deck_598156 Flashcards
Exam Question 201 (p.269)Why are weak passwords a significant problem in networks?
Because hackers get in and cause trouble.
Exam Question 202 (p.269):List three true measures of password quality.
Is it easy for you to remember? Is it dicult to guess? Is it difficult forothers to remember
Exam Question 203 (p.269):What is a dictionary attack?
It is using a long list of likely passwords in hopes of finding one that works
Exam Question 204 (p.269):List two types of bad passwords.
a) anything short, (b) anything in a dictionary.
Exam Question 205 (p.269):What do I recommend for a password?
initials of a familiar phrase
Exam Question 206 (p.269):What is a high-value password?
A password to protect a high-value asset.
Exam Question 207 (p.269):What is a low-value password?
A password to protect a low-value asset.
Exam Question 208 (p.269):Does it matter if a low-value password is easy to guess?
Not much.
Exam Question 209 (p.269):List four ways to prove identity.
What you have. What you know. What you are. What you can do.
Exam Question 210 (p.269):What is multi-factor authentication?
Several UNRELATED factors must be presented.
Exam Question 211 (p.269):What is single sign-on?
You authenticate once and then receive credentials that are (a) used onrelated websites (b) in place of authenticating again.
Exam Question 212 (p.269):What is a hacker?
Someone that goes beyond the routine ways of using a tool.
Exam Question 213 (p.269):Is hacking bad?
no
Exam Question 214 (p.269):What does black hat mean?
It means a bad-guy hacker
Exam Question 215 (p.269):What does white hat mean?
It means a good-guy (ethical) hacker.
Exam Question 216 (p.269):What is pen testing?
penetration testing
Exam Question 217 (p.269):What are symmetric keys?
Encryption keys that cancel each other out are symmetric.
Exam Question 218 (p.269):What does rot13 stand for?
rotate thirteen
Exam Question 219 (p.269):How does rot13 work?
Each letter is replaced by the one 13 places away.
Exam Question 220 (p.270):Who knows Alice’s public key?
everybody
Exam Question 221 (p.270):Who knows Alice’s private key?
Alice
Exam Question 222 (p.270):How do you send a private message to Bob?
Encrypt it with Bob’s public key.
Exam Question 223 (p.270):What is the purpose of encrypting a message?
Prevent others from understanding it.
Exam Question 224 (p.270):What is the purpose of signing a message?
Prove authorship.
Exam Question 225 (p.270):How do you sign a message?
Encrypt it with your private key.
Exam Question 226 (p.270):How does signing prove authorship?
Only the person with the private key could have encrypted it. They mustbe the source.
Exam Question 227 (p.270):How can Bob send a private, authenticated message to Alice?
First, encrypt it with Bob’s private key to prove authorship. Second,encrypt the result with Alice’s public key to provide privacy.
Exam Question 228 (p.270):Why are public-key systems special?
They let us create a shared secret between parties that did not alreadyknow each other
Exam Question 229 (p.270):Why is RSA special?
It easily creates good public keys.
Exam Question 230 (p.270):What is a prime number?
A number with no proper factors.
Exam Question 231 (p.270):Why are prime numbers used in encryption?
It is easy to multiply two large prime numbers, but it is dicult to ndthe original numbers.
Exam Question 232 (p.270):What does the RSA private key consist of?
Two large prime numbers are chosen. They are the private key.
Exam Question 233 (p.270):What does the RSA public key consist of?
The large prime numbers of the private key are multiplied together. Theresult is the public key.
Exam Question 234 (p.270):If RSA is so great, why are other things used?
other things are faster
Exam Question 235 (p.270):Is http considered to be secure? Why?
No. Traffic (data) is not encrypted.
Exam Question 236 (p.270):Is https considered to be secure? Why?
Yes. Traffic (data) is encrypted.
Exam Question 237 (p.270):What does SSL stand for?
secure sockets layer
Exam Question 238 (p.270):What does TLS stand for?
transport layer security
Exam Question 239 (p.270):How does SSL protect confidentiality of a TCP connection?
Traffic (data) is (a) encrypted to (b) hide its meaning.
Exam Question 240 (p.270):What is an Outside Threat?
A threat by a machine outside of your LAN.
Exam Question 241 (p.271):What is a botnet?
A network of computers controlled by a hacker, usually without theknowledge of their real owners.
Exam Question 242 (p.271):For what two things are botnets commonly used?
Sending spam. Doing attacks.
Exam Question 243 (p.271):What does DDOS stand for?
distributed denial of service (attack)
Exam Question 244 (p.271):What is a zombie?
A computer that is part of a botnet.
Exam Question 245 (p.271):What does PWN stand for?
ownPwn means you have been owned by a hacker. They control your computer.
Exam Question 246 (p.271):What is an Inside Threat?
A threat by a machine inside your LAN.
Exam Question 247 (p.271):What two things does server mean?
(a) a program (software) that provides a service, (b) a computer (hard-ware) where such a program runs
Exam Question 248 (p.271):How can firewalls mitigate network attacks against servers?
They can control the number of incoming requests based on IP address.
Exam Question 249 (p.271):How can firewalls mitigate network attacks against clients?
They can prevent all uninvited access from outside the LAN.
Exam Question 250 (p.271):What does DMZ stand for?
demilitarized zone
Exam Question 251 (p.271):What service does DMZ provide?
It directs unexpected network trac on all ports to one designated ma-chine.
Exam Question 252 (p.271):What service does port forwarding provide?
It directs unexpected network trac on a few ports to a designated ma-chine.
Exam Question 253 (p.271):How can sharing your Wi-Fi be dangerous?
Bad people might get directly into your LAN. This bypasses your mainfirewall.
