Telecommunications Chapter 11

Ace your homework & exams now with Quizwiz!

The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:

computer forensics

Corrective controls reveal or discover unwanted events.

false

Crackers are casual hackers with a limited knowledge of computer security.

false

DES is a commonly used symmetric encryption algorithm developed in the mid-1990s by the American government in conjunction with IBM.

false

Decryption is the process of converting plaintext into ciphertext.

false

In transport mode, IPSec encrypts the entire IP packet.

false

Integrity is not a primary goal of security.

false

Microsoft's Windows operating system meets A1 level security.

false

Network cables are the easiest target for eavesdropping.

false

Researchers estimate that only one or two new viruses are developed every week.

false

Which of the following type of media is least susceptible to eavesdropping?

fiber optics

A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization's network.

firewall

__________ refers to the process of translating between one set of private addresses inside a network and a set of public address outside the network.

network address translation

According to Symantec, more than 50% of all targeted companies had fewer than 2,500 employees because they

often have weaker security

Intrusion refers to confidentiality and integrity of data.

true

Macro viruses can spread when an infected file is opened.

true

Preventive controls mitigate or stop a person from acting or an event from occurring.

true

A (n) ______ is a special type of virus that spreads itself without human intervention.

worm

A sniffer program is a:

a program that records all LAN messages received for later analysis

A symmetric encryption system has two parts: the key and the ____________.

algorithm

A fundamental technique to determine if an intrusion is in progress in a stable network is:

anomaly detection

A(n) _________ is something of value and can be either hardware or software.

asset

A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.

certificate authority

Developing _______ helps develop a secure network.

controls

Which of the following is not a type of intrusion prevention system?

data link based

A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users' messages from being processed.

denial of service attack

An example of _____ of data would be if a computer virus eliminated files on that computer.

destruction

__________ provide authentication which can legally prove who sent a message over a network.

digital signatures

Encryption is the process of:

disguising information by the use of mathematical rules, known as algorithms

A network switch failure is an example of a(n) ________ threat.

disruptive

IP spoofing means to:

fool the target computer and any intervening firewall into believing that messages from the intruder's computer are actually coming from an authorized user inside the organization's network

In recent years, management's concern about the adequacy of current control and security mechanisms used in a data communications environment has:

increased because this commitment to data communications has changed the potential vulnerability of the organization's assets

Often, incidents of ___________ involve employees of the organization, surprisingly enough.

intrusion

DES:

is a commonly used symmetric encryption algorithm that was developed in the mid 1970s

A security hole is a(n):

malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users

_________ controls stop a person from acting.

preventive

The key principle in preventing disruption, destruction and disaster is ___________.

redundancy

For Ethernet networks, a _______ switch can make eavesdropping more difficult.

secure

Which of the following is not considered one of the five most common business impacts?

social

Which of the following is not true about one-time passwords?

they create a packet level firewall on the system

_______________ describes how an asset can be compromised by one specific threat.

threat scenarios

A brute force attack against an encryption system:

tries to gain access by trying every possible key

_______________ is an encryption standard that uses a total of 168 bits as the key.

triple des

A NAT firewall uses an address table to translate private IP addresses used inside the organization into proxy data link layer addressed used on the Internet.

true

A denial-of-service attack occurs when someone external blocks access to your network.

true

A patch is a software solution to correct a security hole.

true

Business continuity planning refers primarily to ensuring availability, with some aspects of data integrity.

true

Controls are mechanisms that reduce or eliminate threats to network security.

true

DoS attackers generally use fake source IP addresses, making it harder to identify the DoS messages.

true

Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters.

true

When using a digital signature, the sender encrypts the message with their private key and the recipient decrypts the message with the sender's public key.

true

Which of the following are usually the first choice for eavesdropping?

wireless lans

The three basic network access points into most organizational networks are from the Internet, from LANs inside of the organization and ________________.

wlans


Related study sets

Head and neck practice questions

View Set

La culture française (questions ouvertes)

View Set

Psychology 101 - Chapters 4, 5 and 6

View Set

LSU 1101 BOYAJIAN SPRING 2018 HW MIDTERM

View Set

Chapter 3 - Process Cost Systems (ACCT 2025)

View Set

GP: MUSCULOSKELETAL/ORTHO/NEURO ISSUES

View Set

silvestri practice questions for exam 2

View Set