Network Defense Mid Term Study Guide

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Collision

A _________ occurs when computing the MD5 algorithm with two different initialization vectors produces the same hash value.

Hash

A __________ value is a fixed-size string representing the original input's contents.

Signature

A ____________ is made up of IP numbers and options, TCP flags, and port number that define a type of network activity.

FIN packet

Lets the other computer know it is finished sending data

Ciphertext

Unreadable text, programs that do not execute, and graphics you cannot view

Scan Throttling

Used by attackers to delay the progression of a scan

D. IDPS

Which security tool works by recognizing signs of possible attack and sending notification to an administrator? A. DiD B. DMZ C. VPN D. IDPS

B. mandatory access control

With which access control method do system administrators establish what information users can share? A. discretionary access control B. mandatory access control C. administrative access control D. role-based access control

Anycast

__________ IPv6 addresses are used for one-to-one or one-to-many communication.

Viruses

___________ are spread by several methods, including running executable code, sharing disks or memory sticks, opening e-mail attachments, and viewing infected or malicious Web pages.

Null

A TCP packet with no flags set is referred to as a _______ packet.

XOR function

A cryptographic primitive based on binary bit logic and used as a linear mixing function, combining values for use in further computations

Stateless Autoconfiguration

A feature of IPv6 in which a computer can connect to a network by determining its own IP address based on the addressing of neighboring nodes

C. use DoS attack on Web sites with which they disagree

A hactivist can best be described as which of the following? A. an unskilled programmer that spreads malicious scripts B. consider themselves seekers of knowledge C. use DoS attack on Web sites with which they disagree D. deface Web sites by leaving message for their friends to read

Biometrics

A method of authenticating a user using physical information, such as retinal scans, fingerprints, or voiceprints

Socket

A network connection consisting of a port number combined with a computer's IP address

DMZ

A semi trusted subnet that lies outside the trusted internal network but is connected to the firewall to make services publicly available while still protecting the internal LAN

Ping Sweep

A series of ICMP echo request packets in a range of IP addresses

Multicast

A transmission used for one-to-many communication, in which a single host can send packets to a group of recipients

Key Management

A way to prevent keys from being discovered and used to decipher encrypted messages

Port

An area in random access memory (RAM) reserved for the use of a program that "listens" for requests for the service it provides

DES

An older protocol composed of a 16-round Feistel network with XOR functions, permutation functions, 64 S-box functions, and fixed key schedules

Back Door

An undocumented hidden opening through which an attacker can access a computer

Signature

Digital ____________ security vulnerabilities are mostly associated with the IT infrastructure required to support interoperability.

Multicast Listener Discovery

Enables IPv6 routers to discover multicast listeners on a directly connected link and to decide which multicast addresses are of interest to those nodes

Packet Filters

Hardware or software tools that allow or deny packets based on a specified criteria, such as port, IP address, or protocol

Spoof

In an RPC _________, a targeted host receives an RPC set request from a source IP address of 127.0.0.1.

SYN

In the three-way handshake, the first packet in the sequence has the ______ flag set.

A. botnet

Malware that creates networks of infected computers that can be controlled from a central station is referred to as which of the following? A. botnet B. Trojan C. logic bomb D. packet monkey

C. multiple-packet attack

Of what category of attack is a DoS attack and example? A. bad header information B. single-packet attack C. multiple-packet attack D. suspicious data payload

Netstat

The __________ command shows current sessions with associated port numbers.

Flag

The ___________ field in an IP header is a 3-bit value indicating whether a datagram is a fragment

Payload

The ___________ part of a packet is the actual data sent from an application on one computer to an application on another.

Fragmentation

The division of packets into smaller sizes to accommodate routers with frame size limitations

MTU

The maximum packet size that can be transmitted

Network Identifier

The part of an IP address that a computer has in common with other computers in its subnet

Cryptanalysis

The study of breaking encryption methods

C. the source of the public keys

What is the most likely weak link when using asymmetric encryption for verifying message integrity and nonrepudiation? A. the use of the sender's private key B. the hashing algorithm used to generate a message digest C. the source of the public keys D. the integrity of the private keys

C. SYN, SYN ACK, ACK

What is the sequence of packets for a successful three-way handshake? A. SYN, ACK, ACK B. SYN, SYN ACK, RST C. SYN, SYN ACK, ACK D. SYN, ACK, FIN

A. false negative

What is the term used when an IDPS doesn't recognize that an attack is underway? A. false negative B. true positive C. negative activity D. positive signature

A. disable zone transfers

What should you do when configuring DNS servers that are connected to the Internet in order to improve security? A. disable zone transfers B. delete the DNS cache C. disable DNS buffers D. setup DNS proxy

A. IKE

Which component of IPsec enables computers to exchange keys to make an SA? A. IKE B. ISAKMP C. Oakley D. IPsec driver

D. 21,20

Which of the following correctly represents the port used by FTP control traffic and FTP file transfer traffic respectively? A. 20, 25 B. 21, 23 C. 20, 23 D. 21, 20

B. scalability

Which of the following is NOT a critical goal of information security? A. confidentiality B. scalability C. authentication D. nonrepudiation

A. the local host source address occurs in the packet

Which of the following is the description of a land attack? A. the local host source address occurs in the packet B. source and destination IP address/port are the same C. an illegal TCP flag is found in the segment header D. the attacker uses an undefined protocol number

A. they are not completely random

Which of the following is true about PRNGs? A. they are not completely random B. their state is measured in bytes C. the shorter the state, the longer the period D. they can never produce the same value

B. Message Digest 5

Which of the following makes a single pass on data and generates a 128-bit hash value displayed as a 32-characer hexadecimal number and is used in VPNs? A. RSA B. Message Digest 5 C. RC4 D. Twofish

Integral

___________ cryptanalysis is applicable to block ciphers that use a substitution-permutation network including Rijndael, Twofish, and IDEA.

Nonrepudiation

____________ is achieved when neither party can plausibly deny its participation in message exchanges.

Non-repudiation

____________ is the capability to prevent a participant in an electronic transaction from denying that it is performed an action.


Ensembles d'études connexes

Software Testing Interview Questions And Answers

View Set

Chapter 3: Exploring Global Business

View Set

Principles of Finance- Chapter 7

View Set

高職龍騰英文 B3 (B版) L1 It's in Our Blood 單字&片語

View Set