80% OF QUESTIONS.DOC Flashcards by Siobhan Kearns

Match core standards and descriptions: 802.11i

Requires encryption key protocols TKIP and AES
Key Caching, pre-authentication (Used for VoIP)
WPA2

How well did you know this?

Not at all

Perfectly

Match core standards and descriptions: This can be cracked in approximately 5 minutes

WEP

How well did you know this?

Not at all

Perfectly

Match core standards and descriptions: 802.11X

Uses a central authentication server - which provides key management.
Also called Enterprise Mode

How well did you know this?

Not at all

Perfectly

Match core standards and descriptions: Part of this standard has been cracked

WPA

How well did you know this?

Not at all

Perfectly

A TCP _____ segment is a request to open a connection.

SYN

How well did you know this?

Not at all

Perfectly

A Windows host sends a TCP segment with source port number 1200 and destination port number 80. The sending host is a/an _____.

Webserver

How well did you know this?

Not at all

Perfectly

What is the structure of a MAC address?

3 byte OUI followed by a 3 byte vendor assigned number

How well did you know this?

Not at all

Perfectly

Exploit programs that can be remotely controlled by an attacker are _____.

BOTS

How well did you know this?

Not at all

Perfectly

Collecting and logging information about what employees do when they use a system is _____.

Auditing

How well did you know this?

Not at all

Perfectly

A wireless host sends a packet to a server on the companys wired Ethernet LAN via an access point. How many frames will be involved in this oneway transmission?

How well did you know this?

Not at all

Perfectly

In wireless LANs the protocol must be reliable because radio transmission is itself inherently unreliable. The steps taken in wireless LAN transmission are as follows: Sender listens for traffic 1. If there is traffic, the sender waits 2. If there is no traffic: 2a. If there has been no traffic for less than a preset amount of time, waits a random amount of time, then returns to Step 1. 2b, If there has been no traffic for more than a preset amount of time, sends without waiting 3. Receiver immediately sends back an acknowledgement 4. If sender does not receive the acknowledgement, it retransmits What is this protocol called? Choose the correct answer from the following list.

CSMA/CA+ACK

How well did you know this?

Not at all

Perfectly

Programs that masquerade as system files are called?

Trojan Horses

How well did you know this?

Not at all

Perfectly

When a packet that is part of an ongoing connection arrives at a stateful inspection firewall, the firewall usually _____.

Passes the packet without notifying the administrator

How well did you know this?

Not at all

Perfectly

Requiring someone to prove his or her identity is _____.

How well did you know this?

Not at all

Perfectly

The total length of an IP address is ____ bits.

How well did you know this?

Not at all

Perfectly

PSK prevents the use of weak keys

FALSE

How well did you know this?

Not at all

Perfectly

When a packet that is not part of an ongoing connection and that does not attempt to open a connection arrives at a stateful inspection firewall, the firewall _____.

Drops the packet

How well did you know this?

Not at all

Perfectly

The process of proving a users identity is called

Authentication

How well did you know this?

Not at all

Perfectly

Programs that hackers use to break into computers are_____.

Exploits

How well did you know this?

Not at all

Perfectly

Consider the client computer message (put onto the network) of: “My 48-bit ethernet address is A3-4E-C0-1D-BE-EF. Please give me a 32-bit address.” What is the protocol in use?

DHCP

How well did you know this?

Not at all

Perfectly

DHCP sends a PC a or an _____.

IP Address and Subnet Mask

How well did you know this?

Not at all

Perfectly

The main benefit of IPv6 over IPv4 is _____.

The ability to support more possible hosts

How well did you know this?

Not at all

Perfectly

How many host addresses are available for the network 10.5.4.0 255.255.255.0?

256

How well did you know this?

Not at all

Perfectly

128.171.17.13:1234 is _____.

A socket

How well did you know this?

Not at all

Perfectly

Unsolicited commercial e-mail is _____.

Spam

Which of the following is not part of AAA?

Auditing

Four-way closes use ____ segments.

FIN

Consider the following story: "On Wednesday, a man dressed as an armored truck employee with the company AT Systems walked into a BB&T bank in Wheaton about 11 a.m., was handed more than $500,000 in cash and walked out, a source familiar with the case said. It wasn't until the actual AT Systems employees arrived at the bank, the next day that bank officials realized they'd been had." Choose the best description of what just happened from the list below.

Social Engineering

Which of the following can spread more rapidly?

Worms

A router must use the ARP process ______.

Whenever it forwards an IP packet to a host that is not in its ARP cache

Pieces of code programs that are executed after the virus or worm has spread are called _____.

Payloads

To see whether a target host can be reached, you normally would send it an ICMP _____ message.

Echo

_____ is the general name for proofs of identity in authentication.

Credentials

The network part of an IP address is _____ bits long.

The size of the network part varies

Routers use dynamic routing protocols to constantly talk to each other, sharing routing information. What sort of information is exchanged? Pick all that apply.

Which of the following is NOT one of the three major security planning principles?

Perimeter defense

The Internet Control Message Protocol is the internet layer supervisory protocol. Which of the following diagnostic tools takes advantage of the ICMP protocol? Choose all that apply.

Ping

A routing table has 34,569 rows. Rows 12,921 and 26,731 match the destination IP address in an incoming packet. How many rows must the router check for matches?

34,569 | Must check all rows

A router will discard a packet if the TTL value reaches _____.

How many host addresses are available for the network 10.5.4.0 255.255.0.0?

65536

Tricking users into doing something against their best interests is _____.

Social Engineering

IPv6 is slowly replacing IPv4. Why is this the case?

More devices are coming online, and version four has insufficient capacity

The default behavior of a stateful firewall regarding connection-opening attempts is to block all connections initiated by _____.

External Hosts

What happens if two nearby access points use the same channel?

They will interfere with each other

When an attacker sets up an access point outside the firm to entice internal hosts to associate with it, this is a/an _____.

Evil Twin

A mask has _____ bits.

Setting up hosts to protect themselves is _____.

``` ? firewalling b. self-defense c. patching d. host hardening ```

The general name for malware on a users PC that collects sensitive information and sends this information to an attacker is _____.

Spyware

Which of the following secures communication between the wireless computer and the server (or a point near the server)?

VPNs

Which of the following is more serious? | Credit card theft or Identity theft?

Identity Theft

The password 'Security7' can be defeated most quickly by a _____.

Hybrid mode dictionary attack

A user picks the password tiger. This is likely to be cracked most quickly by a/an _____.

Dictionary Attack

Which of the following segments is NOT acknowledged?

RST

The password '7u3&' can be defeated most quickly by a _____.

Brute Force Attack

How many host addresses are available for the network 10.5.4.0 255.255.254.0?

512

How long does it take an attacker to crack WEP today with readily available software?

A few minutes

Active Directory match with description: | At the highest level in an Active Directory design is the __________.

Forest

Active Directory match with description:A __________ contains one or more domains that are in a common relationship.

Tree

Active Directory match with description:An _________ is a grouping of related objects within a domain. This is similar to the idea of having subfolders in a folder.

Organisational Units

Active Directory match with description:Servers that have the Active Directory Domain Services installed on them are:

Domain Controllers

Active Directory match with description:Every resources is called an _____________ and is associated with a domain.

Object

To allow a connection from an internal host to one or more external hosts requires an ACL rule if a stateful firewall is used.

False

Managing Accounts by grouping them. Match type of group to description: Used to provide access to resources in any domain within a forest.

Universal

Managing Accounts by grouping them. Match type of group to description: Used when there is a single domain, or to manage resources in a particular domain, so that the global and universal groups can access those resources.

Domain Local

Managing Accounts by grouping them. Match type of group to description: Used on stand alone servers that are not part of a domain; this type of group does not go beyond the home server.

Local

Managing Accounts by grouping them. Match type of group to description: Used to manage group accounts from the same domain so that those accounts can access resources in the same and in other domains.

Global

PSK mode uses authentication servers.

FALSE

Routers usually are connected in a/an _____ topology.

Mesh

Consider the client computer message (put onto the network) of: "Hello host 10.19.8.12 what is your 48-bit MAC address?" What is the protocol in use?

ARP

To drive around a city looking for working access points that are unprotected is _____.

War Driving

A benefit of using firewalls is that it eliminates the need to harden each host and therefore saves money.

False

A Windows host sends a TCP segment with source port number 80 and destination port number 1200. It is a/an _____.

Email Server

UDP is (3)

Connection-less Unreliable Operates at the transport layer

TCP is (2)

Reliable | Operates at the Transport layer

To deliver an arriving packet to a destination host on a subnet connected to router, the router needs to know the destination hosts _____.

IP address and Data-link layer address

There are currently two (2) dominant wireless LAN standards in use. Pick the correct answers from the 802.11 standards list below.

802. 11A | 802. 11G

A/an _____ specifies a particular application on a particular host.

Socket

What does a router do with ARP request messages?

It broadcasts them

Routing decisions are done on a combination of best IP match and metrics. Use the following list of routing table rows with their speed metrics, to choose the best match row. a. Row 852 Prefix /18 Metric 57 b. Row 67 Prefix /12 Metric 30 c. Row 245 Prefix /18 Metric 50 d. Row 1148 Prefix /17 Metric 130

Biggest prefix and Lowest metric | A

In _____, when a wireless host wishes to send, it first sends a message to the wireless access point asking for permission to send. When the access point sends back a response, the host sending the original message may transmit. All other hosts must wait.

CSMA/CA+ACK

The main version of Internet Protocol in use today is IP version _____.

IPv4

Consider the dotted decimal mask of 255.255.0.0, how many 1s are there in the binary equivalent?

Vulnerabilities are occasionally found in even the best security products. Consequently, companies must _____.

Have defense in depth

DoS attacks are attacks on _____.

Availability

Passwords should be at least _____ characters long.

What do the ones (1's) in a network mask correspond to in IP addresses?

The Network part

IPv6 is the next generation of Internet Protocol. How many bits long is an IPv6 address?

128

Which of the following may drive the adoption of IPv6?

A growing number of hosts in developing countries (especially China and India). A growing number of mobile devices.

A way back into a system that an attacker can use to get into the compromised computer later is called a _____.

Backdoor