Networks notes
65) The source host and destination host are separated by seven networks. There will be seven ________.
B) frames
38) Vulnerabilities are occasionally found in even the best security products. Consequently, companies must ________.
B) have defense in depth
27) Which of the following tends to be more damaging to the victim?
B) identity theft
47) Implementation guidance is less specific than ________.
B) implementation
86) If a firewall does not have the processing power to filter all of the packets that arrive, ________.
B) it will drop packets it cannot process
28) Priority is assigning high priority to ________ applications while giving low priority to ________ applications.
B) latency-intolerant, latency-tolerant
72) Egress filtering examines packets ________.
B) leaving to the outside
20) An SLA for latency should specify a ________.
B) maximum latency
13) Latency is usually measured in ________.
B) milliseconds (ms)
19) An SLA for availability should specify a ________.
B) minimum availability
18) An SLA for speed should specify a ________.
B) minimum speed
15) After the side wishing to close a TCP connection sends a FIN segment, the other side will ________.
B) only send ACK segments
59) When an application program transmits a message, what will the SECOND field be in the message that is sent over the transmission link?
B) packet header
78) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP segment which is an acknowledgement?
B) pass it if it is part of an approved connection
80) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP FIN segment?
B) pass it if it is part of an approved connection
40) Companies should ________ single points of takeover.
B) pay special attention to
24) In SaaS, the user normally ________.
B) pays for software by amount of use
62) Iris scanning is attractive because of its ________.
B) precision
33) Which phase of the plan-protect-respond cycle takes the largest amount of work?
B) protect
32) DoS attacks attempt to ________.
B) reduce the availability of a computer
35) Balancing threats against protection costs is called ________.
B) risk analysis
55) In Internets, different networks are connected by ________.
B) routers
44) The destination socket is 60.171.18.22:161. The destination host is a(n) ________.
B) server
19) IaaSs own _________.
B) servers
26) Guarantees by a provider to meet certain delivery quality specifications are called ________.
B) service level agreements
25) An attack aimed at a single person or a small group of individuals is a(n) ________ attack. (Choose the most specific answer.)
B) spear phishing
58) SNMP agents can initiate ________.
B) traps
36) UDP is ________.
B) unreliable
13) Which of the following sometimes uses direct propagation between computers?
B) worms
17) An SLA should specify the ________.
B) worst case
37) An attacker must break through two firewalls to get to a host. This illustrates the principle called ________. (Select the most specific answer.)
D) defense in depth
1) The Target attackers probably first broke into Target using the credentials of a(n) ________.
D) employee in a firm outside Target
58) When an application program transmits a message, what will the first field be in the message that is sent over the transmission link?
D) frame header
43) If someone has been properly authenticated, they should receive ________ permissions.
D) minimum
39) What type of attacker can do the most damage?
D) national governments
24) If the destination host finds an error in an Ethernet frame, it ________.
D) neither A nor B
48) 802.11 data link layer standards govern ________.
D) neither A nor B
91) Which of the following layers governs internet transmission?
D) neither A nor B
62) SDN holds the promise of bringing ________.
D) neither A nor B lower cost lower agility
16) Jitter is a problem for ________.
D) neither downloading a file attached to an e-mail nor B email
51) An individual switch knows the frame's entire ________.
D) none of the above
55) How many bytes will it take to transmit "Brain Dead" without the quotation marks?
D) none of the above
67) The digital certificate provides the ________.
D) none of the above
65) A codec ________.
A) converts binary voice signals into digital signals for transmission
52) An HTTP response message usually has a ________.
A) data field
47) PPP is standardized at the ________ layer.
A) data link
88) Application message reassembly is done on the ________.
A) destination host
94) When the source host transmits a frame, the frame is addressed to the ________.
A) destination host
95) When the source host transmits a packet, the packet is addressed to the ________.
A) destination host
55) Prepare2 can be cracked most quickly by a(n) ________.
A) dictionary attack
57) The password "velociraptor" can be defeated most quickly by a ________.
A) dictionary attack
59) The password "NeVEr" can be defeated by a ________.
A) dictionary attack
14) Which of the following can spread more rapidly?
A) directly-propagating worms
7) The address 60.49.7.254 is represented in ________.
A) dotted decimal notation
20) Small malware programs that download larger malware programs are called ________.
A) downloaders
50) In authentication, the ________ is the party trying to prove his or her identity.
A) supplicant
5) How a message is organized is its ________.
A) syntax
52) In switched networks, to what device is a frame addressed?
A) the destination host
63) When a firewall policy server is used to manage SPI firewalls, what device creates specific ACL rules?
A) the policy server
5) Throughput is ________.
A) the speed a network actually provides to users
64) In digital certificate authentication, the supplicant encrypts the challenge message with ________.
A) the supplicant's private key
66) In digital certificate authentication, the verifier uses ________.
A) the true party's public key
60) Control is done on individual switches and routers in ________.
A) traditional operation
30) IP is ________.
A) unreliable
12) Viruses most commonly spread from one computer to another ________.
A) via e-mail
25) Which of the following is latency intolerant?
A) video
31) Which of the following would receive the highest priority?
A) video packets
50) Oversight activities include ________.
A) vulnerability testing
51) Attacking your own firm occurs in ________.
A) vulnerability testing
39) There is a single countermeasure in ________.
A) weakest links
44) A policy specifies ________.
A) what should be done
8) In an HTTP, which one (browser or Webserver application program) transmits message first?
A)A) browser
63) Which of the following can be done today without the target's knowledge?
B) face recognition
32) TCP has six single-bit fields in headers and these single-bit fields are called ________ fields.
B) flag
41) Data link layer standards govern ________.
B) frame organization
42) Data link layer standards govern ________.
B) frame organization
31) 7,000 bps can also be written as ________.
7 Kbps
60) The password "R7%t&" can be defeated by a ________.
A) brute-force attack
83) NGFWs ________.
A) can implement different rules for different applications
2) The Target attackers sold their stolen card information to ________.
A) card shops
41) The source socket is 60.171.18.22:2707. The source is a(n) ________.
A) client
43) The source socket is 60.171.18.22:2707. The source host is a(n) ________.
A) client
73) ACLs are used for packets in the ________ state.
A) connection-opening
87) Application message fragmentation is done on the ________.
A) source host
21) Unsolicited commercial e-mail is better known as ________.
A) spam
48) Which of the following must be followed?
A) standards
4) Application programs on ________ communicate by sending messages between each other.
) Different hosts
29) To make a forwarding decision, a router looks at the arriving packet's ________.
) destination IP address
14) Content delivery networks mainly ________.
) increase transmission speed
37) When messages of different users share a transmission line, this is ________.
) multiplexing
56) Single network addresses in different single networks are ________.
) neither A nor B
13) Netflix uses AWS for its ________.
13) A) recommendation system B) content delivery appliances C) both A and B
13) A sending host will retransmit a TCP segment if it ________.
13)none of the above
18) A message always has a ________.
19)header
28) Which of the following meets the definition of hacking ________.
27) A) to intentionally use a computer resource without authorization
25) Ethernet does ________.
28)error detection
40) 2500 is in the range for ________ port numbers.
41) ephemeral
51) An HTTP request message usually has a ________.
57)header
53) Converting application messages into bits is called ________.
61) encoding
11) If a destination host does not receive a segment, it will ________.
9) none of the above
38) Multiplexing ________.
A) both A and B
46) The messages of VPNs ________.
A) both A and B
69) When a firewall identifies an attack packet, it ________.
A) both A and B
33) Attack programs that can be remotely controlled by an attacker are ________.
A) bots
9) In HTTP, which program may initiate communication?
A) browser
33) If someone says that a 1-bit flag is set, this means that it is given the value ________.
A) 1
42) In two-way dialogues using symmetric key encryption, how many keys are used for encryption and decryption?
A) 1
63) If two hosts are separated by seven networks, how many packets will there be along the way when a host transmits a packet to another host?
A) 1
68) If a frame passes through two routers between the source and destination hosts, how many routes will there be?
A) 1
73) At what layer would you find wire connections?
A) 1
79) What layer number is the physical layer?
A) 1
82) Which layer's standards govern signaling?
A) 1
74) At what layer would you find switches?
A) 2
29) 20,000 bits per second is ________.
A) 20 Kbps
63) The five senses can be represented with a ________-bit field.
A) 3
69) At what layer would you find IP addresses?
A) 3
71) At what layer would you find packets?
A) 3
26) In IP, the first bit in the second row is ________.
A) 32
34) Writing 37kbps properly in metric notation would be ________.
A) 37,000 bps
34) The UDP has ________ fields.
A) 4
28) How long are IPv4 addresses in octets?
A) 4 octets
56) Which of the following is an integer?
A) 4,307
87) ________ look at ________, and ________ look at ________.
A) Antivirus programs, files, firewalls, packets
8) ________ is the percentage of time that a network is available for use.
A) Availability
51) ________ is the general name for proofs of identity in authentication.
A) Credentials
39) The most widely used single network address is the ________.
A) EUI-48 address
93) If a host wishes to transmit packets to another host, it must find the other host's ________.
A) IP address
5) What kind of address do hosts have on the Internet?
A) IP addresses
9) What type of address is 32 bits long?
A) IPv4
6) 60.49.7.254 is an ________.
A) IPv4 address
89) Which of the following is NOT a standards organization?
A) OSI
57) ________ are carried inside ________.
A) Packets, frames
1) Internet standards are published as ________.
A) RFCs
3) Which of the following probably suffered the most financial damage from the Target breach?
A) Target
11) Which of the following attach themselves to other programs?
A) Viruses
47) SSL/TLS is used for ________.
A) Web applications
10) ________ are full programs.
A) Worms
29) If you see a username and password on a Post-It note that anyone can see on a monitor, is it hacking if you use this information to log in?
A) Yes
30) You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking?
A) Yes
16) Which of the following is inside the header of messages?
A) address field
22) If throughput falls substantially below a QoS guaranteed speed, the ISP ________.
A) always pays a penalty
47) At which layer would you find standards for requesting videos from a video-sharing site such as YouTube?
A) application
48) At which layer would you find file transfer protocol (FTP) standards for downloading files from an FTP server?
A) application
54) At what layer is encoding done?
A) application
37) On a server, well-known port numbers indicate ________.
A) applications
52) Authentication should generally be ________.
A) appropriate for a specific resource
44) Electronic signatures provide message-by-message ________.
A) authentication
88) In antivirus filtering, the best ways to filter currently use ________.
A) behavioral detection
27) Network speeds usually are measured in ________.
A) bits per second
4) Transmission speed is normally measured in ________.
A) bits per second
3) Standards govern ________.
A) both A and B
35) The UDP ________.
A) both A and B
75) When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall ________. (Read this question carefully.)
A) drops the packet
31) Methods that hackers use to break into computers are ________.
A) exploits
36) Advanced persistent threats are ________.
A) extremely dangerous for the victim
59) Creating switching tables is an example of ________.
A) forwarding
35) Dividing an application message into a series of smaller message segments is called ________.
A) fragmentation
36) If a transmission link has a relatively high error rate, ________.
A) fragmentation is likely to reduce delivery time for the entire application message
26) Credit card number thieves are called ________. (Pick the most precise answer.)
A) fraudsters
36) Attackers only need to find a single weakness to break in. Consequently, companies must ________.
A) have comprehensive security
46) Policies are separated by implementation to take advantage of ________.
A) implementer knowledge
57) The SNMP manager stores the information it receives from Get commands ________.
A) in the MIB
30) Compared to other methods for reducing problems during momentary traffic peaks, overprovisioning ________.
A) increases capital cost
8) Users typically can eliminate a vulnerability in one of their programs by ________.
A) installing a patch
53) In hybrid Ethernet—802.11 networks, wireless clients use the Ethernet network to gain access to ________.
A) internal servers
77) Standards tend to bring _________.
A) interoperability
70) A firewall will drop a packet if it ________.
A) is a definite attack packet
10) Error rates can soar when the network traffic level ________.
A) is at a high level
48) Using SSL/TLS for Web applications is attractive because SSL/TLS ________.
A) is essentially free to use
92) Which of the following is a host's official address on the Internet?
A) its IP address
14) Variability in delay is called ________.
A) jitter
12) When a packet travels through a network, the time it takes to get from the sender to the receiver is called ________.
A) latency
76) Stateful firewalls are attractive because of their ________.
A) low cost
5) The general name for evil software is ________.
A) malware
21) An SLA for jitter should specify a ________.
A) maximum jitter
45) Electronic signatures also provide ________ in addition to authentication.
A) message integrity
32) Priority addresses the problem of ________.
A) momentary traffic peaks
62) When a packet travels through an internet, there are usually ________.
A) more data links than routes
15) Mobile code is another name for ________.
A) neither A nor B
17) Trojan horses can spread by ________.
A) neither A nor B
19) A program that can capture passwords as you enter them is ________.
A) neither A nor B
40) All single network addresses are ________ addresses.
A) neither A nor B
26) Overprovisioning is ________.
A) neither wasteful of capacity nor highly labor-intensive
81) Which type of firewall filtering collects streams of packets to analyze them as a group?
A) next-generation
12) Who controls the Internet?
A) no one
34) Which of the following is NOT one of the four major security planning principles?
A) perimeter defense
24) An attack in which an authentic-looking e-mail or website entices a user to enter his or her username, password, or other sensitive information is called ________. (Select the most specific answer.)
A) phishing
68) After the data link layer process does encapsulation, it passes the IP packet to the ________ layer process.
A) physical
15) A ________ may have multiple ________.
A) physical server, virtual machines
45) Which of the following specifies what should be done?
A) policies
85) In a firewall, VPN traversal ________.
A) reduces firewall filtering effectiveness
4) Which of the following probably suffered the most financial damage from the Target breach?
A) retailers other than Target
60) The path that a packet takes across an internet is a ________.
A) route
76) Packets are ________.
A) routed
54) What device connects different networks into an Internet?
A) router
31) TCP messages are called ________.
A) segments
22) An IaaS provides ________.
A) servers
23) Tricking users into doing something against their security interests is ________.
A) social engineering
39) The range of port 1024 to port 4999 is the usual range for ________ port numbers.
B) ephemeral
71) Firewall log files should be read ________.
B) every day
20) "Octet" is the same as ________.
B) "byte"
59) Convert decimal 8 to binary.
B) 1000
70) At what layer would you find EUI-48 addresses?
B) 2
72) At what layer would you find frames?
B) 2
81) What layer number is the data link layer?
B) 2
83) Which layer's standards govern delivering frames?
B) 2
32) 0.02 Gbps can also be written as ________.
B) 20 Mbps
86) In the Five General Layers Standard, which layer's standards govern application World Wide Web exchanges over the Internet?
B) 3
27) How long are IPv4 addresses?
B) 32 bits
28) 320,000 kbps is ________.
B) 320 Mbps
21) EUI-48 addresses are ________.
B) 48 bits long
50) In HTTP, the end of a header field is usually indicated by a ________.
B) CRLF
49) Which of the following is true?
B) Guidelines must be considered.
84) If a packet is highly suspicious but not a provable attack packet, a(n) ________ may drop it.
B) IDS
9) Which of the following usually has higher availability?
B) Public Switched Telephone Network
18) Which type of service manages application software for users?
B) SaaS
20) For Netflix, Google is a(n) ________.
B) SaaS
56) SNMP ________ commands can change how managed devices operate.
B) Set
11) Errors may substantially reduce throughput in ________. (Pick the standard most affected.)
B) TCP
49) In a single network transmission, there is always ________.
B) a single data link
16) Which can be moved more easily?
B) a virtual machine
27) Overprovisioning means ________.
B) adding much more switching and transmission line capacity than will be needed most of the time
49) Requiring someone to use a resource to prove his or her identity is ________.
B) authentication
41) Actions that people are allowed to take on a resource come under the heading of ________.
B) authorizations
23) When a cloud client customer moves from one machine to another machine, ________.
B) both A and B
35) Which of the following can be upgraded after it is installed on a victim computer? (Choose the most specific answer.)
B) bots
23) ISPs usually offer QoS guarantees to ________.
B) business customers
37) What type of attacker are most of attackers today?
B) career criminals
41) Using encryption, you make it impossible for attackers to read your messages even if they intercept them. This is ________.
B) confidentiality
38) For every conversation, a client randomly generates an ephemeral port number for ________.
B) conversations
43) At what layer do you find EUI-48 addresses?
B) data link
44) At what layer are frames standardized?
B) data link
45) The second-lowest standards layer is the ________ layer. (Read the question and answers carefully.)
B) data link
61) The path that a frame takes across a single network is a ________.
B) data link
67) After the Internet layer process does encapsulation, it passes the IP packet to the ________ layer process.
B) data link
15) Jitter is a problem for ________.
C) both A and B voice over IP (VoIP) and streaming media
7) In a coffee shop hot spot, the rated speed is 10 Mbps. Throughput is about half of the rated speed. There are ten people using the hot spot. You and three others are transmitting or receiving at a particular moment. What speed should you expect to get?
C) 1.25 Mbps
61) A 7-bit field can represent ________ alternatives or different combinations.
C) 128
30) 200,000M bits per second is ________.
C) 200 Gbps
75) At what layer would you find routers?
C) 3
80) What layer number is the Internet layer?
C) 3
84) Which layer's standards govern router operation?
C) 3
60) A 5-bit field can represent ________ alternatives or different combinations.
C) 32
57) Convert the binary number 100 to decimal.
C) 4
85) In the Five General Layers Standard, which layer's standards govern application message fragmentation?
C) 4
62) To represent 65 alternatives, your alternatives field would have to be at least ________ bits long.
C) 7
64) If two hosts are separated by seven networks, how many frames will there be along the way when a host transmits a packet to another host?
C) 7
67) If a frame passes through eight switches between the source and destination hosts on a single network, how many data links will there be?
C) 8
11) ________ collectively form the core of the Internet service.
C) ISPs
38) Who are the most dangerous types of employees?
C) IT security employees
22) An EUI-48 address was formerly called a(n) ________ address.
C) MAC
82) Which type of firewall filtering looks at application-layer content?
C) NGFW
10) Host P transmits a SYN segment to Host Q. If host Q is willing to open the connection, it will transmit a(n) ________ segment.
C) SYN/ACK
77) ________ is the dominant firewall filtering method used on main border firewalls today.
C) Stateful packet inspection
34) In distributed DoS attacks, the attacker sends messages directly to ________.
C) a command and control server
64) The electrical signal generated by a microphone is called a(n) ________ signal.
C) analog
23) ________ read(s) the destination address in an Ethernet frame.
C) both A and B
25) Cloud customers are concerned that ________.
C) both A and B
46) At what layer(s) do you find single network standards?
C) both A and B
58) To defeat brute-force attacks, a password must be ________.
C) both A and B
79) How will a stateful packet inspection (SPI) firewall handle a packet containing a TCP SYN segment?
C) both A and B
90) OSI standards are dominant at the ________.
C) both A and B
55) SNMP Set commands can ________.
C) both A and B ask agents for information about the managed device B reroute traffic
24) Momentary traffic peaks can lead to ________.
C) both A and B latency and packet loss
56) A password-cracking attack that tries all combinations of keyboard characters is called a ________.
C) brute-force attack
17) The ________ contains the content being delivered by a message.
C) datafield
50) Switches make decisions based on the ________.
C) destination data link layer address
54) A user picks the password "tiger." This is likely to be cracked quickly by a(n) ________.
C) dictionary attack
14) In a four-step close, which side transmits a FIN segment?
C) either side
61) Which of the following is a form of biometrics?
C) facial recognition
64) Which of the following is the easiest to understand?
C) firewall policies
17) Netflix uses the most VMs ________.
C) in the evenings
6) Users of an access point share the transmission capacity of the access point. The throughput a user gets is called the ________.
C) individual throughput
6) A message's semantics is its ________.
C) meaning
3) QoS is quantified through ________.
C) metrics
49) In HTTP headers, the end of a header field is usually indicated by a ________.
C) none of the above
74) When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually ________.
C) passes the packet
2) In QoS, the S stands for ________.
C) service
1) Compared to network demand, network budgets are growing ________.
C) slower
18) The general name for malware on a user's PC that collects sensitive information and sends this information to an attacker is ________.
C) spyware
19) Which part of a message is less often in a message compared to the other two parts?
C) trailer
12) If the destination host receives a segment that has an error, it will ________.
C) transmit an RSND segment
7) A ________ is a flaw in a program that permits a specific attack or set of attacks against this problem.
C) vulnerability
58) Convert a decimal number 15 to the binary number.
D) 1111
43) In symmetric key encryption, a key must be ________ bits long, or longer, to be considered strong. (Choose the choice closest to the correct answer.)
D) 128
33) Writing 37,400 Mbps properly in metric notation would be________.
D) 37.4 Gbps
78) What layer number is the transport layer?
D) 4
66) If a frame passes through seven switches between the source and destination hosts, how many physical links will there be? (Careful!)
D) 8
66) ________ is placing a message in the data field of another message.
D) Encapsulation
21) For Netflix, ________ is a(n) ________, and ________ is a(n) ________.
D) Google, SaaS, AWS, IaaS
45) The application standard is almost always ________.
D) None of the above is true.
61) In SDN, which device manages the control function for individual devices?
D) SDN controller
16) Malware programs that masquerade as system files are called ________.
D) Trojan horses
46) Which of the following layers has more standards than the other three layers?
D) application
53) Passwords are widely used because they ________.
D) are inexpensive to use
65) In digital certificate authentication, the verifier gets the key it needs directly from the ________.
D) certificate authority
40) A specific encryption method is called a ________.
D) cipher
22) Pieces of code that are executed after the virus or worm has spread are called ________.
D) payloads
42) Another term for authorization is ________.
D) permission
53) To determine if a host is reachable, you would send a(n) ________.
D) ping
2) Standards mean the same thing as ________.
D) protocols
2) A networking device that plays an important role in directing network communication is called a ________.
D) router
4) The meaning of a message is referred to as the message's ________.
D) semantics
7) A message's syntax is its ________.
D) structure
1) Depicting the Internet as a cloud symbolizes that ________.
D) users do not have to know how the Internet operates and where resources are located
6) The general name for a security flaw in a program is a ________.
D) vulnerability
9) Vulnerability-based attacks that occur before a patch is available are called ________ attacks.
D) zero-day
29) A packet will definitely get through if it has ________.
QoS reserved capacity and priority
3) Which of the following is a host when it is on a network?
all of the above
52) Policies should drive ________.
implementation and oversight
42) Which of the following is a socket?
neither A nor B
8) Dotted decimal notation is used by ________.
neither A nor B
10) What type of address is 100 bits long?
none of the above
69) Which layer process does NOT do any encapsulation when an application layer process transmits a message?
physical
68) Debit card is secure because it requires two credentials for authentication. This is also called ________.
two-factor authentication