Networking Test 3 Flashcards Preview

Networking Exam > Networking Test 3 > Flashcards

Flashcards in Networking Test 3 Deck (75):
1

What is cloud computing?

Flexible provisioning of computer, storage, and network resources, and other services to multiple clients

2

List multiple cloud computing features:

1. On demand services2. Elastic services3. Multiple platform support4. Resource pooling5. Metered services

3

What are the 3 types of cloud models?

Public, private, hybridAll models are based on resource virtualization

4

Describe the public cloud model

Resources and services owned and hosted by a third party and available to many clients

5

Describe the private cloud model

Resources and services owned by an organization and available to internal clients

6

Describe the hybrid cloud model

Utilizes resources and services of both public and private clouds in an integrated fashion

7

What are the cloud service models?

Infrastructure as a servicePlatform as a serviceSoftware as a serviceEach has a different level of management, control, cost and risk

8

Describe Infrastructure as a service (IaaS)

Hardware and network resources provided, workloads responsibility of the client

9

Describe Platform as a Service (PaaS)

IaaS plus OS and libraries, applications are the responsibility of the client

10

Describe Software as a Service (SaaS)

Complete application, client has no responsibility

11

What is remote access?

Service allowing connection to a resource (server, network, etc) from a remote geographic location

12

What are some types of remote access?

Remote connection to OS (computer or network device)Dedicated line between sitesVirtual Private Network (VPN)

13

What is a VPN?

Virtual Private NetworkConnection between devices, networks, or devices and networks* Traffic is tunneled (encapsulated within host network PDUs)* May secure communications via one or a combination of confidentiality, integrity, availability, commonly known as CIA

14

What uses generic routing encapsulation to send non-IP traffic across an IP only VPN?

Layer 2 traffic tunneling VPN

15

What is encryption?

Transforming data via a mathematical algorithm known as a cipherData can only be read by reversing the cipherUsed to keep information private (provides the C in CIA)

16

What is a key?

Random string of characters used in conjunction with data and cipher to create unique data block

17

What is a cipher text?

An encrypted block of data

18

What is a brute force attack?

An attempt to break encryption by guessing keys

19

What is symmetric encryption?

AKA Private encryption or shared key____________Same key is used to encrypt and decrypt data__________Most efficient___________Drawback- Key must be known by multiple parties

20

What is asymmetric encryption?

Two keys - known as a key pair_____Data is encrypted by one and can only be decrypted by the other__________Private key is only known by key owner___________Public key available to anyone_________Requires a public key server which is publicly accessible server distributing public keys

21

Encrypted data can be __________

decrypted

22

Some _______ should never be decrypted

data

23

Hashing??

One way transformation

24

List 2 types of encryption algorithms

AES, 3DES

25

List types of remote device access

Remote desktop protocol - microsoft (all MS OS can be server)SSH - UNIX command (free and paid servers and clients for unix and windows)VNC - UNIX GUI (Free and paid servers and clients, unix and windows)

26

RADIUS?

Remote Authentication Dial In User ServiceCentralized service for authenticationAAA

27

What 3 services does kerberos provide?

Key Distribution Center (KDC)Authentication Service (AS)Ticket Granting Service (TGS)

28

Three categories of multifactor authentication

KnowledgePossessionInherence (biometrics)

29

What does a firewall do?

Allows desirable traffic to be transported from an untrusted network/host to a trusted network/hostPrevents harmful traffic from doing the same.

30

A firewall _____ _____ to permit and/or prevent traffic transport.

executes rules

31

What is the first generation of firewall methodologies?

Packet filtering - inspects layers 3 and 4 addressing

32

What is the second generation of firewall methodologies?

Stateful filtering - inspects TCP connection state

33

What rules govern traffic transport in a firewall?

permit or deny________source and/or destination IP__________source and/or destination ports_______________layer 4 protocol______________direction (in/outbound)

34

what's another name for cisco IOS packet filtering?

Access controlAccess Control Entries (ACEs) within Access Control Lists (ACLs)

35

Using stateful firewall filtering the firewall works up to and including layer ____

layer 7

36

For Cisco IOS Stateful filtering you may see the stateful filtering be referred to as what?

Context Based Access Control (CBAC)

37

What medium does a WLAN use?

the AIR lol the atmosphere tho

38

What does a wireless network transmit?

RF - radio frequency

39

Who governs transmission frequencies, including those transmitted by WLANs?

Industry Canada, FCC for the US, ITU internationally

40

What wireless technologies use a wireless personal area network?

bluetooth, infrared, near-field communications (NFC)

41

What GHz does Bluetooth use?

2.4GHz

42

What is bluejacking?

Unsolicited data sent through bluetooth

43

What is bluesnarfing?

Data downloaded without permission via bluetooth

44

What is a posture assessment?

A thorough exam of each aspect to determine how it might be compromisedShould be performed annually at minimum

45

What security assessment will be performed by an organization that has been accredited by an agency that sets security standards?

A security audit

46

Who is an individual who gains unauthorized access to systems?

A hacker

47

Vulnerability is the weakness of a _____, process, or __________.

Weakness of a system, process, or architecture.

48

What is an exploit?

A means of taking advantage of a vulnerability

49

What is a zero-day attack?

Taking advantage of an undiscovered vulnerability

50

What is phishing?

A way to gain sensitive information by posing as a trusted person.organization through electronic communications

51

What layer risk is this:Wireless jamming

Layer 1/2

52

What layer risk is this:RF emanation on private wireless / copper media communications

Layer 1/2

53

What layer risk is this:Eavesdropping on connections to internet

Layer 1/2

54

What layer risk is this:Sniffing data on public wifi

Layer 1/2

55

What layer risk is this:Access to unused and unsecured ports on switches n routers

Layer 1/2

56

What layer risk is this:ARP table poisoning

Layer 1/2

57

What layer risk is this:Computers with sensitive data connected to publicly accessible networks

Layer 1/2

58

What layer risk is this:Banner grabbing attack

Layer 3-7

59

What layer risk is this:Session hijacking/man in the middle attack

Layer 3-7

60

What layer risk is this:Invalid trust relationships - DHCP snoopin, dynamic ARP inspection

Layer 3-7

61

What layer risk is this:NOS backdoors

Layer 3-7

62

What layer risk is this:Buffer overflows

Layer 3-7

63

What layer risk is this:Default admin security config

Layer 3-7

64

What is a banner grabbing attack?

Malicious use of network monitoring tools to inventory services running on servers

65

What are the 3 Denial of Service (DoS) attacks?

Distributed DoS (DDoS)Distributed Reflection DoS (DRDoS)Permanent DoS (PDoS)

66

Which DoS Attack is orchestracted through many sources called zombies?

a distributed dos

67

Which DoS attack is bounced off of uninfected computers and directed at the target?

Distributed Reflected DoS

68

Which DoS attack replaces device firmware to permanently damage it?

Permanent DoS

69

A virus replicates code that attaches to an _______ ______ or ______

a virus replicates code that attaches to an existing code or data

70

What is a trojan horse?

malware that disguises itself as something useful while harming a system

71

A worm runs ________________ ___________ between computers over the network

runs independently travelling between computers over the network

72

What is a boot sector virus?

Embedded in the disk boot sector

73

How is anti-malware software implemented?

Through host , serve,r network, cloud based software

74

What is the difference between intrusion detection and prevention?

IDS detects suspicious network activity, is a typically dedicated device and logs data and alerts (passive)_____________IPS detects and reacts to suspicious network activity, is also typically a dedicated device but prevents traffic flow (active)

75

What are some human associated risks to security?

Security breaches due to human error, ignorance, omission
Social engineering
Phishing scams