Shared Flashcard Set

Details

IS3305Exam2
network security
105
Computer Networking
Undergraduate 1
04/12/2012

Additional Computer Networking Flashcards

 


 

Cards

Term
Layer 5 of the OSI model is
Definition
the Session layer.
Term
Layer 3 of the OSI model is
Definition
the Network layer
Term
A hub is
Definition
a standard network device for connecting multiple Ethernet devices together by using twisted-pair copper or fiber-optic cables in order to make them function as a single network segment.
Term
A router is
Definition
a network device that can forward packets across computer networks.
Term
Load balancing is
Definition
a technology that can help to evenly distribute work across a network.
Term
What does Stateful packet filtering do?
Definition
It keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.
Term
A proxy server is
Definition
a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user
Term
A reverse proxy does not ______
Definition
serve clients, but instead routes incoming requests to the correct server.
Term
what does a VPN do?
Definition
it encrypts all data that is transmitted between the remote device and the network.
Term
An endpoint is
Definition
the end of the tunnel between VPN devices.
Term
A Web security gateway can
Definition
block malicious content in “real time” as it appears without first knowing the URL of a dangerous site.
Term
Signature- based monitoring is
Definition
Examining network traffic, activity, transactions, or behavior and looking for well-known patterns
Term
Each operation in a computing environment starts with ____
Definition
a system call.
Term
what is NAT?
Definition
a technique that allows private IP addresses to be used on the public Internet
Term
What are Private IP addresses?
Definition
IP addresses that are not assigned to any specific user or organization.
Term
What is PAT used for?
Definition
typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
Term
In order to allow untrusted outside users access to resources such as Web servers, most networks employ a ____
Definition
DMZ
Term
IP addresses are __-bit addresses
Definition
32
Term
Workgroup switches are ________ to the devices on a network
Definition
connected directly
Term
A VLAN allows scattered users to ____
Definition
be logically grouped together even though they may be attached to different switches.
Term
Remote access provides remote users with ______
Definition
the same access and functionality as local users through a VPN or dial-up connection.
Term
TCP/IP is
Definition
The most common protocol suite used today for local area networks (LANs) as well as the Internet
Term
IP is the protocol that _______
Definition
functions primarily at the Open Systems Interconnection (OSI) Network Layer.
Term
TCP is
Definition
the main Transport Layer protocol that is responsible for establishing connections and the reliable data transport between devices.
Term
ICMP is used to ______
Definition
relay query messages.
Term
SNMP agents are protected with
Definition
a password known as a community string in order to prevent unauthorized users from taking control over a device.
Term
The DNS is ____
Definition
a database, organized as a hierarchy or tree, of the name of each site on the Internet and its corresponding IP number.
Term
DNS poisoning can be prevented by _____
Definition
using the latest editions of the DNS software known as BIND.
Term
TCP port 21 is ____
Definition
the FTP control port used for passing FTP commands.
Term
A router forwards ____
Definition
packets across computer networks.
Term
Routers operate at the ______ Layer
Definition
Network
Term
A flood guard is a feature that _____
Definition
controls a device’s tolerance for unanswered service requests and helps to prevent a DoS attack.
Term
A DNS log can create what?
Definition
entries in a log for all queries that are received.
Term
Firewall logs can be used to do what?
Definition
determine whether new IP addresses are attempting to probe the network
Term
Broadcast storms can be prevented with
Definition
loop protection.
Term
It is possible to segment a network by _____
Definition
physical devices grouped into logical units through a VLAN.
Term
IEEE 802.1x provides a greater degree of security by
Definition
implementing port-based authentication.
Term
Virtualization is
Definition
a means of managing and presenting computer resources by function without regard to their physical layout or location.
Term
Server virtualization typically relies on what?
Definition
the kernel, which is software that runs on a physical computer to manage one or more virtual machine operating systems.
Term
Cloud computing is
Definition
a pay-per-use computing model in which customers pay only for the computing resources they need.
Term
In the Cloud Software as a Service model, the cloud computing vendor provides
Definition
access to the vendor’s software applications running on a cloud infrastructure.
Term
In the Cloud Infrastructure as a Service cloud computing model, the customer has
Definition
the highest level of control.
Term
Bluetooth is
Definition
a Personal Area Network technology designed for data communication over short distances.
Term
Most bluetooth devices use
Definition
a Class 2 radio that has a range of 33 feet.
Term
The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on
Definition
the bluetooth v1.2 specifications.
Term
Active Slaves are
Definition
Slave devices that are connected to the piconet and are sending transmissions
Term
Scatternet is
Definition
A group of piconets in which connections exist between different
Term
Bluejacking is
Definition
an attack that sends unsolicited messages to Bluetooth-enabled devices.
Term
Bluesnarfing is
Definition
an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers.
Term
An AP acts as ____
Definition
the “base station” for the wireless network
Term
A rogue access point is
Definition
an unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks.
Term
An evil twin is
Definition
an AP that is set up by an attacker.
Term
What does a device do when it receives a beacon frame from an AP?
Definition
the device sends a frame known as an association request frame to the AP.
Term
The SSID can generally be
Definition
any alphanumeric string from 2 to 32 characters.
Term
CRC is designed to
Definition
detect any changes in a packet, whether accidental or intentional
Term
AES-CCMP is
Definition
the encryption protocol standard for WPA2
Term
EAP is
Definition
a framework for transporting authentication protocols instead of the authentication protocol itself.
Term
EAP request packets are issued by
Definition
the authenticator.
Term
An EAP packet contains
Definition
a field that indicates the function of the packet and an identifier field used to match requests and responses
Term
LEAP requires
Definition
mutual authentication used for WLAN encryption using Cisco client software.
Term
PEAP is considered
Definition
a more flexible EAP scheme because it creates an encrypted channel between the client and the authentication server.
Term
Rogue access points are serious threats to network security because
Definition
they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data.
Term
Wireless VLANs allow ___
Definition
a single access point to service different types of users.
Term
the subject is
Definition
A user or a process functioning on behalf of the user that attempts to access an
Term
an Operation is
Definition
the action that is taken by the subject over the object.
Term
An access control model is
Definition
a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
Term
Mandatory Access Control is
Definition
the most restrictive access control model.
Term
In the UAC dialog boxes, the color gray indicates
Definition
the lowest risk
Term
The DAC model is
Definition
the least restrictive.
Term
Role Based Access Control is
Definition
considered a more “real world” access control than the other models because the access is based on a user’s job function within an organization.
Term
Rule Based Access Control is
Definition
often used for managing user access to one or more systems.
Term
A user under Role Based Access Control can be assigned
Definition
only one role.
Term
Separation of duties requires ____
Definition
that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals.
Term
An ACL is
Definition
a set of permissions that are attached to an object.
Term
Orphaned accounts are
Definition
user accounts that remain active after an employee has left an organization.
Term
Account expiration indicates when
Definition
an account is no longer active.
Term
A user accessing a computer system
Definition
present credentials or identification when logging on to the system.
Term
RADIUS is
Definition
suitable for what are called “high-volume service control applications” such as dial-in access to a corporate network.
Term
During RADIUS authentication the AP, serving as the authenticator that will accept or reject the wireless device, creates
Definition
a data packet from this information called the authentication request.
Term
Kerberos is
Definition
an authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users.
Term
TACACS is
Definition
an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server
Term
Entries in the DIB are arranged in a tree structure called
Definition
DIT
Term
The X.500 standard defines a protocol for a client application to access an X.500 directory called
Definition
DAP
Term
LDAP injection attacks may allow an attacker to
Definition
construct LDAP statements based on user input statements
Term
A password is
Definition
a secret combination of letters, numbers, and/or characters that only the user should know.
Term
The weakness of passwords
Definition
centers on human memory.
Term
A protocol analyzer can
Definition
also capture transmissions that contain passwords
Term
A character set is
Definition
the set of letters, symbols, and characters that make up the password
Term
Due to the limitations of online guessing, most password attacks today use ___
Definition
offline cracking.
Term
Brute force attack is
Definition
where every possible combination of letters, numbers, and characters is used to create encrypted passwords.
Term
The hybrid attack will
Definition
slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
Term
Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer
Definition
rainbow tables.
Term
To create a rainbow table, each chain begins with
Definition
an initial password that is encrypted.
Term
Standard biometrics can
Definition
use fingerprints or other unique characteristics of a person’s face, hands, or eyes (irises and retinas) to authenticate a user.
Term
Dwell time is
Definition
the time it takes for a key to be pressed and then released.
Term
Speech recognition accepts
Definition
spoken words for input as if they had been typed on the keyboard
Term
If a user typically accesses his bank’s Web site from his home computer on nights and weekends, then this information can be used to
Definition
establish a computer footprint of typical access.
Term
Cognitive biometrics is
Definition
related to the perception, thought process, and understanding of the user.
Term
It is predicted that cognitive biometrics could become
Definition
a key element in authentication in the future.
Term
Identity management is
Definition
using a single authentication credential that is shared across multiple networks.
Term
SSO holds the promise of
Definition
reducing the number of usernames and passwords that users must memorize
Term
Windows Live ID was originally designed as
Definition
a federated identity management system that would be used by a wide variety of Web servers.
Term
Microsoft is Windows CardSpace is
Definition
a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.
Term
OAuth permits users to
Definition
share resources stored on one site with a second site without forwarding their authentication credentials to the other site.
Term
A trusted OS is
Definition
an operating system that has been reengineered so that it is designed to be secure from the ground up.
Supporting users have an ad free experience!