ISM 4323 Final

Ace your homework & exams now with Quizwiz!

Why is MPLS transparent to the source and destination hosts

Neither of the two hosts know that MPLS is being used.

What spread spectrum transmission method dominates today

Orthogonal Frequency Division Multiplexing (OFDM), which divides each broadband channel into many smaller sub channels called subcarriers.

What is the most common protocol for providing this initial security

PEAP.

Compare trends in network demand and network budgets

The network demand is growing at a very rapid pace whereas network budgets are increasing slowly.

How does MIMO use spatial streams to increase transmission speed

The spatial streams sent from different antennas will arrive at the two receiving antennas at slightly different times. MIMO uses detection and separation methods based on differences in arrival times for the two spatial streams; the receiver can separate the two spatial streams in the same channel and so can read them individually

In digital certificate authentication, what does the supplicant do

The supplicant encrypts the challenge message with his/her own private key.

List the internal Target servers the attackers compromised

The vendor server. The malware download server. The holding server (or servers). The extrusion server

What should users do about the craving WPS problem

Turn off WPS if they can

Why is this a problem

Two nearby access points may have to be set to the same channel. This will cause interference.

What types of amplifiers are needed for cable data service

Two-way amplifiers.

A company uses 802.11i. How many 802.11i connections will the evil twin access point set up when a victim client wishes to connect to a legitimate access point

Two—one between the victim client and the evil twin and one between the evil twin and the access point.

Would two devices typically use high-speed Bluetooth during their total communication time

Typically they will only use it when they want to transmit a great deal of data.

What three threats should PSK consider

Unauthorized sharing of the pre-shared key. A weak passphrase may be selected. WPS can easily be cracked if it is used.

What is traffic engineering

the ability to manage how traffic will travel through the network

What is latency

the amount of delay when a packet moves through a network.

If the lowest frequency in a channel is 1.22 MHz and the highest frequency is 1.25 MHz, what is the channel bandwidth

0.03 MHz - 30 kHz

If the signal strength from an omnidirectional radio source is 8 mW at 30 meters, how strong will it be at 120 meters, ignoring absorptive attenuation

80 mW (30m/120m)2 = 0.5 mW

What does it mean that Bluetooth uses one-to-one operation

A connection will be between one master and one slave.

What speed is on the horizon

100 Mbps

List the three basic components of wide area networks

1) the Customer Premises Equipment (CPE) which allows customers to connect to the WAN. 2) access links which connect the customer premises to the network core of the WAN. 3) network core which connects access links to other access links.

What three issues must be overcome to make mesh networking acceptable to corporations

1.) Meshes must be self-organized; hosts and access points enter and leave the mesh frequently and the network must respond immediately to changes. 2.) It will be difficult to avoid overloading access points near the geographical center of the mesh 3.) Security. With no central control, there will have to be security existing on every device.

If a firm has ten sites, how many leased lines will it need to use a PSDN

10 leased lines to use a PSDN

How fast can the best systems today download data

20 to 40 Mbps

Convert 3.4 MHz to a number without a metric prefix

3,400,000 Hz

What is the distance limit for NFC

4 cm

Distinguish between 802.11 and Wi-Fi

802.11 and Wi-Fi are the same exact thing; Wireless LAN standards created by the IEEE 802.11 Working Group.

In what two service bands does 802.11 operate

802.11 operates in the 2.4 GHz and 5 GHz unlicensed bands.

What is the market position of 802.11ac

802.11ac is growing rapidly.

Among the four standards listed, which are obsolete

802.11g and 802.11a are both obsolete now but are still used.

What frequency band or bands do 802.11g, 802.11a, 802.11n, and 802.11ac use

802.11g uses 2.4 GHz, 802.11a uses 5 GHz, 802.11n uses both, and 802.11ac uses 5 GHz.

When offered the choice while configuring a wireless access point, which WLAN security standard should you choose

802.11i (WPA2)

Which dominates the installed base today

802.11n

Compare the range of rated speeds possible with 802.11n and 802.11ac

802.11n has a rated speed of 100 Mbps to 600 Mbps. 802.11ac has a rated speed of 433 Mbps to 6.93 Gbps. 802.11ac has a much greater range.

What is the current 802.11 standard for mesh networking

802.11s

If a firm has many access points, which 802.11i mode must it use

802.1X mode.

What mode or modes of 802.11i operation use a central authentication server

802.1X mode; not PSK mode.

Distinguish between 802.3 standards and 802.11 standards

802.3 are Ethernet LAN network standards. 802.11 are Wireless LAN standards.

What equipment does the customer need in his or her home

A DSL modem and splitters at each telephone outlet.

What is an SSID

A Service Set ID identifies an access point—actually a network.

What is a BSS

A basic service set is an access point and its wireless hosts.

What device do customers need for cable modem service

A cable modem.

From what type of organization does the verifier get the digital certificate

A certificate authority (CA).

Which is easier to understand—a firewall policy or a firewall rule

A firewall policy is generally easier to understand than a firewall rule because it is a lot less detailed.

Describe the process by which access point locations are determined

A radius is selected for access point ranges. Circles with this radius are laid out over blueprints. This planning must be done in three dimensions in multistory building. The plans must be modified for thick walls and other obstacles.

Distinguish between leased lines and access lines

A leased line is a complex transmission path between the two points it connects. The access line is simple and it is the line that connects individual sites to the rest of the network.

Does the manager communicate directly with the managed device

A manager does not communicate directly with managed devices. Each device has an agent that talks to the manager.

What kind of key does a host use after initial authentication

A session key, which will be unique for communication between that single wireless client and the access point, for that particular session.

How long do momentary traffic peaks last

A split second to a few seconds.

In the past, how has ADSL compared to cable modem service

ADSL has been a little slower and a little cheaper

Why is centralized access point management desirable

Administrators do not have to travel to diagnose remote access point problems, and they can adjust access points remotely. This reduces labor costs.

Distinguish between individual and aggregate throughput

Aggregate throughput is the total throughput that all users in part of a network have available to them. Individual throughput is a single one of those users share of the total throughput.

What is the ability to change forwarding tables rapidly called

Agility.

What should be done when an employee leaves the firm

All of their credentials to systems should be terminated before they leave. Even before they know they are leaving, if possible.

What devices forward frames in a mesh network

All wireless devices forward frames in a mesh network

What is an API

An Application Program Interface exposes a function or set of functions to commands from the next higher layer. An API is based on a standard.

What is an ESS

An Extended Service Set is a group of Basic Service Sets that are connected to the same distribution system and in which all access points have the same SSID.

Who creates a rogue access point

An employee.

What is a rogue access point

An unauthorized access point.

What cryptographic protections does 802.11i provide

Confidentiality, authentication, and message integrity.

What problems does configuring a control function to each device create

As the number of devices in a network grows, the amount of manual configuration needs to be done grows. This will increase the labor cost of managing the network. Also, it will be impossible to make changes quickly if many devices must be reconfigured.

At 7 W

This is 7,000:1. The computed value is 38.45098

What is the dBm value for a radio operating at 78 mW

This is 78:1. The computed value is 18.92095

What other types of system do we call broadband

Any transmission system that is very fast is called broadband today even if it does not use channels.

What allows wire-speed operation despite the heavy processing power required for NGFW filtering and the increasing speed of transmission lines

Application-Specific Integrated Circuits can perform functions quickly in hardware that would take too long in software at high-traffic speeds.

How long must passphrases be in order to generate strong pre-shared keys

At least 20 characters.

Where are WAN optimization devices found

At the two ends of a leased line.

What programs directly attack the victim in a distributed denial-of-service attack

Attackers install programs on hundreds, or even thousands of computers, that are referred to as "bots."

List the three types of oversight listed in the text

Auditing, Reading Log Files, and Vulnerability testing.

Distinguish between authentication and authorizations

Authentication is proving your identity whereas authorization is the set of actions that a user is allowed to do with a specific resource.

How can kill chain analysis allow companies to identify security actions it should take

By anticipating what specific actions an attacker will take, they can implement appropriate protections for different phases of the attack.

How does compression reduce traffic

By compressing a message into fewer bits, fewer bits need to be transmitted, so cost is reduced.

How does a user authenticate his or her device to the access point

By sending the pre-shared key too show that it knows it.

What profile would a Bluetooth-enabled notebook use to print to a nearby printer

Basic printing profile.

Why was 802.11 made reliable

Because wireless transmission has so many errors that it makes sense to get rid of errors at the data link layer.

Does a frame's receiver transmit an ACK immediately or after a random delay

Before the random delay, so that it will get through.

Which of ADSL or cable modem services are moving toward FTTH

Both

Traditionally, where have forwarding & control been located

Both have been located on the switch or router.

What do we call a system whose channels are wide

Broadband.

How do business DSL lines differ from residential DSL lines

Business DSL lines are symmetric because they need the same speed in both directions whereas residential DSL lines are asymmetric; In addition, business lines are offered with SLAs.

Which is more efficient, RTS/CTS or CSMA/CA+ACK

CSMA/CA+ACK

What type of adversary are most hackers today

Career criminals.

Which PSDN technology is growing rapidly today

Carrier Ethernet (CE)

What does CS mean

Carrier sense—listening to traffic.

Why does cellular telephony use cells

Channels can be reused in different cells

Compare the relative benefits of classic Bluetooth and high-speed Bluetooth

Classic Bluetooth uses little battery power. High-speed Bluetooth provides faster communication.

Why is CA desirable

Collision avoidance avoids collisions by only allowing devices to transmit at relatively safe times.

What must companies do about potential single points of takeover

Companies must identify each potential single point of takeover and defend each one very well so that they are harder to attack.

List the four mechanisms we discussed for optimizing transmission over a transmission link

Compression, caching, traffic shaping, application and network protocol acceleration (Tuning)

What are the two functions of the MTSO

Control of the cellsites & Routing of calls to connect the cellular system to wireline customers (and other cellular services)

List some sources of EMI

Cordless telephones, microwaves, and other nearby access points

What is beneficial about transmitting data over 1-pair voice-grade UTP

Cost. 1-pair VG UTP already runs to customers. There is no need to lay new transmission media.

Distinguish between credit card number theft and identity theft

Credit card number theft is stealing credit card numbers and associated individuals. Thieves can use this information to buy things. In identity theft, enough personal information about someone is stolen to allow the thief to engage in large financial actions.

What is comprehensive security

Cutting off all avenues of attack.

What are cyberterror and cyberwar attacks

Cyberterror attacks are massive attacks carried out by terrorists, whereas cyberwar attacks are even larger and much more detrimental attacks carried out by national governments.

Distinguish between defense in depth and weakest link analysis

Defense in depth consists of a series of countermeasures and if even one element is effective, it will prevent an attack. A weakest link analysis involves one countermeasure with multiple internal components that must all be working in order to prevent an attack

Why is it important that governments add more bandwidth to the 5 GHz band

Demand is increasing so fast that more channels are needed.

Why is device theft or loss a serious risk

Devices may have sensitive personal or corporate information.

A building is cube-shaped. It uses 16 access points, which are on average, 10 meters apart from one another. The company wishes to reduced this to 8 meters. About how many 5 GHz access points would the company need for the building

Distance is reduced by 20%. In a one-dimensional building, you would need 120% more access points, or 19.1 (19). In a three-dimensional building you would need 1.23 times 16. This is 1.728 time 16 or 27.6 (28).

What type of antenna normally is used in WLANs, Why

Distances are short, and you do not necessarily know where the access point is.

Distinguish between E-Line and E-LAN service

E-Line service is a site-to-site and is a strong competitor with leased lines but it offers other benefits. E-LAN service connects site LANs into a larger Ethernet LAN.

Why is short transmission range protection against eavesdroppers

Eavesdropper will not have enough power at their location to read the signals.

What three protections are typically given to each packet

Each is typically encrypted, given an electronic signature, and message integrity.

Keys and passwords must be long. Yet most personal identification numbers (PINs) that you type when you use a debit card are only four or six characters long. Yet this is safe. Why

Entering PINs is done manually, so trying many combinations would take a long time. It would probably be visible as well.

What does the Wi-Fi Alliance call 802.1X mode

Enterprise mode.

What resources can career criminals purchase and sell over the Internet

Exploit programs, identity theft information, credit card numbers and associated information.

Why is FTTH attractive

Fiber to the home is attractive because it can offer far greater speed than copper wires.

Distinguish between firewall policies and firewall rules

Firewall policies are access policies that firewalls have to implement. They are stored on a firewall policy server. Firewall rules are very detailed and created by the firewall policy server. The rules are very detailed and different firewalls may have different rules.

Distinguish between what firewalls look at and what antivirus programs look at

Firewalls look at packets and groups of packets, whereas antivirus programs look through an entire file.

Why are carrier WANs not often used to link multiple firms together

Firms that use carrier WANs often use different carrier WANs, so they cannot interoperate directly.

Distinguish between forwarding and control

Forwarding is simply sending a frame or packet to the next router or switch in a network. Control involves creating the extensive and complicated rules for each forwarding situation.

Which PSDN technology grew rapidly in the 1990s

Frame Relay

Is wireless radio transmission usually expressed in terms of wavelength or frequency

Frequency

How does the verifier get the public key

From the true party's digital certificate.

What is the promise of newer authentication systems

Getting rid of reusable passwords.

What good is a controller without SDN applications

Good for nothing.

At the beginning of a telephone call placed through a Bluetooth headset, which device is initially the master

Headset

Give an example not listed in the text of an application for which latency is bad

High latency is bad for playing online first person shooter games. You will always be a little slower than the enemy, so they are likely to shoot you first.

For what use scenario was 802.11i PSK mode created

Homes or small offices with a single access point.

What profile would a tablet use with a Bluetooth keyboard

Human Interface Device Profile

In a coffee shop, there are 10 people sharing an access point with a rated speed of 20 Mbps. The throughput is half the rated speed. Several people are downloading. Each is getting five Mbps. How many people are using the Internet at that moment

I can expect a throughput of about 25 Mbps because including myself there are 4 people doing a download at the same time. The aggregate throughput of our network is 100 Mbps so if you divide that into 4 separate connections, each individual throughput would be 25 Mbps.

You are working at an access point with 20 other people. Three are doing a download at the same time you are. The rest are looking at their screens or sipping coffee. The access point channel you share has a rated speed of 150 Mbps and a throughput of 100 Mbps. How much speed can you expect for your download

I can expect a throughput of about 25 Mbps because including myself there are 4 people doing a download at the same time. The aggregate throughput of our network is 100 Mbps so if you divide that into 4 separate connections, each individual throughput would be 25 Mbps.

Compared to e-mail and voice over IP, what priority would you give to network control messages sent to switches and routers

I would give network control messages a higher priority than VoIP and e-mail because I want to make sure if I need to make changes to my network, that they will get through with no hassle. If there was a low priority on network control messages and I wanted to fix something on a router or switch during a momentary traffic peak, I would be SOL.

What form of authentication would you recommend for relatively unimportant resources

I would recommend using reusable passwords or fingerprint scanning. Both are relatively inexpensive and easy to use. For relatively unimportant assets, the cost and probability of a compromise would be low enough to justify fairly week protection.

If you need a speed of 100 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe

I would specify a Fractional T1 leased line that offers 128 kbps.

If you need a speed of 160 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe

I would specify a OC12/STM4 leased line that offers 622.08 Mbps because a OC3/STM1 line only offers 155.52 Mbps. Or I could just go with a OC3/STM1 line and suck it up because it would be a lot cheaper.

If you need a speed of 3 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe

I would specify two bonded T1 leased lines that would offer me a little over 3 Mbps. (multiples of 1.544 Mbps)

Distinguish between IDS and IPS functionality

IDS functionality gives a warning if it finds a highly suspicious packet. An IPS may drop a packet if it is very probably an attack packet, even if this is not certain.

Does credit card number theft or identity theft tend to be more dangerous

Identity theft usually produces more damage because if your credit card gets stolen you can just tell the company that it was stolen and they will refund your money. With identity theft there is much more damage because the attacker could have taken out a large loan in your name and no one will be reimbursed for that. They could also mess up your credit which can take several months to get corrected. There have also been cases where victims were arrested for crimes the identity thief committed.

How is carrier sensing used in multiple access

If a device hears traffic, it does not transmit.

How does caching reduce traffic

If a file has already been transmitted, it does not have to be sent again if the sender transmits it.

Why is wire-speed operation important in firewalls

If a firewall cannot keep up with traffic coming at full speed, it will drop packets it cannot handle. This is a fail-safe approach, but it is also a self-imposed denial of service attack.

Why may fingerprint recognition be acceptable for user authentication to a laptop

If the laptop does not contain highly sensitive information a fingerprint scanner may provide adequate security for likely threats.

How were consumers damaged by the Target breach

If their credit card information was stolen, they will be out money if they do not report it promptly. Even if they report it promptly, this will steal time. If they apply for a new credit card to avoid threats, this will be a hassle.

How were retailers damaged by the Target breach

If they gave the criminals products, they do not get their money back.

How does security thinking differ from network thinking

In network thinking you are focused on planning, fixing bugs and mechanical issues. In Security thinking you must be able to anticipate possible attacks from highly skilled attackers who are able to adapt to any defense you throw at them.

Why must wireless devices know the access point's SSID

In order to connect to it

If you need a speed of 1.2 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe

In the United States, specify a T1 leased line which would allow speeds up to 1.544 Mbps. In Europe, specify an E1 line with a speed of 2.048 Mbps.

How can jitter be reduced on a user's PC if there is jitter in incoming packets

Incoming packets could be placed in a buffer (holding area) and played back without jitter.

Distinguish between ingress and egress filtering

Ingress filtering is filtering packets that go into the network from outside. Egress filtering is filtering packets going from inside the network to the outside.

Contrast inverse square law attenuation and absorptive attenuation

Inverse square law attenuation occurs as the signal spreads out in a sphere and becomes weaker. Absorptive attenuation is when the signal is lost through energy absorption; for example air, plants, etc.

What form of authentication would you recommend for your most sensitive resources

Iris scanning and digital certificate authentication have the security needed for sensitive assets.

What is the benefit of spread spectrum transmission for business communication

It improves transmission reliability, especially with regard to multipath interferences.

Why should you not use WPS

It can be cracked very quickly due to the way it was implemented.

How can it facilitate radical changes in the network's operation

It can introduce entirely different forwarding protocols without changing anything on the end devices except remotely

How many non-overlapping 20 MHz channels does the 5 GHz service band support

It can provide between 11 and 24 non-overlapping 20 MHz channels.

What does the evil twin do when the client transmits subsequently to the legitimate access point

It intercepts messages from the client, decrypts them with the key it shares with the client, and reads them. It then encrypts them with the key it shares with the access point and sends them to the access point.

Is OpenFlow a northbound or southbound API

It is a southbound API.

What is OpenFlow, and why is it significant

It is a standard way to implement commands from the SDN controller to individual devices.

Why are downloaders used

It is easier to get a small downloader onto a computer initially than a large program.

Why does OFDM use subcarriers instead of simply spreading the data over the entire channel

It is easier to produce the necessary signal uniformity in smaller subcarriers than across a wide channel.

Why is a rogue access point dangerous

It is likely to have weak or no security. This compromises comprehensive security.

If you ping a host and it does not respond, what can you conclude

It is not reachable due to network conditions, the host being down, a firewall interfering, or the host is not responding to pings.

Why is the key called a session key

It is only used once, for a single communication session between the wireless client and the access point.

Why is iris recognition desirable

It is very precise. (but also very expensive.)

Explain traffic shaping

It limits the types of traffic and amount of each type that are permitted to enter the network.

Why may adding applications that cannot tolerate latency and jitter be expensive

It may require you to upgrade your network switches, routers, and transmission lines to reduce latency and jitter.

How does traffic shaping reduce traffic

It refuses to admit or limits undesirable traffic.

Why is WPS desirable

It simplifies connecting a new wireless client to an access point initially.

A business has an Internet access line with a maximum speed of 100 Mbps. What two things are wrong with this SLA

It specifies a maximum speed; it should specify a minimum speed. There needs to be a percentage of time qualifier.

Why is this risk probably acceptable

It would be more difficult to use stronger communication methods. That would be overkill for a home or small business.

How was Target damaged by the breach

Its sales and profits fell. It will have to pay for fines and lawsuits.

Distinguish between LANs and WANs

Local Area Networks are networks located on the property of a customer. So this means that it could be at their home, office, etc. The customer has to implement a LAN themselves whereas with WANs, they have to pay a carrier to do everything for them. Wide Area Networks link multiple sites within an organization or between organizations.

What types of passwords can be broken only by brute-force attacks

Long and complex passwords

What is deep inspection

Looking at all layers (internet, transport, and application) in a packet.

How does media access control address this problem

MAC methods govern when hosts and access points are allowed to transmit to avoid collisions.

Distinguish between MIMO and multiuser MIMO

MIMO only allows transmission to one wireless device. MU-MIMO can focus on two wireless devices at the same time

What are MPLS's attractions

MPLS slashes the work each router must do and therefore slashes a company's router costs. It also can be used to assign paths based on the QoS requirements of different packets. Finally it enables traffic engineering; the ability to manage how traffic will travel through the network. An example of traffic engineering is load balancing which allows traffic from a heavily congested link to be moved to an alternative route that uses less-congested links.

List the criminal groups, besides the main attackers, who were involved in the overall Target attack

Malware and other crimeware writers. Crimeware shops. Card shops. Card counterfeiters

Why is signature detection not enough

Malware writers have figured out a way to make their malware able to mutate. This means that the program will constantly change its own code so that signature detection systems can't match strings of code.

What is the most serious propagation problem in WLANs

Multipath Interference, because multiple signals can cancel each other out.

With what two transmission standards does Wi-Fi Direct compete

NFC and Bluetooth.

How does network availability usually compare to availability on the telephone network

Network availabilities are usually lower than telephone network availabilities but through redundancy you can get close to achieving the same availabilities as them

Why did the Bluetooth SIG have to develop Bluetooth profiles

No application protocol existed for PAN applications.

Is it possible to implement MPLS across the entire Internet

No, because MPLS requires a single administrator to manage the entire network of label-switching routers which would be impossible.

If you click on a link expecting to go to a legitimate website but are directed to a website containing information you are not authorized to see. Is that hacking

No, because you didn't intentionally intend to see the information you are not authorized to see. However, if you kept snooping around that information once you realize you aren't supposed to be looking at it, then it would be considered hacking.

Are scripts normally bad

No, they are commonly used to enhance a user's experience when visiting a webpage.

Was the information we presented about switching and routing tables in earlier chapters complete

No, they can be far more complex and lengthy, but for the sake of examples we made them shorter so that they are easier to understand.

After authentication, can hosts using an access point understand the messages that other hosts using the access point are sending

No.

Does a firewall drop a packet if it probably is an attack packet

No.

Is spread spectrum transmission done for security reasons in commercial WLANs

No. Implementations in WLANs provide no security benefits.

Is it generally illegal to write malware in the United States

No. It is considered free speech. Unless done knowing that it will be used in a crime

Are war drivers illegal, Why or why not

No. The information being read is public.

Is CSMA/CA+ACK efficient

No. There are many delays.

Were banks and credit card bureaus damaged by the Target breach

No. They will be able to recoup any costs from Target.

Which of the three options would work if you have chronic (frequent) traffic loads that exceed your network's capacity

None will work for chronic traffic overloads. They are only for momentary traffic peaks.

Describe the state of cryptographic security for new transmission standards

Not strong enough but improving rapidly.

What functions should remote access point management systems provide

Notify the WLAN administrators of failures immediately. Provide continuous transmission quality monitoring. Provide indications of security problems. Support remote access point adjustment. Allow software updates to be pushed out to all access points or WLAN switches. Work automatically whenever possible.

Distinguish between omnidirectional and dish antennas in terms of operation

Omnidirectional antennas send a weaker signal that spreads in every direction, and can also receive a signal from a receiver from any direction. Dish antennas send a strong signal in a specific direction.

What does master-slave operation mean

One device is in command; the other follows its commands.

What sets security management apart from other aspects of network management and IT management in general

One thing is that security teams must be able to defend against extremely intelligent attackers. They are in a constant race with these attackers. The amount of threats and defenses are developing at an incredible rate.

Describe RTS/CTS

One wireless client sends a request-to-send message to the access point. The access point broadcasts a clear-to-send frame. The requesting device may now send. Other wireless devices, hearing the CTS signal, must wait.

What transmission media do cable television companies use

Optical fiber and coaxial cable.

Is RTS/CTS required or optional

Optional.

What is a PAN

Personal area network—a collection of devices around a desk or a person's body.

Distinguish between phishing and spear phishing

Phishing attacks substantial groups of people. Spear phishing is aimed at a single person or a small group of people.

Which usually becomes the master later

Phone

When must firms do site surveys to give users good service

Planning based on physical location can only be approximate. Actual measurements are needed for final adjustments. In addition, as the building and number of people using an access point changes over time, access point placement and power must be adjusted.

Compare the specificity of policies, implementation guidance, and implementation

Policies are general requirements of what needs to be done. Implementation guidance consists of standards and guidelines. Standards and guidelines elaborate more on a policy and what is the expectation within that policy. Implementation is basically following Standards and guidelines in order to satisfy a certain policy.

Distinguish between policy and implementation

Policies are what need to be done when dealing with security. It doesn't say how to do it. Policymakers know potential risks, and the people that implement them should know the best way to implement a system that follows the policies made. Implementation is how to properly execute a policy,

Distinguish between private networks and virtual private networks

Private networks connect multiple people in a network, whereas VPNs are essentially a private network that connects two hosts.

List the steps taken by the attackers on Target

Purchased malware from a crimeware shop. Took over Fazio Mechanical Services' credentials on the vendor server. Probably using a spear phishing attack. Moved from the vendor server to take over the malware download server—probably the POS update server. Downloaded the BlackPOS malware to the POS terminals. Had the stolen data sent to the holding server and then to the exfiltration server. Exfiltrated the stolen data to landing servers, then sold them to card shops. Throughout the process, sent control communication to compromised servers and devices.

List the four application categories listed in the text

Quality of Service Applications, Load Balancing Applications, Traffic Segregation Applications, and Network Visibility.

What are QoS metrics

Quality of service metrics are basically numerical representations of a networks performance.

Distinguish between rated speed and throughput

Rated speed is the speed a system should provide based on what a vendor states. Throughput is the speed a system actually provides data to its users.

Distinguish between rated speed, aggregate throughput, and individual throughput

Rated speed is what an access point should get according to the 802.11 standards it uses. Aggregate throughput is what an access point actually gets and is usually 25%-50% lower than the Rated Speed. An access point's aggregate throughput is also shared with everyone that uses that access point. Individual throughput is the throughput each individual host gets while using an access point. If there is 1 host then it gets 100% of the aggregate throughput, if there are 2 they each get 50%.

What actions regarding malware are illegal

Releasing it in general or at an intended victim.

Is CSMA/CA+ACK reliable or unreliable

Reliable, thanks to acknowledgements.

Is CSMA/CA+ACK required or optional

Required.

When a source host first transmits to a destination host after a label switched path is established, what will happen

Routers will send all packets along this path rather than making traditional routing decisions for each packet at each individual router. The first router is a label-switching router that will insert a 32-bit label header in front of the IP header and after the frame header without changing the syntax of the packet and the frame.

What packets are compared to the ACL in an SPI firewall

SPI firewalls will pass a packet through the ACL if the packet attempts to open a connection.

What type of firewalls do most corporations use for their main border firewalls

SPI firewalls.

What is VPN traversal's implication for security

Security problems in VPN traffic cannot be identified through firewall filtering.

What benefit did the attackers seek to obtain from their actions

Selling the credit card number and related information to other criminals, who would create and use counterfeit credit cards.

If you want to transmit seven times as fast, how much wider must the channel be

Seven times as wide.

Distinguish between signature detection and behavioral pattern detection

Signature detection is the use of a string of code. These strings can be used to identify a certain malware program. On the other hand, behavioral pattern detection will look for specific tasks a file is trying to do. If that specific task relates to that of a malware program, then it will know for sure that the program is malware.

What factors account for NFC's low transmission power requirements

Small distance and slow transmission.

Distinguish between social engineering in general and phishing in particular

Social engineering is the general category. Phishing is a type of social engineering in which authentic-looking messages are sent to targets.

What other propagation do some worms use

Some worms also directly propagate which means that they spread on their own from the infected computer to other vulnerable computers.

What are the important things to consider when deciding between ADSL and cable modem service for your residence

Speed and cost

In unlicensed bands, what type of transmission method is required by regulators

Spread spectrum transmission.

Distinguish between standards and guidelines

Standards are mandatory and must be followed whereas guidelines should be followed but don't always need to be. If a guideline isn't followed, reasonable consideration should be put into not following that guideline.

Which must be followed

Standards.

What threat does OpenFlow create for switch and router vendors

Switches and routers may become cheap commodities

Name an application not listed in the text for which is jitter a problem

Streaming video.

List two NFC applications you would like to use

Student answers will differ. Popular alternatives are Key and Payment functionalities.

How can it reduce CapEx

Switches and routers can be made more cheaply because they do less

In what service band does NFC operate

The 13.56 kHz service band.

Which band dominated use initially

The 2.4 GHz band

How many 20 MHz non-overlapping channels does the 2.4 GHz band support

The 2.4 GHz band supports 3 non-overlapping 20 MHz channels.

What Working Group created 802.11i

The 802.1 Working Group created 802.1X. The 802.11 working group created 802.11i

What organization creates Bluetooth standards

The Bluetooth Special Interest Group.

What profile can a mobile phone use to communicate with a headset

The Headset Profile (HSP).

Distinguish between the Internet and carrier WANs

The Internet connects almost anything to anything

Why is the PSTN important in WAN data transmission

The Public Switched Telephone Network is important in WAN data transmission because many WAN carriers lease their transmission lines from telephone companies, therefore the lines are setup in a similar fashion.

From where does an SDN switch or SDN router get its forwarding table rules

The SDN controller.

What is the relationship between handoffs and roaming in Wi-Fi

The ability to use handoffs is called roaming. They are the same thing.

What device or devices know this key

The access point and that particular wireless client.

Why are session keys good

The amount of traffic encrypted with the key will be limited, making the key difficult or impossible to crack.

What may the attacker do after compromising a system

The attacker can manually look through files, delete them, transfer them, or the attacker can even turn the computer into a pornography site.

How might segregation of the network in the Fazio attack have stopped the breach

The attackers could not have gone from the vendor server to the server from which they downloaded malware to the POS terminals.

Explain why security is a process, not a product

The best hardware and software will do nothing if the security staff does not manage their processes well.

Why does the book not distinguish between 3G and 4G service

The book does not distinguish between 3G and 4G service because the "G" has become meaningless because the standard definitions of these services are being misused by marketers.

What happens in a kill chain if a single action fails anywhere in the chain

The chain is broken.

For each, compare channel bandwidth and the number of possible channels

The channel bandwidth of 802.11g and 802.11a is 20 MHz. 802.11g has 3 possible channels, and 802.11a has 20-25 channels. The channel bandwidth of 802.11n is 40 MHz but it will drop to 20 MHz if there is interference on the two selected channels. At 40 MHz 802.11n has 8-12 channels, and at 20 MHz it has 20-25. The channel bandwidth of 802.11ac is 80 MHz or 160 MHz. It has 4 -6 channels at 80 MHz and 1-2 at 160 MHz.

Distinguish between the coaxial trunk cable and drop cable

The coaxial trunk cable is the cable that runs through a neighborhood. A coaxial drop cable is the access line to individual homes. The trunk cables are thicker than the drop cables.

Why do you think TJX failed to upgrade to stronger security than WEP

The company is a low-cost operator. By not upgrading, they could save money. They did not consider break-ins likely.

How does the location of forwarding and control change in SDN

The control function is removed from the individual switches and routers and placed in the SDN controller

Compare the diversity of technologies in LANs and WANs

The diversity of LAN technologies is very low; there is 802.3 and 802.11 technologies. The diversity of WAN technologies is very high; there are leased line data networks, public switched data networks and wireless networks, all with further options within themselves.

When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at an SPI firewall, what does the firewall do

The firewall drops it.

When a packet that is part of an ongoing connection arrives at a stateful packet inspection firewall, what does the firewall do

The firewall passes it.

What are the two functions in network forwarding devices

The first function is the forwarding function which actually forwards individual frames and packets. The second function is the control function has a set of rules that tells the forwarding function how to forward each frame or packet.

What two protections do electronic signatures provide

The first is message-by-message authentication to prove a sender's identity. The second is message integrity; the ability to detect any alterations in a packet by an attacker throughout the transfer process.

Explain the steps of a distributed DOS attack

The first step is to install bots on several hundred or thousands of computers. Once this botnet is up, a botmaster can send the orders of who to attack to the command and control server. The command and control server will send the orders to the several hundred or thousands of computers in the botnet and they will flood the specific target with packets denying their service.

How will the access control list (ACL) in Figure 3-23 handle a packet that attempts to open a connection to an FTP server

The first two rules will not apply. When the SPI firewall reaches the third rule, it will drop the packet and not permit the connection.

Distinguish among the frequency spectrum, service bands, and channels

The frequency spectrum is the range of all possible frequencies from 0 Hz to infinity. A service band is a range of frequencies allocated to a certain purpose; GPS, AM Radio, etc. Channels are smaller frequency ranges in a specific Service Band.

Distinguish between Get and Set commands

The get commands retrieves data from managed devices and places is in a Management Information Base (MIB). Set commands are sent to managed devices and can be used to reroute traffic, turn off routers or switches, etc.

How was the TJX break-in an international crime

The hackers used accomplices in other countries to sell stolen credentials.

Why is asymmetric speed acceptable in residential ADSL service

The heaviest residential applications have heavier download speed requirements than upload speed requirement. The classic example is the World Wide Web. Another is streaming video.

What are the implications of these trends

The implication of these trends is that budgets for networks are minimal. Network admins can't spend too much on one project or they will not have enough for other important projects

On what basis does each label switched router base routing decisions

The label number

What is the local loop

The local loop is the access portion of the PSTN. It extends from the final telephone company switch to the customer premises.

What can retailers do to defend themselves against counterfeit credit cards

The main thing is to check the last four digits of the embossed credit card number with the last four digits of the number on the magnetic stripe. <They can check for ID to see if the person named on the card is the same as the name of the person presenting it.>

How is 802.11i protection limited

The protection only extends from the wireless client to the access point—not all the way the server.

Distinguish between evil twin access points and rogue access points

The rogue access point is created within the company premises by an employee and connected directly to the wired LAN. Its danger is that it may lack security. The evil twin is a notebook computer of an attacker outside the company premises. The danger is that it may read all communication and send attacks posing as a legitimate wireless client.

Distinguish between the supplicant and the verifier

The supplicant is the person who is trying to prove their identity. The verifier is the person requiring that the supplicant prove their identity.

What are the implications for digital certificate authentication if the true party's private key is stolen

The thief will be able to impersonate them and probably get access to important assets protected by this strong form of authentication.

Does the verifier decrypt with the true party's public key or the supplicant's public key

The true party's public key. If the verifier decrypted with the supplicant's public key, the decryption would always produce the challenge message whoever the supplicant may be.

In digital certificate authentication, what does the verifier do

The verifier will send the supplicant a challenge message. This message is not encrypted and the supplicant must encrypt that message with his/her private key and send back the response message to the verifier. When the response message is returned, the verifier decrypts it with the public key of the true party. If the decryption produces the challenge message, the verifier knows the true party's public key

In Ethernet, why does 802.1X not need security between the authenticator and the host before 802.1X authentication is done

The wired communication between the supplicant host and the workgroup switch is difficult to intercept, making 802.1X communication difficult to compromise.

What device acts as the 802.1X authenticator in Wi-Fi

The wireless access point.

Why does 802.1X mode in 802.11i need security between the authenticator and the host before 802.1X authentication

The wireless communication between the supplicant host and the access point is easy to intercept, making 802.1X communication easy to compromise.

In 802.1X operation, what device acts as the authenticator in Ethernet

The workgroup switch.

What is the benefit of channel reuse

There can be many customers for each channel—more customers overall in the system

Why must authentication be appropriate for risks to an asset

There is no sense to spending money on very good authentication to protect unimportant assets. However, one must not apply weak authentication techniques to high-value assets.

What are the characteristics of passwords that are safe from even brute-force attacks

These passwords should contain lowercase and uppercase letters, along with numbers and special characters.

Are AV programs used to detect more than viruses

They also search for other forms of malware. AV got its name before the different types of malware were distinguished. When the term virus was used before, it was used to cover all forms of malware.

Why are VPNs called "private networks"

They appear to be private to the user, who seems to have a dedicated network for himself or herself because unauthorized parties cannot interfere with the traffic.

How are vendors responding

They are adopting OpenFlow but they are also offering their own southbound proprietary APIs that are more fully featured and hopefully more attractive to customers. Justifies more expensive forwarding devices.

How are carriers attempting to reduce the cost of installing FTTH

They are fibering whole neighborhoods at once to lower the cost per subscriber. Subscribers only need a short access link to their homes.

What do downloaders do

They are small pieces of malware that download larger pieces of malware.

What gives bots flexibility

They aren't only used for DDOS attacks; they have the ability to be remotely updated by a botmaster. This allows them to change tasks. For example, if they are used for DDOS attacks, they could quickly be reprogrammed to send out mass amounts of spam.

What was the attackers' first step in breaking into TJX and other companies

They broke into retail store networks using the weak security of WEP

How are VPNs able to defeat evil twin attacks

They can create an encrypted path between the wireless client and the access point. The evil twin cannot break this encryption.

How can criminals get around the last four digits precaution

They could read the last four digits for the cashier, reading the last four digits on the magnetic stripe number instead of the embossed credit card number.

What security mistake did Fazio Mechanical Services make

They did not use an antivirus program that warned users when a message contained malware. <They probably did not train their employees in phishing.>

In digital certificate authentication, the supplicant could impersonate the true party by doing the calculation with the true party's private key. What prevents impostors from doing this

They do not have access to the true party's private key. Of course, if they get access to that key, the system breaks down.

Why are SPI firewalls limited in their ability to detect attack packets

They do not know what applications are sending packets. They only know well-known server port numbers, and these can be used by other applications.

Why are career criminals extremely dangerous

They have the money to mount sophisticated attacks.

Why may ex-employees attack

They may be resentful of the way they were treated.

Why do you think the Minneapolis security staff not heed the FireEye warning

They may have been overloaded by work. They may not have had confidence in FireEye. They may have been fooled because the name of the file was similar to the name of one of their legitimate programs

Why may employees attack

They may want revenge. Or they may simply want to steal money or other assets.

How did the attackers gain access to Target's network

They obtained Fazio Mechanical Services' authentication information on the vendor server. They probably did this through a spear phishing e-mail attack.

Why are contractor firms more dangerous than other outside firms

They often have credentials to internal systems; because they have nearly the same amount of permissions.

How did the attackers exfiltrate the card data in the Target attack

They used an exfiltration program to send the data from the extrusion server to an external landing server. <Probably FTP> The IP addresses of the landing servers were easily discovered, so they would have moved this information to other servers almost immediately.

All wireless hosts and the access point that serves them transmit on the same channel.What problem does this cause

This causes individual throughput to fall because when a wireless device tries to transmit a message all other devices on the same channel must wait so that collisions are avoided.

For a radio operating at 1 W

This is 1000:1 This is 30 dB.

For a radio operating at 0.1 W

This is 100:1. It is 20 dB.

For a radio operating at 16 mW

This is 16:1. This is 12 dB.

Estimate, without using Excel, the dBm value for a radio operating at 2 mW

This is 2:1. This is 3 dB.

How will an SPI firewall handle a packet containing a TCP SYN segment

This is a connection-opening attempt. The firewall will pass the packet's details through the ACL. If the ACL specifies that the connection should be opened, a connection is added to the approved connections table.

What is VPN traversal

This is a technique for VPN traffic to pass through firewalls, which cannot filter these packets because they are encrypted for confidentiality.

How will an SPI firewall handle a packet containing a TCP FIN segment

This is not a connection-opening attempt. It will compare the packet to the connections table. If the sockets match an authorized connection role, the firewall will pass the packet. Otherwise, it will drop the packet.

How will an SPI firewall handle a packet containing a TCP segment that is a pure acknowledgment

This is not a connection-opening attempt. It will compare the packet to the connections table. If the sockets match an authorized connection role, the firewall will pass the packet. Otherwise, it will drop the packet.

How will a firewall handle a packet containing a UDP datagram

This may or may not be a connection opening attempt. The firewall will check if the packet is part of an approved connection. If so, it will pass the packet. If not, it will consider the packet is a connection-opening attempt and pass it through the ACL firewall.

Comment on the statement, "The goal of security is to eliminate risk"

This statement is incorrect. It should be, "the goal of security is to reduce risk" to the extent that this is economically feasible. It is impossible to eliminate risks. It would be much too expensive and even then there are no guarantees.

Comment on the fact that Target knew that fraud was already occurring with the stolen card data but did not reveal this when it announced the breach

This was bad for its customers. Law enforcement agencies may have asked Target to withhold this information, but it would still have been bad for customers if this was true.

Why must the VPN key be pre-shared to thwart a VPN attack

This way, a man-in-the-middle attacker cannot intercept and read the key.

Why is the ability to created firewall policies for individual applications important

Threats are often very specific to particular applications.

Why is bumping done

To bring the device very close to the reader.

What are the two common business uses for carrier WANs

To connect corporate sites & To connect to the Internet

What is the purpose of the DSLAM

To multiplex voice and data signals to the home and to link them to the voice and data network at the carrier's premises.

Why should they provide these functions as automatically as possible

To reduce labor costs.

What is the main benefit of application and network protocol acceleration

Transmission speed.

What is the definition of spam

Unsolicited commercial e-mail.

List the main elements in SNMP

agents, Management information bases (MIBs), and network visualization program.

How can access points communicate with each other

Via the distribution system.

How do viruses and worms differ

Viruses attach themselves to programs on your computer, whereas worms are their own program and they spread by themselves through vulnerabilities in other computers.

What were the two earlier 802.11 security standards

WEP and WPA

What does the Wi-Fi Alliance call 802.11i

WPA2

Distinguish between war drivers and drive-by hackers in terms of what they do.

War drivers merely locate unprotected access points. Drive-by hackers actually break into the firm's WLAN

Why is multipath interference very sensitive to location

Wavelengths are very short, so two waves may add or cancel over slightly different distances.

What implications does two different standard performing products have for making purchases

When making a purchase this implies that you should know the optional standards and which product has the standards that fit your needs.

What warnings had Target not responded to adequately

When the attackers installed malware to the server from which they would exfiltrate files, they were warned that a suspicious program was being installed. There were general warnings about data theft through POS terminals. The staff was concerned that they were not paying enough attention to this threat.

What is a transceiver

a radio for data transmission. Transceivers transmit and receive.

Compare normal Wi-Fi with Wi-Fi Direct

Wi-Fi normally uses an access point. Wi-Fi Direct provides direct host-to-host communication.

When does RTS/CTS make sense to use

Wireless clients may not be able to hear one another; this will make CSMA/CA+ACK ineffective. All devices can hear the access point (or they could not communicate through it); this means the CTS/RTS will always work.

What are the security benefits from centralized access point management

Wireless intrusion detection.

Can MPLS provide traffic load balancing

Yes

Does residential DSL offer simultaneous voice and data service

Yes

Is the Internet a WAN

Yes

Is the 802.3 Working Group working with MEF

Yes, 802.3 developed standards for its fastest speeds.

If you see a username and password on a Post-It note on a monitor, is it hacking if you use this information to log in

Yes, because you are intentionally logging into the computer without authorization from the owner of the post-it note or the system owner.

You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking

Yes, because you were authorized to log into your email account, but you intentionally snooped in someone else's mail without proper authorization. This is exceeding authorization.

Is this still true if a master communicates with four slaves

Yes, each slave will have a separate connection.

Must guidelines be considered

Yes, it is mandatory

Can a Bluetooth device be both a master and a slave

Yes.

Can a Bluetooth master have multiple slaves

Yes.

Can a Bluetooth slave have two masters

Yes.

Does the access point have an SSID

Yes.

Are drive-by hackers illegal, Why or why not

Yes. They are intercepting private communication and perhaps initiating attacks.

Why is large channel bandwidth desirable

You can transmit signals faster.

Why is it important to read firewall logs daily

You must be alert to how you are being attacked to identify attackers and their methods, and therefore adjust your security posture.

What is the person who controls a botnet called

a "botmaster."

What is a collection of compromised computers called

a "botnet."

What kinds of messages can agents initiate

a Trap command; An agent will initiate a trap command when it senses a problem, so it will collect details of the problem and send it to the manager.

Would an SLA guarantee specify a highest jitter or a lowest jitter

a highest jitter; It would do this because a high jitter is bad.

Would an SLA specify a highest availability or a lowest availability

a lowest availability because if it said that there would be a 98% availability, an ISP would have to pay a penalty if it was available more than 98% of the time.

Would an SLA specify a highest speed or a lowest speed

a lowest speed because you don't want to put a cap on your speed because in networking higher speeds are good. By specifying a highest speed they would have no incentive to increase speed.

What is a hertz

a measure of frequency—one cycle per second

What is an exploit

a method of attack

What is the structure of the PSTN core

a modified hierarchy of switches; it includes bypass trunk lines between switches that are at the same level if there is an unusually large volume of traffic between those switches.

What kind of device is an evil twin access point

a notebook computer configured to act like a real access point. It entices internal hosts to associate with it by operating at very high power.

What are Trojan horses

a piece of malware that disguises itself as a genuine system file, making its detection difficult.

In cellular technology, what is a cell

a smaller geographical area within a larger metropolitan service area.

What is a policy

a statement of what needs to be accomplished in security

What is spyware

a type of a Trojan horse; It collects information about you, and sends it to the attacker without you even knowing about what is going on.

What is a vulnerability

a weakness in a program that can allow hackers to launch a specific type of attack.

What name do we give to vulnerability-based attacks that occur before a patch is available

a zero-day attack; This allows for all attacks against vulnerable computers to succeed.

Why is backward compatibility important

because without it if a new device with new standards came out, everyone would be forced to throw away their old device and buy the new device. This would be very expensive and inefficient.

What is wireless mesh networking

an all-wireless network in which there is no wired distribution system.

What is a cipher

an encryption method which creates messages that eavesdroppers will be unable to read.

Why is face recognition controversial

because you are able to do it without someone's knowledge. The issue of privacy arises here because who knows where there could be someone using facial recognition, and for what purpose

What is risk analysis

analyzing the risks and the costs of protection. Companies have to determine if implementing countermeasure A is more economically feasible than implementing countermeasure B, etc

What is malware

basically evil software that is meant to do harm to a computer. Examples include, but are not limited to, viruses, worms, and Trojan horses.

Why are stateful firewalls attractive

because 99% of all packets are not part of a connection-opening attempt, and therefore packets are handled with very little processing power, causing them to be inexpensive.

When an application uses TCP at the transport layer, why is error rate a problem for throughput

because TCP attempts to avoid congestion of the network so it sends segments slowly at the start of a connection. If there is a single error at the start it will assume that the network is congested causing the throughput to drop.

Why is defense in depth necessary

because a single defense is bound to fail at one point or another and if you just have one defense then an attacker will be able to succeed. If you have multiple defenses then that solves the problem and they will have to get through the other defenses.

Why does transmission speed drop as a computer moves farther from an access point

because as you get further away from an access point the signal weakens and your transceiver must switch to a less aggressive modulation method that is less sensitive to errors. This method transmits more slowly

Why are future WAN prices difficult to predict

because carriers strategically price their services, and they are constantly changing their prices to sway customers into changing from one service to another.

Why are SSL/TLS attractive for web applications

because every webserver and browser today has it built in. Therefore, no added software needs to be installed on the client and server to turn it on

Why is it important for policy to drive both implementation and oversight

because implementers and auditors may have different interpretations of the policy if it is ambiguous or wrong. There are cases where implementers don't follow the policy and auditors will call them on it, so overall security will be better.

Why is selecting the best interface beneficial

because it greatly reduces the amount of work each router must do per packet, which reduces router costs.

For what reasons is CE attractive

because it has low-cost MAC layer functionality making it inexpensive, it is fast with an attractive cost, there are QoS guarantees available, and it has decent security by keeping traffic of different customers separate.

Why are companies moving rapidly into the 5 GHz service band

because it has more bandwidth.

Why do users not have to worry about the details of cryptographic processes when they are using a VPN

because it is done automatically and is pretty much a part of the cloud.

Why is security primarily a management issue, not a technology issue

because it requires excellent planning, proper implementation, and the day to day execution

Why is two-factor authentication desirable

because it requires two forms of credentials for authentication. This increases the security.

Why are QoS metrics important

because networks today must work "well" and they keep track of the service quality each user receives.

Why did SDN begin in large data centers

because of virtual machines and the need for traffic segregation so that customers cannot reach the VMs of other customers. VMs come and go quickly, and forwarding has to be redone constantly. This cannot be done by manually reconfiguring each forwarding device.

Why is the principle of least permissions important

because one unnecessary permission that someone has is a possible security risk

Why do carriers offer low-speed "leased lines" that are really DSL lines

because the 1-pair VG UTP lines that DSL service uses are already installed so there is no need to lay new wire or fiber to the customer. However, these lines still perform as well as traditional leased lines using 2-pair data-grade UTP.

In a server farm, why may networking control have to be changed

because the frequent creation, deletion, and moving of virtual machines requires a massive amount of manual configuration.

Why do wireless clients need access to the firm's main wired switched Ethernet network

because the resources they need are located there. They also need to be able to connect to the Internet via the Internet access router, which is on the main wired LAN.

Why can two products that comply with the same standard perform differently

because there are extra options in each standard that could increase performance if implemented in a product,

Why is it undesirable to use reusable passwords for anything but the least sensitive assets

because there are password cracking programs that can figure out your password in a matter of seconds or minutes if the attacker is motivated by a high-value target.

For what four reasons are these employees especially dangerous

because they already have access to the system, they know the system, they know how to avoid detection, and they are trusted by the organization.

Why is directly propagating especially dangerous

because they are capable of spreading throughout the internet at extremely high speeds, in a matter of minutes.

Why are passwords widely used

because they are very easy to use, and they are also cheaper to implement.

Why are cyberwar and cyberterror attacks especially dangerous

because they have massive amounts of funds to allow them to have the most sophisticated technology on the market. They can also focus on doing catastrophic damage instead of committing petty crimes. They are also commonly directed at multiple targets at once so that the damage is at a maximum. The capabilities are endless, and the damages could easily exceed the hundreds of billions of dollars range.

Why is coaxial cable called "coaxial"

because they have two conductors that have the same axis.

Why is comprehensive security important

because they need it in order to be safe from attacks. If there is just one tiny little avenue of attack, an attacker can launch a successful attack.

Why are APTs expensive to carry out

because they require advanced skill sets and extreme persistence over a long period of time, all while being undetected in a network. You also need a great amount of resources throughout the duration of it.

Why is the need to manage the leased line network an issue

because they require extensive design and operation costs which will incur substantial labor and customer premises equipment costs for a company.

Why are typical WAN speeds slower than typical LAN speeds

because they span longer distances. Because they go longer distances, it would be much more expensive for a carrier to implement and maintain an extremely fast line. You can relate it to a basic economic principle; as unit price increases, fewer units are demanded. So as distance increases, the price of transmission increases and companies demand less of higher speeds so in turn WAN speeds will typically be slower than LAN speeds.

Why do MANs have higher typical speeds than broader-scope WANs

because they span shorter distances, therefore reducing the cost per bit transmitted. Going off my previous explanation of how cost per bit transmitted increases as distance increases, it will be cheaper to implement a MAN since it is a short distance, allowing for higher speeds.

Why are states important

because they will filter a packet through a series of tests/rules that decide what to do with the packet, and if a connection should be opened or not.

Why are scripts on webpages called mobile code

because when a user tries to access a webpage, they travel to the web browser with the downloaded webpage.

Why do you have more flexibility with LAN service than with WAN service, Why

because you do everything yourself. This allows you to choose your technology, and the costs are lower and you can get faster speeds.

In MPLS, is selecting the best interface for each packet at each router done when the packet enters the network or before

before the packet enters the network.

At what range of frequencies do most wireless systems operate

between 500 MHz and 10 GHz

Are LANs single networks or internets

both single networks and internets.

Does media access control apply to wireless hosts, access points, or both

both wireless hosts and access points.

How are dead zones created

by dense objects that block the direct signal path between the sender and the receiver

How can firms provide WLAN coverage throughout a large building

by placing multiple access points throughout that building.

In radio, how can you send multiple signals without the signals interfering with one another

by sending each signal on a different channel

Are WANs single networks or internets

can be both single networks and internets.

What are common propagation vectors for viruses and worms

can include e-mail attachments, P2P file transfer networks, social networks, and websites.

In normal radio operation, how does channel bandwidth relate to the bandwidth required to transmit a data stream of a given speed

channel bandwidth is only big enough to handle the desired speed; Any extra channel bandwidth would be a waste since it won't increase speed

What is the advantage of using unlicensed bands

companies can add or drop access points whenever they want. They can also have as many wireless hosts as they want

What are carriers

companies that have rights of way to lay wires between sites.

What characteristics do all access points in an ESS share

connected to the same distribution system they all have the same SSID.

What are service level agreements

contracts that guarantee a certain level of performance.

What speed does the LTE Advanced standard currently require

currently requires 3 Gbps downstream and 1.5 Gbps upstream

What is CPE

customer Premises Equipment which is located on the premises of a customer and allows customers to connect to the WAN.

What is beamforming

directing signal energy toward individual devices.

What device must a customer have at its site to connect to a leased line

equipment called a CSU/DSU which translates the physical layer signals of network devices on the customer premises into physical layer signals in a format that leased lines require.

What is social engineering

essentially tricking a victim into doing something that isn't in their best security interests.

What are the characteristics of leased lines

fast, point-to-point, always-on, connections.

What is the downside of wider channel bandwidth

fewer channels.

Do wireless LAN standards come from OSI or TCP/IP

from OSI because that is the dominant architecture for layers 1 and 2.

Between what two points will a leased line run for PSDN access

from the site to the PSDNs nearest point of presence.

What is the principle of least permissions

giving a user the minimum amount of permissions he or she needs to complete their job.

Would an SLA specify highest latency or lowest latency

highest latency because a lower latency is better and a high latency can be problematic so companies usually guarantee that the highest latency will be no more than x-amount.

What is availability

how often that network will be able for use.

What is the purpose of the 802.11r standard

it enables access points in the same distribution system to communicate with each other in roaming

Under what circumstances would you use an omnidirectional antenna

if I am working with short distances such as a WLAN and if I did not know where the other radio was located.

Under what circumstances would you use a dish antenna

if I needed to send a signal very far away in a specific direction and new where the other radio was.

What factors affect what throughput an individual user will receive

if they are moving in a car, if there are more customers using the same cellsite, if they are a greater distance from the cellsite, if they are in a dense building, etc.

Where does the manager store the information it receives from Get commands

in a Management Information Base (MIB)

Why is oversight important

it ensures that the policies are properly implemented so that the system will be stronger.

Why is wider channel bandwidth good

it increases the possible transmission speed.

What are the three layers in SDN

individual switches and routers, the SDN controller, and SDN applications

What is the definition of hacking

intentionally using a computer resource without authorization or in excess of authorization.

Traditionally, how is the control function in each device managed

it is configured on each individual device, which can be extremely time consuming the more complex a network is

Why will Bluetooth Smart extend the types of devices that can communicate wirelessly

it allows devices without full operating systems to work together. This will be important in tomorrow's Internet of Things.

What is the main benefit of MIMO

it can greatly increase throughput.

Can a password that can be broken by a dictionary attack be adequately strong if it is very long

it can never be adequately strong.

Do label switching routers along the MPLS path look at the packet's IP address

it looks at the label number which identifies the label-switched path form a particular conversation.

What protection does confidentiality provide

it makes it so that if someone intercepts a message, they wouldn't be able to read that message.

Explain "persistence" in the context of APTs

it refers to the amount of time it takes to successfully carry out this type of attack. There are several objectives in these attacks and the whole process can take several months or even years. Throughout the attack, they are constantly monitoring the network.

Explain "advanced" in the term advanced persistent theft

it refers to the high skill levels of those who partake in APTs. They must have a very high skill level because the operation could span months or even years, and one mistake could ruin the operation.

Why is network automation important

it saves a lot of time in networking

What is the minimum size for symmetric keys to be considered strong

it should have a minimum of 100 bits.

Does a signal usually travel at a single frequency, or does it spread over a range of frequencies

it spreads over a range of frequencies; this range is also known as a signal's bandwidth.

What does a firewall do when a provable attack packet arrives

it will drop the packet and log details about it in a firewall log file.

What does buffering do to latency

it will increase latency because there will be a delay in the time when a packet enters the buffer and the time it is released.

What happens if a carrier does not meet its SLA guarantee

it will pay a penalty fee.

What are benefits of SDN

labor cost reduction and agility (the ability to change rapidly).

What two problems do momentary traffic peaks create

latency and loss.

At what layers do wireless LANs operate

layers 1 and layer 2

What are the most frequent attacks on companies

malware attacks.

What is backward compatibility

newer devices with newer standards that still implement older standards.

What is the former name for carrier Ethernet

metro Ethernet; When the MEF changed the name of the service from metro Ethernet to carrier Ethernet, it did not change its own name to match.

What is a cellsite

middle of each cell; it contains a transceiver to receive and send mobile phone signals. It also watches over each mobile phone's operation.

When a customer uses a leased line to connect to its ISP, what two points does the leased line connect

needs to connect from their site to their ISP's nearest point of presence (POP).

What are momentary traffic peaks

occasional spikes in traffic a network sees. It is like rush hour on a freeway

What is jitter

occurs when different packets in a message have a different latency. This can cause things such as VoIP and streaming to speed up and slow down. The average variability in arrival times divided by the average latency.

What choices do you have for reducing the impact of delays for latency intolerant traffic

overprovisioning, priority levels, and Quality of Service Guarantees.

What is the disadvantage of each compared to the other

overprovisioning: very expensive to implement in terms of equipment and transmission line purchases. priority levels: requires much more labor work for network staff to assign those priorities. QoS Guarantees: all traffic that isn't part of the traffic flows QoS gets whatever space is left over. Sometimes the reserved space may not even be used and it still can't use that reserved capacity.

What is the advantage of each compared to the others

overprovisioning: you install a lot more capacity than you will ever need so that momentary traffic peaks are rare and obsolete. This reduced the labor burden that is put on network staff. priority levels: it sends the most important frames and packets first, and in turn transmission link costs will be lower than those of overprovisioning. Quality of Service Guarantees: traffic flows that have QoS Guarantees will always be transmitted

What is another term for authorizations

permissions

What are rights of way

permissions given to carriers by the government that allows them to lay wires between sites and are subject to government regulation.

What happens in each stage of the Plan-Protect-Respond cycle

planning phase; companies will analyze all possible threats and they will decide how they want to counteract those threats. They must also maximize the benefits of the security system by doing a risk analysis calculation protect phase: the company implements their plan and upkeeps it on a daily basis response phase: is what a company does when there is a successful attack on their network

Why do you think Fazio Mechanical made that mistake

probably being cheap.

What are credentials

proofs of identity used in authentication.

In 802.11 Wi-Fi networks, can simple installation rules usually reduce propagation effects to nonissues

simple installation rules usually do not reduce propagation effects to nonissues. This is the case because radio propagation is unreliable. The signal can be weakened in several different ways.

In 802.3 Ethernet networks, can simple installation rules usually reduce propagation effects to nonissues

simple installation rules, such as respecting cord distance limits, usually reduce propagation effects to nonissues.

What benefits can beamforming bring

stronger signals can be sent to individual wireless hosts

What is its other benefit of MIMO

that it has a greater transmission range; This allows for greater propagation distances which in turn, allows for fewer access points to be installed.

What is the benefit of separating policies from implementation

that there is specialization; Policymakers have greater overview knowledge needed for broad policies, while Implementers understand the technological details needed for the best implementation.

Who are the most dangerous employees

the IT employees

What is today's dominant cellular technology

the Long-Term Evolution (LTE) standard

What organization is standardizing carrier Ethernet

the Metropolitan Ethernet Forum (MEF).

What device manages the control functions on forwarding devices

the SDN controller

If carrier speed falls below its guaranteed speed in an SLA, under what circumstances will the carrier not have to pay a penalty to the customers

the carrier would not have to pay a penalty if it guarantees a speed of no worse than 100 Mbps 99.8% of the time and the speed only drops below 100 Mbps .1% of the time. Carriers put these little exceptions in the SLAs because it is impossible to guarantee that something will work perfectly 100% of the time.

What are payloads

the final task of malware; can do massive amounts of damage such as erase hard disks; Not all malwares have these

How are device control functions managed in software-defined networking

the forwarding function and control function are separated. Instead of having a control function on every device, there is one control function placed in a controller that allows commands to be sent to every connected device.

What pressing management issues does SDN address

the issue of having to manually configure each switch and router when they are installed or when something needs to be updated; it can be extremely time consuming. This lowers cost, and changes can be made quickly, giving agility.

What is the name of the path selected for a particular conversation

the label-switched path.

What types of passwords are susceptible to dictionary attacks

the most common passwords; These types of passwords are usually short and simple and are commonly used. They are put in a dictionary of other simple, common passwords and the attacker just goes through that dictionary.

What factors influence individual throughput, given a certain level of aggregate throughput

the number of users using a specific access point. The more users on the access point, the less individual throughput each user receives,

How does channel bandwidth change in spread spectrum transmission

the original signal, called a baseband signal, is spread over a much broader channel than is required by the transmission speed

What is authentication

the process of proving the identity of a specific person.

Which stage of the Plan-Protect-Respond Cycle consumes the most time

the protect phase because a company must implement their plan and maintain it as long as possible before there is a successful attack.

In two-way dialogues, how many keys are used in symmetric key encryption

the two sides share 1 single key to encrypt and decrypt messages.

What is biometrics

the use of body measurements to properly authenticate someone; could include fingerprint recognition, facial recognition, or even iris scanning.

Does an SLA measure the best case or the worst case

the worst case scenario because if and ISP put in a best speed scenario they would have to pay penalties if the speed ever went higher than that.

How do you authenticate yourself with an access card

they are swiped through card readers to identify you. Some common examples include hotel keys and debit cards.

How do Trojan horses propagate to computers

they are unable to propagate on their own so they must be placed on a computer by a separate piece of malware, a hacker, or a user downloading it.

To what computer does the "botmaster" attacker send messages

they send messages to a command and control server; then relays those commands to the botnet. This makes it very difficult to locate the botmaster.

Passive RFID chips have no batteries. How can they transmit when queried

they transmit information using absorbed energy from the command pulse.

Does residential ISP service usually have SLA guarantees, Why

they usually don't give SLA guarantees because customers are much more price sensitive than companies. Usually Internet access with an SLA is very expensive.

When a firewall administrator sends a policy to the policy server, what does the policy server do

they will create a detailed firewall rule and then send that rule out to the proper firewall(s).

When a device that implements 802.11ac attaches to an 802.11n access point, what standard do they use to communicate

they will use the 802.11n standard to communicate

What is the purpose of a denial-of-service attack

to make a computer or network unavailable to its users.

What is the purpose of redundancy in transmission links

to provide extra transmission links so that there are backup paths in the event of another link failing.

Do WLANs today use licensed or unlicensed bands

unlicensed bands.

How can users eliminate vulnerabilities in their programs

users should constantly look for patches for their commonly used programs on their computers. Patches usually fix these.

What class of switches are most end office switches

usually Class 5 switches which is the lowest switch in the hierarchy.

What two propagation problems become worse as frequency increases

waves will suffer more rapidly from absorptive attenuation, and dead zone problems will increase. Higher frequencies are less able to travel through and around objects.

What is a propagation vector

ways for malware to spread.

For what application was SSL/TLS most widely used

web applications.

What is a handoff in 802.11

when a host travels too far from a wireless access point, and is handed off to a closer access point in the same extended service set.

When should you measure error rates, Why

when a network has a large amount of traffic. This allows them to understand the error rate risks.

Why must an access point remove an arriving packet from the frame in which the packet arrives and place the packet in a different frame when it sends the packet back out

when it sends the packet back out because 802.11 frames cannot travel over 802.3 LANs and vice versa. 802.11 frames can only travel between wireless access points and the wireless host. 802.3 frames can only travel between the access point and the server.

What is vulnerability testing, and why is it done

when someone from within a system goes outside of that system and attacks it to discover any vulnerability. It is done to identify any weaknesses in a system before an attacker does.

Under what circumstances are scripts likely to be dangerous

when there is a vulnerability in a user's web browser

What is defense in depth

when you have multiple lines of defense and an attacker must get through all of them in order to have a successful attack.

Are access links wired or wireless

wired or wireless.

If you triple channel bandwidth, what happens to the number of channels in the service band

you can only have one third as many channels in a service band.

What is the downside of using unlicensed bands

you have no control over interference from others around you.


Related study sets

NUR 106 - Ch 43 Loss, Grief, and Dying

View Set

LEUKOCYTES MOST TO LEAST ABUNDANT

View Set

Chapter / 11 The First World War 1914 - 1920

View Set

D317 - Practice Test - Chapter 6

View Set

Sterilization and Disinfection of Patient/care Items in Oral Healthcare Settings

View Set