DM5: Information Asset Security and Control

Question 1

What are examples of network security controls?

Answer 1

firewalls and intrusion detection systems

Question 2

What is one major function of network security controls?

Answer 2

protection and critical alert information at borders between trusted and untrusted networks

Question 3

What is a dedicated circuit?

Answer 3

symmetric telecommunications line connecting two locations

Question 4

What is a switched circuit?

Answer 4

telecom line that does not permanently connect two locations and can be set up on demand using logical addressing

Question 5

What are the types of switched circuits?

Answer 5

circuit switching and packet switching

Question 6

What are switched circuits?

Answer 6

Mechanism used over telephone ISDN. Allows data connections that can be initiated when needed and terminated when complete, much like a telephone line.

Question 7

What is packet switching?

Answer 7

Networks have connections into a carriers network where many customers share. The carrier creates virtual circuits between customers where packets are shared.

Question 8

What is baseband?

Answer 8

analog telecom signal where signals are directly injected into the communications link and only one, half-duplex channel is available

Question 9

What types of network architectures might an enterprise be implement?

Answer 9

modern networks (WAN); service oriented architecture (SOA);

Question 10

What is a service oriented architecture (SOA)?

Answer 10

network architecture where components use simple object access protocol (SOAP) and XML to interoperate in a network

Question 11

What is a benefit of a service-oriented architecture (SOA)?

Answer 11

information is highly accessible, available anytime and anywhere, and centrally managed for optimum netowrk use

Question 12

What are common organizations networks?

Answer 12

Local, storage, wide, personal, and metropolitan

Question 13

What is a LAN?

Answer 13

computer network that cover a limited area

Question 14

What is a SAN?

Answer 14

variation of LAN dedicated to connecting storage devices to servers and computers

Question 15

What is a WAN?

Answer 15

Computer network that covers a broad area (city, region)

Question 16

What is a PAN?

Answer 16

Microcomputer network used for communication among devices used by a single person

Question 17

What is a MAN?

Answer 17

WAN limited to a city or a region and have higher data rates than WANs

Question 18

What are some examples of network services?

Answer 18

network file shares, email services, print services, remote access services, directory services, network management, DHCP, DNS

Question 19

What is the purpose of DHCP?

Answer 19

Provides clients with IP address and other network parameters and ensures they are all unique.

Question 20

Whats the purpose of a DNS?

Answer 20

translate names of network nodes into IP addresses (reference)

Question 21

What does “interoperability” mean?

Answer 21

when connecting various system for communications where different sites may use media that could operate at different speeds

Question 22

Whats the primary model used to understand network protocols?

Answer 22

Open Systems Interconnection (OSI) model

Question 23

What are the 7 layers of the OSI below?

Answer 23

1) physical layer
2) data link layer
3) network layer
4) transport layer
5) session layer
6) presentation layer
7) application layer

Question 24

What is the physical layer in the OSI model?

Answer 24

provides the hardware that transmits and receives signals. Typically defines cables, connectors, cards, and physical aspects of the hardware to connect to the network

Question 25

What is the data link layer (OSI model)?

Answer 25

provides transfer of data across physical links; receives packets of data from the network layer and frames them; generally listens to only data intended for a single MAC address

Question 26

What is the network layer (OSI model)?

Answer 26

creates a “virtual circuit” between the transport layers of the local device and other devices; layer that understands IP addresses; responsible for routing and forwarding data based on addresses

Question 27

What is the transport layer (OSI model)?

Answer 27

provides transfer of data between end points; ensures that remote transport layers receives all data from the local session layer; acknowledges packets received from transport layer

Question 28

What is the session layer (OSI model)?

Answer 28

Controls sessions between computers; establishes and manages connections between local and remote application layers and manages all data exchanges between them

Question 29

What is the presentation layer (OSI model)?

Answer 29

standard interface for the application layer; converts outgoing data into standard format for the destination layer

Question 30

What is the application layer (OSI model)?

Answer 30

interface for user-level applications; communicates resources to network and is used to access network resources

Question 31

What is an acronym for the OSI model?

Answer 31

“People Dance Naked To Sexy Parties, Always!” PDNTSPA;

Question 32

Which three OSI model layers align with TCP/IP’s application layer?

Answer 32

Application, presentation, session

Question 33

What are the risks of a LAN?

Answer 33

-Loss of data and program integrity (unauthorized access)
-lack of data protection (poor version control)
-exposure to external activity (unauthorized access from outside)
-Virus/worms
-Illegal access through impersonation
-internal sniffing and spoofing

Question 34

What is a repeater?

Answer 34

physical layer devices that extend the range of a network or connect networks together. They receive signals from one network segment and amplify the signal

Question 35

What is a hub?

Answer 35

physical layer device that is the center of a star topology;

Question 36

What is a bridge?

Answer 36

a data link layer device that connect LANs or create a LAN and WAN to reduce collision. They look at MAC addresses when forwarding data to devices

Question 37

What is a layer 2 switch?

Answer 37

data link layer devices that interconnect network segments and help reduce collisions on ethernet-based networks. Use MACs and ASICs to better use data link protocols

Question 38

What is a router?

Answer 38

create network segments but remain logically sepearate

Question 39

What is a layer 3 switch?

Answer 39

looks at IP addresses in packets and analyzes IP address tables to find best route. They are used to create a VLAN.

Question 40

What are benefits of using a VPN?

Answer 40

network managers can cost-efficiently increase span of corporate network;
remote users can securily access data;
secure communications with business partners;
substantial incremental bandwidth

Question 41

How many modes does IPsec use?

Answer 41

two

Question 42

What is tunneling IPsec?

Answer 42

type of mode where tunneling is used to encrypt an entire packet, including the header

Question 43

What is transport IPSec?

Answer 43

type of mode where only a portion of the packet is encrypted

Question 44

What are the primary concerns with VPNs?

Answer 44

security of transmission (hijacking);
management of technology;
configuration management;
unaltered/accurate data

Question 45

What are CGI scripts?

Answer 45

executable, machine-independent software programs run on the server and called by a web server and perform specific sets of tasks.

Question 46

What are the types of network management tools?

Answer 46

Response time reports, downtime reports, online monitors, network monitors, network analyzers, SNMP, help desk reports

Question 47

Which network management tool is used to identify the time necessary for commands from users to be answered by a system?

Answer 47

Response time report

Question 48

Which network management tool tracks the availability of telecom lines and circuits?

Answer 48

downtime reportw

Question 49

Which network management tool checks data transmission for accuracy?

Answer 49

online monitors (ing)

Question 50

Which network management tool attaches to the network and provides diagnostic tools for monitoring packet flow?

Answer 50

network analyzer

Question 51

What is simple network management protocol (SNMP)?

Answer 51

TCP/IP based protocol to monitor network variables, manage configurations, and collect statistics.

Question 52

What are the three types of firewalls?

Answer 52

packet filtering, application firewalls, stateful inspection

Question 53

Which type of firewall is the first generation firewall where headers of each packet are read and analyzed and certain packets are prevented from being sent?

Answer 53

packet filtering

Question 54

What are common attacks against packet filtering firewalls?

Answer 54

IP spoofing - faking IP address of a trusted host;

Source routing specification - assigning specific route for packet to bypass firewall;

miniature fragment attack - fragmenting an IP address into smaller ones into a firewall in hopes only part of the address is read

Question 55

What are the two types of application firewall systems?

Answer 55

Application-level and circuit-level systems

Question 56

What is the difference between application-level and circuit-level firewall systems?

Answer 56

Application-level systems analyze packets using proxys for each service and examines for known attacks on each proxy; circuit-level systems validate TCP and UDP sessions through a single proxy

Question 57

What is a stateful inspection firewall?

Answer 57

Type of firewall that keeps track of destination IP addresses and uses this to determine if incoming packets are the response to a sent packet.

Question 58

What is the difference between a symmetric key system and an asymmetric key in encryption?

Answer 58

symmetric keys use the same unique key (secret keys) for both encryption and decryption; asymmetric keys use different encryption and decryption keys (one public and one private)

Question 59

What does hashing do?

Answer 59

Transforms text of arbitrary length into on of fixed width. Hashes are one-way and used in cryptographic schemes

Question 60

Which type of encryption key system is consider a public key keys?

Answer 60

asymmetric key system

Question 61

Which type of encryption key system is better suited for bulk data encryption due to being less complicated and requiring less power?

Answer 61

symmetric key system

Question 62

What is non-repudiation?

Answer 62

a sender can’t deny that they sent a message because the private key is only known by the sender and is the only to know if it’s been decrypted

Question 62

What does the certification authority maintain that includes all compromised certificates that are rejected when used?

Answer 62

certificate revocation list (CRL)

Question 62

Does VoIP use packet switching or circuit switching to send data through the network layer?

Answer 62

packet switching

Question 62

What is used to prevent man in the middle attacks on public key systems? And how does it prevent them?

Answer 62

certification authority; it appends information of the sender to the public key and creates a digital certificate for the encryption

Question 63

Which key system is primarily vulnerable to to man in the middle attacks?

Answer 63

Public (asymmetric) key systems; when an attacker replaces a genuine public key with their own key

Question 64

What are the primary risks related to VoIP?

Answer 64

protecting security of conversations; ineffective controls of the system leading to data loss;

Question 65

What is a digital signature in email?

Answer 65

sequence of bits appended to a digital document and it’s authenticity can be verified and unique to each document.Wh

Question 66

What are benefits of digital signatures in email?

Answer 66

Signature cannot be forged; signature is authentic and encrypted; signature is not reused; signed documents can’t be altered

Question 67

What are the primary requirements of cloud computing environments?

Answer 67

continued availability of systems;
preservation of integrity and confidentiality;
conformity to applicable laws;
conformity to privacy policies

Question 68

What are some considerations that should be made by IS auditors when review cloud computing?

Answer 68

data ownership, custody, and security of cloud deployments;
legal requirements for unique datasets;
limitations to the right-to-audit

Question 69

What are the three types of virtualization that can be deployed?

Answer 69

native virtualization;
hosted virtualization;
containerization

Question 70

What are the primary advantages of virtualization?

Answer 70

decreased server cost;
shared processing power;
decrease of physical footprint;
multiple environments can be used;

Question 71

What are the primary DISadvantages of virtualization?

Answer 71

poor configurations could lead to vulnerabilities;
compromised management consoles expose hosts;
performance issues of the host server;
data leakage between different client users

Question 72

What is an alteration attack? How can it be defended?

Answer 72

unauthorized modifications affect integrity of data or code;

hashing

Question 73

What is a botnet attack?

Answer 73

collection of compromised computers (zombies) running malicious software placed worms/trojan horses/back doors

Question 74

What are examples of passive network attacks?

Answer 74

network analysis, eavesdropping, and traffic analysis

Question 75

What are examples of active network attacks?

Answer 75

brute force attack; masquerading; phishing; DoS; dial-in attacks; email attacks; unauthorized access

Question 76

What is the purpose of a penetration test by an IS auditor?

Answer 76

attempt to circumvent the security features of a system and exploit vulnerabilities to gain access that would otherwise be unauthorized

Question 77

How do intrusion detection systems (IDS) work?

Answer 77

They work continuously with routers and firewalls to monitor network usage anomalies and protect the network from internal or external misuse

Question 78

What are the two categories of IDS?

Answer 78

network-based and host-basedW

Question 79

What are host-based IDS’s?

Answer 79

IDS system that is configured for a specific environment that monitors internal resources by detecting changes to executables, deletion of files, and use of privileged commands?W

Question 80

What are network-based IDS’s?

Answer 80

IDS system placed between the internet and the firewall to detect all attack attempts, regardless if they make it to the firewall. If placed between firewall and internal network, it will detect intruders.

Question 81

What are the three specific types of IDS’s?

Answer 81

signature-based; statistical-based; neural network

Question 82

What is a signature based IDS?

Answer 82

ISD that identifies intrusions using patterns that have been stored as signatures

Question 83

What is a statistical based IDS?

Answer 83

ISD that use a comprehensive definition of known and expected behavior of systems in order to identify an intrustion

Question 84

What are neural networks for IDS?

Answer 84

IDS feature that creates a database using patterns of activity and traffic on networks and uses self-learning technology to better understand these patterns

Question 85

What are the cons of signature and statistical based IDS?

Answer 85

Signature based cant detect all types of intrusions to limitations of rules and statistical based may report normal network activity

Question 86

What is the difference between a honeypot and a honeynet?

Answer 86

A honeypot pretends to be a vulnerable server to act as a decoy system and becomes valuable when targeted; honeynets are a set of honeypots that simulate a larger network where hacker activity can be observed

Question 87

What is the purpose of an intrusion prevention system (IPS)?

Answer 87

detect and prevent attacks;

Question 88

What is an applicaton-level gateway?

Answer 88

best way to protect against hacking because it can define with detail rules that describe the type of user or connection that is or is not permitted.

Question 89

Is a digital signature or digital certificate more reliable authentication method?

Answer 89

Digital certificate - because its issue by a trusted third party

Question 90

In addition to non-repudiation, digital signatures provide which: integrity or confidentiality?

Answer 90

Confidentiality