MIS 140 Exam 3
Routers use network layer address to forward packets between network segments
True
SONET is made up of very high speed dedicated circuits that incorporate inverse multiplexing (IMUX) for all levels above the OC-1 level.
True
Secure Sockets Layer is an encryption standard designed for use on the Web.
True
Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters.
True
Switches and routers are devices that can connect networks to the BN.
True
The CERT was established at Carnegie Mellon University
True
A symmetric encryption system has two parts: the key and the ____________.
algorithm
A fundamental technique to determine if an intrusion is in progress in a stable network is:
anomaly detection
____________ are companies that build a data and telecommunications infrastructure from which other companies can lease services for WANs and MANs.
Common carriers
The _________ is the part of the backbone that connects the different backbones together.
Core layer
A backbone network that connects many backbone networks spanning several buildings at a single location is often called an Internet backbone.
False
A dedicated circuit is usually not available late at nights or on weekends.
False
A disadvantage of a star architecture is that the failure of one circuit will disrupt the entire network.
False
A hardware device that operates at the application layer is a router.
False
A switched backbone uses a bus topology
False
An OC-1 circuit provides a data rate of 155 Mbps.
False
An intranet VPN connects different organizations over the Internet.
False
An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user.
False
An uninterruptible power supply utilizes a second redundant disk for every disk on the server.
False
Another term for a DSL modem is a DSL brouter.
False
Asymmetric encryption uses the same key to encrypt and decrypt an message..
False
Backbone networks typically use lower speed circuits to interconnect a series of LANs and provide connections to other backbone networks.
False
Confidentiality is not a threat to business continuity.
False
Corrective controls reveal or discover unwanted events.
False
Crackers are casual hackers with a limited knowledge of computer security.
False
DES is a commonly used symmetric encryption algorithm developed in the mid-1990s by the American government in conjunction with IBM.
False
DSL uses a remote loop to connect homes to the telephone company end office.
False
Datagrams are connection-oriented.
False
Decryption is the process of converting plaintext into ciphertext.
False
Digital Subscriber Line is a family of multipoint technologies.
False
Each of the networks in Internet 2 has a set of access points called terapops.
False
Fault-intolerant servers contain many redundant components to prevent failure.
False
Frame relay is a reliable packet service.
False
Full mesh design networks are more common than partial mesh design networks.
False
Full mesh networks are inexpensive.
False
IBM recently developed a new WiMAX chip set.
False
IXPs were originally designed to connect only tier 3 ISPs.
False
In a DSL environment, the line splitter and DSL modem are always two separate devices.
False
In transport mode, IPSec encrypts the entire IP packet
False
Integrity is not a primary goal of security.
False
Layer-3 switches switch messages based on their data link layer address.
False
MPLS operate at layer 4.
False
Microsoft's Windows operating system meets A1 level security.
False
Network cables are the easiest target for eavesdropping.
False
One advantage of a routed backbone is that is requires little management.
False
Physical security of an organization's IT resources is not an important element in preventing intrusion to an internal LAN.
False
Researchers estimate that only one or two new viruses are developed every week.
False
Routed backbones use switches that move packets based on data link layer addresses.
False
Routers can only connect the same type of cable.
False
Routers operate at the application layer
False
Social engineering refers to creating a team that solves virus problems.
False
T carrier circuits can only be used to transmit voice.
False
Technologies such as DSL and cable modem are called narrowband technologies.
False
The Internet Engineering Steering Group provides strategic architectural oversight for the Internet.
False
The Internet is flat in structure.
False
The Internet is one large network.
False
The cable to connect BNs is usually twisted pair.
False
The committed information rate (CIR) in a permanent virtual circuit is the maximum allowable rate that the network will attempt to provide.
False
The most common access point used by attackers to gain access to an organization's network is the dial-up access via a modem.
False
To connect into a packet switched network, a network terminator is generally used.
False
To use DSL, a customer needs a DSL Access Multiplexer installed at his or her location.
False
Today, a common carrier that provides long distance services is typically called a local exchange carrier.
False
Triple DES uses a total of 512 bits as the key.
False
VPNs offer high security because they operate through the Internet.
False
WiMAX is an older wireless technology that probably won't be used much longer.
False
With application level firewalls, any access that has not been disabled is permitted.
False
A routed backbone tends to be used more for large networks than VLANs, although VLAN high speed switches and this new type of LAN-BN architecture are now being considered.
True
Some of the new applications being developed for a high-speed Internet include
Tele-immersion
A security hole is a bug that permits intrusion to a computer.
True
A NAT firewall uses an address table to translate private IP addresses used inside the organization into proxy data link layer addressed used on the Internet.
True
A T1 circuit provides a data rate of 1.544Mbps.
True
A Trojan horse allows a user to access a computer from a remote location.
True
A WAN with a ring topology can use full or half duplex circuits
True
A backbone network is a high-speed network that connects many networks
True
A brute-force attack is a method of trying to guess the correct password by trying every possible key.
True
A certificate authority is a trusted organization that can vouch for the authenticity of a person or organization.
True
A denial-of-service attack occurs when someone external blocks access to your network.
True
A distribution hub includes a combiner and a Cable modem termination system.
True
A host based intrusion prevention system (IPS) monitors activity on the server and reports intrusions to the IPS management console.
True
A key advantage of a chassis switch is its flexibility.
True
A packet-level firewall examines the source and destination address of every network packet that passes though the firewall
True
A patch is a software solution to correct a security hole
True
A point of presence is the place at which the ISP provides services to its customers.
True
A recent study by CSO Magazine and the Computer Security Institute stated that the average loss suffered by businesses because of computer security breaches was approximately $350,000.
True
A room that contains a rack of equipment for a rack-based collapsed backbone is also called the main distribution facility (MDF) or central distribution facility (CDF).
True
A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks.
application level firewall
Ethernet/IP packet networks:
are supported with gigabit fiber optic networks in large cities
A(n) _________ is something of value and can be either hardware or software.
asset
A high-speed Internet has a set of access points called ____pops that provide point-of-presence at ________ speeds.
giga, gigabit
Circuit capacity on a backbone network will not be improved by:
going from 100Base-T Ethernet to 10Base-T Ethernet
The use of hacking techniques to bring attention to a larger political or social goal is referred to as
hacktivism
Another term for cable networks that use both fiber-optic and coaxial cable is __________.
hybrid fiber coax
Dynamic routing:
imposes an overhead cost by increasing network traffic
In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:
increased because this commitment to data communications has changed the potential vulnerability of the organization's assets
A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.
intrusion
Often, incidents of ___________ involve employees of the organization, surprisingly enough.
intrusion
DES:
is a commonly used symmetric encryption algorithm that was developed in the mid-1970s
Primary rate interface:
is typically offered only to commercial customers
Switches:
learn addresses by reading the source and destination addresses
A __________ separates traditional voice telephone transmission from the data transmissions in the equipment located at the customer site for DSL.
line splitter
The _________ is the connection from a home or business to the telephone company end office.
local loop
Which of the following is a primary advantage of a VPN?
low cost
In a DSL environment, local loops from many customers enter and are connected to the
main distribution center
Associated with a switched backbone, MDF is an acronym for:
main distribution facility
A security hole is a(n):
malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users
Routers:
may also be called TCP/IP gateways
In a ring design WAN,
messages can take a long time to travel from the sender to the receiver
A(n) ____________, is an information system that is critical to the survival of an organization.
mission critical application
Which of the following is not a way to reduce network demand?
moving data further from the applications and people who use them
According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they
often have weaker security
A(n) __________ is used to connect a fiber optic cable from the cable TV company side to a coaxial cable on the customer side.
optical-electrical converter
A _____________ is a user's connection into a packet switched service.
packet assembly/disassembly device
A(n) ____________ examines the source and destination address of every network packet that passes through it.
packet level firewall
Which of the following type of networks permit packets from separate messages to be interleaved?
packet switched network
Devices in a rack are connected together using ___________.
patch cables
Which of the following is not a method for deterring intrusion?
performing social engineering
A _________ is a connection-oriented approach to sending packets on a packet switched service.
permanent virtual circuit
Computers can be assigned to a VLAN based on the ________.
physical port on the switch
Which of the following is a mode that is used by IPSec?
tunnel
With a virtual private network, users create permanent virtual circuits through the Internet called:
tunnels
A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.
uninterruptible power supply
Spyware, adware and DDOS agents are three types of:
Trojans
A ___________ is/are devices that permit a user to connect to a digital T-carrier service.
CSU/DSU
Most WiMAX providers in the US are using an effective data range of
0.5 to 1.5 miles
A T1 level of ADSL has a maximum downstream rate of about _________ Mbps.
1.5
The data rate for a T-1 circuit in North America is:
1.544 Mbps
The maximum download data rate for cable modem systems is currently
150 Mbps
OC-3072 has a data rate of
159.25 Gbps
WiMAX was designed to use the _______ frequencies.
2.3 GHz, 2.5 GHz, and 3.5 GHZ
In North America, a T1 circuit has ______ 64Kbps channels.
24
Internet2® is an organization of about _____ universities, corporations, government agencies, and organizations.
400
The data rate for a T-3 circuit in North America is:
44.376 Mbps
The backbone architecture layer that is closest to the users is the
Access layer
The _________________ is a Canadian government agency that regulates voice and data communication.
CRTC
Which of the following is not true about multiswitch VLANs?
All of the above are true statements.
At the DSL customer premises is a device called a(n)
DSL modem
A DSL modem is also known as a:
DSL router
At the DSL local carrier's office, the __________ demultiplexes the data streams and converts them into ATM data.
DSLAM
Data traffic from the customers premises is sent to a __________ which is located at the local carrier's end office.
DSLAM
______________ are sometimes called private line services.
Dedicated-circuit networks
Which of the following is not a type of intruder who attempts to gain intrusion to computer networks?
Delphi team member
__________ provide authentication which can legally prove who sent a message over a network.
Digital signatures
The _______ is the part of the backbone that connects the LANs together.
Distribution layer
WiMax was designed to easily connect into existing ___________.
Ethernet LANs
A VLAN network assigns computers to LAN segments by hardware.
False
A VLAN requires the computer manager to reconfigure the physical cables to the switch if a computer is moved from one port to another port on a switch.
False
VLANs prioritize traffic based on the ______.
IEEE 802.1q standard
Peering has led to the emergence of a new organization type called the _______, which permits any ISP to connect to its network.
IXP
Tier 1 ISPs connect together and exchange data at ___________.
IXPs
The ___________ is responsible for technical management of IETF and the Internet standards process.
Internet Engineering Steering Committee
The ________ is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and smooth operation of the Internet.
Internet Engineering Task Force
The _________operates like the IETF through small research groups focused on specific issues.
Internet Research Task Force
The closest the Internet has to an "owning" organization is the ___________.
Internet Society
At the top of the Internet structure are tier 1 ___________, such as AT&T and Sprint.
Internet service providers
Which of the following new Internet efforts was started by 34 universities?
Internet2
_____________ is a common standard for use by layer 2 access VPNs for encapsulation.
L2TP
__________ is a term that refers to the speed in converting input packets to output packets.
Latency
Which of the following is not a type of VPN?
T-1 VPN
Most IP services use _______ as the data link layer protocol
MPLS
_____________ is sometimes called a Layer 2.5 technology.
MPLS
A(n) _________ is a type of application level firewall that is transparent so that no other computer notices that it is on the network.
NAT firewall
__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network
Network address translation
In 1996, The National Science foundation provided $100 million to start the ___________ program to develop the very-high-performance Backbone Network Service.
Next Generation Internet
Which of the following statements is true?
On a circuit, the shorter the distance, the higher the speed.
With IP services, the ________ at the sending site takes the outgoing message (which usually is an Ethernet frame containing an IP packet), strips off the Ethernet frame and uses the IP address in the IP packet to route the packet though the carrier's packet‐switched network to its final destination.
PAD
__________ has led to the belief that the Internet is "free".
Peering
___________ refers to the fact that ISPs do not charge one another (at the same level) for transferring messages they exchange across an NAP or MAE.
Peering
Using ______ capabilities, network managers can connect VOIP phones directly into a VLAN switch and configure the switch to reserve sufficient network capacity so that they will always be able to send and receive voice messages.
QoS
A subnetted or hierarchical backbone can also be called:
Routed backbone
_________ move packets along the backbone based on their network layer address.
Routed backbones
_____ are dedicated digital circuits that are the most commonly used form of dedicated circuit services in North America today.
T-carrier services
_______________ is an encryption standard that uses a total of 168 bits as the key
Triple DES
Which of the following is not considered one of the five most common business impacts?
Social
Which of the following is one of the tier 1 ISPs in North America?
Sprint
Digital _________ Line is a family of point-to-point technologies designed to provide high-speed data transmission over traditional telephone lines.
Subscriber
A __________ type of BN has a star topology with one device, such as a switch, at its center
Switched backbone
_________ have no backbone cable.
Switched backbones
Which of the following is not a benefit of packet switched services?
The data transmission rates tend to be lower than dial-up or dedicated circuits.
Which of the following is not true about Layer-3 switches?
They can only switch messages based on their data link layer addresses.
Which of the following is not true about one-time passwords?
They create a packet level firewall on the system.
Which of the following is true regarding switched backbones?
They place all network devices for one part of the building physically in the same room, often in a rack of equipment
Which of the following is not true about backbone networks?
They tend to use lower speed circuits than LANs
_______________ describes how an asset can be compromised by one specific threat.
Threat scenarios
A threat to the data communications network is any potential adverse occurrence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.
True
An asset can be compromised by more than one threat, so it is common to have more than one threat scenario for each asset.
True
Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account.
True
Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.
True
Common carriers sell or lease communication services and facilities to the public.
True
Companies have learned that threats from hacking from its own employees occur about as often as by outsiders.
True
Confidentiality refers to the protection of the organizational data from unauthorized disclosure of customer and proprietary data.
True
Controls are mechanisms that reduce or eliminate threats to network security.
True
Disk mirroring writes duplicate copies of all data on at least two different disks.
True
DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.
True
Ethernet/IP packet networks are not provided by common carriers such as AT&T.
True
In building Wide Area Networks, many organizations do not build their own long distance communication circuits
True
Internet 2 is the common name for the Abilene network
True
Intrusion refers to confidentiality and integrity of data
True
Macro viruses can spread when an infected file is opened.
True
One basic component of a backbone network is the hardware device that connects other networks to the backbone.
True
One difference between a switch and a router is that a router will only process messages addressed to the router, while a switch processes all messages.
True
Packet switched networks enable packets from separate messages or separate organizations to be interleaved for transmission.
True
Peering means that a tier 1 ISP does not charge another tier 1 ISP to transmit its messages.
True
Preventive controls mitigate or stop a person from acting or an event from occurring.
True
Routers connect two or more network segments that use the same or different data link protocols, but the same network protocol.
True
The best solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or man-made disaster that would destroy the original network.
True
The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed.
True
The device similar to a DSL router, but used in a FTTH environment is called an optical unit network.
True
The distribution layer of a backbone connects LANs together.
True
The most common authentication protocol used today is Kerberos.
True
The most common cable modem standard is Data over Cable Service Interface Specification.
True
The most common type of DSL today is ADSL.
True
The primary advantage of a routed backbone is that it clearly segments each part of the network connected to the backbone because each segment has its own subnet addresses that can be managed separately
True
The rise of the Internet has increased significantly the potential vulnerability of an organization's assets.
True
Tier 1 service providers connect together and exchange data at IXPs.
True
VLANs provide faster performance compared to switched, collapsed or routed backbone architectures.
True
Virtual private networks permit users to create permanent virtual circuits, or tunnels, through the Internet.
True
WANs can connect BNs across distances that can span up to thousands of miles.
True
When using a digital signature, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key.
True
A _____________ type of BN is a new type of LAN/BN architecture made possible by intelligent, high speed switches that assign computers to LAN segments via software, rather than by hardware.
Virtual LAN
Which of the following is a fundamental backbone network architecture?
Virtual LAN
The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.
WLANs
A sniffer program is a:
a program that records all LAN messages received for later (unauthorized) analysis
Which of the following would be least effective in improving backbone performance?
adding new keyboards to the client computers
Threat of intrusion comes from ____________.
both inside and outside of the organization
Technologies that provide higher-speed communications than traditional modems (e.g., DSL) are known as ______________ technologies.
broadband
Which of the following is not a basic architecture for dedicated circuit networks?
bus
A digital service offered by cable companies is the _________.
cable modem
A(n) ___________ contains a series of cable modems/multiplexers and converts the data from cable modem protocols into protocols needed for Internet traffic, before passing them to a router connected to an ISP POP.
cable modem termination system
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
certificate authority
In a packet switched network, permanent virtual circuits that look very similar to a _____________ (for hardware-based dedicated circuits) move packets through the network.
cloud-based mesh design
Which of the following would not be part of an "ideal" backbone design for the future?
coax cabling throughout LANs and BN
In a cable modem environment, a _______ is used to combine Internet data traffic with ordinary TV video traffic and then send it back to the fiber node for distribution.
combiner
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
computer forensics
Which of the following is not part of the work of the Internet Society?
connecting optical-electrical converters
A star architecture:
connects all computers to one central computer that routes messages to the appropriate computer
Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?
controlled chaos
Developing _______ helps develop a secure network.
controls
________ controls fix a trespass into the network.
corrective
The biggest drawbacks to VLANs are their_________________.
cost and management complexity
For access to DSL, __________ equipment is installed at the customer location.
customer premises
In general, tier 3 ISPs make money by charging ________.
customers
IP spoofing means to:
fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network
Which of the following is not a type of intrusion prevention system?
data link-based
A _______ is a connectionless method of sending data packets on a packet switched service.
datagram
Which of the following is not a technology layer that is considered when designing backbone networks?
decentralized layer
A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed.
denial-of-service attack
A star topology is:
dependent upon the capacity of the central computer for its performance
An example of _____ of data would be if a computer virus eliminated files on that computer.
destruction
A tornado that eliminates a network control center would be an example of a natural __________
disaster
Encryption is the process of:
disguising information by the use of mathematical rules, known as algorithms
A network switch failure is an example of a(n) ________ threat.
disruptive
A headend is also referred to as a:
distribution hub
Which of the following is not a type of hardware device that can be used to interconnect networks?
dumb terminals
In ______ geometric layout for a network, every computer is connected to every other computer often by point-to-point dedicated circuits.
full mesh design
Network demand will not be reduced by:
encouraging the use of applications such as medical imaging
A way to prevent intrusion by disguising information through algorithms is:
encryption
To snare intruders, many organizations now use _________ techniques.
entrapment
In a ring design WAN,
failure in one circuit means that the network can most likely continue to function
Which of the following type of media is least susceptible to eavesdropping?
fiber optics
A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.
firewall
A _________ is the place at which the ISP provides services to its customers.
point-of-presence
Which of the following is not a key issue to be considered when selecting a WAN service?
prestige value of using a particular common carrier
________ controls discover unwanted events.
preventive
_________ controls stop a person from acting.
preventive
Basic rate interface:
provides a communications circuit with two 64 Kbps B channels, plus one D channel
Each state or Canadian province has its own ___________ to regulate communications within its borders.
public utilities commission
With a switched backbone network, the equipment is usually placed in a ______.
rack
The key principle in preventing disruption, destruction and disaster is ___________.
redundancy
A ___________ is used by ISPs to authenticate its customers.
remote-access server.
Routers:
require more management than switches
Mesh networks:
require more processing by each computer in the network than in star or ring networks
A ________ geometric layout connects all computers in a closed loop, with each computer linked to the next usually with a series of point-to-point dedicated circuits.
ring design
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.
risk assessment
We can calculate the relative ___________, by multiplying the impact score by the likelihood.
risk score
A _____________ type of BN segments (each of which has a special set of subnet addresses that can be managed by different network managers) each part of the network connected to the backbone.
routed backbone
Which of the following is not a way that a router differs from a switch?
routers can connect two or more networks that use the same data link protocol
For Ethernet networks, a _______ switch can make eavesdropping more difficult.
secure
IP Security Protocol:
sits between IP at the network layer and TCP/UDP at the transport layer
A _______ geometric layout for a WAN connects all computers to one central computer that routes messages to the appropriate computer, usually via a series of point-to-point dedicated circuits.
star design
Most backbone devices are store-and-forward devices. One simple way to improve performance is to ensure that they have ________________.
sufficient memory
Which of the following is not true about switched backbones?
there are many more networking devices in a switched backbone network
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization
threat
Device performance on a backbone network will not be improved by:
translating packets from one protocol to another as they enter the BN
A brute force attack against an encryption system:
tries to gain access by trying every possible key
Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities?
unlocked wiring closet for network devices
The performance of WANs can be improved by:
upgrading the circuits between the computers
Switched backbone networks:
use a star topology with one device, usually a switch
SONET:
uses inverse multiplexing above the OC-1 level
A _______________ is a particular type of network that uses circuits that run over the Internet but that appears to the user to be a private network.
virtual private network
Fiber to the Home uses
wavelength division multiplexing
Which of the following are usually the first choice for eavesdropping?
wireless LANs
A (n) ______ is a special type of virus that spreads itself without human intervention.
worm