Chapter 4

Question 1

Application programming interface (API)

Answer 1

set of routines, standards, protocols, and tools for building software applications
Allow different software applications to communicate with eachother to exchange data, features, and functionality

Question 2

Bit

Answer 2

Representation of data (zero or 1) at Layer 1 of the Open Systems Interconnection (OSI) Model

Question 3

Broadcast

Answer 3

one to many form of sending internet traffic

Question 4

Byte

Answer 4

unit of digital information that most commonly consists of eight bits

Question 5

Cloud computing

Answer 5

model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction

Question 6

Community cloud

Answer 6

cloud infrastructure provisioned for exclusive use by specific community of consumers

Question 7

De-encapsulation

Answer 7

opposite process of encapsulation, where bundles of data are unpacked or revealed

Question 8

File Transfer Protocol (FTP)

Answer 8

standard internet protocol (and program) used for the transfer of computer files from a server to a client on a computer network.

Question 9

Fragment attack

Answer 9

Attacker fragments traffic in such a way that the system is unable to put data packets back together- exploiting the IP fragmentation process

Question 10

Hybrid cloud

Answer 10

combination of public cloud storage and private cloud storage

Question 11

Infrastructure as a Service (IaaS)

Answer 11

provider of core computing, storage and network hardware and software that is the foundation organizations can build and then deploy applications

Question 12

Internet Control Message Protocol (ICMP)

Answer 12

IP network protocol standardized by Internet Engineering Task Force (IETF) through RFC 792 to determine if a particular service or host is available

Question 13

Man-in-the-Middle

Answer 13

attack where adversaries position themselves in between the user and system so they can intercept and alter data traveling between them

Question 14

Internet Protocol (IPv4)

Answer 14

standard protocol for transmission of data from source to destinations in packet switched communications networks and interconnected systems of such networks

Question 15

Microsegmentation

Answer 15

Part of zero-trust strategy that breaks LANs into very small, highly localized zones using firewalls or similar technologies

Question 16

Oversized Packet Attack

Answer 16

purposely sending a network packet that is larger than expected or larger than can be handled by the receiving system, causing the receiving system to fail unexpectedly

Question 17

Packet

Answer 17

Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model

Question 18

Payload

Answer 18

primary action of a malicious code attack

Question 19

Payment Card Industry Data Security Standard (PCI DSS)

Answer 19

information security standard that applies to merchants and service providers who process credit or debit transactions

Question 20

Platform as a Service (PaaS)

Answer 20

web application development middleware environment that allows applications to be built in the cloud before they’re deployed as SaaS assets

Question 21

Private cloud

Answer 21

cloud computing platform implemented within corporate firewall under control of the IT department

Question 22

Protocols

Answer 22

set of rules to implement and control some type of association between systems

Question 23

Public cloud

Answer 23

cloud infrastructure provisioned for open use by general public

Question 24

Simple Mail Transport Protocol

Answer 24

standard communication protocol for sending and receiving emails between senders and receivers

Question 25

Software as a Service (SaaS)

Answer 25

cloud customer uses a cloud provider’s applications running within a cloud infrastructure

Question 26

Spoofing

Answer 26

faking the ending address of a transmission to gain illegal entry into a secure system

Question 27

Transport Control Protocol/Internet Protocol (TCP/IP) Model

Answer 27

Internetworking protocol model created by the IETF: specifies 4 layers of functionality

-Link Layer (physical communications)
-Internet Layer (network-to-network connection)
-Transport Layer (basic channels for connections and connectionless exchange of data between hosts)
-Application Layer- other protocols and user application programs make use of network services

a foundational network communication framework that defines how data is transmitted over networks, including the internet, using a four-layer architecture: application, transport, internet, and network access

Question 28

VLAN

Answer 28

virtual local area network (VLAN)- logical group of workstations, servers, and network devices that appear to be on the same LAN despite their geographical distribution

Question 29

VPN

Answer 29

virtual private network (VPN)- built on top of existing networks to provide secure communications for transmission between networks

Question 30

WLAN

Answer 30

wireless local area network (WLAN)- group of computers and devices in the same vicinity, forming a network based on radio transmissions rather than wired communications

Question 31

Zenmap

Answer 31

graphical user interface (GUI) for Nmap Security Scanner- open source application that scans networks to determine everything is connected

Question 32

Zero Trust

Answer 32

removing design belief that the network has any trusted space. Security managed at every level