ITN 262 FINAL PART 2
As of 2014, this classification system is defined by the Executive Order:
13526
an attack in which one or more hosts conspire to inundate a victim with ping requests.
A ping flood
refers to an examination of a system to verify that it complies with its security requirements.
A security Audit
In the United States, national policy for telecom and information systems is coordinated by
CNSS
specifies that actual components that will go into the final product or into specific versions of the product.
Configuration Management
are network authentication problems that are addressed using four basic authentication strategies.
Design Patterns
A qualified security assessor (QSA) performs audits to check adherence to:
PCI-DSS requirements
6. In a wireless transmission, a host first sends a
RTS message
TCP/IP attacks include
Source Routing Attack, IP Spoofing Attack, and SYN Flood Attack.
The three common approaches to indirect authentication
Ticket-based, Service-based, and Redirected.
82. Red/black separation is a common feature of crypto devices categorized as
Type 1
The principle application of IPsec is
Virtual Private Networking VPN
2. To launch a distributed denial of service (DDOS) attack, an attacker often uses
a botnet
sequence number, destination port, and source port.
a product line
A rootkit is
a software that hides on a computer and provides a back door for an attacker.
74. Cryptography is used to apply the following protections to network traffic:
a. Nonrepudiation b. Confidentiality c. Authenticity
14. A disadvantage of a tree network is:
address-based size limits
The Federal Information Security Management Act (FISMA) requires U.S. executive branch agencies to
assign security responsibilities to appropriate officials in the agency.
4. Another term for "maximum data rate "is
bandwith
A disadvantage of a star network is
broadcasting
Whenever someone needs to modify an important enterprise system, the change goes through a
change control process.
A disadvantage of a mesh network is
congestion
The software-based access control list that identifies data items that require different types of protection is
internal security labeling.
5. To see a list of MAC addresses on a Windows-based network:
issue the ipconfig/all command.
7. Primary forms of Ethernet media include the following except
nano
A disadvantage of a point-to-point network is:
no broadcasting
13. An advantage of a bus network is
no routing
3. An advantage of packet switching is
parallel transmission
Off-line authentication
relies on public-key certificates
Major components of a TCP packet are
sequence number, destination port, and source port.
The phases of a large-scale attack on an enterprise network or systems includes
surveillance, infiltration, and execution
Modern internet technology evolved from research on:
the ARPANET
30. The whois database provides
the domain name, registrant, and name server addresses.
A major obstacle to becoming an ISP today is:
the shortage of Internet addresses.
9. The networks protocol stack includes
the transport layer and link layer
both means applying cryptography at the top of the application layer or answers the network protocol stack and provides network transparency.
Encrypting "answers the stack":
Packet addressing and routing on the Internet rely entirely on
IP Addresses
Packet filtering looks at any packet header and filters on these values:
MAC address, IP address, and IP protocol.
Producing one encryption key for each cryptonet or communicating pair and distributing that key to the appropriate endpoints is called
Manual Keying
8. The type of switching is:
Message Switching, Circuit Switching, and Packet Switching.