IS3220 CHAPTER 13 Flashcards Preview

IS3220 NETWORK SECURITY, FIREWALLS, & VPNS > IS3220 CHAPTER 13 > Flashcards

Flashcards in IS3220 CHAPTER 13 Deck (30):
1

A data communications technology that enables faster data transmission over copper telephone lines than a conventional voice band modem can provide is called ___?

ASYMMETRIC DIGITAL SUBSCRIBER LINE (ADSL)

2

A chipset developed and promoted by the US Government as an encryption device to be adopted by telecommunications companies for voice transmission. It was announced in 1993 and discontinued in 1996. This was called ___?

CLIPPER CHIP

3

This is a standard that defines how Web server software can delegate the generation of Web pages to a console application. They can be written in many programming languages, although scripting languages are often used and are called ___?

COMMON GATEWAY INTERFACE (CGI) SCRIPT

4

A network service that resolves fully qualified domain names (FQDNs) into their corresponding IP address. This is an essential service of most networks and their directory services and called ___?

DOMAIN NAME SYSTEM (DNS)

5

This is a public interest research group in Washington, D.C., to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and Constitutional values in the information age. It pursues a wide range of activities, i.e., privacy research, public education, conferences, litigation, publications, and advocacy. This is called ___?

ELECTRONIC PRIVACY INFORMATION CENTER (EPIC)

6

A set of communications standards for simultaneous digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network and is called ___?

INTEGRATED SERVICES DIGITAL NETWORK (ISDN)

7

A computer network authentication protocol that allows nodes communication over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol. It was designed as a client-server model, and it provides mutual authentication--both the user and the server verify each other's identity. This is called ___?

KERBEROS

8

The product of the High Performance Computing and communication Act of 1991. It was a telecommunications policy buzzword, which was popularized during the Clinton administration. It was a proposed advanced, seamless web of public and private communications networks, interactive services, interoperable hardware and software, computers, databases, and consumer electronics to put vast amounts of information at users' fingertips. This is called ___?

NATIONAL INFORMATION INFRASTRUCTURE (NII)

9

This is a cryptologic intelligence agency of the US Government administered as part of the US DOD. It is responsible for the collection and analysis of foreign communications and roughen signals intelligence, which involves cryptanalysis. It is also responsible for protecting US government communications and information systems from similar agencies elsewhere, which involves cryptography and is called ___?

NATIONAL SECURITY AGENCY (NSA)

10

Aimed to handle time-series data like network bandwidth, temperatures, CPU load, and so on. The data are stored in a circular buffer database, thus the system storage footprint remains constant over time and is called ___?

ROUND-ROBIN DATABASE TOOL (RRDTOOL)

11

This has a synchronous interface and traditionally has an asynchronous interface, which means that it responds as quickly as possible to changes in control inputs. It has a synchronous interface, meaning that it waits for a clock signal before responding to control inputs and is therefore synchronized with the computer's system bus. This is called ___?

SYNCHRONOUS DYNAMIC RANDOM ACCESS MEMORY (SDRAM)

12

A common packet analyzer that runs at the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached and is called ___?

tcpdump

13

A computer network tool used to show the route taken by packets across an IP network. This is called ___?

traceroute

14

1. All the following are key features of SmoothWall. EXCEPT:

1. POP 3
2. Static and dynamic DNS support
3. Cybercash support
4. Snort IDS support
5. DHCP and Network time server support

Cybercash support

15

2. According to the ___ ___ ___, attacks to systems connected to the Internet are becoming more and more complex.

1. National Systems Agency
2. National Security Agency
3. Central Intelligence Agency
4. Navy Security Agency
5. Federal Bureau of Investigation

National Security Agency

16

3. Firewallling involves two distinct areas that must be protected:

1. Network and transaction security
2. Access and controls
3. File sharing and printing capabilities
4. Access to the Internet and from the Internet
5. None of the above

Network and transaction security

17

4. The ___ was created to alert the public on the emerging privacy issues relating to the National Information Infrastructure.

1. EDIP
2. EPIC
3. NII
4. CERN
5. W3C

EPIC

18

5. The following are characteristics we should be looking for in a firewall, EXCEPT:

1. Security Assurance
2. Privilege Control
3. Digital Switches
4. Authentication
5. Audit Capabilities

Digital Switches

19

6. A good firewall product should provide:

1. Flexibility
2. Performance
3. Scalability
4. All the above
5. 1 & 3

Flexibility

Performance

Scalability

All the above

20

7. The following are all characteristics of SmoothWall firewall, EXCEPT:

1. It is a simple Linux kernel
2. It cannot use iptables to control and route traffic
3. It is built to run as a dedicated firewall/router
4. It provides a way to gain extra capability with NAT
5. It runs on a variety of hardware

It cannot use iptables to control and route traffic

21

8. The following are all common interfaces used by SmoothWall, EXCEPT:

1. green: Trusted network
2. blue: DMZ connection
3. red: Internet
4. orange: Filtered/Special Purpose

blue: DMZ connection

22

9. The following are attributes of a minimum hardware specification to run SmoothWall, EXCEPT:

1. 512MB PC1 SDR AM
2. 20GB gard drive
3. 10/100 on-board NIC
4. AMD Duron 1100
5. Flat LCD screen

Flat LCD screen

23

10. To install SmoothWall, you need to make sure the computer BIOS is set to boot from a CD.
TRUE OR FALSE

TRUE

24

11. In a typical SmoothWall firewall installation the green interface should have:

1. A static IP
2. Software bugs but not flaws
3. Dynamic addressing
4. Proxy servers connected to it
5. Internal code connecting to an external service

A static IP

25

12. When configuring the NICs for the green interface, it is advisable to use ___:

1. capacity planning
2. maximum utilization
3. a static IP address
4. wirespeed settings
5. factory defaults

a static IP address

26

13. Which of the following is not related to SmoothWall offered services?

1. Web Cache/Proxy
2. Fingerprint authentication
3. DHCP Server
4. DDNS
5. Intrusion Detection System

Fingerprint authentication

27

14. What does the "Transparent" option mean when configuring Web proxying in SmoothWall?

1. It allows you to create a tunnel mode
2. Every client on the network will be forced to connect through the proxy server
3. Every client on the network will be waived access to the network
4. The proxy server is on stealth mode
5. Collisions on the network are not seen

Every client on the network will be forced to connect through the proxy server

28

15. SmoothWall does not work well with Mozilla Firefox and Google Chrome.
TRUE OR FALSE

FALSE

29

16. The following are services found int he service tab of SmoothWall, EXCEPT:

1. SQUID
2. Web Cache/Proxy
3. DDNS
4. Diskcopy
5. SSH

Diskcopy

30

17. The following are tools we can use when troubleshooting a firewall installation, EXCEPT:

1. ping
2. traceroute
3. robocopy
4. ipconfig
5. tcpdump

robocopy