IS3220 CHAPTER 5 Flashcards Preview

IS3220 NETWORK SECURITY, FIREWALLS, & VPNS > IS3220 CHAPTER 5 > Flashcards

Flashcards in IS3220 CHAPTER 5 Deck (52):
1

A legacy protocol developed by Apple Inc. for use in networks hosting mainly Macintosh computers. Mostly replaced by TCP/IP and is called ___?

APPLETALK

2

Portions of a software system that unauthenicated users can run is called ___?

ATTACK SURFACE

3

A form of password or encryption key cracking attack that tries all possible valid combinations from a defined set of possibilities is called ___?
This will eventually generate a valid solution given enough time, assuming the hacker uses the correct set of possibilities. This is called ___?

BRUTE FORCE ATTACK

4

A network design based on a single backbone cable to which all host segments connect is called ___?
Ethernet is logically this type of technology, although it can operate in numerous other phial topologies.

BUS TOPOLOGY

5

A form of password or encryption key-cracking attack that uses a pre-contructed list of potential passwords or encryption keys is called ___?

DICTIONARY ATTACK

6

A protocol and a data exchange system commonly used over TCP/IP networks, including the Internet, but which is unencrypted and performs authentication and data transfer in plaintext is called ___?

FILE TRANSFER PROTOCOL (FTP)

7

A network design that establishes all possible connections between hosts is called ___?
This is the most fault-tolerating topology possible, but is also the least resistant to propagation of malware.

FULL MESH TOPOLOGY

8

A form of password or encryption key-cracking attack that combines dictionary attacks with brute force attacks is called ___?
A dictionary list provides seed values to a brute force attack tool that makes modifications to the seed value. A very effective attack against users who mistakenly believe that changing a few characters or adding a few characters to a base password is actually improving the password's strength.

HYBRID ATTACK

9

The entity responsible for global coordination of IP addressing, DNS root, and other Internet protocol resources is called ___?

INTERNET ASSIGNED NUMBERS AUTHORITY (IANA)

10

The accumulation of delay each time a communication signal crosses a node or host is called ___?
Some amount of delay occurs between reception on one interface and transmission out another interface.

LATENCY

11

A network design in which hosts are connected end-to-end, each system being connected to no more than two others is called ___?

LINE TOPOLOGY

12

A description of the arrangement of network devices and how they communicate with each other and is a function of network protocols that may not reflect the actual physical topology of the network is called ___?

LOGICAL TOPOLOGY

13

The process of simulating and testing a new concept, design, programming, technique, and so forth before deployment into a production environment is called ___? It often occurs before piloting.

MODELING

14

A transport layer protocol used for file and printer sharing over TCP/IP is called ___?
Originally developed in 1983 as an application-programming interface (API) for software communications, the protocol was extended to encapsulate this information in TCP and UDP packets.

NETBIOS

15

An application-programming interface (API) developed by IBM in 1985 to emulate NetBIOS on a token ring network and still used by Microsoft to describe a transport layer protocol for file and print sharing over Ethernet is called ___? It makes extensive use of broadcast messages and thus introduces additional traffic to a network.

NETBIOS EXTENDED USER INTERFACE (NETBEUI)

16

The protocol used by the USENET message service. USENET is a persistent message service that allows anyone to post and read messages from over 100,000 named categorized, topical newsgroups is called ___?

NETWORK NEWS TRANSFER PROTOCOL (NNTP)

17

A mesh network design that establishes many but not all possible host-to-host links is called ___?

PARTIAL MESH TOPOLOGY

18

The actual cable structure connecting hosts and nodes together is called ___? This may be independent of logical topology.

PHYSICAL TOPOLOGY

19

Using a new service, device, configuration, software, and so on to a limited number of testing hosts before rolling out the new component to the entire production environment is called ___?
This often occurs after modeling. AKA beta testing.

PILOTING

20

An application layer protocol used by email clients to receive messages from an email server is called ___? The default TCP/IP port is 110, and it does not encrypt communications. The companion SMTP protocol sends messages to an email server.

POST OFFICE PROTOCOL (POP)

21

The feature of network design that ensures the existence of multiple pathways of communication is called ____? The purpose is to prevent or avoid single points of failure.

REDUNDANCY

22

The five regional organizations that oversee and monitor the allocation and registration of IP addresses (both IPv4 and IPv6) is called ___? It consists of American Registry for Internet Numbers (ARIN), RIPE Network Coordination Center (RIPE NCC), etc.

REGIONAL INTERNET REGISTRY (TIT)

23

A network design where host segments are attached to a central cable ring is called ___?

RING TOPOLOGY

24

A form of security based on hiding details of a system, or creating convolutions that are difficult to understand is called ___?
Such strategies do not usually resist a persistent attack, and are used when true security is poorly understood or the perceived threat is insufficient to overcome the obscure methodology.

SECURITY THROUGH OBSCURITY

25

An application-layer protocol used by email clients to send messages to an email server and is also used to relay messages between email servers is called ___? The default TCP/IP port is25, and it does not encrypt communications. The companion POP protocol receives messages from an email server.

SIMPLE MAIL TRANSFER PROTOCOL (SMTP)

26

A network design in which host segments radiate from a central node and is called ___?

STAR TOPOLOGY

27

The process of dividing a block of computer network addresses into smaller blocks that contain a common set of high-order address bits, called a routing prefix is called ___?
This is typically servers by a single router.

SUBNETTING

28

Time, money, and effort already spent on a project, event, or device is called ___?
In economics, this is irrelevant to future decisions. Emotionally, however, people often use this as a rationalization to continue failing processes or procedures.

SUNK COST

29

A legacy networking protocol developed by IBM commonly used to support communications between mainframes is called ___?
Mostly replaced by TCP/IP.

SYSTEMS NETWORK ARCHITECTURE (SNA)

30

A protocol and a service used to remotely control or administer a host through a plaintext command line interface is called ___?

TELNET

31

An arrangement of networking segments, hosts, and nodes is called ___?
Common examples include bus, star, ring, full mesh, partial mesh, tree, and line.

TOPOLOGY

32

A network design that organizes hosts into a hierarchy with each host connected upstream to a single parent, but can be connected downstream to none, one, or many hosts is called ___?

TREE TOPOLOGY

33

1. which of the following is NOT an important factor when included as part of network design?

1. Usability
2. Capacity
3. Obscurity
4. Growth
5. Defense-in-depth

Obscurity

34

2. All the following are elements of network design EXCEPT?

1. Satisfying security goals
2. Understanding of the seven domains of IT infrastructure
3. Implementing multiple layers of defense
4. Thorough research and planning
5. Utilizing a single vendor

Utilizing a single vendor

35

3. Which IT infrastructure domain does NOT require firewalls to be included as part of its network design?

1. Workstation domain
2. LAN domain
3. User domain
4. Remote Access domain
5. System/Application domain

User domain

36

4. Which of the following is a benefit of private addressing that is NOT present in public addressing?

1. Isolation from the Internet
2. Subnetting
3. Use of IPv6
3. Use of IPv6
4. Routing traffic
5. Filtering by source and designation address

Isolation from the Internet

37

5. Why would a network implement public addresses internally instead of private addresses?

1. Avoid the use of NAT
2. Be able to custom subnet
3. Maintain isolation from the Internet
4. Prevent external initiation of communications with internal hosts
5. Reduce costs

Avoid the use of NAT

38

6. How can static addresses by simulated with DHCP?

1. Round robin assignment
2. Manual configuration on each host
3. Duplicate MAC addresses
4. Reservations
5. DNS revers lookup

Reservations

39

7. Which of the following is a flaw or weakness that both static and dynamic addressing share?

1. Assignment server can go offline
2. Changes requires manual modification on each host
3. Public queries will fail
4. Hackers can spoof valid addresses
5. The fire sty half of the address identifies the NIC vendor

Hackers can spoof valid addresses

40

8. what is a primary benefit of system hardening?

1. It reduces user performance
2. It increases network throughput
3. It decreases the attack surface
4. It improves host ROI
5. It tracks attempted intrusions

It decreases the attack surface

41

9. All of the following are elements of system hardening EXCEPT?

1. Removing unnecessary protocols, services, and applications
2. Implement ingress and egress filtering against spoofed addresses
3. Installing patches and updates
4. Configure encryption for storage and communication
5. Installing antivirus and a host firewall

.

42

10. All the following are true statements about system hardening EXCEPT?

1. System hardening is a one-time process that does not need to be repeated on the same host
2. System hardening removes or reduces many known vulnerabilities
3. System hardening is different for each system with a unique function
4. System hardening is dependent on the location or placement of a host within the seven common domains of an IT infrastructure
5. Any system discovered to be out of compliance with system hardening guidelines should be quarantined until it can be repaired

System hardening is a one-time process that does not need to be repeated on the same host

43

11. System hardening should be applied to all of the following EXCEPT?

1. Clients
2. Servers
3. Switches
4. Routers
5. Cable adapters

Cable adapters

44

12. Which of the following is NOT usually part of the system hardening process?

1. Update hardware firmware or BIOS
2. Install additional RAM
3. Configure a backup process
4. Configure account lockout
5. Replace outdated device drivers

Install additional RAM

45

13. What is the essential purpose of function of authentication?

1. control access to resources
2. Monitor for security compliance
3. Watch levels of performance
4. Verify entity identity
5. Prevent distribution of malware

Verify entity identity

46

14. what is the essential purpose or function of authorization?

1. Grant or deny access to resources
2. Check policy compliance
3. Identify entities
4. Monitor levels of utilization
5. Detect spoofed content

Grant or deny access to resources

47

15. What is the essential purpose or function of accounting?

1. Detect intrusions
2. Prove identity
3. Control access to assets
4. Record the activities and events within a system
5. Throttle transactions

Record the activities and events within a system

48

16. what is the essential purpose or function of encryption?

1. Verify integrity
2. Prove the identity of endpoints
3. Protect content from unauthorized third parties
4. Maintain performance
5. Validate parking

Protect content from unauthorized third parties

49

17. A remote host has all of the following additional security issues or concerns in comparison with a local host EXCEPT?

1. Potential exposure to unfiltered Internet
2. Poor end user training
3. Greater risk of physical theft
4. Possible lack of patches and updates
5. Additional interaction with external entities

Poor end user training

50

18. which of the following is a protection against a single point of failure?

1. Encryption
2. filtering
3. Auditing
4. Redundancy
5. VPNs

Redundancy

51

19. when performing node security on a router, all of the following are important concerns, EXCEPT?

1. Block all directed IP broadcasts
2. Disable echo, chargen, discard, and daytime
3. Watch for MAC spoofing
4. Drop RFC 1918 addressed packets from the Internet
5. Enable a warning banner for all attempted connections

Watch for MAC spoofing

52

20. When configuring node security on a switch, all of the folioing are important elements EXCEPT?

1. Enable keystroke logging
2. Limit access to management interfaces
3. Monitor for ARP flooding
4. Upgrade to SNMP v3
5. Use a final version of firmware

Enable keystroke logging