Chapter 10 Security

Question 1

What are two types of Security Threats?

10.0.1.1

Answer 1

Internal threats - Users and employees who have access to data, equipment, and the network

External threats - Users outside of an organization who do not have authorized access to the network or resources

Question 2

What are two types of attacks?

10.0.1.1

Answer 2

Physical - Events or attacks that steal, damage, or destroy equipment, such as servers, switches, and wiring

Data - Events or attacks that remove, corrupt, deny access to authorized users, allow access to unauthorized users, or steal information

Question 3

What are four types of security threats that infect your computer?
10.1.1.1

Answer 3

Adware
Spyware
Grayware
Phishing

Question 4

What is Adware?

10.1.1.1

Answer 4

Adware is a software program that displays advertising on your computer. Adware is usually distributed with downloaded software.

Question 5

What is Spyware?

10.1.1.1

Answer 5

Spyware is installed and running, it monitors activity on the computer. The spyware then sends this information to the individual or organization responsible for launching the spyware.

Question 6

What is Grayware?

10.1.1.1

Answer 6

Grayware may be malicious and is sometimes installed with the user’s consent. For example, a free software program may require the installation of a toolbar that displays advertising or tracks a user’s website history.

Question 7

What is Phishing?

10.1.1.1

Answer 7

Phishing is where the attacker pretends to represent a legitimate outside organization, such as a bank. A potential victim is contacted via email, telephone, or text message.

Question 8

What is Denial of Service (DoS)?

10.1.1.6

Answer 8

DoS works by sending so many requests for a system resource that the requested service is overloaded and ceases to operate

Question 9

What is Distributed DoS (DDoS)?

10.1.1.6

Answer 9

A DDoS attack uses many infected computers, called zombies or botnets, to launch an attack. The intent is to obstruct or overwhelm access to the targeted server

Question 10

What is a SYN Flood?

10.1.1.6

Answer 10

A SYN request is the initial communication sent to establish a TCP connection. A SYN flood attack randomly opens TCP ports at the source of the attack and ties up the network equipment or computer.

Question 11

What is Spoofing?

10.1.1.6

Answer 11

In a spoofing attack, a computer pretends to be a trusted computer to gain access to resources. The computer uses a forged IP or MAC address

Question 12

What is Man-in-the-Middle?

10.1.1.6

Answer 12

An attacker performs a Man-in-the-middle attack by intercepting communications between computers to steal information transiting through the network. A Man-in-the-middle attack could also be used to manipulate messages and relay false information between hosts

Question 13

What is Replay?

10.1.1.6

Answer 13

To perform a replay attack, data transmissions are intercepted and recorded by an attacker. These transmissions are then replayed to the destination computer. The destination computer handles these replayed transmissions as authentic and sent by the original source.

Question 14

What is DNS Poisoning?

10.1.1.6

Answer 14

DNS records on a system are changed to point to imposter servers. The user attempts to access a legitimate site, but traffic is diverted to an imposter site. The imposter site is used to capture confidential information

Question 15

What is Social Engineering?

10.1.2.1

Answer 15

Social engineering occurs when an attacker tries to gain access to equipment or a network by tricking people into providing the necessary access information

Question 16

What is Data wiping?

10.1.2.2

Answer 16

Data wiping, also known as secure erase, is a procedure performed to permanently delete data from a hard drive.

Question 17

What is Degaussing?

10.1.2.2.

Answer 17

Degaussing disrupts or eliminates the magnetic field on a hard drive that allow for the storage of data. An electromagnet is a magnet, that when a current is applied, its magnetic.

Question 18

What is a security Policy?

10.2.1.1

Answer 18

A security policy is a collection of rules, guidelines, and checklists. Network technicians and managers of an organization work together to develop the rules and guidelines for the security needs of computer equipment.

Question 19

What is Principle of Least Privilege?

10.2.1.6

Answer 19

Users should be limited to only the resources they need in a computer system or on a network.

Question 20

What is EFS?

10.2.2.4

Answer 20

Encrypting File System

Question 21

What is Hash Encoding?

10.2.4.1

Answer 21

Hash encoding, or hashing, ensures that messages are not corrupted or tampered with during transmission. Hashing uses a mathematical function to create a numeric value that is unique to the data.

Question 22

What are Three Types of Hashing?

10.2.4.1

Answer 22

Secure Hash Algorithm (SHA)
Message Digest 5 (MD5)
Data Encryption Standard (DES)

Question 23

What is Symmetric Encryption?

10.2.4.1

Answer 23

Symmetric Encryption requires both sides of an encrypted conversation to use an encryption key to encode and decode the data. The sender and receiver must use identical keys.

Question 24

What is Asymmetric Encryption?

10.2.4.1

Answer 24

Asymmetric encryption requires two keys, a private key and a public key. The public key can be widely distributed, including emailing in cleartext or posting on the web.

Question 25

What is SSID stand for?

10.2.4.2

Answer 25

Service Set Identifier (SSID)

Question 26

What is Service Set Identifier (SSID)?

Answer 26

Service Set Identifier (SSID) is the name of the wireless network. A wireless router or access point broadcasts the SSID by default so that wireless devices can detect the wireless network.

Question 27

What does WEP stand for?

10.2.4.4

Answer 27

Wired Equivalent Privacy (WEP)

Question 28

What is Wired Equivalent Privacy (WEP)

10.2.4.4.

Answer 28

The first generation security standard for wireless. Attackers quickly discovered that WEP encryption was easy to break.

Question 29

What does (WPA) stand for?
10.2.4.4

Answer 29

Wi-Fi Protected Access (WPA)

Question 30

What is Wi-Fi Protected Access (WPA)

Answer 30

An improved version of WEP, WPA covers the entire 802.11i standard (a security layer for wireless systems). WPA uses much stronger encryption than WEP encryption.

Question 31

What does WPA2 stand for?

10.2.4.4

Answer 31

Wi-Fi Protected Access 2 (WPA2)

Question 32

What is Wi-Fi Protected Access 2 (WPA2)

10.2.4.4

Answer 32

An improved version of WPA. This protocol introduces higher levels of security than WPA. WPA2 supports robust encryption, providing government-grade security. WPA2 has two versions: Personal (password authentication) and Enterprise (server authentication).

Question 33

What is Temporal Key Integrity Protocol (TKIP)

10.2.4.4

Answer 33

This technology changes the encryption key on a per packet basis and provides a method to check the integrity of messages.

Question 34

What is Extensible Authentication Protocol (EAP)

10.2.4.4

Answer 34

Uses a centralized authentication server to increase security.

Question 35

What is Protected Extensible Authentication Protocol (PEAP)

10.2.4.4

Answer 35

A protocol that does not use a certificate server.

Question 36

Advanced Encryption Standard (AES)

10.2.4.4

Answer 36

A symmetric key encryption method added to WPA2 only.

Question 37

What is a Hardware firewall?

10.2.4.7

Answer 37

Hardware firewall is a physical filtering component that inspects data packets from the network before they reach computers and other devices on a network. A hardware firewall is a freestanding unit that does not use the resources of the computers it is protecting