

Question 31

IDS Analysis engine

Answer 31

examines collected network traffic and compares it to known patterns of suspicious or malicious activity

Question 32

IDS signature database

Answer 32

collection of patterns and definitions of known suspicious or malicious activity

Question 33

IDS user interface and reporting

Answer 33

interfaces with the human element and provides alerts when appropriate

Question 34

Network-Based IDSs Components

Answer 34

Traffic Collector Analysis engine Signature Database Reports User interface

Question 35

Advantage of NIDS

Answer 35

Providing IDS coverage requires fewer systems Deployment, maintenance, and upgrade costs are usually lower A NIDS has visibility into all network traffic and can correlate attacks among multiple systems

Question 36

Disadvantage of NIDS

Answer 36

Ineffective when traffic is encrypted Can't see traffic that does not cross it Must be able to handle high volumes of traffic does not know about the activity on the hosts themselves

Question 37

Advantage of HIDS

Answer 37

Very operating system-specific with more detailed signatures reduce false-positive rates examine data after it has been decrypted very application specific determine whether or not an alarm may impact that specific system

Question 38

Disadvantage of HIDS

Answer 38

Must have a process on every system you want to watch high cost of ownership and maintenance use local system resources have a very focused view and cannot relate to activity around them if logging only locally, could be compromised or disabled

Question 39

Hardening

Answer 39

Process of securing and preparing a system for the production environment

Question 40

To try to make systems, servers, workstations, networks, and applications more secure

Answer 40

Follow a process of defining their necessary uses and aligning security controls to limit their functionality. This process is called hardening. Once this is determined, you have a system baseline that you can compare changes over the course of a system’s lifecycle

Question 41

Operating System

Answer 41

(OS) Basic software that handles things such as input, output, display, memory management, and all the other highly detailed tasks

Question 42

Network Operating System

Answer 42

NOS Operating system that includes additional functions and capabilities to assist in connecting computers and devices

Question 43

Protection rings Devised to deal with security issues associated with

Answer 43

Timesharing operations

Question 44

Protection Rings Enforced by hardware, software, or a combination, and serve to act as a means of

Answer 44

Managing privilege in a hierarchical manner

Question 45

Protection Rings The use of rings separates elements such as applications from directly interfacing with the hardware without going through the

Answer 45

OS and, specifically, the security kernel

Question 46

Ring Layers layers from 0-3

Answer 46

Kernel, device drivers, device drivers, applications

Question 47

OS Security

Answer 47

The operating system itself is the foundation of system security The security kernel (i.e. reference monitor) is the component of the operating system that enforced OS security policies

Question 48

OS types

Answer 48

Network, server, and workstation Appliance, kiosk, and mobile OS

Question 49

Trusted Operating system

Answer 49

Designed to allow multilevel security in its operation This is further defined by its ability to meet a series of criteria required by the U.S Government

Question 50

Patch Management

Answer 50

The process used to maintain systems in an up-to-date fashion Vendors typically follow a hierarchy for updates -hotfix -patch -service pack

Question 51

Baselining is establishing software's base state

Answer 51

The resulting product is a baseline that describes the capabilities of the software; this is not necessarily secure