Midterm Spring 2015
55) SNMP Set commands can ________.
C) both A and B ask agents for information about the managed device B reroute traffic
24) Momentary traffic peaks can lead to ________.
C) both A and B latency and packet loss
61) In SDN, which device manages the control function for individual devices?
D) SDN controller
37) An attacker must break through two firewalls to get to a host. This illustrates the principle called ________. (Select the most specific answer.)
D) defense in depth
43) If someone has been properly authenticated, they should receive ________ permissions.
D) minimum
62) SDN holds the promise of bringing ________.
D) neither A nor B lower cost lower agility
67) The digital certificate provides the ________.
D) none of the above
42) Another term for authorization is ________.
D) permission
53) To determine if a host is reachable, you would send a(n) ________.
D) ping
46) At what layer(s) do you find single network standards?
Data link and physical layers
4) Application programs on ________ communicate by sending messages between each other.
Different hosts
24) If the destination host finds an error in an Ethernet frame, it ________.
Discards
13) A sending host will retransmit a TCP segment if it ________.
Does not receive an ACK
69) When a firewall identifies an attack packet, it ________.
Drop a packet
39) The most widely used single network address is the ________.
EUI-48 address
38) For every conversation, a client randomly generates an ephemeral port number for ________.
Each conversation
66) ________ is placing a message in the data field of another message.
Encapsulation
63) What can be done today without the target's knowledge?
Face recognition
51) An individual switch knows the frame's entire path. T/F
False
21) For Netflix, ________ is a(n) ________, and ________ is a(n) ________.
Google, SaaS, AWS, IaaS
18) A message always has a ________.
Header
52) An HTTP response message usually has a ________.
Header and a data field
11) If a destination host does not receive a segment, it will ________.
Not send an ACK.
29) 20,000 bits per second is ________.
20 Kbps
32) 0.02 Gbps can also be written as ________.
20 Mbps
30) 200,000M bits per second is ________.
200 Gbps
27) How long are IPv4 addresses?
32 bits
28) 320,000 kbps is ________.
320 Mbps
34) Writing 37kbps properly in metric notation would be ________.
37,000 bps
33) Writing 37,400 Mbps properly in metric notation would be________.
37.4 Gbps
87) ________ look at ________, and ________ look at ________.
Antivirus programs, files, firewalls, packets
8) ________ is the percentage of time that a network is available for use.
Availability
59) Convert decimal 8 to binary.
B) 1000
49) Which of the following is true?
B) Guidelines must be considered.
56) SNMP ________ commands can change how managed devices operate.
B) Set
27) Overprovisioning means ________.
B) adding much more switching and transmission line capacity than will be needed most of the time
41) Actions that people are allowed to take on a resource come under the heading of ________.
B) authorizations
23) ISPs usually offer QoS guarantees to ________.
B) business customers
43) At what layer do you find EUI-48 addresses?
B) data link
44) At what layer are frames standardized?
B) data link
45) The second-lowest standards layer is the ________ layer. (Read the question and answers carefully.)
B) data link
38) Vulnerabilities are occasionally found in even the best security products. Consequently, companies must ________.
B) have defense in depth
47) Implementation guidance is less specific than ________.
B) implementation
28) Priority is assigning high priority to ________ applications while giving low priority to ________ applications.
B) latency-intolerant, latency-tolerant
20) An SLA for latency should specify a ________.
B) maximum latency
19) An SLA for availability should specify a ________.
B) minimum availability
18) An SLA for speed should specify a ________.
B) minimum speed
40) Companies should ________ single points of takeover.
B) pay special attention to
33) Which phase of the plan-protect-respond cycle takes the largest amount of work?
B) protect
35) Balancing threats against protection costs is called ________.
B) risk analysis
58) SNMP agents can initiate ________.
B) traps
17) An SLA should specify the ________.
B) worst case
61) what is facial recognition?
Biometrics
15) Mobile code is another name for ________.
Bluetooth
89) Which is NOT a standards organization? OSI, ITU-T or ISO
OSI
16) Which of the following is inside the header of messages?
address field
3) Which of the following is a host when it is on a network - mobile phone, server, or client PC?
all of them
64) The electrical signal generated by a microphone is called a(n) ________ signal.
analog
47) At which layer would you find standards for requesting videos from a video-sharing site such as YouTube?
application
48) At which layer would you find file transfer protocol (FTP) standards for downloading files from an FTP server?
application
54) At what layer is encoding done?
application
46) Which of the following layers has more standards than the other three layers?
application layer
37) On a server, well-known port numbers indicate ________.
applications
52) Authentication should generally be ________.
appropriate for a specific resource
53) Passwords are widely used because they ________.
are inexpensive to use
44) Electronic signatures provide message-by-message ________.
authentication
49) Requiring someone to use a resource to prove his or her identity is ________.
authentication
65) The source host and destination host are separated by seven networks. There will be seven ________.
frames
26) Credit card number thieves are called ________. (Pick the most precise answer.)
fraudsters
62) When a packet travels through an internet, there are usually ________.
more data links than routes
37) When messages of different users share a transmission line, this is ________.
multiplexing
39) What type of attacker can do the most damage?
national governments
40) All single network addresses are ________ addresses.
neither EUI-48 nor IP Addresses
31) TCP messages are called ________.
segments
4) The meaning of a message is referred to as the message's ________.
semantics
7) A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem.
vulnerability
72) At what layer would you find frames?
2
74) At what layer would you find switches?
2
81) What layer number is the data link layer?
2
83) Which layer's standards govern delivering frames?
2
55) Prepare2 can be cracked most quickly by a(n) ________.
dictionary attack
59) The password "NeVEr" can be defeated by a ________.
dictionary attack
15) Jitter is a problem for ________.
voice over IP (VoIP) and streaming media
33) If someone says that a 1-bit flag is set, this means that it is given the value ________.
1
42) In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption?
1
63) If two hosts are separated by seven networks, how many packets will there be along the way when a host transmits a packet to another host?
1
68) If a frame passes through two routers between the source and destination hosts, how many routes will there be?
1
73) At what layer would you find wire connections?
1
79) What layer number is the physical layer?
1
82) Which layer's standards govern signaling?
1
25) Cloud customers are concerned that ________.
1. data may be hacked/compromised. 2. Governments may have secret access to their information.
7) In a coffee shop hot spot, the rated speed is 10 Mbps. Throughput is about half of the rated speed. There are ten people using the hot spot. You and three others are transmitting or receiving at a particular moment. What speed should you expect to get?
1.25 Mbps
43) In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.)
128
61) A 7-bit field can represent ________ alternatives or different combinations.
128
63) The five senses can be represented with a ________-bit field.
3
71) At what layer would you find packets?
3
75) At what layer would you find routers?
3
80) What layer number is the Internet layer?
3
84) Which layer's standards govern router operation?
3
86) In the Five General Layers Standard, which layer's standards govern application World Wide Web exchanges over the Internet?
3
26) In IP, the first bit in the second row is ________.
32
60) A 5-bit field can represent ________ alternatives or different combinations.
32
78) What layer number is the transport layer?
4
85) In the Five General Layers Standard, which layer's standards govern application message fragmentation?
4
34) The UDP has ________ fields. What are they?
4 - two port numbers, UDP length field, UDP checksum, field
28) How long are IPv4 addresses in octets?
4 octets
21) EUI-48 addresses are ________.
48 bits long
62) To represent 65 alternatives, your alternatives field would have to be at least ________ bits long.
7
64) If two hosts are separated by seven networks, how many frames will there be along the way when a host transmits a packet to another host?
7
31) 7,000 bps can also be written as ________.
7 Kbps
66) If a frame passes through seven switches between the source and destination hosts, how many physical links will there be? (Careful!)
8
67) If a frame passes through eight switches between the source and destination hosts on a single network, how many data links will there be?
8
30) You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking?
A) Yes
22) If throughput falls substantially below a QoS guaranteed speed, the ISP ________.
A) always pays a penalty
46) The messages of VPNs ________.
A) both A and B
59) Creating switching tables is an example of ________.
A) forwarding
36) Attackers only need to find a single weakness to break in. Consequently, companies must ________.
A) have comprehensive security
46) Policies are separated by implementation to take advantage of ________.
A) implementer knowledge
57) The SNMP manager stores the information it receives from Get commands ________.
A) in the MIB
30) Compared to other methods for reducing problems during momentary traffic peaks, overprovisioning ________.
A) increases capital cost
21) An SLA for jitter should specify a ________.
A) maximum jitter
32) Priority addresses the problem of ________.
A) momentary traffic peaks
26) Overprovisioning is ________.
A) neither wasteful of capacity nor highly labor-intensive
34) Which of the following is NOT one of the four major security planning principles?
A) perimeter defense
45) Which of the following specifies what should be done?
A) policies
48) Which of the following must be followed?
A) standards
63) When a firewall policy server is used to manage SPI firewalls, what device creates specific ACL rules?
A) the policy server
60) Control is done on individual switches and routers in ________.
A) traditional operation
25) Which of the following is latency intolerant?
A) video
31) Which of the following would receive the highest priority?
A) video packets
50) Oversight activities include ________.
A) vulnerability testing
51) Attacking your own firm occurs in ________.
A) vulnerability testing
39) There is a single countermeasure in ________.
A) weakest links
44) A policy specifies ________.
A) what should be done
57) Convert the binary number 100 to decimal.
C) 4
64) Which of the following is the easiest to understand?
C) firewall policies
18) The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________.
C) spyware
49) In HTTP headers, the end of a header field is usually indicated by a ________.
CRLF
51) ________ is the general name for proofs of identity in authentication.
Credentials
58) Convert a decimal number 15 to the binary number.
D) 1111
84) If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it.
IDS
92) Which is a host's official address on the Internet?
IP address
93) If a host wishes to transmit packets to another host, it must find the other host's ________.
IP address
5) What kind of address do hosts have on the Internet?
IP addresses
9) What type of address is 32 bits long?
IPv4
6) 60.49.7.254 is an ________.
IPv4 address
11) ________ collectively form the core of the Internet service.
ISPs
38) Who are the most dangerous types of employees?
IT security employees
13) Netflix uses AWS for its ________.
IaaS
91) Which layers governs internet transmission?
Internet layer
51) An HTTP request message usually has a ________.
Just a header
19) A program that can capture passwords as you enter them is ________.
Key stroke logger
70) At what layer would you find EUI-48 addresses?
Layer 2
69) At what layer would you find IP addresses?
Layer 3
22) An EUI-48 address was formerly called a(n) ________ address.
MAC
82) Which type of firewall filtering looks at application-layer content?
NGFW
45) The application standard is ____?
No official standard
12) Who controls the Internet?
No one
57) ________ are carried inside ________.
Packets, frames
9) Which of the following usually has higher availability?
Public Switched Telephone Network
29) A packet will definitely get through if it has ________.
QoS reserved capacity and priority
1) Internet standards are published as ________.
RFCs
10) Host P transmits a SYN segment to Host Q. If host Q is willing to open the connection, it will transmit a(n) ________ segment.
SYN/ACK
18) Which type of service manages application software for users?
SaaS
20) For Netflix, Google is a(n) ________.
SaaS
15) After the side wishing to close a TCP connection sends a FIN segment, the other side will ________.
Send an ACK segment.
77) ________ is the dominant firewall filtering method used on main border firewalls today.
Stateful packet inspection
11) Errors may substantially reduce throughput in ________. (Pick the standard most affected.)
TCP
23) ________ read(s) the destination address in an Ethernet frame.
The switch and destination host.
16) Malware programs that masquerade as system files are called ________.
Trojan horses
11) Which of the following attach themselves to other programs?
Viruses
47) SSL/TLS is used for ________.
Web applications
48) 802.11 data link layer standards govern ________.
Wireless access points
10) ________ are full programs.
Worms
29) If you see a username and password on a Post-It note that anyone can see on a monitor, is it hacking if you use this information to log in?
Yes
34) In distributed DoS attacks, the attacker sends messages directly to ________.
a command and control server
49) In a single network transmission, there is always ________.
a single data link and a single frame
88) In antivirus filtering, the best ways to filter currently use ________.
behavioral detection
27) Network speeds usually are measured in ________.
bits per second
4) Transmission speed is normally measured in ________.
bits per second
23) When a cloud client customer moves from one machine to another machine, ________.
both the same data files are available and the same application personalization is in effect.
33) Attack programs that can be remotely controlled by an attacker are ________.
bots
35) Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.)
bots
8) In an HTTP, which one (browser or Webserver application program) transmits message first?
browser
9) In HTTP, which program may initiate communication?
browser
56) A password-cracking attack that tries all combinations of keyboard characters is called a ________.
brute-force attack
60) The password "R7%t&" can be defeated by a ________.
brute-force attack
20) "Octet" is the same as ________.
byte
83) NGFWs ________.
can implement different rules for different applications
37) What type of attacker are most of attackers today?
career criminals
65) In digital certificate authentication, the verifier gets the key it needs directly from the ________.
certificate authority
40) A specific encryption method is called a ________.
cipher
41) The source socket is 60.171.18.22:2707. The source is a(n) ________.
client
43) The source socket is 60.171.18.22:2707. The source host is a(n) ________.
client
41) Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________.
confidentiality
73) ACLs are used for packets in the ________ state.
connection-opening
65) A codec ________.
converts binary voice signals into digital signals for transmission
57) The password "velociraptor" can be defeated most quickly by a ________.
dictionary attack
47) PPP is standardized at the ________ layer.
data link
61) The path that a frame takes across a single network is a ________.
data link
67) After the Internet layer process does encapsulation, it passes the IP packet to the ________ layer process.
data link
90) OSI standards are dominant at the ________.
data link and physical layer
17) The ________ contains the content being delivered by a message.
datafield
29) To make a forwarding decision, a router looks at the arriving packet's ________.
destination IP address
50) Switches make decisions based on the ________.
destination data link layer address and switching table.
88) Application message reassembly is done on the ________.
destination host
94) When the source host transmits a frame, the frame is addressed to the ________.
destination host
95) When the source host transmits a packet, the packet is addressed to the ________.
destination host
54) A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________.
dictionary attack
14) Which of the following can spread more rapidly?
directly-propagating worms
7) The address 60.49.7.254 is represented in ________.
dotted decimal notation
20) Small malware programs that download larger malware programs are called ________.
downloaders
75) When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________. (Read this question carefully.)
drops the packet
14) In a four-step close, which side transmits a FIN segment?
either side
1) The Target attackers probably first broke into Target using the credentials of a(n) ________.
employee in a firm outside Target
53) Converting application messages into bits is called ________.
encoding
39) The range of port 1024 to port 4999 is the usual range for ________ port numbers.
ephemeral
40) 2500 is in the range for ________ port numbers.
ephemeral
25) Ethernet does ________. Is it reliable?
error detection. No.
71) Firewall log files should be read ________.
every day
31) Methods that hackers use to break into computers are ________.
exploits
36) Advanced persistent threats are ________.
extremely dangerous for the victim
32) TCP has six single-bit fields in headers and these single-bit fields are called ________ fields.
flag
35) Dividing an application message into a series of smaller message segments is called ________.
fragmentation
36) If a transmission link has a relatively high error rate, ________.
fragmentation is likely to reduce delivery time for the entire application message
58) When an application program transmits a message, what will the first field be in the message that is sent over the transmission link?
frame header
41) Data link layer standards govern ________.
frame organization and switch operations
27) Which of the following tends to be more damaging to the victim?
identity theft
52) Policies should drive ________.
implementation and oversight
17) Netflix uses the most VMs ________.
in the evenings
6) Users of an access point share the transmission capacity of the access point. The throughput a user gets is called the ________.
individual throughput
8) Users typically can eliminate a vulnerability in one of their programs by ________.
installing a patch
53) In hybrid Ethernet—802.11 networks, wireless clients use the Ethernet network to gain access to ________.
internal servers
77) Standards tend to bring _________.
interoperability
70) A firewall will drop a packet if it ________.
is a definite attack packet
10) Error rates can soar when the network traffic level ________.
is at a high level
48) Using SSL/TLS for Web applications is attractive because SSL/TLS ________.
is essentially free to use
86) If a firewall does not have the processing power to filter all of the packets that arrive, ________.
it will drop packets it cannot process
14) Variability in delay is called ________.
jitter
12) When a packet travels through a network, the time it takes to get from the sender to the receiver is called ________.
latency
72) Egress filtering examines packets ________.
leaving to the outside
76) Stateful firewalls are attractive because of their ________.
low cost
5) The general name for evil software is ________.
malware
6) A message's semantics is its ________.
meaning
45) Electronic signatures also provide ________ in addition to authentication.
message integrity
3) QoS is quantified through ________.
metrics
13) Latency is usually measured in ________.
milliseconds (ms)
56) Single network addresses in different single networks are ________.
neither unique nor are they unique if the two single networks using the same technology standard.
8) Dotted decimal notation is used by ________.
networks
81) Which type of firewall filtering collects streams of packets to analyze them as a group?
next-generation
10) What type of address is 100 bits long?
none of the above
59) When an application program transmits a message, what will the SECOND field be in the message that is sent over the transmission link?
packet header
78) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement?
pass it if it is part of an approved connection
80) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP FIN segment?
pass it if it is part of an approved connection
74) When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________.
passes the packet
22) Pieces of code that are executed after the virus or worm has spread are called ________.
payloads
24) In SaaS, the user normally ________.
pays for software by amount of use
24) An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.)
phishing
68) After the data link layer process does encapsulation, it passes the IP packet to the ________ layer process.
physical
69) Which layer process does NOT do any encapsulation when an application layer process transmits a message?
physical
15) A ________ may have multiple ________.
physical server, virtual machines
62) Iris scanning is attractive because of its ________.
precision
2) Standards mean the same thing as ________.
protocols
14) Content delivery networks mainly ________.
reduce latency
32) DoS attacks attempt to ________.
reduce the availability of a computer
85) In a firewall, VPN traversal ________.
reduces firewall filtering effectiveness
60) The path that a packet takes across an internet is a ________.
route
76) Packets are ________.
routed
2) A networking device that plays an important role in directing network communication is called a ________.
router
54) What device connects different networks into an Internet?
router
44) The destination socket is 60.171.18.22:161. The destination host is a(n) ________.
server
19) IaaSs own _________.
servers
22) An IaaS provides ________.
servers
2) In QoS, the S stands for ________.
service
26) Guarantees by a provider to meet certain delivery quality specifications are called ________.
service level agreements
1) Compared to network demand, network budgets are growing ________.
slower
23) Tricking users into doing something against their security interests is ________.
social engineering
87) Application message fragmentation is done on the ________.
source host
21) Unsolicited commercial e-mail is better known as ________.
spam
25) An attack aimed at a single person or a small group of individuals is a(n) ________ attack. (Choose the most specific answer.)
spear phishing
7) A message's syntax is its ________.
structure
50) In authentication, the ________ is the party trying to prove his or her identity.
supplicant
5) How a message is organized is its ________.
syntax
52) In switched networks, to what device is a frame addressed?
the destination host
5) Throughput is ________.
the speed a network actually provides to users
64) In digital certificate authentication, the supplicant encrypts the challenge message with ________.
the supplicant's private key
66) In digital certificate authentication, the verifier uses ________.
the true party's public key
28) Which of the following meets the definition of hacking ________.
to intentionally use a computer resource without authorization
19) Which part of a message is less often in a message compared to the other two parts?
trailer
12) If the destination host receives a segment that has an error, it will ________.
transmit an RSND segment
68) Debit card is secure because it requires two credentials for authentication. This is also called ________.
two-factor authentication
30) IP is ________.
unreliable
36) UDP is ________.
unreliable
1) Depicting the Internet as a cloud symbolizes that ________.
users do not have to know how the Internet operates and where resources are located
12) Viruses most commonly spread from one computer to another ________.
via e-mail
16) Which can be moved more easily, a server or VM?
virtual machine
13) Which of the following sometimes uses direct propagation between computers?
worms
9) Vulnerability-based attacks that occur before a patch is available are called ________ attacks.
zero-day