Networking Chapter 11

The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as: a. Trojan horse b. sniffing c. tunneling d. computer forensics e. misuse detection

computer forensics

Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed? a. disruption b. destruction c. controlled chaos d. intrusion e. disaster

controlled chaos

Developing _______ helps develop a secure network. a. rules b. controls c. network maps d. vendor documentation e. service level agreements

controls

________ controls fix a trespass into the network. a. corrective b. detective c. preventive d. mitigating e. backup

corrective

Which of the following is not a type of intrusion prevention system? a. network-based b. data link-based c. application-based d. host-based e. none of the above is an appropriate answer

data link-based

A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed. a. denial-of-service attack b. service level agreement c. virus d. spamming e. scamming

denial-of-service attack

An example of _____ of data would be if a computer virus eliminated files on that computer. a. disruption b. controlled chaos c. intrusion d. destruction e. disaster

destruction

A tornado that eliminates a network control center would be an example of a natural __________ a. disaster b. disruption c. controlled chaos d. destruction e. intrusion

disaster

Encryption is the process of: a. transmission of information over secure lines in analog form to prevent illegal access b. detecting errors in messages by means of mathematical rules c. correcting errors in message by means of mathematical rules d. disguising information by the use of mathematical rules, known as algorithms e. preventing errors in messages by means of logical rules

disguising information by the use of mathematical rules, known as algorithms

A network switch failure is an example of a(n) ________ threat. a. internal b. disruptive c. causal d. intrusion e. disaster

disruptive

A way to prevent intrusion by disguising information through algorithms is: a. spoofing b. call-back access c. encryption d. disk elevatoring e. disk mirroring

encryption

To snare intruders, many organizations now use _________ techniques. a. entrapment b. hacker c. Trojan horse d. cracker e. DES

entrapment

Which of the following type of media is least susceptible to eavesdropping? a. fiber optics b. twisted pair c. microwave d. infrared e. coaxial cable

fiber optics

A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network. a. firewall b. token system c. ANI d. call-back modem e. firefighter

firewall

The use of hacking techniques to bring attention to a larger political or social goal is referred to as a. hacking b. ethical politics c. hacktivism d. social engineering e. brute force attacks

hacktivism

A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. a. asset b. service level agreement c. threat d. security plan e. network design

threat

A brute force attack against an encryption system: a. tries to gain access by trying every possible key b. is called RC4 c. is also known as 3DES d. always uses the Rijndael algorithm e. is part of the Advanced Encyrption Standard

tries to gain access by trying every possible key

Which of the following is a mode that is used by IPSec? a. exchange b. sniffer c. tunnel d. creeper e. firefighter

tunnel

A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption. a. network cloaking device b. backup punch card reader c. uninterruptible power supply d. service level agreement e. help desk

uninterruptible power supply

Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities? a. locks on network circuits after working hours b. passwords that disable the screen and keyboard of a computer c. secured network cabling behind walls and above ceilings d. use of armored cable e. unlocked wiring closet for network devices

unlocked wiring closet for network devices

Which of the following are usually the first choice for eavesdropping? a. unshielded twisted pair b. shielded twisted pair c. local cables owned by the organization d. wireless LANs e. fiber optics

wireless LANs

A (n) ______ is a special type of virus that spreads itself without human intervention. a. snake b. worm c. Trojan horse d. boot sector virus e. stealth virus

worm

__________ provide authentication which can legally prove who sent a message over a network. a. Digital signatures b. DES keys c. Directory keys d. Screen names e. User Ids

Digital signatures

Which of the following is not a type of intruder who attempts to gain intrusion to computer networks? a. Delphi team member b. script kiddies c. crackers d. professional hackers e. organization employees

Delphi team member

__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network. a. Translation b. Conversion c. Network address translation d. Proxy translation e. IP conversion.

Network address translation

Which of the following is not considered one of the five most common business impacts? a. Financial b. Productivity c. Reputation d. Social e. Safety

Social

Which of the following is not true about one-time passwords? a. Users' pagers can receive them. b. They can be used in conjunction with a token system. c. The user must enter the one-time password to gain access or the connection is terminated. d. This is a good security solution for users who travel frequently and who must have secure dial-in access. e. They create a packet level firewall on the system.

They create a packet level firewall on the system.

_______________ describes how an asset can be compromised by one specific threat. a. Threat scenarios b. Threat plans c. Threat hacks d. Threat contingencies e. Threat attacks

Threat scenarios

_______________ is an encryption standard that uses a total of 168 bits as the key. a. Triple DES b. Dial-back c. WEP d. EAP e. Ciphering

Triple DES

Spyware, adware and DDOS agents are three types of: a. IP spoofing attacks b. Denial-of-service attacks c. Trojans d. Physical security threats e. Intrusion prevention detection approaches

Trojans

The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________. a. WLANs b. intranet c. extranet d. WAN e. none of the above

WLANs

A sniffer program is a: a. type of macro-virus b. small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location c. used in a call-back modem d. a program that records all LAN messages received for later (unauthorized) analysis e. secure hub program

a program that records all LAN messages received for later (unauthorized) analysis

A symmetric encryption system has two parts: the key and the ____________. a. algorithm b. spamming method c. IP spoofer d. clearance code e. smart card bits

algorithm

A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint

anomaly detection

A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks. a. application level firewall b. bullion server c. ANI system d. IP spoofing systems e. packet level firewall

application level firewall

A(n) _________ is something of value and can be either hardware or software. a. asset b. service level agreement c. threat d. security plan e. network design

asset

Threat of intrusion comes from ____________. a. the government b. crackers c. outside of the organization d. both inside and outside of the organization e. inside of the organization

both inside and outside of the organization

A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication. a. disaster recovery firm b. DES company c. directory company d. certificate authority e. fingerprint advisory board

certificate authority

In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has: a. decreased because the new sophisticated technology is far more secure than the old manual methods b. remained the same because management was always deeply interest in control and security c. decreased because of the change in moral and ethical codes in the U.S. to a kinder and gentler society d. increased because this commitment to data communications has changed the potential vulnerability of the organization's assets e. remained the same because there are very few threats to data communications

increased because this commitment to data communications has changed the potential vulnerability of the organization's assets

A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat. a. disruptive b. controlled chaos c. disruptive d. intrusion e. disaster

intrusion

Often, incidents of ___________ involve employees of the organization, surprisingly enough. a. intrusion b. disruption c. controlled chaos d. destruction e. disaster

intrusion

DES: a. is maintained by ISO b. refers to Date Electronic Security c. is a commonly used symmetric encryption algorithm that was developed in the mid-1970s d. was developed by a joint effort that included Microsoft e. is an asymmetric algorithm

is a commonly used symmetric encryption algorithm that was developed in the mid-1970s

A security hole is a(n): a. malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users b. small peep-hole in a door or wall to allow a security guard to examine an individual before allowing that individual access to a secure area or location c. packet-level firewall d. missing or absent protected mode addressing restrictions on user programs during multitasking or multithreaded program execution e. ANI system

malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users

A(n) ____________, is an information system that is critical to the survival of an organization. a. network plan b. accounting system c. IDS d. mission critical application e. firewall

mission critical application

According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they a. often have weaker security. b. have more assets. c. are more likely to have credit card numbers available. d. are likely off-shore. e. have lower bandwidth

often have weaker security.

IP spoofing means to: a. fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network b. clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation c. illegally tape or listen in on telephone conversations d. detect and prevent denial-of-service attacks e. act as an intermediate host computer between the Internet and the rest of the organization's networks

ool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network

A(n) ____________ examines the source and destination address of every network packet that passes through it. a. packet level firewall b. mullion server c. ANI system d. IP spoofing system e. application level firewall

packet level firewall

Which of the following is not a method for deterring intrusion? a. training end users not to divulge passwords b. using a smart card in conjunction with a password to gain access to a computer system c. using biometric devices to gain access to a computer system d. using a security software package that logs out users if that user is 'idle' for a certain amount of time e. performing social engineering

performing social engineering

________ controls discover unwanted events. a. preventive b. corrective c. detective d. mitigating e. backup

preventive

_________ controls stop a person from acting. a. detective b. corrective c. mitigating d. preventive e. backup

preventive

The key principle in preventing disruption, destruction and disaster is ___________. a. redundancy b. control spreadsheet c. IDS d. anti-virus software e. prevention controls

redundancy

A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. a. risk assessment b. backplane c. mitigating control factor analysis d. control verification worksheet e. control test plan

risk assessment

We can calculate the relative ___________, by multiplying the impact score by the likelihood. a. rootkit b. authentication c. risk score d. risk assessment e. risk event

risk score

For Ethernet networks, a _______ switch can make eavesdropping more difficult. a. secure b. Trojan horse c. proxy d. spoofing e. spamming

secure

IP Security Protocol: a. is focused on Web applications b. is primarily used to encrypt e-mail c. is a policy which makes public key encryption work on the Internet d. sits between IP at the network layer and TCP/UDP at the transport layer e. operates in entrapment mode

sits between IP at the network layer and TCP/UDP at the transport layer