Exam 1,2,3

Exam 1 An indirect attack involves a hacker using a personal computer to break into a system False Which term describes a subject or object’s ability to use, manipulate, modify, or affect another subject or object Access In information security, ______ exits when a vulnerability known to an attacker is present. Exposure The CIA triad is based on three characteristics of information that form the foundation for many security programs: Confidentiality, integrity, and availability Which threat is the most common intellectual property (IP) breach? Software piracy When organizations record versions of their policy in English and alternate languages, they are attempting to meet the ___ criteria to make the policy effective and legally enforceable. Review(reading) The ____ are the foundation of a security framework. Spheres of security UDP is a connection-oriented datagram protocol False What is the primary reason we create networks? To exchange information ____ uses analog frequencies to encode one or more bits, by measuring the height of the signal. Pulse amplitude modulation (PAM) Which type of multiplexing is found exclusively in fiber-optic communications? Wave division multiplexing Which term refers to unwanted noise from a signal coming across the media at multiple frequencies? White noise In ____ networks, the individual users or clients directly interact with one another, sharing resources without the benefit of a central repository or server. Peer-to-peer Which network typically covers a region the size of a municipality, county, or district? Metropolitan area network Which OSI model layer has the largest number of risks and attacks? Application In the TCP/IP network model, data from the end user’s utilities ( the messages) is passed down to the _____ layer for processing. Transport Hash functions confirm message identity and integrity. True Steganography is technically a form of cryptography. False Bit stream methods commonly use algorithm functions like The XOR operation Which cipher simply rearranges the values within a block to create the ciphertext? Transposition Which symmetric encryption cryptosystems was developed to replace both DES and 3DES? AES Public-Key encryption is based on a ____. Hash value The most common hybrid cryptography system is based on the ____ key exchange, which is a method for exchanging private keys using public-key encryption. Diffie-Hellman Using XOR encryption, encrypt the bit stream, 1001 with a key of 0011 1010 What is the cipher text for the work “EXIT” using Caesar encryption method with a shift value of +5? JCNY What is the plaintext of ciphertext “JJGNR” if the encryption method is Caesar with a shift of +2 HELP Using frequency analysis of Caesar encryption method, what would be the plaintext for letter T in the following ciphertext?: UWRGT UGETGV GZCO R Exam 2 Network firewall entry and exit points are called ____. Ports A(n) ____ is an ideal endpoint for VPN, which connects two companies’ networks over the Internet. Firewall The ____ process can be performed at the firewall and make use of encryption to protect credentials transmitted from client to server (or client to firewall) Authentication A _____ is a network subaddress (assigned a number between 0 and 65,535) through which a particular type of data is allowed to pass. port At the network layer, _____ are used to encapsulate packets (or datagrams). Frames Known as the ping service, use of ____ traffic is a common method for hacker reconnaissance and should be turned off to prevent snooping. ICMP A(n) ______ tracks the state and context of each packet in the conversation by recording which station sent what packet and when. State table Deep packet inspection is implemented through the use of ______ rules. Jump Technologically, firewalls are categorized into ______. Generations Which company offers a free firewall that provides basic ingress and egress filtering? ZoneAlarm The architecture of a screened subnet firewall provides a _____. DMZ Which access control process documents the activities of the authenticated individual and system? Accountability Which access control principle is most frequently associated with data classification? Need to know Which level in the U.S. military data classification scheme applies to any information or material the authorized disclosure of which reasonably could be expected to cause damage to the national security? Confidential data Biometrics (retinal scans, fingerprints, and the like) are mainly used for _____ by large security-minded entities such as banking institutions and credit card centers for regulating access to sensitive information, but biometrics are also gaining ground in the general corporate world. Authentication A(n) ____ is a list of authorization rights attached to an object - in other words, who can access that device or application and what can they do with it. access control list (ACL) Which authentication method is used when you want a client to be authenticated for each session? Session authentication Which centralized authentication method uses UDP? RADIUS The growth and widespread use of the Internet has been coupled with the use of encryption technology to produce a solution for specific types of private communication channels: ____. virtual private networks (VPNs) IPSec ____ use a complex set of security protocols to protect information, including Internet Key Exchange (IKE), which provides for the exchange of security keys between the machines in the VPN. Concentrators Some VPNs use the term ____ to describe everything in the protected network behind the gateway. encryption domain Which term refers to two connections over a VPN line? Split tunneling Because of its ubiquity in UNIX/Linux systems, ____ has become the de facto standard in network sniffing. Tcpdump What does the tcpdump host 192.168.1.100 command do? It only captures traffic originating from and destined to 192.168.1.100. The tcpdump tool will output both the header and packet contents into ____ format. Hex One of the best reasons to install a(n) ____ is to provide an organization with overall situational awareness - or a better overall understanding - of the activities that take place on the network. IDPS In ____ verification, the higher-order protocols (HTTP, FTP, Telnet) are examined for unexpected packet behavior or improper use. application protocol Wireless sensors are most effective when their ____ overlap. Footprints A signature-based IDPS examines network traffic in search of patterns that match known ____. Signatures The Simple Network Management Protocol contains ____ functions, which allow a device to send a message to the SNMP management console indicating that a certain threshold has been crossed, either positively or negatively. Trap Blacklists and whitelists are most commonly used in ____ detection and stateful protocol analysis. signature-based ____ applications use a combination of techniques to detect an intrusion and trace it back to its source. Trap-and-trace applications One tool that provides active intrusion prevention is known as ____. LaBrea Ken seeks to prevent an employee from performing out of scope action and/or fraud. Which should he implement? Mandatory vacation Martha has implemented controls that determine applications may be installed and run on smartphones, laptops, and desktops. Unauthorized applications cannot be installed, run, or access device data. This is which of the following: Whitelist Quiz 3 Which wireless modulation technique combines digital and analog signaling to encode data into radio signals? QAM Which wireless modulation technique addresses the transmission of the data stream that has been properly encoded onto the radio signal? Spread-spectrum transmission 802.11n has a maximum data rate of ____. 600 Mbps What is the branding name for interoperable equipment that is capable of supporting IEEE 802.11i requirements? WPA2 What is the largest area of concern with regard to security in ZigBee? Accidental key reuse A collection of BSSs connected by one or more DSs is referred to as an ____ service set (ESS). Extended The primary advantage of the ____ wireless topology configuration is the flexibility of the network. Mesh Ad hoc wireless models rely on the existence of ____ to provide connectivity. multiple stations Which connectivity model uses a single access point that provides connectivity for a number of clients within a BSS? Point-to-multipoint The use of ____ is required to achieve RSN compliance. CCMP Bluetooth networks are referred to as ____. Piconets Which notable Bluetooth attack allows a nearby attacker to issue commands to an unsuspecting target phone? BlueBug ____ is a simple method of transferring files between computer systems. FTP With ____ mode, a trusted internal FTP client makes an outgoing request to the FTP server. Passive What is the best way to secure FTP or TFTP? Employ encryption and authentication. To provide monitoring, an SNMP ____ must be installed on a desired host or network device. Agent An SMTP ____ is a simple message providing status information about the monitored device. Trap ____ is the basis for Web communication. HTTP Which HTTP response code indicates that an error has occurred on the client side? 401 One of the biggest strengths of Perl is its ____-manipulation abilities. Text ____ refers to a new use of existing technologies. AJAX What is the best way to restrict URL access? Make sure sensitive pages require authentication. What is the best way to direct visitors to a new location or page? Create a .htaccess file with the following entry: Redirect 301 /old/old.html /new/new.html. The printf (user_input); command in C has the potential to cause a(n) ____ vulnerability. format string problem Requirements for a complex password system include using a ____ value, implementing strong encryption, requiring periodic password changes, and generally implementing a system where guessing a password or its hash is very difficult. Salt If Web software can access parts of the underlying operating system’s file system through normal URL mappings, a(n) ____ may occur. directory traversal attack Protocol analyzers are commonly referred to as ____. Sniffers The ____ command, available on most popular Web browsers, allows users to see the source code behind the page. view source Probably the most popular port scanner is ____, which runs on both UNIX and Windows systems. Nmap A(n) ____ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. Passive A ____ (sometimes called a network protocol analyzer) is a network tool that collects copies of packets from the network and analyzes them or stores the packets for later analysis. Packet sniffer The most realistic type of penetration test is a ____ box test. Black ARP Poisoning attack is possible from a computer which is located only on the same local network where the victim computer is located Which the following is a case of man in the middle attack ARP poisoning attack