CS Midterm

Question 1

AAA

Answer 1

Authentication, authorization and Accounting

Question 2

Access Control

Answer 2

Mechanisms or methods used to determine what access permissions subjects have for objects.

Question 3

Accounting

Answer 3

Collection of billing and other detail records kept for network access.

Question 4

Authentication

Answer 4

The process by which a subject’s identity is verified

Question 5

Authentication Header (AH)

Answer 5

A portion of the IPsec security protocol that provides authentication services and replay-detection ability. Can be used with Encapsulating Security Payload (ESP)

Question 6

Authorization

Answer 6

granting of specific permissions based on privileges held by the account.

Question 7

Content Protection

Answer 7

Protection of the data portion of a datagram

Question 8

Context Protection

Answer 8

Protection of the header of a datagram

Question 9

Discretionary Access Control (DAC)

Answer 9

An access control mechanism in which the owner of an object (such as a file) can decide which other subjects may have access to the object and what type of access.

Question 10

Encapsulating Security Payload (ESP)

Answer 10

A portion of the IPsec implementation that provides for data confidentiality with optional authentication and replay detection services. ESP completely encapsulates user data in the datagram and can be used by itself or in conjunction with Authentication Headers.

Question 11

Identification

Answer 11

Process of ascribing a computer ID to a specific user, computer network device or computer process.

Question 12

Internet Key Exchange (IKE)

Answer 12

The protocol formerly known as ISAKMP/Oakley. A hybrid protocol that uses part Oakley and part SEMI inside the Internet Security Association framework. IKE is used to establish a shared security policy and authenticated keys for services that require keys.

Question 13

Internet Protocol Security (IPsec)

Answer 13

A protocol used to secure IP packets during transmission across a network. Offers authentication, integrity and confidentiality services. Uses AH and ESP.

Question 14

Internet Security Association & Key Management Protocol (ISAKMP)

Answer 14

A protocol framework that defines the mechanics of implementing a key exchange protocol and negotiation of a security policy.

Question 15

Kerberos

Answer 15

A network authentication protocol designed by MIT for use in client/server environments.

Question 16

Key Distribution Center (KDC)

Answer 16

A portion of the Kerberos authentication system.

Question 17

Layer 2 Tunneling Protocol (L2TP)

Answer 17

A Cisco switching protocol that operates at the data link layer.

Question 18

Mandatory Access Control (MAC)

Answer 18

An access control mechanism in which the security mechanism controls access to all objects and individual subjects cannot change that access.

Question 19

Point to Point Protocol

Answer 19

The Internet standard for transmission of IP packets over a serial line, as in a dial-up connection to an ISP.

Question 20

Remote Access Server (RAS)

Answer 20

A combination of hardware and software used to enable remote access to a network.

Question 21

Role-based Access Control

Answer 21

An access control mechanism in which, a set of roles that the user may perform depends on access.

Question 22

Rule-Based Access Control

Answer 22

Access Control mechanism based on rules

Question 23

Security Association (SA)

Answer 23

An instance of security policy and keying material applied to a specific data flow.

Question 24

Virtual Private Network (VPN)

Answer 24

An encrypted network connection across another network offering a private communication channel.

Question 25

Ping sweep

Answer 25

sends a ping (an Internet Control Message Protocol ICMP) echo request to the target machine.

Question 26

smurf attack

Answer 26

attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.

Question 27

TCP/IP Hijaking

Answer 27

taking control of an already existing session between a client and server.

Question 28

Malware

Answer 28

refers to software designed for nefarious

purposes.

Question 29

certificate

Answer 29

A cryptographically signed object that contains an identity and a public key associated with this identity.

Question 30

certificate authority

Answer 30

An entity responsible for issuing and revoking certificates.

Question 31

Certificate Revocation List

Answer 31

A digitally signed object that lists all of the current but revoked certificates issued by a given certification authority.

Question 32

Internet Security Association and Key Management Protocol

Answer 32

A protocol framework that defines the mechanics of implements a key exchange protocol and negotiation of a security policy.

Question 33

Point-to-Point Tunneling Protocol

Answer 33

allows the encapsulation of one packet inside another to hid the original packet

Question 34

Pretty Good Privacy

Answer 34

A popular encryption program that has the ability to encrypt and digitally sign email and files

Question 35

Public Key Infrastructure

Answer 35

Infrastructure for binding a public key to a known user through a trusted intermediary, typically a CA

Question 36

secure multipurpose internet mail extension

Answer 36

An encrypted implementation of the MIME protocol specification

Question 37

Secure Socket Layer (SSL)

Answer 37

An encryption layer between the session and transport layer

Question 38

Transport Layer Security

Answer 38

a newer form of SSL

Question 39

Wired Equivalent Privacy

Answer 39

Encryption scheme used to attempt to provide confidentiality and data integrity on 802.11 networks

Question 40

Wireless Application Protocol

Answer 40

A protocol for transmitting data to small handheld devices such as cell phones

Question 41

Wireless Transport Layer Security

Answer 41

The encryption protocol used on WAP networks

Question 42

X.509

Answer 42

The standard format for digital certificates