Midterm

Question 1

These enforce a series of rules defining what kind of network traffic is allowed and what is not allowed

Answer 1

Firewall

Question 2

The act of verifying the identity of a particular person

Answer 2

Authentication

Question 3

Anything a person would use to access a network (device type)

Answer 3

Host device

Question 4

What is the difference between a threat and an attack?

Answer 4

Threat: potential violation of security
■ Does not need to have occurred

Attack: actions that take advantage of potential threats
■ People causing the attack are called attackers

Question 5

What are the three goals of security

Answer 5

Protect
● Try to stop the attack from happening

Detect
● Quickly identify when an attack is happening

Respond & Recovery
● Stop, assess, repair
● Maintain functionality during an attack

Question 6

Why is anti-virus not perfect?

Answer 6

Anti-viruses have to be manually updated

Question 7

This part of the operating system creates and manages files and directories

Answer 7

File system

Question 8

Passwords are stored on a system as these, which vary based on operating system

Answer 8

Hashes; keeps passwords from being readily available

Question 9

How does a system authenticate a user password attempt?

Answer 9

The system compares the attempt to a stored hash

Question 10

Systems on a network that include files and/or programs in use by multiple people on or outside a network

Answer 10

Server

Question 11

Set of devices, software, and cables that enables the exchange of information

Answer 11

Networking

Question 12

Describe two network topologies

Answer 12

Bus - Every component is connected to a single line, with “taps” for each
component
Advantages: quick to deploy, cheap
■ Disadvantage: lots of collisions, unreliable, a break in the line causes
the network to fail, performance is directly related to number of
components and usage
■ Example: Cable internet

Ring - Every component has 2
connections – a left and a right
side
■ Basically a bus with a
connection back around to
the beginning
■ Disadvantages:
Performance is generally
poor, not scalable, break in
one connection causes
complete network failure

Star
● Each node is connected to a
central point
● Most common physical topology
(Ethernet)
● Advantages: fast, non-central
failure does not bring down the
network, scalable
● Disadvantages: used to be very
expensive, but not anymore,
single point of failure, lots of
cabling

Mesh
● Advantages: self-healing, failure
tolerant, potentially fast
● Disadvantages: no known route
traversal, difficult to control and
filter traffic
● Example: Wireless ad-hoc
network

Question 13

This device inspects the data of a packet to see if it is malicious in nature

Answer 13

IDS/IPS
(intrusion detection/prevention system)

Question 14

What occurs when two hosts try to use the same connection at the same time

Answer 14

Collision

Question 15

What are the 3 types of authentication and an example of each?

Answer 15

● Something you know
e.g. Password/passphrase

● Something you have
e.g. Smart card, USB key, your phone

● Something you are
e.g. Biometrics (retina, fingerprint, DNA, etc.)

Question 16

What is the term used if 2 or more types of authentication are in use?

Answer 16

Two-factor

Question 17

What is the purpose of CSMA/CD?

Answer 17

Carrier Sense Multiple Access with Collision Detection

Method to detect collisions before they occur in ethernet cables

Question 18

What was the first operating system and service pack to include a firewall enabled by default?

Answer 18

Windows XP Server Pack 2

Question 19

What is CIA and why is it important?

Answer 19

Confidentiality
Only those with sufficient privileges and a demonstrated need may access certain information

Integrity
Quality or state of being whole, complete, or uncorrupted

Availability
Enables user to access information without interference or obstruction and in a useable format

Traits of well-implemented security

Question 20

This part of the operating system
determines when to allocate programs,
processes, and threads to the processor

Answer 20

Kernel

Question 21

What is the best method of cracking a password and why?

Answer 21

Brute-force attacks
■ Will try every possible character combination until it finds the password
■ This method can be extremely slow based on password length and complexity
■ It will always find the password in some amount of time
■ Most systems now limit number of password guesses to thwart brute-force attacks

Dictionary Attacks
■ Functions by trying a list of pre-defined potential passwords, one after another
■ Very fast method
■ Can be useful if you know the user and can compile an intelligent list of potential
passwords
■ If the password is not an exact match to the list, the attack will fail

Hybrid Attacks
■ Uses a list like the dictionary attack, but is able to detect slight variations
■ Example: if “hello” is in the list, but the password is “Hello” or “HellO”, the
dictionary attack will fail but the hybrid attack will succeed
■ It is not as fast as the dictionary attack because it has more variables to account for

Rainbow Tables
■ They are not coffee tables painted with bright colors
■ They are actual data tables containing every single hash value for every possible password possibility up to a certain number of characters
■ You simply take the hash value you have extracted from the system and search for it – once it is found in the table, you will have the password
■ You must have the Rainbow Table for the specific type of hash you are trying to crack
■ Rainbow Tables for even a small amount of characters can be quite large in size and so storage and searching can be an issue

Adversary-in-the-middle attacks formerly known as person-in-the-middle
■ If a system is authenticating to a network or accessing resources on another system, it will be passing hashes over the network to authenticate
■ MITM attacks attempt to sniff and gather these hashes in transit
■ Example: The program Cain and Abel uses a process called ARP poisoning to route the traffic between the two systems through your computer. It then sniffs the traffic for the hashes

Question 22

What are some advantages and disadvantages of wireless networks?

Answer 22

Reliability, range, accessibility (swings either way)

Question 23

What is responsible for address at Layer 2 - Data Link?

Answer 23

MAC address (media access control)

Question 24

What happens when there is not enough RAM for memory?

Answer 24

Paging allows for memory to be “swapped” out to the hard disk when there is not enough RAM to hold everything attempting to be stored

Question 25

What is the purpose of POST & BIOS on a system?

Answer 25

Power On Self Test - Process performed by firmware immediately after a computer or other electronic devices is powered on - verifies the integrity of the BIOS, system memory and size, and CPU Basic Input/Output System - A type of firmware used during the booting (POST) process - initializes and tests system hardware (POST) and loads an operating system from a boot device

Question 26

This model is a set of guidelines used to standardize network processes

Answer 26

TCP/IP, OSI

Question 27

What are some examples of layer 6 - presentation?

Answer 27

jpg, doc, txt

Question 28

The smallest unit of processing that can be scheduled

Answer 28

Thread

Question 29

How is a digital signature applied?

Answer 29

You sign a message with your private key Anyone who wants to read the message can verify that you created it by verifying it with your public key

Question 30

At which layer does the TCP protocol function?

Answer 30

Transport

Question 31

An executable set of code

Answer 31

Program

Question 32

This command is used to test the reachability of a host and measure round-trip time for messages sent from a host to a destination machine

Answer 32

ping

Question 33

Explain the three way handshake

Answer 33

First step in establishing a reliable connection ■ Purpose is to allow hosts to exchange starting sequence numbers and test the connection ● Sender sends a SYN (synchronize) to the Receiver saying what port it wants to connect to and the sequence number of the Sender’s first packet ● Receiver sends back a SYN/ACK (synchronize/acknowledge) saying it is ready for the Sender’s next packet and the sequence number of the Receiver’s first packet ● Sender responds ACK (acknowledge) that it received the Receiver’s packet and the connection is established ● Then data exchange begins

Question 34

What process do motherboards post-2014 and Macs use at boot and why?

Answer 34

UEFI (Unified Extensible Firmware Interface); ability to boot from disks larger than 2TB

Question 35

What is the purpose of PAR?

Answer 35

Positive acknowledgement and retransmission To determine when packets are dropped after the 3-way handshake

Question 36

This network device broadcasts all network traffic to everyone connected to the device

Answer 36

Hub

Question 37

Why are hubs not as used and what device replaces them on modern networks?

Answer 37

Switches are a better option to avoid broadcasting network traffic to everyone

Question 38

What type of user account has complete power over a system?

Answer 38

Administrator (Windows) Root (MacOS, Linux)

Question 39

This part of any computer system is responsible for managing hardware and software resources

Answer 39

OS

Question 40

What does the TCP sliding window do?

Answer 40

Tells how much data can be sent at a time based on how busy the receiving host is

Question 41

What are the 3 pieces of hardware where data resides on a computer and how long do each of them store it? Rank in order of speed

Answer 41

CPU -> RAM -> hard drive

Question 42

What is the difference between dynamic and static IP addresses?

Answer 42

Dynamic - Assigned via DHCP (Dynamic Host Configuration Protocol) Addresses changed based on length of lease Static - Manually assigned by the user or system administrator Can only be changed manually

Question 43

What are ports?

Answer 43

Port numbers allow traffic to be sent to different programs and applications (“services”) within a system Like a PO Box Number on a computer where the zip code is the IP address

Question 44

A single system in a network that connects to the internet

Answer 44

Gateway

Question 45

What is UDP and when is it used?

Answer 45

User datagram protocol When speed >> reliability

Question 46

What are the four layers of the TCP/IP model?

Answer 46

Application, transport, internet, network interface

Question 47

What is the difference between public and private IP addresses and what is the purpose of each?

Answer 47

Public IP addresses – purchased from Internet Service Providers (ISPs) Private IP addresses – used on an internal network to share a single public IP address with multiple devices

Question 48

What type of encryption uses the same key for encryption and decryption?

Answer 48

Symmetric

Question 49

How does the internet translate between human-readable URLs and IP addresses of web servers holding the web pages?

Answer 49

DNS domain name system

Question 50

What do routers use to associate IP address to MAC addresses?

Answer 50

ARP (Address Resolution Protocol) table

Question 51

What was the first version of Windows designed from a security standpoint and what went wrong?

Answer 51

Windows vista; it was too secure to use

Question 52

Describe how public-key encryption functions

Answer 52

The public key is accessible to everyone and is used to decrypt a message sent from you

Question 53

What is one way of protecting against an attack on a password?

Answer 53

Maximum attempts

Question 54

Why do we secure our wireless networks and what security protocol do we use to do this?

Answer 54

Wireless networks aren't encrypted WPA2