Chp. 17-23
Which approach to intrusion detection searches for an activity that is different from the normal behavior of system entities and system resources?
Anomaly detection
Which of the following allows a mobile node that has made a transition to identify itself to AP within BSS so that the node can participate in data exchanges with other mobile nodes?
Association
What are the security areas that are addressed by IEEE 802.11i?
Authentication, key management, and data transfer privacy
In which encoding scheme is each group of three octets of binary data mapped into four ASCII characters?
Base64
What is the smallest building block of a wireless LAN?
Basic service set
Which of the following uses the Transport Layer Security (TLS) Record protocol?
Change cipher spec protocol
Which of the following does not permit an end-to-end TCP connection?
Circuit-level gateway
In a cloud computing reference architecture, which of the following actors is responsible for making a service available to the interested parties?
Cloud service provider
What services are provided by the TLS Record protocol for TLS connections?
Confidentiality and message integrity
Which of the following refers to the two or more basic service sets interconnected by a distribution system?
Extended service set
Which type of firewall is placed at the edge of a local or enterprise network, inside the boundary router that connects to the Internet or WAN?
External
Which of the following protocols is used to create a TLS session?
Handshake protocol
What refers to the combination of HTTP and TLS to implement secure communication between a Web browser and a Web server?
Hypertext Transfer Protocol Secure
Which of the following provides access control, connectionless integrity, and data origin authentication?
IP Security
Which of the following is transparent to end-users and applications and provides a general-purpose solution?
IP security
Which of the following is a parameter that defines a TLS session connection?
Initialization vector
Which of the following protocols provides a framework for Internet key management and provides the specific protocol support, including formats, for negotiation of security attributes?
Internet Security Association and Key Management Protocol
____________________ is a term that refers to the expanding interconnection of smart devices, ranging from appliances to tiny sensors.
Internet of things
Which of the following resource record types identifies the system(s) via which mail to the queried domain name should be relayed?
Mail exchange
Which of the following is an open-source security module that is part of the TinyOS operating system and provides confidentiality, authentication, and replay protection?
MiniSec
Which of the following defines a design goal for a firewall?
Only authorized traffic, as defined by the local security policy, will be allowed to pass.
_____________ aims to produce an open-source cloud operating system.
OpenStack
Which type of cloud is implemented within the internal IT environment of an organization?
Private cloud
Which of the following defines the fields in the outer SMTP envelope of an email message?
RFC 5321
Which version of the Secure Shell protocol was focused on providing a secure remote login facility to replace TELNET and other remote logon schemes that provided no security?
SSH1
Which standardized protocol provides authentication, integrity, nonrepudiation (via digital signatures), and confidentiality (via encryption) of the message body carried in the SMTP messages?
Secure/Multipurpose Internet Mail Extension
What parameters identify a security association?
Security parameters index, IP destination address, and security protocol identifier
Which device measures some parameters of a physical, chemical, or biological entity and delivers an electronic signal proportional to the observed characteristic either in the form of an analog voltage level or a digital signal?
Sensor
Which protocol encapsulates an email message in an envelope and is used to relay the encapsulated messages from source to destination through multiple Message Transfer Agents (MTAs)?
Simple Mail Transfer Protocol
Which cloud service model enables the customer to use the cloud provider's applications running on the provider's cloud infrastructure?
Software as a service
Which type of firewall tightens up the rules for TCP traffic by creating a directory of outbound TCP connections?
Stateful inspection packet firewall
________________ is a characteristic of a system component that provides passive protection against an attack.
Tamper resistant
What is designed to require only software changes to devices that are implemented with the older wireless LAN security approach called WEP?
Temporal Key Integrity Protocol
Which security module is designed for small embedded systems with tight requirements on memory, processing time, real-time response, and power consumption?
TinyOS
Why does Encapsulating Security Payload (ESP) include a padding field?
To expand the plaintext, if an encryption algorithm requires the plaintext to be a multiple of some number of bytes
Which mode provides protection primarily for upper-layer protocols such that protection extends to the payload of an IP packet?
Transport
Which of the following refers to applying more than one security protocol to the same IP packet, without invoking tunneling?
Transport adjacency
Which technique is used by firewalls to control access to a service according to which the user is attempting to access it?
User control
The NIST cloud computing reference architecture focuses on which of the following requirements?
What cloud services provide?
A ___________ is a self-replicating, self-propagating, and self-contained program that uses networking mechanisms to spread itself.
worm
