Network Defense and Countermeasures Ch. 1-10 COMPLETE

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which of the following has three different key sizes it can use?

*AES* IDEA DES Triple DES

What size key does the DES algorithm use?

56 bit

A. It does not change letter or word frequency

6-6: Why is the method described in Question 5 not secure?

B. Playback attacks

7-10: What is the primary vulnerability in SPAP?

Which of the following gives the best definition of spyware?

Any software or hardware that monitors your system

What type of firewall requires individual client applications to be authorized to connect?

Application gateway

How did Shedun spread?

As a legitimate Android app

Which encryption algorithm uses a variable-length symmetric key?

Blowfish

In addition to any malicious payload, what is the most common way a virus or worm causes harm to a system?

By increasing network traffic and overloading the system

Which of the following is the best definition for war-driving?

Driving looking for wireless networks to hack

Which of the following are the two most common things Trojan horse programs do?

Launch DDoS attacks and open back doors

What does L2TP stand for?

Layer 2 Tunneling Protocol

Which authentication protocols are available with L2TP that are not available with PPTP?

MS-CHAP, PAP, SPAP

An improvement on the Caesar cipher that uses more than one shift is called a what?

Multi-alphabet substitution

IDEA

Which of the following uses a total of 52 16-bit sub-keys?

What is the term for hacking a phone system?

phreaking

A. MPPE

7-11: What encryption does PPTP use?

C. Used only with IP networks

7-12: Which of the following is a weakness in PPTP?

A. AH, IKE, ESP, IPComp

7-13: What protocols make up IPSec?

C. AH is not susceptible to replay attacks

7-15: What advantage does AH have over SPAP?

A. AH

7-16: What protects the actual packet data in IPSec?

A. Key exchange

7-17: What is the purpose of IKE?

B. Point-to-point tunneling protocol

7-1: PPTP is an acronym for which of the following?

B. Layer 2 tunneling protocol

7-2: What does L2TP stand for?

D. PPP

7-3: PPTP is based on what earlier protocol?

C. Data link

7-4: At what layer of the OSI does PPTP operate?

C. Only voluntary tunneling allows standard PPP/non-VPN connection

7-5: What is the difference between voluntary and compulsory tunneling in PPTP?

B. EAP, CHAP

7-6: Which authentication protocols are available under PPTP?

A. MS-CHAP, PAP, SPAP

7-8: Which authentication protocols are available with L2TP that are not available with PPTP?

A. PAP

7-9: Which of the following is generally considered to be the least secure?

In the context of viruses, what is a .dat file?

A file with virus definitions

Which of the following is the best definition for the term ethical hacker?

A person who hacks a system to test its vulnerabilities

What is a digital signature?

A piece of encrypted data added to other data to verify the sender

A series of ICMP packets sent to your ports in sequence might indicate what?

A ping flood

Who issues certificates?

A private certificate authority

Which of the following encryption algorithms uses three key ciphers in a block system, and uses the Rijndael algorithm?

AES

What is RedSheriff?

Adware that is downloaded automatically when you visit certain websites

What was Gator?

Adware that was often attached to free programs found on the Internet.

What is another term for preemptive blocking?

Banishment vigilance

Which of the following is the oldest known encryption method?

Caesar cipher

Which type of firewall creates a private virtual connection with the client?

Circuit level gateway

Which of the following is the most basic security activity?

Controlling access to resources

What is the difference between transport mode and tunnel mode in IPSec?

D. Only transport mode does not encrypt the header

Which of the following is a symmetric key system using blocks?

DES

At what layer of the OSI model does PPTP operate?

Data Link

Which authentication protocols are available under PPTP?

EAP, CHAP

A profiling technique that monitors how applications use resources is called what?

Executable profiling

Manually removing spyware usually requires all but which of the following actins?

Formatting the hard drive

A system that is set up for attracting and monitoring intruders is called what?

Honeypot

What does PPTP use to accomplish encryption?

IPSec

Which of the following most accurately explains why minimum necessary privileges for a user help protect against Trojan horses?

If the user cannot install programs, it is completely impossible that he will install a Trojan horse.

Attempting to attract intruders to a system set up to monitor them is called what?

Intrusion deflection

Attempting to make your system appear less appealing is referred to as what?

Intrusion deterrence

IDS is an acronym for

Intrusion-detection system

Why might a proxy gateway be susceptible to a flood attack?

It allows multiple simultaneous connections

Which of the following is the most insidious aspect of Back Orifice?

It appears to be a legitimate program

Which of the following did the most to contribute to the wide spread of the Zafi.d worm?

It claimed to be a holiday card and was released just prior to a major holiday

Why is the XOR mathematical operation not secure?

It does not change letter or word frequency.

Which of the following is the primary weakness in the Caesar cipher?

It does not disrupt letter frequency

Why is an SPI firewall more resistant to flooding attacks?

It examines each packet in the context of previous packets

Why is an SPI firewall less susceptible to spoofing attacks?

It examines the source IP of all packets

Which of the following is the primary reason that Microsoft Outlook is so often a target for virus attacks?

It is easy to write programs that access Outlook's inner mechanisms

What is the primary advantage of the DES encryption algorithm?

It is relatively fast

What additional malicious activity did the Rombertik virus attempt?

It overwrote the master boot record

Which of the following is an important security feature in CHAP?

It periodically re-authenticates.

Why might a circuit level gateway be inappropriate for some situations?

It requires client-side configuration.

What effect did the util-linux Trojan horse in 1999 have?

It sent out login information of users logging in

What was the most dangerous aspect of Zafi.d?

It tried to overwrite parts of virus scanners.

What was the primary propagation method for the Kedi RAT virus?

It used its own SMTP engine to e-mail itself.

Which of the following is a problem with the approach described in Question 8 (threshold monitoring)?

It yields many false positives

Why is encryption an important part of security?

No matter how secure your network is, the data being transmitted is still vulnerable without encryption

Which of the following is not one of the three major classes of threats?

Online auction fraud

What is the difference between voluntary and compulsory tunneling in PPTP?

Only voluntary tunneling allows the user to choose encryption.

What is the greatest danger in a network host-based configuration?

Operating system security flaws

Which of the following is generally considered the least secure?

PAP

PPTP is based on what earlier protocol?

PPP

Which of the following are four basic types of firewalls?

Packet filtering, application gateway, circuit level, stateful packet inspection

What is the primary vulnerability in SPAP?

Playback attacks

PPTP is an acronym for which of the following?

Point-to-Point Tunneling Protocol

Why is blocking pop-up ads good for security?

Pop-up ads can be a vehicle for spyware or adware to get into your system

What is heuristic scanning?

Scanning using a rules-based approach

Which of the following is the best definition of malware?

Software that has some malicious purpose

If you are using a block cipher to encrypt large amounts of data, which of the following would be the most important consideration when deciding which cipher to use?

Speed of the algorithm

Which type of firewall is considered the most secure?

Stateful packet inspection

Which of the following is not a profiling strategy used in anomaly detection?

System monitoring

Which of the following is the most common legitimate use for a password cracker?

Testing the encryption of your own network

Setting up parameters for acceptable use, such as the number of login attempts, and watching to see if those levels are exceeded is referred to as what?

Threshold monitoring

What is the most common method of virus propagation?

Through e-mail attachments

What is the purpose of a certificate?

To validate the sender of a digital signature or software

Why are hidden file extensions a security threat?

User might download an image that is really a malicious executable.

What differentiates a virus from a worm?

Worms propagate without human intervention.

Which binary mathematical operation can be used for a simple encryption method?

XOR

Are there any reasons not to take an extreme view of security, if that view errs on the side of caution?

Yes, that can lead to wasting resources on threats that are not likely

What was the taxpayer virus hoax?

An e-mail that claimed that online tax submissions were infected and unsafe

What is a computer virus?

Any program that self-replicates

Which of the following is the most accurate definition of a virus?

Any program that self-replicates

What four rules must be set for packet filtering firewalls?

Protocol type, source port, destination port, source IP

What does Back Orifice do to a system?

Provides a remote user complete administrative access to the machine

What type of encryption uses a different key to encrypt the message than it uses to decrypt the message?

Public key

Which of the following is an encryption method developed by three mathematicians in the 1970s?

RSA


Conjuntos de estudio relacionados

Small Group Communications Chapter 5: Roles in Groups

View Set

CC nclex acute coronary syndrome

View Set

The 800th Anniversary of the Signing of the Magna Carta

View Set

2309: Module 1: General Fundamentals Quizzes

View Set

PSYC 210 Human Growth and Development CH 9 and CH 10

View Set