CSMA/CD collision domain, stations must wait until the media is not in use before transmitting.
After a collision, al stations run a random backoff algorithm. When the backoff delay period has expired, all stations have equal
prioirty to transmit data.
Thursday, March 11, 2010
BroadCast Storm
Which two output fields will be helpful when you determine if a broadcast storm has occurred ?
Ans: no buffer, ignored.
Ans: no buffer, ignored.
Full Duplex Mode
Full Duplex Mode facts:
There are no collisions in full-duplex mode.
A dedicated switch port is required for each full-duplex node.
The host network card and the switch port must be capable of operating in full-duplex mode.
There are no collisions in full-duplex mode.
A dedicated switch port is required for each full-duplex node.
The host network card and the switch port must be capable of operating in full-duplex mode.
ICMP Packets
ICMP Packets:
a)They can provide hosts with information about network problems.
b)They are encapsulated within IP datagrams for transmission across an internet.
a)They can provide hosts with information about network problems.
b)They are encapsulated within IP datagrams for transmission across an internet.
Protocols Defined
SNMP stands for Simple Network Management Protocol: Protocol used to monitor and manage network devices
FTP: reliable, connection-oriented service that uses TCP to transfer files between systems
TFTP: connectionless service that uses UDP to transfer files between systems.
DNS: is a protocol that converts human-readable names into machine-readable addresses.
DHCP automatically assigns IP addresses and subnet masks to a workstation.
FTP: reliable, connection-oriented service that uses TCP to transfer files between systems
TFTP: connectionless service that uses UDP to transfer files between systems.
DNS: is a protocol that converts human-readable names into machine-readable addresses.
DHCP automatically assigns IP addresses and subnet masks to a workstation.
Flow Control
Flow Control provides a means for the receiver to govern the amount of data sent by the sender.
Three types of flow control are windowing, buffering and congestion avoidance.
Three types of flow control are windowing, buffering and congestion avoidance.
OSI Layer 1,2,3,4
Physical layer: transporting bits between two machines
Data link layer: MAC addresses and switching
Network layer:Packets, ip addresses and routing
Transport Layer: UDP segments and windowing
Data link layer: MAC addresses and switching
Network layer:Packets, ip addresses and routing
Transport Layer: UDP segments and windowing
Two Advantages of Layer 2 Ethernet switches over hubs
Filtering frames bases on MAC address
Allowing simultaneous frame transmissions.
Allowing simultaneous frame transmissions.
Commands & Their Functions
ipconfig/all: displays PC network configuration
tracert: displays the list of routers on a path to newtork destination
telnet: tests VTY configuration
ping 127.0.0.1: tests TCP/iP protocol stack
arp-a: displays IP to MAC address mappings on a Windows PC.
tracert: displays the list of routers on a path to newtork destination
telnet: tests VTY configuration
ping 127.0.0.1: tests TCP/iP protocol stack
arp-a: displays IP to MAC address mappings on a Windows PC.
Difference between TCP and UDP.
TCP is a reliable, connection-oriented protocol.
UDP is unreliable and connectionless protocol.
In order to ensure reliability, the TCP header increases those fields including sequence number, acknowledgment numbers and window size.
UDP is unreliable and connectionless protocol.
In order to ensure reliability, the TCP header increases those fields including sequence number, acknowledgment numbers and window size.
ARP
The ARP protocol is used by a network host to resolve a destination IPv4 address to destination MAC address.
Data Link Layer
What source destination information can you find in the data link layer ?
Mac Address
Also, the show cdp neighbors command operates at the data link layer of the OSI model.
Mac Address
Also, the show cdp neighbors command operates at the data link layer of the OSI model.
Security Questions & Answers
Question 1
While most attacks take advantage of vulnerabilities that someone has already uncovered, a(n) ____ occurs when an attacker discovers and exploits a previously unknown flaw.
Correct Answer: zero day
Question 2
In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.
Correct Answer: distributed
Question 3
_____ ensures that only authorized parties can view information.
Correct Answer: Confidentiality
Question 4
_____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Correct Answer: Integrity
Question 5
In information security, a loss can be _____.
Correct Answer: all of the above
Question 6
In information security, a threat agent can be defined as _____.
Correct Answer: both a and b
Question 7
Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.
Correct Answer: data
Question 8
According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____.
Correct Answer: $10 million
Question 9
____ involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.
Correct Answer: Identity theft
Question 10
Under the _____ , healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.
Correct Answer: HIPAA
Question 11
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
Correct Answer: $250,000
Question 12
The _____ act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism.
Correct Answer: USA Patriot
Question 13
COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain parental consent prior to the collection, use, disclosure, or display of a child’s personal information.
Correct Answer: 13
Question 14
In a company of 500 employees, it is estimated that _____ employees would be required to combat a virus attack.
Correct Answer: five
Question 15
The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.
Correct Answer: Love Bug
Question 16
What is another name for unsolicited e-mail messages?
Correct Answer: spam
Question 17
According to the research group Postini, over ____ of daily e-mail messages are unsolicited and could be carrying a malicious payload.
Correct Answer: two-thirds
Question 18
____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.
Correct Answer: Cybercriminals
Question 19
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.
Correct Answer: cybercrime
Question 20
A security ____ focuses on the administration and management of plans, policies, and people.
Correct Answer: manager
Question 21
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Correct Answer: 10 to 14
Question 22
A computer ____ is a program that secretly attaches itself to a legitimate “carrier,” such as a document or program, and then executes when that document is opened or program is launched.
Correct Answer: virus
Question 23
A ____ virus can interrupt almost any function executed by the computer operating system and alter it for its own malicious purposes.
Correct Answer: resident
Question 24
A ____ virus infects the Master Boot Record of a hard disk drive.
Correct Answer: boot
Question 25
In order to avoid detection some viruses can alter how they appear. These are known as ____ viruses.
Correct Answer: metamorphic
Question 26
A ____ is a program advertised as performing one activity but actually does something else.
Correct Answer: Trojan
Question 27
A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.
Correct Answer: logic bomb
Question 28
____ is an image spam that is divided into multiple images.
Correct Answer: GIF layering
Question 29
____ involves horizontally separating words, although it is still readable by the human eye.
Correct Answer: Word splitting
Question 30
____ uses “speckling” and different colors so that no two spam e-mails appear to be the same.
Correct Answer: Geometric variance
Question 31
____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Correct Answer: Adware
Question 32
Today’s computer systems have a(n) ____ chip in which the contents can be rewritten to provide new functionality.
Correct Answer: PROM
Question 33
Flash memory is a type of ____, nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Correct Answer: EEPROM
Question 34
A ____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage available to LAN users through a standard network connection.
Correct Answer: NAS
Question 35
____ are portable communication devices that function in a manner that is unlike wired telephones.
Correct Answer: Cell phones
Question 36
The ____ is the link between the cellular network and the wired telephone world and controls all transmitters and base stations in the cellular network.
Correct Answer: MTSO
Question 37
____ is a means of managing and presenting computer resources by function without regard to their physical layout or location.
Correct Answer: Virtualization
Question 38
One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization.
Correct Answer: operating system
Question 39
With operating system virtualization, a virtual machine is simulated as a self-contained software environment by the ____ system (the native operating system to the hardware).
Correct Answer: host
Question 40
Creating and managing multiple server operating systems is known as ____ virtualization.
Correct Answer: server
Question 41
____ technology enables a virtual machine to be moved to a different physical computer with no impact to the users.
Correct Answer: Live migration
Question 42
Live migration can be used for ____; if the demand for a service or application increases, then network managers can quickly move this high-demand virtual machine to another physical server with more RAM or CPU resources.
Correct Answer: load balancing
Question 43
A ____ is a cumulative package of all security updates plus additional features.
Correct Answer: service pack
Question 44
____ is a Windows Vista and Windows XP Service Pack 2 (SP2) feature that prevents attackers from using buffer overflow to execute malware.
Correct Answer: DEP
Question 45
The goal of ____ is to make it harder to predict where the operating system functionality resides in memory.
Correct Answer: ASLR
Question 46
The ____ are the operating system settings that impose how the policy will be enforced.
Correct Answer: configuration baselines
Question 47
Instead of the Web server asking the user for the same information each time she visits that site, the server can store that user-specific information in a file on the user’s local computer and then retrieve it later. This file is called a(n) ____.
Correct Answer: cookie
Question 48
A(n) ____ is a computer programming language that is typically interpreted into a language the computer can understand.
Correct Answer: scripting language
Question 49
____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.
Correct Answer: ActiveX controls
Question 50
____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.
Correct Answer: Cross site scripting (XSS)
Question 51
____ is a process of ensuring that any inputs are “clean” and will not corrupt the system.
Correct Answer: Input validation
Question 52
____ is a language used to view and manipulate data that is stored in a relational database.
Correct Answer: SQL
Question 53
____ hinges on an attacker being able to enter an SQL database query into a dynamic Web page.
Correct Answer: SQL injection
Question 54
Regarding e-mail, ____ handles outgoing mail.
Correct Answer: SMTP
Question 55
Regarding e-mail, ____ is responsible for incoming mail.
Correct Answer: POP3
Question 56
SMTP servers can forward e-mail sent from an e-mail client to a remote domain. This is known as ____.
Correct Answer: SMTP relay
Question 57
If SMTP relay is not controlled, an attacker can use it to forward thousands of spam e-mail messages. An uncontrolled SMTP relay is known as a(n) ____.
Correct Answer: SMTP open relay
Question 58
____ is real-time communication between two or more users.
Correct Answer: Instant messaging (IM)
Question 59
____ are active Internet connections that download a specific file that is available through a tracker.
Correct Answer: Torrents
Question 60
In a P2P network, a ____ is a server program operated by the person or organization that wants to share the file.
Correct Answer: tracker
Question 61
BitTorrent maximizes the transfer speed by gathering pieces of the file and downloading these pieces simultaneously from users who already have them (the collective pieces are called a ____).
Correct Answer: swarm
Question 62
A(n) ____ is a small Web browser window that appears over the Web site that is being viewed.
Correct Answer: popup
Question 63
The ____ record is an entry in the Domain Name System (DNS) that identifies the mail server responsible for handling that domain name.
Correct Answer: MX
Question 64
____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.
Correct Answer: Port mirroring
Question 65
A(n) ____ is an account that is secretly set up without the administrator’s knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.
Correct Answer: back door
Question 66
In a “____ attack,” a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.
Correct Answer: smurf
Question 67
With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.
Correct Answer: slot time
Question 68
____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.
Correct Answer: CSMA/CD
Question 69
A(n) ____ attack makes a copy of the transmission before sending it to the recipient.
Correct Answer: replay
Question 70
The most common protocol suite used today for networks as well as the Internet is ____.
Correct Answer: TCP/IP
Question 71
____ is a popular protocol used to manage network equipment.
Correct Answer: SNMP
Question 72
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
Correct Answer: DNS
Question 73
One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.
Correct Answer: DNS poisoning
Question 74
DNS poisoning can be prevented by using the latest editions of the DNS software, ____.
Correct Answer: BIND
Question 75
In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.
Correct Answer: ARP
Question 76
An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.
Correct Answer: ARP poisoning
Question 77
____ enables the attacker’s computer to forward any network traffic it receives from Computer A to the actual router.
Correct Answer: IP forwarding
Question 78
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
Correct Answer: beaconing
Question 79
Each wireless device looks for beacon frames in a process known as ____.
Correct Answer: scanning
Question 80
Wireless location mapping is the formal expression for ____.
Correct Answer: war driving
Question 81
The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.
Correct Answer: dipole
Question 82
____ is the name given to a wireless technology that uses short-range RF transmissions.
Correct Answer: Bluetooth
Question 83
A group of piconets in which connections exist between different piconets is called a ____.
Correct Answer: scatternet
Question 84
____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
Correct Answer: Bluesnarfing
Question 85
Using ____, networks can essentially be divided into three parts: network, subnet, and host.
Correct Answer: subnetting
Question 86
____ switches are connected directly to the devices on the network.
Correct Answer: Workgroup
Question 87
____ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.
Correct Answer: Subnets
Question 88
____ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.
Correct Answer: Private
Question 89
A variation of NAT is ____. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.
Correct Answer: PAT
Question 90
____ examines the current state of a system or network device before it is allowed to connect to the network.
Correct Answer: NAC
Question 91
The goal of ____ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.
Correct Answer: NAC
Question 92
____ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.
Correct Answer: Stateful
Question 93
The goal of a ____ is to hide the IP address of client systems inside the secure network.
Correct Answer: proxy server
Question 94
A ____ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
Correct Answer: honeypot
Question 95
____ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization’s honeypot.
Correct Answer: Production
Question 96
____ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.
Correct Answer: Research
Question 97
A(n) ____ attempts to identify inappropriate activity.
Correct Answer: IDS
Question 98
A software-based ____ attempt to monitor and possibly prevent attempts to attack a local system.
Correct Answer: HIDS
Question 99
A ____ watches for attempts to penetrate a network.
Correct Answer: NIDS
Question 100
A(n) ____ finds malicious traffic and deals with it immediately.
Correct Answer: IPS
Question 101
A ____ is an instruction that interrupts the program being executed and requests a service from the operating system.
Correct Answer: system call
Question 102
____ work to protect the entire network and all devices that are connected to it.
Correct Answer: NIPS
Question 103
____ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.
Correct Answer: NIPS
Question 104
____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.
Correct Answer: Protocol analyzers
Question 105
____ monitor Internet traffic and block access to preselected Web sites and files.
Correct Answer: Internet content filters
Question 106
In the early 1980s, the IEEE began work on developing computer network architecture standards. This work was called ____, and it quickly expanded into several different categories of network technology.
Correct Answer: Project 802
Question 107
This IEEE ____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum.
Correct Answer: 802.11a
Question 108
____ was designed to ensure that only authorized parties can view transmitted wireless information.
Correct Answer: WEP
Question 109
WEP accomplishes confidentiality by taking unencrypted text and then encrypting or “scrambling” it into ____ so that it cannot be viewed by unauthorized parties while being transmitted.
Correct Answer: ciphertext
Question 110
The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text.
Correct Answer: integrity check value (ICV)
Question 111
The PRNG in WEP is based on the ____ cipher algorithm.
Correct Answer: RC4
Question 112
A(n) ____ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.
Correct Answer: association request
Question 113
____ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.
Correct Answer: Shared key
Question 114
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
Correct Answer: beaconing
Question 115
With ____ scanning, a wireless device simply listens for a beacon frame for a set period of time.
Correct Answer: passive
Question 116
Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called ____).
Correct Answer: a handoff
Question 117
In 2002, the WECA organization changed its name to ____.
Correct Answer: Wi-Fi Alliance
Question 118
In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____.
Correct Answer: WPA
Question 119
Access points have a setting called “____,” which is what the PSK uses as a seed value to generate new keys.
Correct Answer: Group Key Renewal
Question 120
WPA replaces WEP with an encryption technology called ____.
Correct Answer: TKIP
Question 121
WPA also replaces the cyclic redundancy check (CRC) function in WEP with the ____.
Correct Answer: MIC
Question 122
____ is intended for personal and small office home office users who do not have advanced server capabilities.
Correct Answer: PSK
Question 123
Encryption under the WPA2 personal security model is accomplished by ____.
Correct Answer: AES-CCMP
Question 124
IEEE 802.11i authentication and key management is accomplished by the IEEE ____ standard.
Correct Answer: 802.1x
Question 125
IEEE 802.11i includes ____, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.
Correct Answer: key-caching
Question 126
____ allows a device to become authenticated to an AP before moving into range of the AP.
Correct Answer: Pre-authentication
While most attacks take advantage of vulnerabilities that someone has already uncovered, a(n) ____ occurs when an attacker discovers and exploits a previously unknown flaw.
Correct Answer: zero day
Question 2
In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.
Correct Answer: distributed
Question 3
_____ ensures that only authorized parties can view information.
Correct Answer: Confidentiality
Question 4
_____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Correct Answer: Integrity
Question 5
In information security, a loss can be _____.
Correct Answer: all of the above
Question 6
In information security, a threat agent can be defined as _____.
Correct Answer: both a and b
Question 7
Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.
Correct Answer: data
Question 8
According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____.
Correct Answer: $10 million
Question 9
____ involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.
Correct Answer: Identity theft
Question 10
Under the _____ , healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.
Correct Answer: HIPAA
Question 11
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?
Correct Answer: $250,000
Question 12
The _____ act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism.
Correct Answer: USA Patriot
Question 13
COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain parental consent prior to the collection, use, disclosure, or display of a child’s personal information.
Correct Answer: 13
Question 14
In a company of 500 employees, it is estimated that _____ employees would be required to combat a virus attack.
Correct Answer: five
Question 15
The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.
Correct Answer: Love Bug
Question 16
What is another name for unsolicited e-mail messages?
Correct Answer: spam
Question 17
According to the research group Postini, over ____ of daily e-mail messages are unsolicited and could be carrying a malicious payload.
Correct Answer: two-thirds
Question 18
____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.
Correct Answer: Cybercriminals
Question 19
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.
Correct Answer: cybercrime
Question 20
A security ____ focuses on the administration and management of plans, policies, and people.
Correct Answer: manager
Question 21
A study by Foote Partners showed that security certifications earn employees ____ percent more pay than their uncertified counterparts.
Correct Answer: 10 to 14
Question 22
A computer ____ is a program that secretly attaches itself to a legitimate “carrier,” such as a document or program, and then executes when that document is opened or program is launched.
Correct Answer: virus
Question 23
A ____ virus can interrupt almost any function executed by the computer operating system and alter it for its own malicious purposes.
Correct Answer: resident
Question 24
A ____ virus infects the Master Boot Record of a hard disk drive.
Correct Answer: boot
Question 25
In order to avoid detection some viruses can alter how they appear. These are known as ____ viruses.
Correct Answer: metamorphic
Question 26
A ____ is a program advertised as performing one activity but actually does something else.
Correct Answer: Trojan
Question 27
A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.
Correct Answer: logic bomb
Question 28
____ is an image spam that is divided into multiple images.
Correct Answer: GIF layering
Question 29
____ involves horizontally separating words, although it is still readable by the human eye.
Correct Answer: Word splitting
Question 30
____ uses “speckling” and different colors so that no two spam e-mails appear to be the same.
Correct Answer: Geometric variance
Question 31
____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
Correct Answer: Adware
Question 32
Today’s computer systems have a(n) ____ chip in which the contents can be rewritten to provide new functionality.
Correct Answer: PROM
Question 33
Flash memory is a type of ____, nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Correct Answer: EEPROM
Question 34
A ____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage available to LAN users through a standard network connection.
Correct Answer: NAS
Question 35
____ are portable communication devices that function in a manner that is unlike wired telephones.
Correct Answer: Cell phones
Question 36
The ____ is the link between the cellular network and the wired telephone world and controls all transmitters and base stations in the cellular network.
Correct Answer: MTSO
Question 37
____ is a means of managing and presenting computer resources by function without regard to their physical layout or location.
Correct Answer: Virtualization
Question 38
One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization.
Correct Answer: operating system
Question 39
With operating system virtualization, a virtual machine is simulated as a self-contained software environment by the ____ system (the native operating system to the hardware).
Correct Answer: host
Question 40
Creating and managing multiple server operating systems is known as ____ virtualization.
Correct Answer: server
Question 41
____ technology enables a virtual machine to be moved to a different physical computer with no impact to the users.
Correct Answer: Live migration
Question 42
Live migration can be used for ____; if the demand for a service or application increases, then network managers can quickly move this high-demand virtual machine to another physical server with more RAM or CPU resources.
Correct Answer: load balancing
Question 43
A ____ is a cumulative package of all security updates plus additional features.
Correct Answer: service pack
Question 44
____ is a Windows Vista and Windows XP Service Pack 2 (SP2) feature that prevents attackers from using buffer overflow to execute malware.
Correct Answer: DEP
Question 45
The goal of ____ is to make it harder to predict where the operating system functionality resides in memory.
Correct Answer: ASLR
Question 46
The ____ are the operating system settings that impose how the policy will be enforced.
Correct Answer: configuration baselines
Question 47
Instead of the Web server asking the user for the same information each time she visits that site, the server can store that user-specific information in a file on the user’s local computer and then retrieve it later. This file is called a(n) ____.
Correct Answer: cookie
Question 48
A(n) ____ is a computer programming language that is typically interpreted into a language the computer can understand.
Correct Answer: scripting language
Question 49
____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.
Correct Answer: ActiveX controls
Question 50
____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.
Correct Answer: Cross site scripting (XSS)
Question 51
____ is a process of ensuring that any inputs are “clean” and will not corrupt the system.
Correct Answer: Input validation
Question 52
____ is a language used to view and manipulate data that is stored in a relational database.
Correct Answer: SQL
Question 53
____ hinges on an attacker being able to enter an SQL database query into a dynamic Web page.
Correct Answer: SQL injection
Question 54
Regarding e-mail, ____ handles outgoing mail.
Correct Answer: SMTP
Question 55
Regarding e-mail, ____ is responsible for incoming mail.
Correct Answer: POP3
Question 56
SMTP servers can forward e-mail sent from an e-mail client to a remote domain. This is known as ____.
Correct Answer: SMTP relay
Question 57
If SMTP relay is not controlled, an attacker can use it to forward thousands of spam e-mail messages. An uncontrolled SMTP relay is known as a(n) ____.
Correct Answer: SMTP open relay
Question 58
____ is real-time communication between two or more users.
Correct Answer: Instant messaging (IM)
Question 59
____ are active Internet connections that download a specific file that is available through a tracker.
Correct Answer: Torrents
Question 60
In a P2P network, a ____ is a server program operated by the person or organization that wants to share the file.
Correct Answer: tracker
Question 61
BitTorrent maximizes the transfer speed by gathering pieces of the file and downloading these pieces simultaneously from users who already have them (the collective pieces are called a ____).
Correct Answer: swarm
Question 62
A(n) ____ is a small Web browser window that appears over the Web site that is being viewed.
Correct Answer: popup
Question 63
The ____ record is an entry in the Domain Name System (DNS) that identifies the mail server responsible for handling that domain name.
Correct Answer: MX
Question 64
____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.
Correct Answer: Port mirroring
Question 65
A(n) ____ is an account that is secretly set up without the administrator’s knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.
Correct Answer: back door
Question 66
In a “____ attack,” a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.
Correct Answer: smurf
Question 67
With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.
Correct Answer: slot time
Question 68
____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.
Correct Answer: CSMA/CD
Question 69
A(n) ____ attack makes a copy of the transmission before sending it to the recipient.
Correct Answer: replay
Question 70
The most common protocol suite used today for networks as well as the Internet is ____.
Correct Answer: TCP/IP
Question 71
____ is a popular protocol used to manage network equipment.
Correct Answer: SNMP
Question 72
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
Correct Answer: DNS
Question 73
One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.
Correct Answer: DNS poisoning
Question 74
DNS poisoning can be prevented by using the latest editions of the DNS software, ____.
Correct Answer: BIND
Question 75
In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.
Correct Answer: ARP
Question 76
An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.
Correct Answer: ARP poisoning
Question 77
____ enables the attacker’s computer to forward any network traffic it receives from Computer A to the actual router.
Correct Answer: IP forwarding
Question 78
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
Correct Answer: beaconing
Question 79
Each wireless device looks for beacon frames in a process known as ____.
Correct Answer: scanning
Question 80
Wireless location mapping is the formal expression for ____.
Correct Answer: war driving
Question 81
The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.
Correct Answer: dipole
Question 82
____ is the name given to a wireless technology that uses short-range RF transmissions.
Correct Answer: Bluetooth
Question 83
A group of piconets in which connections exist between different piconets is called a ____.
Correct Answer: scatternet
Question 84
____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
Correct Answer: Bluesnarfing
Question 85
Using ____, networks can essentially be divided into three parts: network, subnet, and host.
Correct Answer: subnetting
Question 86
____ switches are connected directly to the devices on the network.
Correct Answer: Workgroup
Question 87
____ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.
Correct Answer: Subnets
Question 88
____ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.
Correct Answer: Private
Question 89
A variation of NAT is ____. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.
Correct Answer: PAT
Question 90
____ examines the current state of a system or network device before it is allowed to connect to the network.
Correct Answer: NAC
Question 91
The goal of ____ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.
Correct Answer: NAC
Question 92
____ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.
Correct Answer: Stateful
Question 93
The goal of a ____ is to hide the IP address of client systems inside the secure network.
Correct Answer: proxy server
Question 94
A ____ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
Correct Answer: honeypot
Question 95
____ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization’s honeypot.
Correct Answer: Production
Question 96
____ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.
Correct Answer: Research
Question 97
A(n) ____ attempts to identify inappropriate activity.
Correct Answer: IDS
Question 98
A software-based ____ attempt to monitor and possibly prevent attempts to attack a local system.
Correct Answer: HIDS
Question 99
A ____ watches for attempts to penetrate a network.
Correct Answer: NIDS
Question 100
A(n) ____ finds malicious traffic and deals with it immediately.
Correct Answer: IPS
Question 101
A ____ is an instruction that interrupts the program being executed and requests a service from the operating system.
Correct Answer: system call
Question 102
____ work to protect the entire network and all devices that are connected to it.
Correct Answer: NIPS
Question 103
____ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.
Correct Answer: NIPS
Question 104
____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.
Correct Answer: Protocol analyzers
Question 105
____ monitor Internet traffic and block access to preselected Web sites and files.
Correct Answer: Internet content filters
Question 106
In the early 1980s, the IEEE began work on developing computer network architecture standards. This work was called ____, and it quickly expanded into several different categories of network technology.
Correct Answer: Project 802
Question 107
This IEEE ____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum.
Correct Answer: 802.11a
Question 108
____ was designed to ensure that only authorized parties can view transmitted wireless information.
Correct Answer: WEP
Question 109
WEP accomplishes confidentiality by taking unencrypted text and then encrypting or “scrambling” it into ____ so that it cannot be viewed by unauthorized parties while being transmitted.
Correct Answer: ciphertext
Question 110
The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text.
Correct Answer: integrity check value (ICV)
Question 111
The PRNG in WEP is based on the ____ cipher algorithm.
Correct Answer: RC4
Question 112
A(n) ____ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.
Correct Answer: association request
Question 113
____ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.
Correct Answer: Shared key
Question 114
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
Correct Answer: beaconing
Question 115
With ____ scanning, a wireless device simply listens for a beacon frame for a set period of time.
Correct Answer: passive
Question 116
Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called ____).
Correct Answer: a handoff
Question 117
In 2002, the WECA organization changed its name to ____.
Correct Answer: Wi-Fi Alliance
Question 118
In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____.
Correct Answer: WPA
Question 119
Access points have a setting called “____,” which is what the PSK uses as a seed value to generate new keys.
Correct Answer: Group Key Renewal
Question 120
WPA replaces WEP with an encryption technology called ____.
Correct Answer: TKIP
Question 121
WPA also replaces the cyclic redundancy check (CRC) function in WEP with the ____.
Correct Answer: MIC
Question 122
____ is intended for personal and small office home office users who do not have advanced server capabilities.
Correct Answer: PSK
Question 123
Encryption under the WPA2 personal security model is accomplished by ____.
Correct Answer: AES-CCMP
Question 124
IEEE 802.11i authentication and key management is accomplished by the IEEE ____ standard.
Correct Answer: 802.1x
Question 125
IEEE 802.11i includes ____, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.
Correct Answer: key-caching
Question 126
____ allows a device to become authenticated to an AP before moving into range of the AP.
Correct Answer: Pre-authentication
Relationship Between Protocols and Its Associated Function
ARP - A PC sends packets to the default gateway IP address the first since the PC turned on
ICMP - The network administrator is checking basic IP connectivity from a workstation on a server
DNS- The TCP/Ip protocol stack must find an IP address for packets destined for a URL
DHCP - A network device will automatically assign IP addresses to workstations
ICMP - The network administrator is checking basic IP connectivity from a workstation on a server
DNS- The TCP/Ip protocol stack must find an IP address for packets destined for a URL
DHCP - A network device will automatically assign IP addresses to workstations
Subscribe to:
Posts (Atom)
