Chapter 10 - Test 3

Question 1

What is the first step in any security plan?

Answer 1

• risk assessment

- understanding the key assets that need protection, and assessing the risks to each.

Question 2

What is network security focused on?

Answer 2

-preventing, detecting, and correcting security problems due to disruptions, destruction, disaster, and unauthorized access.

Question 3

What is the primary goal of network security?

Answer 3

-protect organizations’ data and application software.

Question 4

What are the fiver primary goals of network security?

Answer 4

• confidentiality
• integrity
• availability
• non-repudiation
• authentication

Question 5

Describe confidentiality.

Answer 5

-the protection of organizational data from unauthorized disclosure of customer and proprietary data.

Question 6

Describe Integrity.

Answer 6

-assurance that data have not been altered or destroyed.

Question 7

Describe availability.

Answer 7

-providing continuous opertion of the organization’s hardware and software so that staff, customers, and suppliers can be assured of no interruptions in service.

Question 8

Describe non-repudiation.

Answer 8

-a person can’t deny having performed an action.

Question 9

Describe authentication.

Answer 9

-authenticate identity, give access to resources they only have access to, audit use of those resources.

Question 10

What categories can security threats be classified as?

Answer 10

• ensuring business continuity

- preventing unauthorized access.

Question 11

Describe business continuity.

Answer 11

-ensuring availability with some aspects of data integrity.

Question 12

Describe business continuity.

Answer 12

-ensuring availability with some aspects of data integrity.

Question 13

What are the three main threats to business continuity?

Answer 13

• disruptions: loss of or reduction in network service.
• destruction of data
• intrusion: confidentiality and integrity.

Question 14

Describe controls.

Answer 14

-software, hardware, rules, or procedures that reduce or eliminate the threats to network security.

Question 15

What do controls do?

Answer 15

-prevent, detect, and/or correct whatever might happen to the organization because of threats facing its computer-based systems.

Question 16

What do controls do?

Answer 16

-prevent, detect, and/or correct whatever might happen to the organization because of threats facing its computer-based systems.

Question 17

Describe preventive controls.

Answer 17

• mitigate or stop a person from acting or an event from occuring.
• examples are passwords, guard, or security lock

Question 18

Describe detective controls.

Answer 18

• reveal or discover unwanted events.

- software that looks for illegal network entry

Question 19

Describe corrective controls.

Answer 19

-remedy an unwanted event or an intrusion.

Question 20

Describe a risk assessment.

Answer 20

-assign levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.

Question 21

Describe a control spreadsheet.

Answer 21

-ensures that data communication networks and microcomputer workstations have the necessary controls and that these controls offer adequate protection. that are currently in the network.

Question 22

What is the first step in a risk assessment

Answer 22

• identify assets.

- something of value and can be either hardware, software, data, or applications.

Question 23

Describe mission-critical applications.

Answer 23

• an information system that is critical to the survival of the organization.
• cannot be permitted to fail, and if it does fail, the network staff drops everything else to fix it.

Question 24

Describe threats.

Answer 24

-potential adverse occurence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.

Question 25

Describe threats.

Answer 25

-potential adverse occurence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization.

Question 26

Describe controls.

Answer 26

-mitigate or stop a threat, or protect an asset.

Question 27

What is the last step in using a control spreadsheet?

Answer 27

-evaluate the adequacy of the existing controls and the resulting degree of risk associated with each threat.

Question 28

What is a Delphi team?

Answer 28

-team of experts between three to nine key people that review the plan.

Question 29

What are macro viruses?

Answer 29

-viruses contained in document, emails, or spreadshee files, can spread when an infected file is simply opened.

Question 30

What is a worm?

Answer 30

-special type of virus that spreads itself without human intervention.

Question 31

Describe DoS.

Answer 31

• Denial of Service attach
• attacker attempts to disrupt the network by flooding it with messages so that the network cannot process messages from normal users.

Question 32

Describe DDoS

Answer 32

• distributed denial of service attack
• attacker breaks into and takes control of many computers on the internet and plants DDos agent.
• attacker uses DDoS handler to control the agents.

Question 33

What are ways to prevent DoS and DDoS

Answer 33

• traffic filtering: verify that source address of all incoming messages is in a valid address range for that connection.
• traffic limiting: limit number of incoming packets that could be DoS/DDoS attack packets that it allows to enter the network.
• traffic anomaly detector: installed in front of the main router or firewall to perform traffic analysis.

Question 34

How do traffic anomaly detectors work?

Answer 34

• monitors normal traffic patterns and learns what normal traffic looks like.
• when it recognizes a sudden burst of abnormally high traffic destined for a specific server or device, it quarantines those incoming packets but allows normal traffic to flow through the network.

Question 35

How do traffic anomaly detectors work?

Answer 35

• monitors normal traffic patterns and learns what normal traffic looks like.
• when it recognizes a sudden burst of abnormally high traffic destined for a specific server or device, it quarantines those incoming packets but allows normal traffic to flow through the network.

Question 36

What are six types of attacks?

Answer 36

• ICMP attacks
• UDP attacks
• TCP SYN Floods
• Unix process table attacks
• Finger of death attacks
• DNS Recursion attacks.

Question 37

Describe physical security.

Answer 37

• key component of theft protection.

- visitors be authorized by an organization employee.

Question 38

What is redundancy?

Answer 38

• best way to prevent a failure from impacting business continuity.
• for any network component that would have a major impact on business continuity, network designer provides a second, redundant component.

Question 39

What are fault-tolerant servers?

Answer 39

-contain many redundant components so that if one of its components fails, it will continue to operate.

Question 40

Describe RAID.

Answer 40

• Redundant array of independent disks
• made of many disk drives, when a file is written to a RAID device it is written across several separate, redundant disks.

Question 41

Describe RAID 0.

Answer 41

-uses multiple drives and is faster than traditional storage.

Question 42

Describe RAID 1.

Answer 42

• writes duplicate copies of all data on at least two different disks.
• also called disk mirroring.

Question 43

Describe RAID 2.

Answer 43

-provides error checking to ensure no errors have occurred during the reading or writing process.

Question 44

Describe RAID 3.

Answer 44

provides better and faster error checking process than RAID 2.

Question 45

Describe RAID 4.

Answer 45

-provides slightly faster read access than RAID 3 because of the way it allocates the data to different disk drives.

Question 46

Describe RAID 5.

Answer 46

-provides slightly faster read and write access because of the way it allocates the error checking data to different disk drives.

Question 47

Describe RAID 6,

Answer 47

can survive the faiure of two drives with no data loss.

Question 48

Describe RAID 6,

Answer 48

can survive the faiure of two drives with no data loss.

Question 49

What is a disaster recovery plan?

Answer 49

-should address various levels of response to a number of possible disasters and should provide for partial or complete recovery of all data, application software, network components and physical facilities.

Question 50

Describe coninuous data protection.

Answer 50

-copies of all data and transactions on slected servers are written to CDP servers as the transaction occurs.

Question 51

What are the four types of intruders?

Answer 51

• script kiddies
• hackers/crackers:experts in security, motivation is the thrill of the hunt
• professional hackers: break into corporate or government computers for specific purposes.
• organization employees who have legitimate access to the network, but who gain access to information they are not authorized to use.

Question 52

What are the four types of intruders?

Answer 52

• script kiddies
• hackers/crackers:experts in security, motivation is the thrill of the hunt
• professional hackers: break into corporate or government computers for specific purposes.
• organization employees who have legitimate access to the network, but who gain access to information they are not authorized to use.

Question 53

What is a a security policy.

Answer 53

-critical to controlling risk due to intrusion.

Question 54

What is a firewall.

Answer 54

• commonly used to secure an organization’s internet connection.
• router or special-purpose device that examines packets flowing into and out of a network and restricts access to the organization’s network.

Question 55

What are three types of firewalls?

Answer 55

• packet-level
• application-level
• NAT

Question 56

Describe packet-level firewalls.

Answer 56

• examine source and destination address of every network packet that passes through it
• only allows packets that have acceptable source and destination addresses.
• only examined at transport and network layer.
• does not monitor the contents or why they are being transmitted and does not log packets for later analysis.

Question 57

What is an ACL?

Answer 57

• access control list
• set of rules for the packet level firewall so it knows what packets to permit into the network and what packets to deny entry.

Question 58

What is IP spoofing?

Answer 58

-can change the source IP address on the packets they send.

Question 59

Describe an application-level firewall.

Answer 59

• examines contents of the application layer packet and searches for known attacks.
• rules for each application.
• can use stateful inspection: monitor and record the status of each connection and can use this information in making decisions.
• often prohibit external users from uploading executable files.

Question 60

Describe NAT firewalls.

Answer 60

• converting between one set of public IP address to a second set of private IP addresses.
• uses address table to translate private IP addresss into proxy IP addresses. Sets source port number to a unique number that it uses as an index into its address table to find the IP address of the actual sending commputer.