E5 Flashcards

1
Q

Exam Question 201 (p.269)Why are weak passwords a significant problem in networks?

A

Because hackers get in and cause trouble.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Exam Question 202 (p.269):

List three true measures of password quality.

A

Is it easy for you to remember? Is it dicult to guess? Is it difficult for
others to remember

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Exam Question 203 (p.269):

What is a dictionary attack?

A

It is using a long list of likely passwords in hopes of finding one that works

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Exam Question 204 (p.269):

List two types of bad passwords.

A

a) anything short, (b) anything in a dictionary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Exam Question 205 (p.269):

What do I recommend for a password?

A

initials of a familiar phrase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Exam Question 206 (p.269):

What is a high-value password?

A

A password to protect a high-value asset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Exam Question 207 (p.269):

What is a low-value password?

A

A password to protect a low-value asset.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Exam Question 208 (p.269):

Does it matter if a low-value password is easy to guess?

A

Not much.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Exam Question 209 (p.269):

List four ways to prove identity.

A

What you have. What you know. What you are. What you can do.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Exam Question 210 (p.269):

What is multi-factor authentication?

A

Several UNRELATED factors must be presented.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Exam Question 211 (p.269):

What is single sign-on?

A
You authenticate once and then receive credentials that are (a) used on
related websites (b) in place of authenticating again.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Exam Question 212 (p.269):

What is a hacker?

A

Someone that goes beyond the routine ways of using a tool.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Exam Question 213 (p.269):

Is hacking bad?

A

no

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Exam Question 214 (p.269):

What does black hat mean?

A

It means a bad-guy hacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Exam Question 215 (p.269):

What does white hat mean?

A

It means a good-guy (ethical) hacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Exam Question 216 (p.269):

What is pen testing?

A

penetration testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Exam Question 217 (p.269):

What are symmetric keys?

A

Encryption keys that cancel each other out are symmetric.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Exam Question 218 (p.269):

What does rot13 stand for?

A

rotate thirteen

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Exam Question 219 (p.269):

How does rot13 work?

A

Each letter is replaced by the one 13 places away.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Exam Question 220 (p.270):

Who knows Alice’s public key?

A

everybody

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Exam Question 221 (p.270):

Who knows Alice’s private key?

A

Alice

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Exam Question 222 (p.270):

How do you send a private message to Bob?

A

Encrypt it with Bob’s public key.

23
Q

Exam Question 223 (p.270):

What is the purpose of encrypting a message?

A

Prevent others from understanding it.

24
Q

Exam Question 224 (p.270):

What is the purpose of signing a message?

A

Prove authorship.

25
Q

Exam Question 225 (p.270):

How do you sign a message?

A

Encrypt it with your private key.

26
Q

Exam Question 226 (p.270):

How does signing prove authorship?

A

Only the person with the private key could have encrypted it. They must
be the source.

27
Q

Exam Question 227 (p.270):

How can Bob send a private, authenticated message to Alice?

A

First, encrypt it with Bob’s private key to prove authorship. Second,
encrypt the result with Alice’s public key to provide privacy.

28
Q

Exam Question 228 (p.270):

Why are public-key systems special?

A

They let us create a shared secret between parties that did not already
know each other

29
Q

Exam Question 229 (p.270):

Why is RSA special?

A

It easily creates good public keys.

30
Q

Exam Question 230 (p.270):

What is a prime number?

A

A number with no proper factors.

31
Q

Exam Question 231 (p.270):

Why are prime numbers used in encryption?

A

It is easy to multiply two large prime numbers, but it is dicult to nd
the original numbers.

32
Q

Exam Question 232 (p.270):

What does the RSA private key consist of?

A

Two large prime numbers are chosen. They are the private key.

33
Q

Exam Question 233 (p.270):

What does the RSA public key consist of?

A

The large prime numbers of the private key are multiplied together. The
result is the public key.

34
Q

Exam Question 234 (p.270):

If RSA is so great, why are other things used?

A

other things are faster

35
Q

Exam Question 235 (p.270):

Is http considered to be secure? Why?

A

No. Traffic (data) is not encrypted.

36
Q

Exam Question 236 (p.270):

Is https considered to be secure? Why?

A

Yes. Traffic (data) is encrypted.

37
Q

Exam Question 237 (p.270):

What does SSL stand for?

A

secure sockets layer

38
Q

Exam Question 238 (p.270):

What does TLS stand for?

A

transport layer security

39
Q

Exam Question 239 (p.270):

How does SSL protect confidentiality of a TCP connection?

A

Traffic (data) is (a) encrypted to (b) hide its meaning.

40
Q

Exam Question 240 (p.270):

What is an Outside Threat?

A

A threat by a machine outside of your LAN.

41
Q

Exam Question 241 (p.271):

What is a botnet?

A

A network of computers controlled by a hacker, usually without the
knowledge of their real owners.

42
Q

Exam Question 242 (p.271):

For what two things are botnets commonly used?

A

Sending spam. Doing attacks.

43
Q

Exam Question 243 (p.271):

What does DDOS stand for?

A

distributed denial of service (attack)

44
Q

Exam Question 244 (p.271):

What is a zombie?

A

A computer that is part of a botnet.

45
Q

Exam Question 245 (p.271):

What does PWN stand for?

A

own

Pwn means you have been owned by a hacker. They control your computer.

46
Q

Exam Question 246 (p.271):

What is an Inside Threat?

A

A threat by a machine inside your LAN.

47
Q

Exam Question 247 (p.271):

What two things does server mean?

A

(a) a program (software) that provides a service, (b) a computer (hard-
ware) where such a program runs

48
Q

Exam Question 248 (p.271):

How can firewalls mitigate network attacks against servers?

A

They can control the number of incoming requests based on IP address.

49
Q

Exam Question 249 (p.271):

How can firewalls mitigate network attacks against clients?

A

They can prevent all uninvited access from outside the LAN.

50
Q

Exam Question 250 (p.271):

What does DMZ stand for?

A

demilitarized zone

51
Q

Exam Question 251 (p.271):

What service does DMZ provide?

A

It directs unexpected network trac on all ports to one designated ma-
chine.

52
Q

Exam Question 252 (p.271):

What service does port forwarding provide?

A

It directs unexpected network trac on a few ports to a designated ma-
chine.

53
Q

Exam Question 253 (p.271):

How can sharing your Wi-Fi be dangerous?

A

Bad people might get directly into your LAN. This bypasses your main
firewall.