ISM 4323 Final
Why is MPLS transparent to the source and destination hosts
Neither of the two hosts know that MPLS is being used.
What spread spectrum transmission method dominates today
Orthogonal Frequency Division Multiplexing (OFDM), which divides each broadband channel into many smaller sub channels called subcarriers.
What is the most common protocol for providing this initial security
PEAP.
Compare trends in network demand and network budgets
The network demand is growing at a very rapid pace whereas network budgets are increasing slowly.
How does MIMO use spatial streams to increase transmission speed
The spatial streams sent from different antennas will arrive at the two receiving antennas at slightly different times. MIMO uses detection and separation methods based on differences in arrival times for the two spatial streams; the receiver can separate the two spatial streams in the same channel and so can read them individually
In digital certificate authentication, what does the supplicant do
The supplicant encrypts the challenge message with his/her own private key.
List the internal Target servers the attackers compromised
The vendor server. The malware download server. The holding server (or servers). The extrusion server
What should users do about the craving WPS problem
Turn off WPS if they can
Why is this a problem
Two nearby access points may have to be set to the same channel. This will cause interference.
What types of amplifiers are needed for cable data service
Two-way amplifiers.
A company uses 802.11i. How many 802.11i connections will the evil twin access point set up when a victim client wishes to connect to a legitimate access point
Two—one between the victim client and the evil twin and one between the evil twin and the access point.
Would two devices typically use high-speed Bluetooth during their total communication time
Typically they will only use it when they want to transmit a great deal of data.
What three threats should PSK consider
Unauthorized sharing of the pre-shared key. A weak passphrase may be selected. WPS can easily be cracked if it is used.
What is traffic engineering
the ability to manage how traffic will travel through the network
What is latency
the amount of delay when a packet moves through a network.
If the lowest frequency in a channel is 1.22 MHz and the highest frequency is 1.25 MHz, what is the channel bandwidth
0.03 MHz - 30 kHz
If the signal strength from an omnidirectional radio source is 8 mW at 30 meters, how strong will it be at 120 meters, ignoring absorptive attenuation
80 mW (30m/120m)2 = 0.5 mW
What does it mean that Bluetooth uses one-to-one operation
A connection will be between one master and one slave.
What speed is on the horizon
100 Mbps
List the three basic components of wide area networks
1) the Customer Premises Equipment (CPE) which allows customers to connect to the WAN. 2) access links which connect the customer premises to the network core of the WAN. 3) network core which connects access links to other access links.
What three issues must be overcome to make mesh networking acceptable to corporations
1.) Meshes must be self-organized; hosts and access points enter and leave the mesh frequently and the network must respond immediately to changes. 2.) It will be difficult to avoid overloading access points near the geographical center of the mesh 3.) Security. With no central control, there will have to be security existing on every device.
If a firm has ten sites, how many leased lines will it need to use a PSDN
10 leased lines to use a PSDN
How fast can the best systems today download data
20 to 40 Mbps
Convert 3.4 MHz to a number without a metric prefix
3,400,000 Hz
What is the distance limit for NFC
4 cm
Distinguish between 802.11 and Wi-Fi
802.11 and Wi-Fi are the same exact thing; Wireless LAN standards created by the IEEE 802.11 Working Group.
In what two service bands does 802.11 operate
802.11 operates in the 2.4 GHz and 5 GHz unlicensed bands.
What is the market position of 802.11ac
802.11ac is growing rapidly.
Among the four standards listed, which are obsolete
802.11g and 802.11a are both obsolete now but are still used.
What frequency band or bands do 802.11g, 802.11a, 802.11n, and 802.11ac use
802.11g uses 2.4 GHz, 802.11a uses 5 GHz, 802.11n uses both, and 802.11ac uses 5 GHz.
When offered the choice while configuring a wireless access point, which WLAN security standard should you choose
802.11i (WPA2)
Which dominates the installed base today
802.11n
Compare the range of rated speeds possible with 802.11n and 802.11ac
802.11n has a rated speed of 100 Mbps to 600 Mbps. 802.11ac has a rated speed of 433 Mbps to 6.93 Gbps. 802.11ac has a much greater range.
What is the current 802.11 standard for mesh networking
802.11s
If a firm has many access points, which 802.11i mode must it use
802.1X mode.
What mode or modes of 802.11i operation use a central authentication server
802.1X mode; not PSK mode.
Distinguish between 802.3 standards and 802.11 standards
802.3 are Ethernet LAN network standards. 802.11 are Wireless LAN standards.
What equipment does the customer need in his or her home
A DSL modem and splitters at each telephone outlet.
What is an SSID
A Service Set ID identifies an access point—actually a network.
What is a BSS
A basic service set is an access point and its wireless hosts.
What device do customers need for cable modem service
A cable modem.
From what type of organization does the verifier get the digital certificate
A certificate authority (CA).
Which is easier to understand—a firewall policy or a firewall rule
A firewall policy is generally easier to understand than a firewall rule because it is a lot less detailed.
Describe the process by which access point locations are determined
A radius is selected for access point ranges. Circles with this radius are laid out over blueprints. This planning must be done in three dimensions in multistory building. The plans must be modified for thick walls and other obstacles.
Distinguish between leased lines and access lines
A leased line is a complex transmission path between the two points it connects. The access line is simple and it is the line that connects individual sites to the rest of the network.
Does the manager communicate directly with the managed device
A manager does not communicate directly with managed devices. Each device has an agent that talks to the manager.
What kind of key does a host use after initial authentication
A session key, which will be unique for communication between that single wireless client and the access point, for that particular session.
How long do momentary traffic peaks last
A split second to a few seconds.
In the past, how has ADSL compared to cable modem service
ADSL has been a little slower and a little cheaper
Why is centralized access point management desirable
Administrators do not have to travel to diagnose remote access point problems, and they can adjust access points remotely. This reduces labor costs.
Distinguish between individual and aggregate throughput
Aggregate throughput is the total throughput that all users in part of a network have available to them. Individual throughput is a single one of those users share of the total throughput.
What is the ability to change forwarding tables rapidly called
Agility.
What should be done when an employee leaves the firm
All of their credentials to systems should be terminated before they leave. Even before they know they are leaving, if possible.
What devices forward frames in a mesh network
All wireless devices forward frames in a mesh network
What is an API
An Application Program Interface exposes a function or set of functions to commands from the next higher layer. An API is based on a standard.
What is an ESS
An Extended Service Set is a group of Basic Service Sets that are connected to the same distribution system and in which all access points have the same SSID.
Who creates a rogue access point
An employee.
What is a rogue access point
An unauthorized access point.
What cryptographic protections does 802.11i provide
Confidentiality, authentication, and message integrity.
What problems does configuring a control function to each device create
As the number of devices in a network grows, the amount of manual configuration needs to be done grows. This will increase the labor cost of managing the network. Also, it will be impossible to make changes quickly if many devices must be reconfigured.
At 7 W
This is 7,000:1. The computed value is 38.45098
What is the dBm value for a radio operating at 78 mW
This is 78:1. The computed value is 18.92095
What other types of system do we call broadband
Any transmission system that is very fast is called broadband today even if it does not use channels.
What allows wire-speed operation despite the heavy processing power required for NGFW filtering and the increasing speed of transmission lines
Application-Specific Integrated Circuits can perform functions quickly in hardware that would take too long in software at high-traffic speeds.
How long must passphrases be in order to generate strong pre-shared keys
At least 20 characters.
Where are WAN optimization devices found
At the two ends of a leased line.
What programs directly attack the victim in a distributed denial-of-service attack
Attackers install programs on hundreds, or even thousands of computers, that are referred to as "bots."
List the three types of oversight listed in the text
Auditing, Reading Log Files, and Vulnerability testing.
Distinguish between authentication and authorizations
Authentication is proving your identity whereas authorization is the set of actions that a user is allowed to do with a specific resource.
How can kill chain analysis allow companies to identify security actions it should take
By anticipating what specific actions an attacker will take, they can implement appropriate protections for different phases of the attack.
How does compression reduce traffic
By compressing a message into fewer bits, fewer bits need to be transmitted, so cost is reduced.
How does a user authenticate his or her device to the access point
By sending the pre-shared key too show that it knows it.
What profile would a Bluetooth-enabled notebook use to print to a nearby printer
Basic printing profile.
Why was 802.11 made reliable
Because wireless transmission has so many errors that it makes sense to get rid of errors at the data link layer.
Does a frame's receiver transmit an ACK immediately or after a random delay
Before the random delay, so that it will get through.
Which of ADSL or cable modem services are moving toward FTTH
Both
Traditionally, where have forwarding & control been located
Both have been located on the switch or router.
What do we call a system whose channels are wide
Broadband.
How do business DSL lines differ from residential DSL lines
Business DSL lines are symmetric because they need the same speed in both directions whereas residential DSL lines are asymmetric; In addition, business lines are offered with SLAs.
Which is more efficient, RTS/CTS or CSMA/CA+ACK
CSMA/CA+ACK
What type of adversary are most hackers today
Career criminals.
Which PSDN technology is growing rapidly today
Carrier Ethernet (CE)
What does CS mean
Carrier sense—listening to traffic.
Why does cellular telephony use cells
Channels can be reused in different cells
Compare the relative benefits of classic Bluetooth and high-speed Bluetooth
Classic Bluetooth uses little battery power. High-speed Bluetooth provides faster communication.
Why is CA desirable
Collision avoidance avoids collisions by only allowing devices to transmit at relatively safe times.
What must companies do about potential single points of takeover
Companies must identify each potential single point of takeover and defend each one very well so that they are harder to attack.
List the four mechanisms we discussed for optimizing transmission over a transmission link
Compression, caching, traffic shaping, application and network protocol acceleration (Tuning)
What are the two functions of the MTSO
Control of the cellsites & Routing of calls to connect the cellular system to wireline customers (and other cellular services)
List some sources of EMI
Cordless telephones, microwaves, and other nearby access points
What is beneficial about transmitting data over 1-pair voice-grade UTP
Cost. 1-pair VG UTP already runs to customers. There is no need to lay new transmission media.
Distinguish between credit card number theft and identity theft
Credit card number theft is stealing credit card numbers and associated individuals. Thieves can use this information to buy things. In identity theft, enough personal information about someone is stolen to allow the thief to engage in large financial actions.
What is comprehensive security
Cutting off all avenues of attack.
What are cyberterror and cyberwar attacks
Cyberterror attacks are massive attacks carried out by terrorists, whereas cyberwar attacks are even larger and much more detrimental attacks carried out by national governments.
Distinguish between defense in depth and weakest link analysis
Defense in depth consists of a series of countermeasures and if even one element is effective, it will prevent an attack. A weakest link analysis involves one countermeasure with multiple internal components that must all be working in order to prevent an attack
Why is it important that governments add more bandwidth to the 5 GHz band
Demand is increasing so fast that more channels are needed.
Why is device theft or loss a serious risk
Devices may have sensitive personal or corporate information.
A building is cube-shaped. It uses 16 access points, which are on average, 10 meters apart from one another. The company wishes to reduced this to 8 meters. About how many 5 GHz access points would the company need for the building
Distance is reduced by 20%. In a one-dimensional building, you would need 120% more access points, or 19.1 (19). In a three-dimensional building you would need 1.23 times 16. This is 1.728 time 16 or 27.6 (28).
What type of antenna normally is used in WLANs, Why
Distances are short, and you do not necessarily know where the access point is.
Distinguish between E-Line and E-LAN service
E-Line service is a site-to-site and is a strong competitor with leased lines but it offers other benefits. E-LAN service connects site LANs into a larger Ethernet LAN.
Why is short transmission range protection against eavesdroppers
Eavesdropper will not have enough power at their location to read the signals.
What three protections are typically given to each packet
Each is typically encrypted, given an electronic signature, and message integrity.
Keys and passwords must be long. Yet most personal identification numbers (PINs) that you type when you use a debit card are only four or six characters long. Yet this is safe. Why
Entering PINs is done manually, so trying many combinations would take a long time. It would probably be visible as well.
What does the Wi-Fi Alliance call 802.1X mode
Enterprise mode.
What resources can career criminals purchase and sell over the Internet
Exploit programs, identity theft information, credit card numbers and associated information.
Why is FTTH attractive
Fiber to the home is attractive because it can offer far greater speed than copper wires.
Distinguish between firewall policies and firewall rules
Firewall policies are access policies that firewalls have to implement. They are stored on a firewall policy server. Firewall rules are very detailed and created by the firewall policy server. The rules are very detailed and different firewalls may have different rules.
Distinguish between what firewalls look at and what antivirus programs look at
Firewalls look at packets and groups of packets, whereas antivirus programs look through an entire file.
Why are carrier WANs not often used to link multiple firms together
Firms that use carrier WANs often use different carrier WANs, so they cannot interoperate directly.
Distinguish between forwarding and control
Forwarding is simply sending a frame or packet to the next router or switch in a network. Control involves creating the extensive and complicated rules for each forwarding situation.
Which PSDN technology grew rapidly in the 1990s
Frame Relay
Is wireless radio transmission usually expressed in terms of wavelength or frequency
Frequency
How does the verifier get the public key
From the true party's digital certificate.
What is the promise of newer authentication systems
Getting rid of reusable passwords.
What good is a controller without SDN applications
Good for nothing.
At the beginning of a telephone call placed through a Bluetooth headset, which device is initially the master
Headset
Give an example not listed in the text of an application for which latency is bad
High latency is bad for playing online first person shooter games. You will always be a little slower than the enemy, so they are likely to shoot you first.
For what use scenario was 802.11i PSK mode created
Homes or small offices with a single access point.
What profile would a tablet use with a Bluetooth keyboard
Human Interface Device Profile
In a coffee shop, there are 10 people sharing an access point with a rated speed of 20 Mbps. The throughput is half the rated speed. Several people are downloading. Each is getting five Mbps. How many people are using the Internet at that moment
I can expect a throughput of about 25 Mbps because including myself there are 4 people doing a download at the same time. The aggregate throughput of our network is 100 Mbps so if you divide that into 4 separate connections, each individual throughput would be 25 Mbps.
You are working at an access point with 20 other people. Three are doing a download at the same time you are. The rest are looking at their screens or sipping coffee. The access point channel you share has a rated speed of 150 Mbps and a throughput of 100 Mbps. How much speed can you expect for your download
I can expect a throughput of about 25 Mbps because including myself there are 4 people doing a download at the same time. The aggregate throughput of our network is 100 Mbps so if you divide that into 4 separate connections, each individual throughput would be 25 Mbps.
Compared to e-mail and voice over IP, what priority would you give to network control messages sent to switches and routers
I would give network control messages a higher priority than VoIP and e-mail because I want to make sure if I need to make changes to my network, that they will get through with no hassle. If there was a low priority on network control messages and I wanted to fix something on a router or switch during a momentary traffic peak, I would be SOL.
What form of authentication would you recommend for relatively unimportant resources
I would recommend using reusable passwords or fingerprint scanning. Both are relatively inexpensive and easy to use. For relatively unimportant assets, the cost and probability of a compromise would be low enough to justify fairly week protection.
If you need a speed of 100 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe
I would specify a Fractional T1 leased line that offers 128 kbps.
If you need a speed of 160 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe
I would specify a OC12/STM4 leased line that offers 622.08 Mbps because a OC3/STM1 line only offers 155.52 Mbps. Or I could just go with a OC3/STM1 line and suck it up because it would be a lot cheaper.
If you need a speed of 3 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe
I would specify two bonded T1 leased lines that would offer me a little over 3 Mbps. (multiples of 1.544 Mbps)
Distinguish between IDS and IPS functionality
IDS functionality gives a warning if it finds a highly suspicious packet. An IPS may drop a packet if it is very probably an attack packet, even if this is not certain.
Does credit card number theft or identity theft tend to be more dangerous
Identity theft usually produces more damage because if your credit card gets stolen you can just tell the company that it was stolen and they will refund your money. With identity theft there is much more damage because the attacker could have taken out a large loan in your name and no one will be reimbursed for that. They could also mess up your credit which can take several months to get corrected. There have also been cases where victims were arrested for crimes the identity thief committed.
How is carrier sensing used in multiple access
If a device hears traffic, it does not transmit.
How does caching reduce traffic
If a file has already been transmitted, it does not have to be sent again if the sender transmits it.
Why is wire-speed operation important in firewalls
If a firewall cannot keep up with traffic coming at full speed, it will drop packets it cannot handle. This is a fail-safe approach, but it is also a self-imposed denial of service attack.
Why may fingerprint recognition be acceptable for user authentication to a laptop
If the laptop does not contain highly sensitive information a fingerprint scanner may provide adequate security for likely threats.
How were consumers damaged by the Target breach
If their credit card information was stolen, they will be out money if they do not report it promptly. Even if they report it promptly, this will steal time. If they apply for a new credit card to avoid threats, this will be a hassle.
How were retailers damaged by the Target breach
If they gave the criminals products, they do not get their money back.
How does security thinking differ from network thinking
In network thinking you are focused on planning, fixing bugs and mechanical issues. In Security thinking you must be able to anticipate possible attacks from highly skilled attackers who are able to adapt to any defense you throw at them.
Why must wireless devices know the access point's SSID
In order to connect to it
If you need a speed of 1.2 Mbps between two points in the United States, what leased line would you specify in the United States and in Europe
In the United States, specify a T1 leased line which would allow speeds up to 1.544 Mbps. In Europe, specify an E1 line with a speed of 2.048 Mbps.
How can jitter be reduced on a user's PC if there is jitter in incoming packets
Incoming packets could be placed in a buffer (holding area) and played back without jitter.
Distinguish between ingress and egress filtering
Ingress filtering is filtering packets that go into the network from outside. Egress filtering is filtering packets going from inside the network to the outside.
Contrast inverse square law attenuation and absorptive attenuation
Inverse square law attenuation occurs as the signal spreads out in a sphere and becomes weaker. Absorptive attenuation is when the signal is lost through energy absorption; for example air, plants, etc.
What form of authentication would you recommend for your most sensitive resources
Iris scanning and digital certificate authentication have the security needed for sensitive assets.
What is the benefit of spread spectrum transmission for business communication
It improves transmission reliability, especially with regard to multipath interferences.
Why should you not use WPS
It can be cracked very quickly due to the way it was implemented.
How can it facilitate radical changes in the network's operation
It can introduce entirely different forwarding protocols without changing anything on the end devices except remotely
How many non-overlapping 20 MHz channels does the 5 GHz service band support
It can provide between 11 and 24 non-overlapping 20 MHz channels.
What does the evil twin do when the client transmits subsequently to the legitimate access point
It intercepts messages from the client, decrypts them with the key it shares with the client, and reads them. It then encrypts them with the key it shares with the access point and sends them to the access point.
Is OpenFlow a northbound or southbound API
It is a southbound API.
What is OpenFlow, and why is it significant
It is a standard way to implement commands from the SDN controller to individual devices.
Why are downloaders used
It is easier to get a small downloader onto a computer initially than a large program.
Why does OFDM use subcarriers instead of simply spreading the data over the entire channel
It is easier to produce the necessary signal uniformity in smaller subcarriers than across a wide channel.
Why is a rogue access point dangerous
It is likely to have weak or no security. This compromises comprehensive security.
If you ping a host and it does not respond, what can you conclude
It is not reachable due to network conditions, the host being down, a firewall interfering, or the host is not responding to pings.
Why is the key called a session key
It is only used once, for a single communication session between the wireless client and the access point.
Why is iris recognition desirable
It is very precise. (but also very expensive.)
Explain traffic shaping
It limits the types of traffic and amount of each type that are permitted to enter the network.
Why may adding applications that cannot tolerate latency and jitter be expensive
It may require you to upgrade your network switches, routers, and transmission lines to reduce latency and jitter.
How does traffic shaping reduce traffic
It refuses to admit or limits undesirable traffic.
Why is WPS desirable
It simplifies connecting a new wireless client to an access point initially.
A business has an Internet access line with a maximum speed of 100 Mbps. What two things are wrong with this SLA
It specifies a maximum speed; it should specify a minimum speed. There needs to be a percentage of time qualifier.
Why is this risk probably acceptable
It would be more difficult to use stronger communication methods. That would be overkill for a home or small business.
How was Target damaged by the breach
Its sales and profits fell. It will have to pay for fines and lawsuits.
Distinguish between LANs and WANs
Local Area Networks are networks located on the property of a customer. So this means that it could be at their home, office, etc. The customer has to implement a LAN themselves whereas with WANs, they have to pay a carrier to do everything for them. Wide Area Networks link multiple sites within an organization or between organizations.
What types of passwords can be broken only by brute-force attacks
Long and complex passwords
What is deep inspection
Looking at all layers (internet, transport, and application) in a packet.
How does media access control address this problem
MAC methods govern when hosts and access points are allowed to transmit to avoid collisions.
Distinguish between MIMO and multiuser MIMO
MIMO only allows transmission to one wireless device. MU-MIMO can focus on two wireless devices at the same time
What are MPLS's attractions
MPLS slashes the work each router must do and therefore slashes a company's router costs. It also can be used to assign paths based on the QoS requirements of different packets. Finally it enables traffic engineering; the ability to manage how traffic will travel through the network. An example of traffic engineering is load balancing which allows traffic from a heavily congested link to be moved to an alternative route that uses less-congested links.
List the criminal groups, besides the main attackers, who were involved in the overall Target attack
Malware and other crimeware writers. Crimeware shops. Card shops. Card counterfeiters
Why is signature detection not enough
Malware writers have figured out a way to make their malware able to mutate. This means that the program will constantly change its own code so that signature detection systems can't match strings of code.
What is the most serious propagation problem in WLANs
Multipath Interference, because multiple signals can cancel each other out.
With what two transmission standards does Wi-Fi Direct compete
NFC and Bluetooth.
How does network availability usually compare to availability on the telephone network
Network availabilities are usually lower than telephone network availabilities but through redundancy you can get close to achieving the same availabilities as them
Why did the Bluetooth SIG have to develop Bluetooth profiles
No application protocol existed for PAN applications.
Is it possible to implement MPLS across the entire Internet
No, because MPLS requires a single administrator to manage the entire network of label-switching routers which would be impossible.
If you click on a link expecting to go to a legitimate website but are directed to a website containing information you are not authorized to see. Is that hacking
No, because you didn't intentionally intend to see the information you are not authorized to see. However, if you kept snooping around that information once you realize you aren't supposed to be looking at it, then it would be considered hacking.
Are scripts normally bad
No, they are commonly used to enhance a user's experience when visiting a webpage.
Was the information we presented about switching and routing tables in earlier chapters complete
No, they can be far more complex and lengthy, but for the sake of examples we made them shorter so that they are easier to understand.
After authentication, can hosts using an access point understand the messages that other hosts using the access point are sending
No.
Does a firewall drop a packet if it probably is an attack packet
No.
Is spread spectrum transmission done for security reasons in commercial WLANs
No. Implementations in WLANs provide no security benefits.
Is it generally illegal to write malware in the United States
No. It is considered free speech. Unless done knowing that it will be used in a crime
Are war drivers illegal, Why or why not
No. The information being read is public.
Is CSMA/CA+ACK efficient
No. There are many delays.
Were banks and credit card bureaus damaged by the Target breach
No. They will be able to recoup any costs from Target.
Which of the three options would work if you have chronic (frequent) traffic loads that exceed your network's capacity
None will work for chronic traffic overloads. They are only for momentary traffic peaks.
Describe the state of cryptographic security for new transmission standards
Not strong enough but improving rapidly.
What functions should remote access point management systems provide
Notify the WLAN administrators of failures immediately. Provide continuous transmission quality monitoring. Provide indications of security problems. Support remote access point adjustment. Allow software updates to be pushed out to all access points or WLAN switches. Work automatically whenever possible.
Distinguish between omnidirectional and dish antennas in terms of operation
Omnidirectional antennas send a weaker signal that spreads in every direction, and can also receive a signal from a receiver from any direction. Dish antennas send a strong signal in a specific direction.
What does master-slave operation mean
One device is in command; the other follows its commands.
What sets security management apart from other aspects of network management and IT management in general
One thing is that security teams must be able to defend against extremely intelligent attackers. They are in a constant race with these attackers. The amount of threats and defenses are developing at an incredible rate.
Describe RTS/CTS
One wireless client sends a request-to-send message to the access point. The access point broadcasts a clear-to-send frame. The requesting device may now send. Other wireless devices, hearing the CTS signal, must wait.
What transmission media do cable television companies use
Optical fiber and coaxial cable.
Is RTS/CTS required or optional
Optional.
What is a PAN
Personal area network—a collection of devices around a desk or a person's body.
Distinguish between phishing and spear phishing
Phishing attacks substantial groups of people. Spear phishing is aimed at a single person or a small group of people.
Which usually becomes the master later
Phone
When must firms do site surveys to give users good service
Planning based on physical location can only be approximate. Actual measurements are needed for final adjustments. In addition, as the building and number of people using an access point changes over time, access point placement and power must be adjusted.
Compare the specificity of policies, implementation guidance, and implementation
Policies are general requirements of what needs to be done. Implementation guidance consists of standards and guidelines. Standards and guidelines elaborate more on a policy and what is the expectation within that policy. Implementation is basically following Standards and guidelines in order to satisfy a certain policy.
Distinguish between policy and implementation
Policies are what need to be done when dealing with security. It doesn't say how to do it. Policymakers know potential risks, and the people that implement them should know the best way to implement a system that follows the policies made. Implementation is how to properly execute a policy,
Distinguish between private networks and virtual private networks
Private networks connect multiple people in a network, whereas VPNs are essentially a private network that connects two hosts.
List the steps taken by the attackers on Target
Purchased malware from a crimeware shop. Took over Fazio Mechanical Services' credentials on the vendor server. Probably using a spear phishing attack. Moved from the vendor server to take over the malware download server—probably the POS update server. Downloaded the BlackPOS malware to the POS terminals. Had the stolen data sent to the holding server and then to the exfiltration server. Exfiltrated the stolen data to landing servers, then sold them to card shops. Throughout the process, sent control communication to compromised servers and devices.
List the four application categories listed in the text
Quality of Service Applications, Load Balancing Applications, Traffic Segregation Applications, and Network Visibility.
What are QoS metrics
Quality of service metrics are basically numerical representations of a networks performance.
Distinguish between rated speed and throughput
Rated speed is the speed a system should provide based on what a vendor states. Throughput is the speed a system actually provides data to its users.
Distinguish between rated speed, aggregate throughput, and individual throughput
Rated speed is what an access point should get according to the 802.11 standards it uses. Aggregate throughput is what an access point actually gets and is usually 25%-50% lower than the Rated Speed. An access point's aggregate throughput is also shared with everyone that uses that access point. Individual throughput is the throughput each individual host gets while using an access point. If there is 1 host then it gets 100% of the aggregate throughput, if there are 2 they each get 50%.
What actions regarding malware are illegal
Releasing it in general or at an intended victim.
Is CSMA/CA+ACK reliable or unreliable
Reliable, thanks to acknowledgements.
Is CSMA/CA+ACK required or optional
Required.
When a source host first transmits to a destination host after a label switched path is established, what will happen
Routers will send all packets along this path rather than making traditional routing decisions for each packet at each individual router. The first router is a label-switching router that will insert a 32-bit label header in front of the IP header and after the frame header without changing the syntax of the packet and the frame.
What packets are compared to the ACL in an SPI firewall
SPI firewalls will pass a packet through the ACL if the packet attempts to open a connection.
What type of firewalls do most corporations use for their main border firewalls
SPI firewalls.
What is VPN traversal's implication for security
Security problems in VPN traffic cannot be identified through firewall filtering.
What benefit did the attackers seek to obtain from their actions
Selling the credit card number and related information to other criminals, who would create and use counterfeit credit cards.
If you want to transmit seven times as fast, how much wider must the channel be
Seven times as wide.
Distinguish between signature detection and behavioral pattern detection
Signature detection is the use of a string of code. These strings can be used to identify a certain malware program. On the other hand, behavioral pattern detection will look for specific tasks a file is trying to do. If that specific task relates to that of a malware program, then it will know for sure that the program is malware.
What factors account for NFC's low transmission power requirements
Small distance and slow transmission.
Distinguish between social engineering in general and phishing in particular
Social engineering is the general category. Phishing is a type of social engineering in which authentic-looking messages are sent to targets.
What other propagation do some worms use
Some worms also directly propagate which means that they spread on their own from the infected computer to other vulnerable computers.
What are the important things to consider when deciding between ADSL and cable modem service for your residence
Speed and cost
In unlicensed bands, what type of transmission method is required by regulators
Spread spectrum transmission.
Distinguish between standards and guidelines
Standards are mandatory and must be followed whereas guidelines should be followed but don't always need to be. If a guideline isn't followed, reasonable consideration should be put into not following that guideline.
Which must be followed
Standards.
What threat does OpenFlow create for switch and router vendors
Switches and routers may become cheap commodities
Name an application not listed in the text for which is jitter a problem
Streaming video.
List two NFC applications you would like to use
Student answers will differ. Popular alternatives are Key and Payment functionalities.
How can it reduce CapEx
Switches and routers can be made more cheaply because they do less
In what service band does NFC operate
The 13.56 kHz service band.
Which band dominated use initially
The 2.4 GHz band
How many 20 MHz non-overlapping channels does the 2.4 GHz band support
The 2.4 GHz band supports 3 non-overlapping 20 MHz channels.
What Working Group created 802.11i
The 802.1 Working Group created 802.1X. The 802.11 working group created 802.11i
What organization creates Bluetooth standards
The Bluetooth Special Interest Group.
What profile can a mobile phone use to communicate with a headset
The Headset Profile (HSP).
Distinguish between the Internet and carrier WANs
The Internet connects almost anything to anything
Why is the PSTN important in WAN data transmission
The Public Switched Telephone Network is important in WAN data transmission because many WAN carriers lease their transmission lines from telephone companies, therefore the lines are setup in a similar fashion.
From where does an SDN switch or SDN router get its forwarding table rules
The SDN controller.
What is the relationship between handoffs and roaming in Wi-Fi
The ability to use handoffs is called roaming. They are the same thing.
What device or devices know this key
The access point and that particular wireless client.
Why are session keys good
The amount of traffic encrypted with the key will be limited, making the key difficult or impossible to crack.
What may the attacker do after compromising a system
The attacker can manually look through files, delete them, transfer them, or the attacker can even turn the computer into a pornography site.
How might segregation of the network in the Fazio attack have stopped the breach
The attackers could not have gone from the vendor server to the server from which they downloaded malware to the POS terminals.
Explain why security is a process, not a product
The best hardware and software will do nothing if the security staff does not manage their processes well.
Why does the book not distinguish between 3G and 4G service
The book does not distinguish between 3G and 4G service because the "G" has become meaningless because the standard definitions of these services are being misused by marketers.
What happens in a kill chain if a single action fails anywhere in the chain
The chain is broken.
For each, compare channel bandwidth and the number of possible channels
The channel bandwidth of 802.11g and 802.11a is 20 MHz. 802.11g has 3 possible channels, and 802.11a has 20-25 channels. The channel bandwidth of 802.11n is 40 MHz but it will drop to 20 MHz if there is interference on the two selected channels. At 40 MHz 802.11n has 8-12 channels, and at 20 MHz it has 20-25. The channel bandwidth of 802.11ac is 80 MHz or 160 MHz. It has 4 -6 channels at 80 MHz and 1-2 at 160 MHz.
Distinguish between the coaxial trunk cable and drop cable
The coaxial trunk cable is the cable that runs through a neighborhood. A coaxial drop cable is the access line to individual homes. The trunk cables are thicker than the drop cables.
Why do you think TJX failed to upgrade to stronger security than WEP
The company is a low-cost operator. By not upgrading, they could save money. They did not consider break-ins likely.
How does the location of forwarding and control change in SDN
The control function is removed from the individual switches and routers and placed in the SDN controller
Compare the diversity of technologies in LANs and WANs
The diversity of LAN technologies is very low; there is 802.3 and 802.11 technologies. The diversity of WAN technologies is very high; there are leased line data networks, public switched data networks and wireless networks, all with further options within themselves.
When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at an SPI firewall, what does the firewall do
The firewall drops it.
When a packet that is part of an ongoing connection arrives at a stateful packet inspection firewall, what does the firewall do
The firewall passes it.
What are the two functions in network forwarding devices
The first function is the forwarding function which actually forwards individual frames and packets. The second function is the control function has a set of rules that tells the forwarding function how to forward each frame or packet.
What two protections do electronic signatures provide
The first is message-by-message authentication to prove a sender's identity. The second is message integrity; the ability to detect any alterations in a packet by an attacker throughout the transfer process.
Explain the steps of a distributed DOS attack
The first step is to install bots on several hundred or thousands of computers. Once this botnet is up, a botmaster can send the orders of who to attack to the command and control server. The command and control server will send the orders to the several hundred or thousands of computers in the botnet and they will flood the specific target with packets denying their service.
How will the access control list (ACL) in Figure 3-23 handle a packet that attempts to open a connection to an FTP server
The first two rules will not apply. When the SPI firewall reaches the third rule, it will drop the packet and not permit the connection.
Distinguish among the frequency spectrum, service bands, and channels
The frequency spectrum is the range of all possible frequencies from 0 Hz to infinity. A service band is a range of frequencies allocated to a certain purpose; GPS, AM Radio, etc. Channels are smaller frequency ranges in a specific Service Band.
Distinguish between Get and Set commands
The get commands retrieves data from managed devices and places is in a Management Information Base (MIB). Set commands are sent to managed devices and can be used to reroute traffic, turn off routers or switches, etc.
How was the TJX break-in an international crime
The hackers used accomplices in other countries to sell stolen credentials.
Why is asymmetric speed acceptable in residential ADSL service
The heaviest residential applications have heavier download speed requirements than upload speed requirement. The classic example is the World Wide Web. Another is streaming video.
What are the implications of these trends
The implication of these trends is that budgets for networks are minimal. Network admins can't spend too much on one project or they will not have enough for other important projects
On what basis does each label switched router base routing decisions
The label number
What is the local loop
The local loop is the access portion of the PSTN. It extends from the final telephone company switch to the customer premises.
What can retailers do to defend themselves against counterfeit credit cards
The main thing is to check the last four digits of the embossed credit card number with the last four digits of the number on the magnetic stripe. <They can check for ID to see if the person named on the card is the same as the name of the person presenting it.>
How is 802.11i protection limited
The protection only extends from the wireless client to the access point—not all the way the server.
Distinguish between evil twin access points and rogue access points
The rogue access point is created within the company premises by an employee and connected directly to the wired LAN. Its danger is that it may lack security. The evil twin is a notebook computer of an attacker outside the company premises. The danger is that it may read all communication and send attacks posing as a legitimate wireless client.
Distinguish between the supplicant and the verifier
The supplicant is the person who is trying to prove their identity. The verifier is the person requiring that the supplicant prove their identity.
What are the implications for digital certificate authentication if the true party's private key is stolen
The thief will be able to impersonate them and probably get access to important assets protected by this strong form of authentication.
Does the verifier decrypt with the true party's public key or the supplicant's public key
The true party's public key. If the verifier decrypted with the supplicant's public key, the decryption would always produce the challenge message whoever the supplicant may be.
In digital certificate authentication, what does the verifier do
The verifier will send the supplicant a challenge message. This message is not encrypted and the supplicant must encrypt that message with his/her private key and send back the response message to the verifier. When the response message is returned, the verifier decrypts it with the public key of the true party. If the decryption produces the challenge message, the verifier knows the true party's public key
In Ethernet, why does 802.1X not need security between the authenticator and the host before 802.1X authentication is done
The wired communication between the supplicant host and the workgroup switch is difficult to intercept, making 802.1X communication difficult to compromise.
What device acts as the 802.1X authenticator in Wi-Fi
The wireless access point.
Why does 802.1X mode in 802.11i need security between the authenticator and the host before 802.1X authentication
The wireless communication between the supplicant host and the access point is easy to intercept, making 802.1X communication easy to compromise.
In 802.1X operation, what device acts as the authenticator in Ethernet
The workgroup switch.
What is the benefit of channel reuse
There can be many customers for each channel—more customers overall in the system
Why must authentication be appropriate for risks to an asset
There is no sense to spending money on very good authentication to protect unimportant assets. However, one must not apply weak authentication techniques to high-value assets.
What are the characteristics of passwords that are safe from even brute-force attacks
These passwords should contain lowercase and uppercase letters, along with numbers and special characters.
Are AV programs used to detect more than viruses
They also search for other forms of malware. AV got its name before the different types of malware were distinguished. When the term virus was used before, it was used to cover all forms of malware.
Why are VPNs called "private networks"
They appear to be private to the user, who seems to have a dedicated network for himself or herself because unauthorized parties cannot interfere with the traffic.
How are vendors responding
They are adopting OpenFlow but they are also offering their own southbound proprietary APIs that are more fully featured and hopefully more attractive to customers. Justifies more expensive forwarding devices.
How are carriers attempting to reduce the cost of installing FTTH
They are fibering whole neighborhoods at once to lower the cost per subscriber. Subscribers only need a short access link to their homes.
What do downloaders do
They are small pieces of malware that download larger pieces of malware.
What gives bots flexibility
They aren't only used for DDOS attacks; they have the ability to be remotely updated by a botmaster. This allows them to change tasks. For example, if they are used for DDOS attacks, they could quickly be reprogrammed to send out mass amounts of spam.
What was the attackers' first step in breaking into TJX and other companies
They broke into retail store networks using the weak security of WEP
How are VPNs able to defeat evil twin attacks
They can create an encrypted path between the wireless client and the access point. The evil twin cannot break this encryption.
How can criminals get around the last four digits precaution
They could read the last four digits for the cashier, reading the last four digits on the magnetic stripe number instead of the embossed credit card number.
What security mistake did Fazio Mechanical Services make
They did not use an antivirus program that warned users when a message contained malware. <They probably did not train their employees in phishing.>
In digital certificate authentication, the supplicant could impersonate the true party by doing the calculation with the true party's private key. What prevents impostors from doing this
They do not have access to the true party's private key. Of course, if they get access to that key, the system breaks down.
Why are SPI firewalls limited in their ability to detect attack packets
They do not know what applications are sending packets. They only know well-known server port numbers, and these can be used by other applications.
Why are career criminals extremely dangerous
They have the money to mount sophisticated attacks.
Why may ex-employees attack
They may be resentful of the way they were treated.
Why do you think the Minneapolis security staff not heed the FireEye warning
They may have been overloaded by work. They may not have had confidence in FireEye. They may have been fooled because the name of the file was similar to the name of one of their legitimate programs
Why may employees attack
They may want revenge. Or they may simply want to steal money or other assets.
How did the attackers gain access to Target's network
They obtained Fazio Mechanical Services' authentication information on the vendor server. They probably did this through a spear phishing e-mail attack.
Why are contractor firms more dangerous than other outside firms
They often have credentials to internal systems; because they have nearly the same amount of permissions.
How did the attackers exfiltrate the card data in the Target attack
They used an exfiltration program to send the data from the extrusion server to an external landing server. <Probably FTP> The IP addresses of the landing servers were easily discovered, so they would have moved this information to other servers almost immediately.
All wireless hosts and the access point that serves them transmit on the same channel.What problem does this cause
This causes individual throughput to fall because when a wireless device tries to transmit a message all other devices on the same channel must wait so that collisions are avoided.
For a radio operating at 1 W
This is 1000:1 This is 30 dB.
For a radio operating at 0.1 W
This is 100:1. It is 20 dB.
For a radio operating at 16 mW
This is 16:1. This is 12 dB.
Estimate, without using Excel, the dBm value for a radio operating at 2 mW
This is 2:1. This is 3 dB.
How will an SPI firewall handle a packet containing a TCP SYN segment
This is a connection-opening attempt. The firewall will pass the packet's details through the ACL. If the ACL specifies that the connection should be opened, a connection is added to the approved connections table.
What is VPN traversal
This is a technique for VPN traffic to pass through firewalls, which cannot filter these packets because they are encrypted for confidentiality.
How will an SPI firewall handle a packet containing a TCP FIN segment
This is not a connection-opening attempt. It will compare the packet to the connections table. If the sockets match an authorized connection role, the firewall will pass the packet. Otherwise, it will drop the packet.
How will an SPI firewall handle a packet containing a TCP segment that is a pure acknowledgment
This is not a connection-opening attempt. It will compare the packet to the connections table. If the sockets match an authorized connection role, the firewall will pass the packet. Otherwise, it will drop the packet.
How will a firewall handle a packet containing a UDP datagram
This may or may not be a connection opening attempt. The firewall will check if the packet is part of an approved connection. If so, it will pass the packet. If not, it will consider the packet is a connection-opening attempt and pass it through the ACL firewall.
Comment on the statement, "The goal of security is to eliminate risk"
This statement is incorrect. It should be, "the goal of security is to reduce risk" to the extent that this is economically feasible. It is impossible to eliminate risks. It would be much too expensive and even then there are no guarantees.
Comment on the fact that Target knew that fraud was already occurring with the stolen card data but did not reveal this when it announced the breach
This was bad for its customers. Law enforcement agencies may have asked Target to withhold this information, but it would still have been bad for customers if this was true.
Why must the VPN key be pre-shared to thwart a VPN attack
This way, a man-in-the-middle attacker cannot intercept and read the key.
Why is the ability to created firewall policies for individual applications important
Threats are often very specific to particular applications.
Why is bumping done
To bring the device very close to the reader.
What are the two common business uses for carrier WANs
To connect corporate sites & To connect to the Internet
What is the purpose of the DSLAM
To multiplex voice and data signals to the home and to link them to the voice and data network at the carrier's premises.
Why should they provide these functions as automatically as possible
To reduce labor costs.
What is the main benefit of application and network protocol acceleration
Transmission speed.
What is the definition of spam
Unsolicited commercial e-mail.
List the main elements in SNMP
agents, Management information bases (MIBs), and network visualization program.
How can access points communicate with each other
Via the distribution system.
How do viruses and worms differ
Viruses attach themselves to programs on your computer, whereas worms are their own program and they spread by themselves through vulnerabilities in other computers.
What were the two earlier 802.11 security standards
WEP and WPA
What does the Wi-Fi Alliance call 802.11i
WPA2
Distinguish between war drivers and drive-by hackers in terms of what they do.
War drivers merely locate unprotected access points. Drive-by hackers actually break into the firm's WLAN
Why is multipath interference very sensitive to location
Wavelengths are very short, so two waves may add or cancel over slightly different distances.
What implications does two different standard performing products have for making purchases
When making a purchase this implies that you should know the optional standards and which product has the standards that fit your needs.
What warnings had Target not responded to adequately
When the attackers installed malware to the server from which they would exfiltrate files, they were warned that a suspicious program was being installed. There were general warnings about data theft through POS terminals. The staff was concerned that they were not paying enough attention to this threat.
What is a transceiver
a radio for data transmission. Transceivers transmit and receive.
Compare normal Wi-Fi with Wi-Fi Direct
Wi-Fi normally uses an access point. Wi-Fi Direct provides direct host-to-host communication.
When does RTS/CTS make sense to use
Wireless clients may not be able to hear one another; this will make CSMA/CA+ACK ineffective. All devices can hear the access point (or they could not communicate through it); this means the CTS/RTS will always work.
What are the security benefits from centralized access point management
Wireless intrusion detection.
Can MPLS provide traffic load balancing
Yes
Does residential DSL offer simultaneous voice and data service
Yes
Is the Internet a WAN
Yes
Is the 802.3 Working Group working with MEF
Yes, 802.3 developed standards for its fastest speeds.
If you see a username and password on a Post-It note on a monitor, is it hacking if you use this information to log in
Yes, because you are intentionally logging into the computer without authorization from the owner of the post-it note or the system owner.
You discover that you can get into other e-mail accounts after you have logged in under your account. You spend just a few minutes looking at another user's mail. Is that hacking
Yes, because you were authorized to log into your email account, but you intentionally snooped in someone else's mail without proper authorization. This is exceeding authorization.
Is this still true if a master communicates with four slaves
Yes, each slave will have a separate connection.
Must guidelines be considered
Yes, it is mandatory
Can a Bluetooth device be both a master and a slave
Yes.
Can a Bluetooth master have multiple slaves
Yes.
Can a Bluetooth slave have two masters
Yes.
Does the access point have an SSID
Yes.
Are drive-by hackers illegal, Why or why not
Yes. They are intercepting private communication and perhaps initiating attacks.
Why is large channel bandwidth desirable
You can transmit signals faster.
Why is it important to read firewall logs daily
You must be alert to how you are being attacked to identify attackers and their methods, and therefore adjust your security posture.
What is the person who controls a botnet called
a "botmaster."
What is a collection of compromised computers called
a "botnet."
What kinds of messages can agents initiate
a Trap command; An agent will initiate a trap command when it senses a problem, so it will collect details of the problem and send it to the manager.
Would an SLA guarantee specify a highest jitter or a lowest jitter
a highest jitter; It would do this because a high jitter is bad.
Would an SLA specify a highest availability or a lowest availability
a lowest availability because if it said that there would be a 98% availability, an ISP would have to pay a penalty if it was available more than 98% of the time.
Would an SLA specify a highest speed or a lowest speed
a lowest speed because you don't want to put a cap on your speed because in networking higher speeds are good. By specifying a highest speed they would have no incentive to increase speed.
What is a hertz
a measure of frequency—one cycle per second
What is an exploit
a method of attack
What is the structure of the PSTN core
a modified hierarchy of switches; it includes bypass trunk lines between switches that are at the same level if there is an unusually large volume of traffic between those switches.
What kind of device is an evil twin access point
a notebook computer configured to act like a real access point. It entices internal hosts to associate with it by operating at very high power.
What are Trojan horses
a piece of malware that disguises itself as a genuine system file, making its detection difficult.
In cellular technology, what is a cell
a smaller geographical area within a larger metropolitan service area.
What is a policy
a statement of what needs to be accomplished in security
What is spyware
a type of a Trojan horse; It collects information about you, and sends it to the attacker without you even knowing about what is going on.
What is a vulnerability
a weakness in a program that can allow hackers to launch a specific type of attack.
What name do we give to vulnerability-based attacks that occur before a patch is available
a zero-day attack; This allows for all attacks against vulnerable computers to succeed.
Why is backward compatibility important
because without it if a new device with new standards came out, everyone would be forced to throw away their old device and buy the new device. This would be very expensive and inefficient.
What is wireless mesh networking
an all-wireless network in which there is no wired distribution system.
What is a cipher
an encryption method which creates messages that eavesdroppers will be unable to read.
Why is face recognition controversial
because you are able to do it without someone's knowledge. The issue of privacy arises here because who knows where there could be someone using facial recognition, and for what purpose
What is risk analysis
analyzing the risks and the costs of protection. Companies have to determine if implementing countermeasure A is more economically feasible than implementing countermeasure B, etc
What is malware
basically evil software that is meant to do harm to a computer. Examples include, but are not limited to, viruses, worms, and Trojan horses.
Why are stateful firewalls attractive
because 99% of all packets are not part of a connection-opening attempt, and therefore packets are handled with very little processing power, causing them to be inexpensive.
When an application uses TCP at the transport layer, why is error rate a problem for throughput
because TCP attempts to avoid congestion of the network so it sends segments slowly at the start of a connection. If there is a single error at the start it will assume that the network is congested causing the throughput to drop.
Why is defense in depth necessary
because a single defense is bound to fail at one point or another and if you just have one defense then an attacker will be able to succeed. If you have multiple defenses then that solves the problem and they will have to get through the other defenses.
Why does transmission speed drop as a computer moves farther from an access point
because as you get further away from an access point the signal weakens and your transceiver must switch to a less aggressive modulation method that is less sensitive to errors. This method transmits more slowly
Why are future WAN prices difficult to predict
because carriers strategically price their services, and they are constantly changing their prices to sway customers into changing from one service to another.
Why are SSL/TLS attractive for web applications
because every webserver and browser today has it built in. Therefore, no added software needs to be installed on the client and server to turn it on
Why is it important for policy to drive both implementation and oversight
because implementers and auditors may have different interpretations of the policy if it is ambiguous or wrong. There are cases where implementers don't follow the policy and auditors will call them on it, so overall security will be better.
Why is selecting the best interface beneficial
because it greatly reduces the amount of work each router must do per packet, which reduces router costs.
For what reasons is CE attractive
because it has low-cost MAC layer functionality making it inexpensive, it is fast with an attractive cost, there are QoS guarantees available, and it has decent security by keeping traffic of different customers separate.
Why are companies moving rapidly into the 5 GHz service band
because it has more bandwidth.
Why do users not have to worry about the details of cryptographic processes when they are using a VPN
because it is done automatically and is pretty much a part of the cloud.
Why is security primarily a management issue, not a technology issue
because it requires excellent planning, proper implementation, and the day to day execution
Why is two-factor authentication desirable
because it requires two forms of credentials for authentication. This increases the security.
Why are QoS metrics important
because networks today must work "well" and they keep track of the service quality each user receives.
Why did SDN begin in large data centers
because of virtual machines and the need for traffic segregation so that customers cannot reach the VMs of other customers. VMs come and go quickly, and forwarding has to be redone constantly. This cannot be done by manually reconfiguring each forwarding device.
Why is the principle of least permissions important
because one unnecessary permission that someone has is a possible security risk
Why do carriers offer low-speed "leased lines" that are really DSL lines
because the 1-pair VG UTP lines that DSL service uses are already installed so there is no need to lay new wire or fiber to the customer. However, these lines still perform as well as traditional leased lines using 2-pair data-grade UTP.
In a server farm, why may networking control have to be changed
because the frequent creation, deletion, and moving of virtual machines requires a massive amount of manual configuration.
Why do wireless clients need access to the firm's main wired switched Ethernet network
because the resources they need are located there. They also need to be able to connect to the Internet via the Internet access router, which is on the main wired LAN.
Why can two products that comply with the same standard perform differently
because there are extra options in each standard that could increase performance if implemented in a product,
Why is it undesirable to use reusable passwords for anything but the least sensitive assets
because there are password cracking programs that can figure out your password in a matter of seconds or minutes if the attacker is motivated by a high-value target.
For what four reasons are these employees especially dangerous
because they already have access to the system, they know the system, they know how to avoid detection, and they are trusted by the organization.
Why is directly propagating especially dangerous
because they are capable of spreading throughout the internet at extremely high speeds, in a matter of minutes.
Why are passwords widely used
because they are very easy to use, and they are also cheaper to implement.
Why are cyberwar and cyberterror attacks especially dangerous
because they have massive amounts of funds to allow them to have the most sophisticated technology on the market. They can also focus on doing catastrophic damage instead of committing petty crimes. They are also commonly directed at multiple targets at once so that the damage is at a maximum. The capabilities are endless, and the damages could easily exceed the hundreds of billions of dollars range.
Why is coaxial cable called "coaxial"
because they have two conductors that have the same axis.
Why is comprehensive security important
because they need it in order to be safe from attacks. If there is just one tiny little avenue of attack, an attacker can launch a successful attack.
Why are APTs expensive to carry out
because they require advanced skill sets and extreme persistence over a long period of time, all while being undetected in a network. You also need a great amount of resources throughout the duration of it.
Why is the need to manage the leased line network an issue
because they require extensive design and operation costs which will incur substantial labor and customer premises equipment costs for a company.
Why are typical WAN speeds slower than typical LAN speeds
because they span longer distances. Because they go longer distances, it would be much more expensive for a carrier to implement and maintain an extremely fast line. You can relate it to a basic economic principle; as unit price increases, fewer units are demanded. So as distance increases, the price of transmission increases and companies demand less of higher speeds so in turn WAN speeds will typically be slower than LAN speeds.
Why do MANs have higher typical speeds than broader-scope WANs
because they span shorter distances, therefore reducing the cost per bit transmitted. Going off my previous explanation of how cost per bit transmitted increases as distance increases, it will be cheaper to implement a MAN since it is a short distance, allowing for higher speeds.
Why are states important
because they will filter a packet through a series of tests/rules that decide what to do with the packet, and if a connection should be opened or not.
Why are scripts on webpages called mobile code
because when a user tries to access a webpage, they travel to the web browser with the downloaded webpage.
Why do you have more flexibility with LAN service than with WAN service, Why
because you do everything yourself. This allows you to choose your technology, and the costs are lower and you can get faster speeds.
In MPLS, is selecting the best interface for each packet at each router done when the packet enters the network or before
before the packet enters the network.
At what range of frequencies do most wireless systems operate
between 500 MHz and 10 GHz
Are LANs single networks or internets
both single networks and internets.
Does media access control apply to wireless hosts, access points, or both
both wireless hosts and access points.
How are dead zones created
by dense objects that block the direct signal path between the sender and the receiver
How can firms provide WLAN coverage throughout a large building
by placing multiple access points throughout that building.
In radio, how can you send multiple signals without the signals interfering with one another
by sending each signal on a different channel
Are WANs single networks or internets
can be both single networks and internets.
What are common propagation vectors for viruses and worms
can include e-mail attachments, P2P file transfer networks, social networks, and websites.
In normal radio operation, how does channel bandwidth relate to the bandwidth required to transmit a data stream of a given speed
channel bandwidth is only big enough to handle the desired speed; Any extra channel bandwidth would be a waste since it won't increase speed
What is the advantage of using unlicensed bands
companies can add or drop access points whenever they want. They can also have as many wireless hosts as they want
What are carriers
companies that have rights of way to lay wires between sites.
What characteristics do all access points in an ESS share
connected to the same distribution system they all have the same SSID.
What are service level agreements
contracts that guarantee a certain level of performance.
What speed does the LTE Advanced standard currently require
currently requires 3 Gbps downstream and 1.5 Gbps upstream
What is CPE
customer Premises Equipment which is located on the premises of a customer and allows customers to connect to the WAN.
What is beamforming
directing signal energy toward individual devices.
What device must a customer have at its site to connect to a leased line
equipment called a CSU/DSU which translates the physical layer signals of network devices on the customer premises into physical layer signals in a format that leased lines require.
What is social engineering
essentially tricking a victim into doing something that isn't in their best security interests.
What are the characteristics of leased lines
fast, point-to-point, always-on, connections.
What is the downside of wider channel bandwidth
fewer channels.
Do wireless LAN standards come from OSI or TCP/IP
from OSI because that is the dominant architecture for layers 1 and 2.
Between what two points will a leased line run for PSDN access
from the site to the PSDNs nearest point of presence.
What is the principle of least permissions
giving a user the minimum amount of permissions he or she needs to complete their job.
Would an SLA specify highest latency or lowest latency
highest latency because a lower latency is better and a high latency can be problematic so companies usually guarantee that the highest latency will be no more than x-amount.
What is availability
how often that network will be able for use.
What is the purpose of the 802.11r standard
it enables access points in the same distribution system to communicate with each other in roaming
Under what circumstances would you use an omnidirectional antenna
if I am working with short distances such as a WLAN and if I did not know where the other radio was located.
Under what circumstances would you use a dish antenna
if I needed to send a signal very far away in a specific direction and new where the other radio was.
What factors affect what throughput an individual user will receive
if they are moving in a car, if there are more customers using the same cellsite, if they are a greater distance from the cellsite, if they are in a dense building, etc.
Where does the manager store the information it receives from Get commands
in a Management Information Base (MIB)
Why is oversight important
it ensures that the policies are properly implemented so that the system will be stronger.
Why is wider channel bandwidth good
it increases the possible transmission speed.
What are the three layers in SDN
individual switches and routers, the SDN controller, and SDN applications
What is the definition of hacking
intentionally using a computer resource without authorization or in excess of authorization.
Traditionally, how is the control function in each device managed
it is configured on each individual device, which can be extremely time consuming the more complex a network is
Why will Bluetooth Smart extend the types of devices that can communicate wirelessly
it allows devices without full operating systems to work together. This will be important in tomorrow's Internet of Things.
What is the main benefit of MIMO
it can greatly increase throughput.
Can a password that can be broken by a dictionary attack be adequately strong if it is very long
it can never be adequately strong.
Do label switching routers along the MPLS path look at the packet's IP address
it looks at the label number which identifies the label-switched path form a particular conversation.
What protection does confidentiality provide
it makes it so that if someone intercepts a message, they wouldn't be able to read that message.
Explain "persistence" in the context of APTs
it refers to the amount of time it takes to successfully carry out this type of attack. There are several objectives in these attacks and the whole process can take several months or even years. Throughout the attack, they are constantly monitoring the network.
Explain "advanced" in the term advanced persistent theft
it refers to the high skill levels of those who partake in APTs. They must have a very high skill level because the operation could span months or even years, and one mistake could ruin the operation.
Why is network automation important
it saves a lot of time in networking
What is the minimum size for symmetric keys to be considered strong
it should have a minimum of 100 bits.
Does a signal usually travel at a single frequency, or does it spread over a range of frequencies
it spreads over a range of frequencies; this range is also known as a signal's bandwidth.
What does a firewall do when a provable attack packet arrives
it will drop the packet and log details about it in a firewall log file.
What does buffering do to latency
it will increase latency because there will be a delay in the time when a packet enters the buffer and the time it is released.
What happens if a carrier does not meet its SLA guarantee
it will pay a penalty fee.
What are benefits of SDN
labor cost reduction and agility (the ability to change rapidly).
What two problems do momentary traffic peaks create
latency and loss.
At what layers do wireless LANs operate
layers 1 and layer 2
What are the most frequent attacks on companies
malware attacks.
What is backward compatibility
newer devices with newer standards that still implement older standards.
What is the former name for carrier Ethernet
metro Ethernet; When the MEF changed the name of the service from metro Ethernet to carrier Ethernet, it did not change its own name to match.
What is a cellsite
middle of each cell; it contains a transceiver to receive and send mobile phone signals. It also watches over each mobile phone's operation.
When a customer uses a leased line to connect to its ISP, what two points does the leased line connect
needs to connect from their site to their ISP's nearest point of presence (POP).
What are momentary traffic peaks
occasional spikes in traffic a network sees. It is like rush hour on a freeway
What is jitter
occurs when different packets in a message have a different latency. This can cause things such as VoIP and streaming to speed up and slow down. The average variability in arrival times divided by the average latency.
What choices do you have for reducing the impact of delays for latency intolerant traffic
overprovisioning, priority levels, and Quality of Service Guarantees.
What is the disadvantage of each compared to the other
overprovisioning: very expensive to implement in terms of equipment and transmission line purchases. priority levels: requires much more labor work for network staff to assign those priorities. QoS Guarantees: all traffic that isn't part of the traffic flows QoS gets whatever space is left over. Sometimes the reserved space may not even be used and it still can't use that reserved capacity.
What is the advantage of each compared to the others
overprovisioning: you install a lot more capacity than you will ever need so that momentary traffic peaks are rare and obsolete. This reduced the labor burden that is put on network staff. priority levels: it sends the most important frames and packets first, and in turn transmission link costs will be lower than those of overprovisioning. Quality of Service Guarantees: traffic flows that have QoS Guarantees will always be transmitted
What is another term for authorizations
permissions
What are rights of way
permissions given to carriers by the government that allows them to lay wires between sites and are subject to government regulation.
What happens in each stage of the Plan-Protect-Respond cycle
planning phase; companies will analyze all possible threats and they will decide how they want to counteract those threats. They must also maximize the benefits of the security system by doing a risk analysis calculation protect phase: the company implements their plan and upkeeps it on a daily basis response phase: is what a company does when there is a successful attack on their network
Why do you think Fazio Mechanical made that mistake
probably being cheap.
What are credentials
proofs of identity used in authentication.
In 802.11 Wi-Fi networks, can simple installation rules usually reduce propagation effects to nonissues
simple installation rules usually do not reduce propagation effects to nonissues. This is the case because radio propagation is unreliable. The signal can be weakened in several different ways.
In 802.3 Ethernet networks, can simple installation rules usually reduce propagation effects to nonissues
simple installation rules, such as respecting cord distance limits, usually reduce propagation effects to nonissues.
What benefits can beamforming bring
stronger signals can be sent to individual wireless hosts
What is its other benefit of MIMO
that it has a greater transmission range; This allows for greater propagation distances which in turn, allows for fewer access points to be installed.
What is the benefit of separating policies from implementation
that there is specialization; Policymakers have greater overview knowledge needed for broad policies, while Implementers understand the technological details needed for the best implementation.
Who are the most dangerous employees
the IT employees
What is today's dominant cellular technology
the Long-Term Evolution (LTE) standard
What organization is standardizing carrier Ethernet
the Metropolitan Ethernet Forum (MEF).
What device manages the control functions on forwarding devices
the SDN controller
If carrier speed falls below its guaranteed speed in an SLA, under what circumstances will the carrier not have to pay a penalty to the customers
the carrier would not have to pay a penalty if it guarantees a speed of no worse than 100 Mbps 99.8% of the time and the speed only drops below 100 Mbps .1% of the time. Carriers put these little exceptions in the SLAs because it is impossible to guarantee that something will work perfectly 100% of the time.
What are payloads
the final task of malware; can do massive amounts of damage such as erase hard disks; Not all malwares have these
How are device control functions managed in software-defined networking
the forwarding function and control function are separated. Instead of having a control function on every device, there is one control function placed in a controller that allows commands to be sent to every connected device.
What pressing management issues does SDN address
the issue of having to manually configure each switch and router when they are installed or when something needs to be updated; it can be extremely time consuming. This lowers cost, and changes can be made quickly, giving agility.
What is the name of the path selected for a particular conversation
the label-switched path.
What types of passwords are susceptible to dictionary attacks
the most common passwords; These types of passwords are usually short and simple and are commonly used. They are put in a dictionary of other simple, common passwords and the attacker just goes through that dictionary.
What factors influence individual throughput, given a certain level of aggregate throughput
the number of users using a specific access point. The more users on the access point, the less individual throughput each user receives,
How does channel bandwidth change in spread spectrum transmission
the original signal, called a baseband signal, is spread over a much broader channel than is required by the transmission speed
What is authentication
the process of proving the identity of a specific person.
Which stage of the Plan-Protect-Respond Cycle consumes the most time
the protect phase because a company must implement their plan and maintain it as long as possible before there is a successful attack.
In two-way dialogues, how many keys are used in symmetric key encryption
the two sides share 1 single key to encrypt and decrypt messages.
What is biometrics
the use of body measurements to properly authenticate someone; could include fingerprint recognition, facial recognition, or even iris scanning.
Does an SLA measure the best case or the worst case
the worst case scenario because if and ISP put in a best speed scenario they would have to pay penalties if the speed ever went higher than that.
How do you authenticate yourself with an access card
they are swiped through card readers to identify you. Some common examples include hotel keys and debit cards.
How do Trojan horses propagate to computers
they are unable to propagate on their own so they must be placed on a computer by a separate piece of malware, a hacker, or a user downloading it.
To what computer does the "botmaster" attacker send messages
they send messages to a command and control server; then relays those commands to the botnet. This makes it very difficult to locate the botmaster.
Passive RFID chips have no batteries. How can they transmit when queried
they transmit information using absorbed energy from the command pulse.
Does residential ISP service usually have SLA guarantees, Why
they usually don't give SLA guarantees because customers are much more price sensitive than companies. Usually Internet access with an SLA is very expensive.
When a firewall administrator sends a policy to the policy server, what does the policy server do
they will create a detailed firewall rule and then send that rule out to the proper firewall(s).
When a device that implements 802.11ac attaches to an 802.11n access point, what standard do they use to communicate
they will use the 802.11n standard to communicate
What is the purpose of a denial-of-service attack
to make a computer or network unavailable to its users.
What is the purpose of redundancy in transmission links
to provide extra transmission links so that there are backup paths in the event of another link failing.
Do WLANs today use licensed or unlicensed bands
unlicensed bands.
How can users eliminate vulnerabilities in their programs
users should constantly look for patches for their commonly used programs on their computers. Patches usually fix these.
What class of switches are most end office switches
usually Class 5 switches which is the lowest switch in the hierarchy.
What two propagation problems become worse as frequency increases
waves will suffer more rapidly from absorptive attenuation, and dead zone problems will increase. Higher frequencies are less able to travel through and around objects.
What is a propagation vector
ways for malware to spread.
For what application was SSL/TLS most widely used
web applications.
What is a handoff in 802.11
when a host travels too far from a wireless access point, and is handed off to a closer access point in the same extended service set.
When should you measure error rates, Why
when a network has a large amount of traffic. This allows them to understand the error rate risks.
Why must an access point remove an arriving packet from the frame in which the packet arrives and place the packet in a different frame when it sends the packet back out
when it sends the packet back out because 802.11 frames cannot travel over 802.3 LANs and vice versa. 802.11 frames can only travel between wireless access points and the wireless host. 802.3 frames can only travel between the access point and the server.
What is vulnerability testing, and why is it done
when someone from within a system goes outside of that system and attacks it to discover any vulnerability. It is done to identify any weaknesses in a system before an attacker does.
Under what circumstances are scripts likely to be dangerous
when there is a vulnerability in a user's web browser
What is defense in depth
when you have multiple lines of defense and an attacker must get through all of them in order to have a successful attack.
Are access links wired or wireless
wired or wireless.
If you triple channel bandwidth, what happens to the number of channels in the service band
you can only have one third as many channels in a service band.
What is the downside of using unlicensed bands
you have no control over interference from others around you.