183 Midterm
A method of authenticating a user using physical information, such as retinal scans, fingerprints, or voiceprints
Biometrics
a type of encryption algorithm that encrypts groups of cleartext characters
Block Cypher
What can an IDPS check to try to determine whether a packet has been tampered with or damaged in transit?
Checksum
unreadable text, programs that do not execute, and graphics you cannot view
Ciphertext
a type of control frame that gives a station clearance to begin transmitting packets
Clear to send
the port on a Cisco device that permits direct physical access from a nearby computer using the serial RS-232 protocol
Console Port
a state in which all routers on a network have up-to-date routing tables
Convergence
the study of breaking encryption methods
Cryptanalysis
Which popular wireless sniffer is an IDS that is passive and undetectable in operation?
Kismet
Which layer does wireless communication rely heavily upon?
MAC sublayer of the Data Link layer
Signs of possible attacks that include an IP address, a port number, and the frequency of access attempts; an IDPS uses signatures to detect possible attacks
Signatures
an in-depth examination of a proposed wireless network site
Site Survey
a type of encryption algorithm that encrypts one bit at a time
Stream Cipher
a router that connects a stub network to the larger network
Stub Router
an encryption method devised as a replacement for WEP in WPA
TKIP
Which element of an ICMP header would indicate that the packet is an ICMP echo request message.
Type
all ports from 0 to 65,535 are probed one after another
Vanilla Scan
virtual session access points for simultaneous access to a Cisco device
Virtual Terminal
Computer files that copy themselves repeatedly and consume disk space or other resources
Worm
What can an attacker use a port scanner to test for on a target computer?
open sockets
In which type of scan does an attacker scan only ports that are commonly used by specific programs?
strobe scan
What should you set up if you want to store router system log files on a server?
syslog server
Which of the following is true about asymmetric cryptography? a single key is used and is transferred using a key management system the public key is used to encrypt a message sent to the private key owner a shared key is used to encrypt all messages and the private key decrypts them the private key can be used to encrypt and decrypt a message
the public key is used to encrypt a message sent to the private key owner
Which of the following is true about encryption algorithms? their strength is tied to their key length asymmetric algorithms use a single key block ciphers encrypt one bit at a time not vulnerable to brute force attacks
their strength is tied to their key length
Which of the following is true about ACLs on Cisco routers? there is an implicit deny any statement at the end of the ACL there is an explicit permit any statement at the beginning of the ACL ACLs bound to an interface apply to inbound and outbound traffic by default ACLs are processed in reverse order so place high priority statements last
there is an implicit deny any statement at the end of the ACL
Which of the following is true about the SSID? they can be Null they are registered they are found in control frames they are not found in beacon frames
they can be Null
How does the CVE standard make network security devices and tools more effective?
they can share information about attack signatures
A hactivist can best be described as which of the following?
use DoS attacks on Web sites with which they disagree
Which of the following is true about MAC addresses in a wireless network?
you can change a WNICs MAC address with software
Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively?
21, 20
Which feature of a router provides traffic flow and enhances network security?
ACL's
the current U.S. government standard for cryptographic protocols
AES
a network system tool that lists the MAC and IP address resolutions of otherdevices on the network, making the resolution process more efficient
ARP table
attacks that attempt to gather information for subsequent attacks by sending probe request frames on each available channel
Active attacks
a two-step process of being accepted into a wireless network
Association
The process of recording which computers are accessing a network and what resources are being accessed, and then recording the information in a log file
Auditing
an undocumented hidden opening through which an attacker can access a computer
Back door
a message, usually a warning about appropriate use, presented to users of a digital system before authentication
Banner
Which type of frame advertises services or information on a wireless network?
Beacon
An attack in which many computers are hijacked and used to flood the target with so many false requests that the server cannot process them all, and normal traffic is blocked
DDos Attack
an older protocol composed of a 16-round Feistel network with XOR functions, permutation functions, 64 S-box functions, and fixed key schedules
DES
A semitrusted subnet that lies outside the trusted internal network but is connected to the firewall to make services publicly available while still protecting the internal LAN
DMZ
Which management frame type is sent by a station wanting to terminate the connection?
Disassociation
lets the other computer know it is finished sending data
FIN Packet
Which of the following is an element of the TCP header that can indicate that a connection has been established?
Flags
What is the packet called where a Web browser sends a request to the Web server for Web page data?
HTTP GET
Which security tool works by recognizing signs of a possible attack and sending notification to an administrator?
IDPS
What is contained in ARP tables?
IP address and MAC address
Which of the following is an accurate set of characteristics you would find in an attack signature?
IP address, TCP flags, port numbers
A set of standard procedures that the Internet Engineering Task Force (IETF) developed for enabling secure communication on the Internet
IPsec
What feature does RIPng support that is not supported by RIP?
IPv6
the number in an access control list that specifies which part of an IP address is considered significant
Inverse Mask
a way to prevent keys from being discovered and used to decipher encrypted messages
Key Management
cost values that help routers assess the desirability of a link
Metrics
Hardware or software tools that allow or deny packets based on specified criteria, such as port, IP address, or protocol.
Packet Filters
crafted packets that are inserted into network traffic
Packet Injection
any keys used between a pair of devices in TKIP
Pairwise Keys
the process of using a variety of tools and techniques to attempt to break into a network
Penetration Testing
a series of ICMP echo request packets in a range of IP addresses
Ping Sweep
readable text, programs that execute, and graphics you can view
Plaintext
An access control method that establishes organizational roles to control access to information
RBAC
Which TCP flag can be the default response to a probe on a closed port?
RST
a type of control frame that a station sends when it wants to transmit
Request To Send
the process of transporting packets of information across a network from thesource node to the destination node
Routing
What is the sequence of packets for a successful three-way handshake?
SYN, SYN ACK, ACK
used by attackers to delay the progression of a scan
Scan Throttling
a set of characteristics that define a type of network activity
Signature
At which layer of the OSI model does IPsec work?
Three
What is a program that appears to do something useful but is actually malware?
Trojan
Defense in depth can best be described as which of the following? authentication and encryption a layered approach to security antivirus software and firewalls a firewall that protects the network and the servers
a layered approach to security
Which of the following is the first step in the digital signature process where Mike sends a message to Sophie? the message digest is encrypted by Mike's private key Sophie encrypts Mike's message with Mike's public key Sophie compares the message digest she calculated to Mikes's message a message digest of Mike's message is calculated using a hashing algorithm
a message digest of Mike's message is calculated using a hashing algorithm
Which of the following is true about the association process?
a station first listens for beacons
Which of the following is true about wardriving?
attackers use RF monitor mode
What function does a RADIUS server provide to a wireless network?
authentication
Which security layer verifies the identity of a user, service, or computer?
authentication
What type of attack does a remote-access Trojan attempt to perpetrate?
back door
Which of the following is NOT a type of entry found in a routing table?
backup routes
Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following?
botnet
In which form of authentication does the authenticating device generate a random code and send it to the user who wants to be authenticated?
challenge/response
Of what category of attack is a DoS attack an example?
multiple-packet attack
Which of the following best describes a one-way function?
easy to compute but difficult and time consuming to reverse
What is the term used when an IDPS doesn't recognize that an attack is underway?
false negative
Which of the following is commonly used for verifying message integrity?
hashing function
Which of the following is NOT one of the three primary goals of information security? confidentiality integrity availability impartiality
impartiality
Which of the following is performed by the MAC sublayer?
joining the wireless network
Which of the following is a metric routers can use to determine best path?
link state
Which of the following is a type of script that automates repetitive tasks in an application such as a word processor but can also be programmed to be a virus?
macro
In which type of attack do attackers intercept the transmissions of two communicating nodes without the user's knowledge?
man-in-the-middle
Which type of attack works by an attacker operating between two computers in a network and impersonating one computer to intercept communications?
man-in-the-middle
With which access control method do system administrators establish what information users can share?
mandatory access control
What remote shell program should you use if security is a consideration?
ssh
What is the name of a storage area where viruses are placed by antivirus software so they cannot replicate or do harm to other files?
quarantine
Under which suspicious traffic signature category would a port scan fall?
reconnaissance
What is a downside to using Triple DES?
requires more processing time
Which type of firewall policy calls for a firewall to deny all traffic by default?
restrictive policy
Which of the following makes routing tables more efficient?
route summarization
What is a VPN typically used for?
secure remote access
In which type of wireless attack does the attacker cause valid users to lose their connections by sending a forged deauthentication frame to their stations?
session hijacking
Why might you want your security system to provide nonrepudiation?
so a user can't deny sending or receiving a communication
Which term is best described as an attack that relies on the gullibility of people?
social engineering