ITN 101 Chapter 13-16 Study guide

Community clouds

A community cloud is created for exclusive use by a specific community. The differences between public clouds and community clouds are the functional needs that have been customized for the community. For example, healthcare organizations must remain compliant with policies and laws (e.g., HIPAA) that require special authentication and confidentiality.

Software as a Service (SaaS)| This item is based on information contained in the presentation. There is no such thing as BaaS. Infrastructure as a service (IaaS) is when key network devices such as routers and firewalls are leased from a provider. Wireless as a service (WaaS) is when a provider provides wireless connectivity at a fixed monthly cost.

A company uses a cloud-based payroll system. Which cloud computing technology is this company using?

Identity theft

A form of information theft where personal information is stolen for the purpose of taking over the identity of someone. Using this information, a threat actor can obtain legal documents, apply for credit, and make unauthorized online purchases. It is a growing problem costing billions of dollars per year.

Hybrid clouds

A hybrid cloud is made up of two or more clouds (example: part private, part public), where each part remains a separate object, but both are connected using a single architecture. Individuals on a hybrid cloud would be able to have degrees of access to various services based on user access rights.

Firewall

A security tool that controls traffic to and from a network.

CSMA/CA Carrier sense multiple access with collision avoidance (CSMA/CA) is used with wireless networking technology to mediate media contention. Carrier sense multiple access with collision detection (CSMA/CD) is used with wired Ethernet technology to mediate media contention. Priority ordering and token passing are not used (or not a method) for media access control.

A student is attempting to access an 802.11n wireless network. What method is used to manage contention-based access on this wireless network?

Flood a network, host, or application with traffic to prevent legitimate network traffic from flowing. Disrupt connections between a client and server to prevent access to a service. DoS attacks are relatively simple to conduct, even by an unskilled threat actor. Flooding is an example of a DoS attack where a network, host, or application is sent an enormous quantity of data at a rate which it cannot handle.

A threat actor uses a Denial of Service (DoS) attack to perform these functions:

Data plane

Also called the forwarding plane, this plane is typically the switch fabric connecting the various network ports on a device. The data plane of each device is used to forward traffic flows. Routers and switches use information from the control plane to forward incoming traffic out the appropriate egress (outgoing) interface. Information in the data plane is typically processed by a special data plane processor without the CPU getting involved.

Spyware protection

Antispyware software is installed on an end-user workstation to detect and remove spyware and adware.

Virus protection

Antivirus software is installed on an end-user workstation or server to detect and remove viruses, worms, and Trojan horses from files and email.

Data loss and manipulation

Breaking into a computer to destroy or alter data records. An example of data loss is a threat actor sending a virus that reformats a computer hard drive. An example is breaking into a records system to change information, such as the price of an item.

Information theft

Breaking into a computer to obtain confidential information. Information can be used or sold for various purposes such as when someone is stealing proprietary information of an organization, like research and development data.

Private clouds

Cloud-based applications and services offered in a private cloud are intended for a specific organization or entity, such as the government. A private cloud can be set up using the private network of an organization, though this can be expensive to build and maintain. A private cloud can also be managed by an outside organization with strict access security.

Public clouds

Cloud-based applications and services offered in a public cloud are made available to the general population. Services may be free or are offered on a pay-per-use model, such as paying for online storage. The public cloud uses the internet to provide services.

Virtualization

Creating a virtual rather than physical version of something, such as a computer. An example would be running a "Linux computer" on your Windows PC

Request to Send When a device requires use of a channel in the wireless network, it sends a Request to Send (RTS) to the AP. If the channel is available, the wireless access point (AP) will respond to the device with a Clear to Send (CTS) message indicating that the device may transmit on the channel.

During the reservation process, what does the client send to the AP to reserve a channel?

Eliseo was infected by a worm, which uses the network to send copies of itself to other connected hosts.

Eliseo opened an email sent to him by his brother, Lomiel. A few hours later, Eliseo received several phone calls from friends saying that they received emails from him that he did not knowingly send.

Noah opened a file which activated a virus that corrupted data on his hard drive.

Noah downloaded a file from the internet. Shortly after he opened the file, his hard drive crashed, and he lost all information on his computer.

Safa downloaded a Trojan horse, which appears like a legitimate program when in fact it is an attack tool

Safa was surfing the internet when a program appeared claiming that she had won a prize. When she clicked to see what prize she had won, a program was installed on her computer unknowingly to her. The program that was installed allowed an intruder access to her hard drive and personal information.

Spam blocker

Software is installed on an end-user workstation or server to identify and remove unwanted emails.

Popup blocker

Software is installed on an end-user workstation to prevent popup and pop-under advertisement windows from displaying.

Patches and updates

Software that is applied to an OS or application to correct a known security vulnerability or add functionality.

Software as a Service (SaaS)

The cloud provider is responsible for access to applications and services, such as email, communication, and Microsoft 365, that are delivered over the internet. The user does not manage any aspect of the cloud services except for limited user-specific application settings. The user only needs to provide data.

Infrastructure as a Service (IaaS)

The cloud provider is responsible for giving IT managers access to the network equipment, virtualized network services, and supporting network infrastructure. Using this cloud service allows IT managers to deploy and run software code, which can include operating systems and applications.

Platform as a Service (PaaS)

The cloud provider is responsible for providing users access to the development tools and services used to deliver the applications. These users are typically programmers and may have control over the configuration settings of the application hosting environment of the cloud provider.

Control plane

This is typically regarded as the brains of a device. It is used to make forwarding decisions. The control plane contains Layer 2 and Layer 3 route forwarding mechanisms, such as the IPv4 and IPv6 routing tables, and the ARP table. Information sent to the control plane is processed by the CPU.

SYN (synchronous) flooding

This is when a flood of packets are sent to a server requesting a client connection. The packets contain invalid source IP addresses. The server becomes occupied trying to respond to these fake requests and therefore cannot respond to legitimate ones.

Ping of death

This is when a packet that is greater in size than the maximum allowed by IP (65,535 bytes) is sent to a device. This can cause the receiving system to crash.

False

True or False? A home router typically only provides wired access to the network. You have to buy a separate device for wireless access.

False

True or False? If you have devices on your wireless network that are using a variety of different 802.11 standards, then you should set your network to the highest standard to get the best throughput.

The correct answer is false. A botnet is a group of computers, not one computer. An individual infected computer controlled by a command and control server is called a zombie.

True or false? A botnet is an individual infected computer that can be controlled by a command and control server.

True

True or false? Certain areas of the electromagnetic spectrum can be used without a permit.

The correct answer is true. Information gathered by spyware is typically sent to advertisers or others on the internet and can include passwords and account numbers. Tracking cookies and adware are types of spyware.

True or false? Spyware is a program that gathers personal information from your computer without your permission or knowledge.

False

True or false? Wi-Fi, Bluetooth, and cordless phones all use the same frequency ranges.

Type 1 Hypervisor

Type 1 hypervisors are also called the "bare metal" approach because the hypervisor is installed directly on the hardware. Type 1 hypervisors are usually used on enterprise servers and data center networking devices.

Guest SSID Many wireless routers support a special guest SSID that allows untrusted devices to be able to access the Internet but restricts them from accessing local network resources.

What can be used to allow visitor mobile devices to connect to a wireless network and restrict access of those devices to only the Internet?

An attack that slows or crashes a device or network service

What characteristic describes a DoS attack?

An attack that slows or crashes a device or network status

What characteristic describes a DoS attack?

Malicious software or code running on an end device

What characteristic describes a Trojan horse?

A network device that filters access and traffic coming into the network

What characteristic describes a firewall appliance?

Malicious software or code running on an end device

What characteristic describes a virus?

Software that is installed on a user device and collects information about the user

What characteristic describes adware?

Software that identifies email spam and automatically deletes or places them in a junk folder

What characteristic describes antispam?

Applications that protect end devices from becoming infected with malicious software

What characteristic describes antivirus software?

The use of stolen credentials to access private data

What characteristic describes identity theft?

An email pretending to represent a legitimate organization asking for personal information

What characteristic describes phishing?

Software that is installed on a user device and collects information about the user

What characteristic describes spyware?

The AP releases the channel

What happens when a device sends an acknowledgment message to a wireless AP?

A term that refers to the ability of something or someone to influence the behavior of a person or group of people. In the context of computer and network security, social engineering refers to a collection of techniques used to deceive internal users into performing specific actions or revealing confidential information.

What is Social engineering?

Cable Internet Cable internet provides an internet data signal on the same network that delivers broadcast television and phone service.

What is a service that provides an internet data signal on the same network that delivers broadcast television and phone service?

Digital Subscriber Line (DSL) A Digital Subscriber Line (DSL) connection is a service that provides high bandwidth, always on, connection using existing land-line telephone wires.

What is a service that provides high bandwidth, always on, connection using existing land-line telephone wires?

An unidentified person claiming to be a technician collecting user information from employees

What is an example of social engineering?

Cellular data plan A cellular data plan is an internet service that uses mobile phone networks to transmit data.

What is an internet service that uses mobile phone networks to transmit data?

Channel

What is created when you divide up the available radio frequency spectrum?

CSMA/CA

What is the method used to create a reservation on the channel for a specific conversation between devices?

phishing

What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

Service Set Identifier (SSID)

What is used to identify a specific wireless network?

Data loss or manipulation

What kind of threat is described when a threat actor alters data records?

Identity theft

What kind of threat is described when a threat actor impersonates another person to obtain credit information about that person?

Information theft

What kind of threat is described when a threat actor is stealing the user database of a company?

Identity theft

What kind of threat is described when a threat actor makes illegal online purchases using stolen credit information?

Disruption of service

What kind of threat is described when a threat actor overloads a network to deny other users network access?

Disruption of Service

What kind of threat is described when a threat actor prevents legal users from accessing data services?

Data loss or manipulation

What kind of threat is described when a threat actor sends you a virus that can reformat your hard drive?

Information theft

What kind of threat is described when a threat actor steals scientific research data?

To create a wireless network usable by other devices A Wi-FI network or wireless LAN is used to connect to a wireless router that, in turn, connects to the Internet. Wireless devices connect to the Wi-Fi network through the wireless router.

What purpose would a home user have for implementing Wi-Fi?​

Bluetooth

What technology enables a cell phone to be used as a hands-free device?

2.4GHz and 5GHz

What two radio frequency bands are used in home wireless LANs? (Choose two.)

SYN Flooding SYN flooding is a type of denial of services attack where the attacker sends fake session requests to a target host in an attempt to prevent the host from responding to legitimate session requests.​

What type of DoS attack originates from a malicious host that has an invalid source IP address and that requests a client connection?​

Satellite Satellite Internet service provides the best option for a home user that would otherwise have no Internet connectivity at all. Cellular Internet is only available in areas with mobile phone coverage.

What type of Internet connection would be best for a residence in a remote area without mobile phone coverage or wired connectivity?

LAN Device Local-area network (LAN) devices are commonly connected to the Ethernet ports of a wireless router in order to communicate on the same local wired network.

What type of device is commonly connected to the Ethernet ports on a home wireless router?

Spyware

What type of program installs and gathers personal information, including password and account information, from a computer without permission or knowledge of the user?

Virtualization software A hypervisor is used to create a virtual machine (VM). The hypervisor can be part of an operating system such as Windows Hyper-V or it can be downloaded from a virtualization vendor such as VMWare or Oracle

What would a technician require in order to install a hypervisor on a client machine?

Disruption of service

What would be preventing legitimate users from accessing services to which they are entitled? Examples include denial of service (DoS) attacks on servers, network devices, or network communications links.

A Private cloud Private clouds are used to provide services and applications to a specific organization and may be set up within the private network of the organization or managed by an outside organization.

Which cloud model provides services for a specific organization or entity?

Installed directly on the server Type 1 hypervisors are installed directly on a server and are known as "bare metal" solutions giving direct access to hardware resources. They also require a management console and are best suited for enterprise environments.​

Which is a characteristic of a Type 1 hypervisor?​

Trojan Horse

Which malicious program appears as a legitimate program to deceive the victim, but is in fact an attack tool that can contain malicious code?​

Firewall

Which of the following controls traffic to and from your network?

Patches and Updates Patches and updates are applied to an OS or application to correct a known security vulnerability or add functionality

Which of the following is applied to an OS or application to correct a known security vulnerability or add functionality?

Virus protection Virus protection is achieved through installing antivirus software on an end-user workstation or server to detect and remove viruses, worms, and Trojan horses from files and email.

Which of the following is installed on an end-user workstation or server to detect and remove malware from files and email?

antispyware

Which of the following is installed on an end-user workstation or server to detect, block, or remove malicious software designed to capture information or deliver adware?

Popup blocker A popup blocker is software installed on an end-user workstation to prevent popup and pop-under advertisement windows from displaying.

Which of the following is installed to prevent unwanted advertisements from displaying on your computer?

Antivirus

Which of the following is software installed on an end-user workstation or server to detect and remove viruses, worms, and Trojan horses from files and email?

Spam filter

Which of the following is software installed on an end-user workstation or server to identify and remove unwanted emails?

popup blocker

Which of the following is software installed on an end-user workstation to prevent an advertisement windows from displaying?

Ethernet Port

Which of the following is used to connect a wired device to the internal switch of the home router?

Wi-Fi Alliance

Which organization is responsible for testing wireless LAN devices?

Applications can be accessed over the internet through a subscription Cloud computing allows users to access applications, back up and store files, and perform tasks without needing additional software or servers. Cloud users access resources through subscription-based or pay-per-use services, in real time, using nothing more than a web browser.

Which statement describes a characteristic of cloud computing?

Hypervisor Microsoft provides software, Virtual PC, which is a type of hypervisor that creates and manages virtual machines on a host computer.

Which technology provides a solution for PC virtualization?

SDN Networking devices operate in two planes: the data plane and the control plane. The control plane maintains Layer 2 and Layer 3 forwarding mechanisms using the CPU. The data plane forwards traffic flows. SDN virtualizes the control plane and moves it to a centralized network controller.​

Which technology virtualizes the network control plane and moves it to a centralized controller?​

Pairing During the pairing process, a Bluetooth device is set to discoverable mode so as to be detected by another Bluetooth device. Also, a PIN may be requested as part of the pairing process.

Which term is used to describe the process of establishing a connection between any two Bluetooth devices?

Using the default IP address on an access point makes hacking easier With SSID broadcast disabled, an attacker must know the SSID to connect The default settings on a wireless network usually include an SSID that is being broadcast as well as default IP address settings. These default settings are considered insecure because with them an attacker can easily see a wireless network and attempt to connect to it and make changes to the network.

Which two statements characterize wireless network security? (Choose two.)

Bluetooth

Which type of network technology is used for low-speed communication between peripheral devices?

Wi-Fi The IEEE 802.11 standards define Wi-Fi wireless LAN specifications.

Which type of wireless communication is based on 802.11 standards?

Coaxial cable

Which wired network technology has an inner wire surrounded by a tubular insulating layer, that is then surrounded by a tubular conducting shield.

Brute Force

With _____________ attacks, a fast computer is used to try to guess passwords or to decipher an encryption code. The attacker tries a large number of possibilities in rapid succession to gain access or crack the code. _____________ attacks can cause a denial of service due to excessive traffic to a specific resource, or by locking out user accounts.

DDOS

______ attacks threat actor that builds a network of infected hosts, called a botnet. The infected hosts are zombies. Each controlled by a command and control server that can then launch the ____ attack from multiple, coordinated sources.

Advantages of Virtualization

*Less equipment is required - Virtualization enables server consolidation, which requires fewer physical devices and lowers maintenance costs. *Less energy is consumed - Consolidating servers lowers the monthly power and cooling costs. *Less space is required - Server consolidation reduces the amount of required floor space. *Easier prototyping - Self-contained labs, operating on isolated networks, can be rapidly created for testing and prototyping network deployments. *Faster server provisioning - Creating a virtual server is far faster than provisioning a physical server. *Increased server uptime - Most server virtualization platforms now offer advanced redundant fault tolerance features. *Improved disaster recovery - Most enterprise server virtualization platforms have software that can help test and automate failover before a disaster happens. *Legacy support - Virtualization can extend the life of OSs and applications providing more time for organizations to migrate to newer solutions.

Type 2 Hypervisor

A Type 2 hypervisor is software that creates and runs VM instances. The computer, on which a hypervisor is supporting one or more VMs, is a host machine. Type 2 hypervisors are also called hosted hypervisors. This is because the hypervisor is installed on top of the existing OS, such as macOS, Windows, or Linux. Then, one or more additional OS instances are installed on top of the hypervisor, as shown in the figure. A big advantage of Type 2 hypervisors is that management console software is not required.