Chapter 5 - Protection of information assets

Question 1

What is PBX (Private Branch Exchange)?

Answer 1

Private Branch Exchange is a sophisticated computer based switch that can be thought of as essentially a small, in house phone company for the organisation that operates it.

Question 2

What are the risks associated with PBX?

Answer 2

Theft of service
disclosure of information(Eavesdropping)
Data modification
Unauthorised access
DoS
Traffic Ananlysis

Question 3

what is an EER (Equal Error Rate)?

Answer 3

EER is used to determine the performance of a biometric control device. It is the overall measurements of the false acceptance rate and false rejection rate.

The lower the EER, the more effective the biometric measurement is.

Question 4

what is the objective of Data lead prevention?

Answer 4

DLP is designed to locate,monitor, and protect sensitive information fro the risks of unauthosied disclosure.

The objectives of DLP are:

1. Locate and catalog sensitive information stored throughout the enterprise
2. Monitor and control the movement of sensitive information across the enterprise nentworks and on end-user systems

Question 5

What is a signnature-based IDS is most useful for?

Answer 5

To protect against known signature intrution patterns (privided by the vendor).IDS needs to be placed behind the firewall so it can monitor intriders that breach the firewall.

Question 6

What is the benefit of using callback devices?

Answer 6

A callback feature provide an audit trail.It hooks into the access control software and logs all authorised and unauthorised access attempts, permitting the follow-up and further review of potential breaches.

Call forwarding is a means to bypass callback control

Question 7

What is Secure Socket Layer (SSL)?

Answer 7

SSL is a standard security technology for establishing an encrypted Lin between a server and a client - typically a web server (website) and a browser, or a mail server and a mail client (e.g. Outlook).

A protocol that is used to transmit private documents thorough the Internet. The SSL protocol uses a private key to encrypt the data that is to be transferred through the SSL connection.

SSL uses a symmetric key for message encryption

Question 8

The shortening of URL can increase which type of attack?

Answer 8

Phishing

Question 9

What is the advantage of the Elliptical curve cryptography?

Answer 9

Limited bandwidth resources suitable for encrypting mobile devices

Much higher speed of encryption with shorter keys compare to the RSA encryption

Question 10

What is the best way to ensure the complete encryption and authentication protocols exist for protecting information while transmitted?

Answer 10

Tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). This is known as IPSecurity (IPSec).

Question 11

What is Kerberos?

Answer 11

Kerberos is a network authentication protocol for client-server application that can be used to restrict access to the database to authorised users

Question 12

What could cause eavesdropping of VoIP traffic?

Answer 12

Corruption of the Address Resolution Protocol (ARP) cache in Ethernet switches.

On an Ethernet switch there is a data table known as the ARP cache, which stores mappings between Media Access Controls (MAC) and IP addresses. During normal operations, Ethernet switches only allow directed traffic to flow between the ports involved in the conversation and no other ports can see that traffic However, if the ARP cache is intentionally corrupted with an ARP poisoning attack, some Ethernet switches simply “flood” the directed traffic to all ports of the switch which could allow an attacker to monitor traffic not normally visible to the port where the attacker was connected, and thereby eavesdrop on VoIP Protocol traffic

Question 13

What is common gateway interface?

Answer 13

CGI scripts are an executable, machines-independent software program run on the server that can be called and executed y a web server.

A bug in the scripts may allow a user to get authorised access to the server and, from there, eventually to the organisation’s network

Question 14

What is the role of a directory server in PKI?

Answer 14

Makes other users’ certificates available to application

Question 15

What is chain of custody policy?

Answer 15

Chain of custody involves documentation of how digital evidence is acquired, processed, handled, stored and protected, and who handled the evidences and why. If there is no policy in place, it is unlikely that employees will ensure that the chain of custody is maintained during any data breach investigation

Question 16

What is the differences between MAC (mandatory Access Control) and DAC (discretionary access control)

Answer 16

Mandatory Access control cannot be controlled or modified by normal users.

Discretionary Access Control allow controls to be configured or modified by the users or data owners

Question 17

What is Check Digit?

Answer 17

A check digit is a form of redundancy check used for error detection on identification numbers, such as bank account numbers, which are used in an application where they will at least sometimes be input manually. It is analogous to a binary parity bit used to check for errors in computer-generated data.

Question 18

What is a hash value?

Answer 18

A hash value is a numeric value of a fixed length that uniquely identifies data. Hash values represent large amounts of data as much smaller numeric values, so they are used with digital signatures. You can sign a hash value more efficiently than signing the larger value.

It is the best way to ensure that the data in a file have not been changed during transmission. Therefore it is the best way to ensure authentication and integrity.

Hashing is irreversible. It works one way.

Question 19

What is a Platform as a service?

Answer 19

PaaS is a category of cloud computing services that provides a platform allowing customers to develop, run and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.

Question 20

What is the functionality of VPN?

Answer 20

Hide information from sniffers on the net. It works based on encapsulation and encryption of sensitive traffic

Question 21

What is Session boarder controller (SBC)?

Answer 21

SBC provides security features for VoIP traffic similar to that provided by firewalls.SBCs can be configured to filter specific VoIP protocols, monitor for denial-of-service attacks, and provide network address and protocol translation features.

Question 22

What is a Telnet?

Answer 22

It is a network protocol that allows a user on one computer to log into another computer that is part of the same network.

The use of a point-to-point leased line is the best way to ensure proper security controls.

Question 23

What is the main feature of Mobile Communication (GSM) technology?

Answer 23

The inherent security features of global systems for mobile communications (GSM) technology combines with the use of a virtual private network (VPN) are appropriate. The confidentiality of the communication on the GSM radio link is ensured by the use of encryption and the use of a VPN signified that an encrypted session is established between the laptop and the corporate network.

GSM is a global standard for cellular telecom that can be used for both voice and data. Currently deployed commercial GSM technology has multiple overlapping security features which prevent eavesdropping, session hijacking or unauthorised use of the GSM carrier network. While other wireless technologies such as 802.11b wireless LAN technologies have been designed to allow the user to adjust or even disable security settings, GSM does not allow any devices to connect to the system unless all relevant security features are active and enabled.