Networking Chapter 11
The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as: a. Trojan horse b. sniffing c. tunneling d. computer forensics e. misuse detection
computer forensics
Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed? a. disruption b. destruction c. controlled chaos d. intrusion e. disaster
controlled chaos
Developing _______ helps develop a secure network. a. rules b. controls c. network maps d. vendor documentation e. service level agreements
controls
________ controls fix a trespass into the network. a. corrective b. detective c. preventive d. mitigating e. backup
corrective
Which of the following is not a type of intrusion prevention system? a. network-based b. data link-based c. application-based d. host-based e. none of the above is an appropriate answer
data link-based
A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed. a. denial-of-service attack b. service level agreement c. virus d. spamming e. scamming
denial-of-service attack
An example of _____ of data would be if a computer virus eliminated files on that computer. a. disruption b. controlled chaos c. intrusion d. destruction e. disaster
destruction
A tornado that eliminates a network control center would be an example of a natural __________ a. disaster b. disruption c. controlled chaos d. destruction e. intrusion
disaster
Encryption is the process of: a. transmission of information over secure lines in analog form to prevent illegal access b. detecting errors in messages by means of mathematical rules c. correcting errors in message by means of mathematical rules d. disguising information by the use of mathematical rules, known as algorithms e. preventing errors in messages by means of logical rules
disguising information by the use of mathematical rules, known as algorithms
A network switch failure is an example of a(n) ________ threat. a. internal b. disruptive c. causal d. intrusion e. disaster
disruptive
A way to prevent intrusion by disguising information through algorithms is: a. spoofing b. call-back access c. encryption d. disk elevatoring e. disk mirroring
encryption
To snare intruders, many organizations now use _________ techniques. a. entrapment b. hacker c. Trojan horse d. cracker e. DES
entrapment
Which of the following type of media is least susceptible to eavesdropping? a. fiber optics b. twisted pair c. microwave d. infrared e. coaxial cable
fiber optics
A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network. a. firewall b. token system c. ANI d. call-back modem e. firefighter
firewall
The use of hacking techniques to bring attention to a larger political or social goal is referred to as a. hacking b. ethical politics c. hacktivism d. social engineering e. brute force attacks
hacktivism
A(n) __________ is any potential adverse occurrence that can do harm, interrupt the system using the network to cause monetary loss to the organization. a. asset b. service level agreement c. threat d. security plan e. network design
threat
A brute force attack against an encryption system: a. tries to gain access by trying every possible key b. is called RC4 c. is also known as 3DES d. always uses the Rijndael algorithm e. is part of the Advanced Encyrption Standard
tries to gain access by trying every possible key
Which of the following is a mode that is used by IPSec? a. exchange b. sniffer c. tunnel d. creeper e. firefighter
tunnel
A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption. a. network cloaking device b. backup punch card reader c. uninterruptible power supply d. service level agreement e. help desk
uninterruptible power supply
Which of the following is not a method for deterring outside intruders from gaining access to the organization's office or network equipment facilities? a. locks on network circuits after working hours b. passwords that disable the screen and keyboard of a computer c. secured network cabling behind walls and above ceilings d. use of armored cable e. unlocked wiring closet for network devices
unlocked wiring closet for network devices
Which of the following are usually the first choice for eavesdropping? a. unshielded twisted pair b. shielded twisted pair c. local cables owned by the organization d. wireless LANs e. fiber optics
wireless LANs
A (n) ______ is a special type of virus that spreads itself without human intervention. a. snake b. worm c. Trojan horse d. boot sector virus e. stealth virus
worm
__________ provide authentication which can legally prove who sent a message over a network. a. Digital signatures b. DES keys c. Directory keys d. Screen names e. User Ids
Digital signatures
Which of the following is not a type of intruder who attempts to gain intrusion to computer networks? a. Delphi team member b. script kiddies c. crackers d. professional hackers e. organization employees
Delphi team member
__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network. a. Translation b. Conversion c. Network address translation d. Proxy translation e. IP conversion.
Network address translation
Which of the following is not considered one of the five most common business impacts? a. Financial b. Productivity c. Reputation d. Social e. Safety
Social
Which of the following is not true about one-time passwords? a. Users' pagers can receive them. b. They can be used in conjunction with a token system. c. The user must enter the one-time password to gain access or the connection is terminated. d. This is a good security solution for users who travel frequently and who must have secure dial-in access. e. They create a packet level firewall on the system.
They create a packet level firewall on the system.
_______________ describes how an asset can be compromised by one specific threat. a. Threat scenarios b. Threat plans c. Threat hacks d. Threat contingencies e. Threat attacks
Threat scenarios
_______________ is an encryption standard that uses a total of 168 bits as the key. a. Triple DES b. Dial-back c. WEP d. EAP e. Ciphering
Triple DES
Spyware, adware and DDOS agents are three types of: a. IP spoofing attacks b. Denial-of-service attacks c. Trojans d. Physical security threats e. Intrusion prevention detection approaches
Trojans
The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________. a. WLANs b. intranet c. extranet d. WAN e. none of the above
WLANs
A sniffer program is a: a. type of macro-virus b. small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location c. used in a call-back modem d. a program that records all LAN messages received for later (unauthorized) analysis e. secure hub program
a program that records all LAN messages received for later (unauthorized) analysis
A symmetric encryption system has two parts: the key and the ____________. a. algorithm b. spamming method c. IP spoofer d. clearance code e. smart card bits
algorithm
A fundamental technique to determine if an intrusion is in progress in a stable network is: a. anomaly detection b. armoring cable c. RSA algorithm d. patching e. scanning a user's fingerprint
anomaly detection
A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization's networks. a. application level firewall b. bullion server c. ANI system d. IP spoofing systems e. packet level firewall
application level firewall
A(n) _________ is something of value and can be either hardware or software. a. asset b. service level agreement c. threat d. security plan e. network design
asset
Threat of intrusion comes from ____________. a. the government b. crackers c. outside of the organization d. both inside and outside of the organization e. inside of the organization
both inside and outside of the organization
A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication. a. disaster recovery firm b. DES company c. directory company d. certificate authority e. fingerprint advisory board
certificate authority
In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has: a. decreased because the new sophisticated technology is far more secure than the old manual methods b. remained the same because management was always deeply interest in control and security c. decreased because of the change in moral and ethical codes in the U.S. to a kinder and gentler society d. increased because this commitment to data communications has changed the potential vulnerability of the organization's assets e. remained the same because there are very few threats to data communications
increased because this commitment to data communications has changed the potential vulnerability of the organization's assets
A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat. a. disruptive b. controlled chaos c. disruptive d. intrusion e. disaster
intrusion
Often, incidents of ___________ involve employees of the organization, surprisingly enough. a. intrusion b. disruption c. controlled chaos d. destruction e. disaster
intrusion
DES: a. is maintained by ISO b. refers to Date Electronic Security c. is a commonly used symmetric encryption algorithm that was developed in the mid-1970s d. was developed by a joint effort that included Microsoft e. is an asymmetric algorithm
is a commonly used symmetric encryption algorithm that was developed in the mid-1970s
A security hole is a(n): a. malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users b. small peep-hole in a door or wall to allow a security guard to examine an individual before allowing that individual access to a secure area or location c. packet-level firewall d. missing or absent protected mode addressing restrictions on user programs during multitasking or multithreaded program execution e. ANI system
malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users
A(n) ____________, is an information system that is critical to the survival of an organization. a. network plan b. accounting system c. IDS d. mission critical application e. firewall
mission critical application
According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they a. often have weaker security. b. have more assets. c. are more likely to have credit card numbers available. d. are likely off-shore. e. have lower bandwidth
often have weaker security.
IP spoofing means to: a. fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network b. clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation c. illegally tape or listen in on telephone conversations d. detect and prevent denial-of-service attacks e. act as an intermediate host computer between the Internet and the rest of the organization's networks
ool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network
A(n) ____________ examines the source and destination address of every network packet that passes through it. a. packet level firewall b. mullion server c. ANI system d. IP spoofing system e. application level firewall
packet level firewall
Which of the following is not a method for deterring intrusion? a. training end users not to divulge passwords b. using a smart card in conjunction with a password to gain access to a computer system c. using biometric devices to gain access to a computer system d. using a security software package that logs out users if that user is 'idle' for a certain amount of time e. performing social engineering
performing social engineering
________ controls discover unwanted events. a. preventive b. corrective c. detective d. mitigating e. backup
preventive
_________ controls stop a person from acting. a. detective b. corrective c. mitigating d. preventive e. backup
preventive
The key principle in preventing disruption, destruction and disaster is ___________. a. redundancy b. control spreadsheet c. IDS d. anti-virus software e. prevention controls
redundancy
A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them. a. risk assessment b. backplane c. mitigating control factor analysis d. control verification worksheet e. control test plan
risk assessment
We can calculate the relative ___________, by multiplying the impact score by the likelihood. a. rootkit b. authentication c. risk score d. risk assessment e. risk event
risk score
For Ethernet networks, a _______ switch can make eavesdropping more difficult. a. secure b. Trojan horse c. proxy d. spoofing e. spamming
secure
IP Security Protocol: a. is focused on Web applications b. is primarily used to encrypt e-mail c. is a policy which makes public key encryption work on the Internet d. sits between IP at the network layer and TCP/UDP at the transport layer e. operates in entrapment mode
sits between IP at the network layer and TCP/UDP at the transport layer