DM5: Information Asset Security and Control Flashcards

1
Q

What are examples of network security controls?

A

firewalls and intrusion detection systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is one major function of network security controls?

A

protection and critical alert information at borders between trusted and untrusted networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a dedicated circuit?

A

symmetric telecommunications line connecting two locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a switched circuit?

A

telecom line that does not permanently connect two locations and can be set up on demand using logical addressing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the types of switched circuits?

A

circuit switching and packet switching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are switched circuits?

A

Mechanism used over telephone ISDN. Allows data connections that can be initiated when needed and terminated when complete, much like a telephone line.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is packet switching?

A

Networks have connections into a carriers network where many customers share. The carrier creates virtual circuits between customers where packets are shared.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is baseband?

A

analog telecom signal where signals are directly injected into the communications link and only one, half-duplex channel is available

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What types of network architectures might an enterprise be implement?

A

modern networks (WAN); service oriented architecture (SOA);

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a service oriented architecture (SOA)?

A

network architecture where components use simple object access protocol (SOAP) and XML to interoperate in a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a benefit of a service-oriented architecture (SOA)?

A

information is highly accessible, available anytime and anywhere, and centrally managed for optimum netowrk use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are common organizations networks?

A

Local, storage, wide, personal, and metropolitan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a LAN?

A

computer network that cover a limited area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a SAN?

A

variation of LAN dedicated to connecting storage devices to servers and computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a WAN?

A

Computer network that covers a broad area (city, region)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a PAN?

A

Microcomputer network used for communication among devices used by a single person

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a MAN?

A

WAN limited to a city or a region and have higher data rates than WANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are some examples of network services?

A

network file shares, email services, print services, remote access services, directory services, network management, DHCP, DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the purpose of DHCP?

A

Provides clients with IP address and other network parameters and ensures they are all unique.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Whats the purpose of a DNS?

A

translate names of network nodes into IP addresses (reference)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What does “interoperability” mean?

A

when connecting various system for communications where different sites may use media that could operate at different speeds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Whats the primary model used to understand network protocols?

A

Open Systems Interconnection (OSI) model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the 7 layers of the OSI below?

A

1) physical layer
2) data link layer
3) network layer
4) transport layer
5) session layer
6) presentation layer
7) application layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the physical layer in the OSI model?

A

provides the hardware that transmits and receives signals. Typically defines cables, connectors, cards, and physical aspects of the hardware to connect to the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is the data link layer (OSI model)?

A

provides transfer of data across physical links; receives packets of data from the network layer and frames them; generally listens to only data intended for a single MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the network layer (OSI model)?

A

creates a “virtual circuit” between the transport layers of the local device and other devices; layer that understands IP addresses; responsible for routing and forwarding data based on addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the transport layer (OSI model)?

A

provides transfer of data between end points; ensures that remote transport layers receives all data from the local session layer; acknowledges packets received from transport layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the session layer (OSI model)?

A

Controls sessions between computers; establishes and manages connections between local and remote application layers and manages all data exchanges between them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the presentation layer (OSI model)?

A

standard interface for the application layer; converts outgoing data into standard format for the destination layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is the application layer (OSI model)?

A

interface for user-level applications; communicates resources to network and is used to access network resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is an acronym for the OSI model?

A

“People Dance Naked To Sexy Parties, Always!” PDNTSPA;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which three OSI model layers align with TCP/IP’s application layer?

A

Application, presentation, session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What are the risks of a LAN?

A

-Loss of data and program integrity (unauthorized access)
-lack of data protection (poor version control)
-exposure to external activity (unauthorized access from outside)
-Virus/worms
-Illegal access through impersonation
-internal sniffing and spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is a repeater?

A

physical layer devices that extend the range of a network or connect networks together. They receive signals from one network segment and amplify the signal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What is a hub?

A

physical layer device that is the center of a star topology;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is a bridge?

A

a data link layer device that connect LANs or create a LAN and WAN to reduce collision. They look at MAC addresses when forwarding data to devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What is a layer 2 switch?

A

data link layer devices that interconnect network segments and help reduce collisions on ethernet-based networks. Use MACs and ASICs to better use data link protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is a router?

A

create network segments but remain logically sepearate

39
Q

What is a layer 3 switch?

A

looks at IP addresses in packets and analyzes IP address tables to find best route. They are used to create a VLAN.

40
Q

What are benefits of using a VPN?

A

network managers can cost-efficiently increase span of corporate network;
remote users can securily access data;
secure communications with business partners;
substantial incremental bandwidth

41
Q

How many modes does IPsec use?

A

two

42
Q

What is tunneling IPsec?

A

type of mode where tunneling is used to encrypt an entire packet, including the header

43
Q

What is transport IPSec?

A

type of mode where only a portion of the packet is encrypted

44
Q

What are the primary concerns with VPNs?

A

security of transmission (hijacking);
management of technology;
configuration management;
unaltered/accurate data

45
Q

What are CGI scripts?

A

executable, machine-independent software programs run on the server and called by a web server and perform specific sets of tasks.

46
Q

What are the types of network management tools?

A

Response time reports, downtime reports, online monitors, network monitors, network analyzers, SNMP, help desk reports

47
Q

Which network management tool is used to identify the time necessary for commands from users to be answered by a system?

A

Response time report

48
Q

Which network management tool tracks the availability of telecom lines and circuits?

A

downtime reportw

49
Q

Which network management tool checks data transmission for accuracy?

A

online monitors (ing)

50
Q

Which network management tool attaches to the network and provides diagnostic tools for monitoring packet flow?

A

network analyzer

51
Q

What is simple network management protocol (SNMP)?

A

TCP/IP based protocol to monitor network variables, manage configurations, and collect statistics.

52
Q

What are the three types of firewalls?

A

packet filtering, application firewalls, stateful inspection

53
Q

Which type of firewall is the first generation firewall where headers of each packet are read and analyzed and certain packets are prevented from being sent?

A

packet filtering

54
Q

What are common attacks against packet filtering firewalls?

A

IP spoofing - faking IP address of a trusted host;

Source routing specification - assigning specific route for packet to bypass firewall;

miniature fragment attack - fragmenting an IP address into smaller ones into a firewall in hopes only part of the address is read

55
Q

What are the two types of application firewall systems?

A

Application-level and circuit-level systems

56
Q

What is the difference between application-level and circuit-level firewall systems?

A

Application-level systems analyze packets using proxys for each service and examines for known attacks on each proxy; circuit-level systems validate TCP and UDP sessions through a single proxy

57
Q

What is a stateful inspection firewall?

A

Type of firewall that keeps track of destination IP addresses and uses this to determine if incoming packets are the response to a sent packet.

58
Q

What is the difference between a symmetric key system and an asymmetric key in encryption?

A

symmetric keys use the same unique key (secret keys) for both encryption and decryption; asymmetric keys use different encryption and decryption keys (one public and one private)

59
Q

What does hashing do?

A

Transforms text of arbitrary length into on of fixed width. Hashes are one-way and used in cryptographic schemes

60
Q

Which type of encryption key system is consider a public key keys?

A

asymmetric key system

61
Q

Which type of encryption key system is better suited for bulk data encryption due to being less complicated and requiring less power?

A

symmetric key system

62
Q

What is non-repudiation?

A

a sender can’t deny that they sent a message because the private key is only known by the sender and is the only to know if it’s been decrypted

62
Q

What does the certification authority maintain that includes all compromised certificates that are rejected when used?

A

certificate revocation list (CRL)

62
Q

Does VoIP use packet switching or circuit switching to send data through the network layer?

A

packet switching

62
Q

What is used to prevent man in the middle attacks on public key systems? And how does it prevent them?

A

certification authority; it appends information of the sender to the public key and creates a digital certificate for the encryption

63
Q

Which key system is primarily vulnerable to to man in the middle attacks?

A

Public (asymmetric) key systems; when an attacker replaces a genuine public key with their own key

64
Q

What are the primary risks related to VoIP?

A

protecting security of conversations; ineffective controls of the system leading to data loss;

65
Q

What is a digital signature in email?

A

sequence of bits appended to a digital document and it’s authenticity can be verified and unique to each document.Wh

66
Q

What are benefits of digital signatures in email?

A

Signature cannot be forged; signature is authentic and encrypted; signature is not reused; signed documents can’t be altered

67
Q

What are the primary requirements of cloud computing environments?

A

continued availability of systems;
preservation of integrity and confidentiality;
conformity to applicable laws;
conformity to privacy policies

68
Q

What are some considerations that should be made by IS auditors when review cloud computing?

A

data ownership, custody, and security of cloud deployments;
legal requirements for unique datasets;
limitations to the right-to-audit

69
Q

What are the three types of virtualization that can be deployed?

A

native virtualization;
hosted virtualization;
containerization

70
Q

What are the primary advantages of virtualization?

A

decreased server cost;
shared processing power;
decrease of physical footprint;
multiple environments can be used;

71
Q

What are the primary DISadvantages of virtualization?

A

poor configurations could lead to vulnerabilities;
compromised management consoles expose hosts;
performance issues of the host server;
data leakage between different client users

72
Q

What is an alteration attack? How can it be defended?

A

unauthorized modifications affect integrity of data or code;

hashing

73
Q

What is a botnet attack?

A

collection of compromised computers (zombies) running malicious software placed worms/trojan horses/back doors

74
Q

What are examples of passive network attacks?

A

network analysis, eavesdropping, and traffic analysis

75
Q

What are examples of active network attacks?

A

brute force attack; masquerading; phishing; DoS; dial-in attacks; email attacks; unauthorized access

76
Q

What is the purpose of a penetration test by an IS auditor?

A

attempt to circumvent the security features of a system and exploit vulnerabilities to gain access that would otherwise be unauthorized

77
Q

How do intrusion detection systems (IDS) work?

A

They work continuously with routers and firewalls to monitor network usage anomalies and protect the network from internal or external misuse

78
Q

What are the two categories of IDS?

A

network-based and host-basedW

79
Q

What are host-based IDS’s?

A

IDS system that is configured for a specific environment that monitors internal resources by detecting changes to executables, deletion of files, and use of privileged commands?W

80
Q

What are network-based IDS’s?

A

IDS system placed between the internet and the firewall to detect all attack attempts, regardless if they make it to the firewall. If placed between firewall and internal network, it will detect intruders.

81
Q

What are the three specific types of IDS’s?

A

signature-based; statistical-based; neural network

82
Q

What is a signature based IDS?

A

ISD that identifies intrusions using patterns that have been stored as signatures

83
Q

What is a statistical based IDS?

A

ISD that use a comprehensive definition of known and expected behavior of systems in order to identify an intrustion

84
Q

What are neural networks for IDS?

A

IDS feature that creates a database using patterns of activity and traffic on networks and uses self-learning technology to better understand these patterns

85
Q

What are the cons of signature and statistical based IDS?

A

Signature based cant detect all types of intrusions to limitations of rules and statistical based may report normal network activity

86
Q

What is the difference between a honeypot and a honeynet?

A

A honeypot pretends to be a vulnerable server to act as a decoy system and becomes valuable when targeted; honeynets are a set of honeypots that simulate a larger network where hacker activity can be observed

87
Q

What is the purpose of an intrusion prevention system (IPS)?

A

detect and prevent attacks;

88
Q

What is an applicaton-level gateway?

A

best way to protect against hacking because it can define with detail rules that describe the type of user or connection that is or is not permitted.

89
Q

Is a digital signature or digital certificate more reliable authentication method?

A

Digital certificate - because its issue by a trusted third party

90
Q

In addition to non-repudiation, digital signatures provide which: integrity or confidentiality?

A

Confidentiality

91
Q
A