E5 Flashcards

Question 1

Q

Exam Question 201 (p.269)Why are weak passwords a significant problem in networks?

Answer

A

Because hackers get in and cause trouble.

Question 2

Q

Exam Question 202 (p.269):List three true measures of password quality.

Answer

A

Is it easy for you to remember? Is it dicult to guess? Is it difficult forothers to remember

Question 3

Q

Exam Question 203 (p.269):What is a dictionary attack?

Answer

A

It is using a long list of likely passwords in hopes of finding one that works

Question 4

Q

Exam Question 204 (p.269):List two types of bad passwords.

Answer

A

a) anything short, (b) anything in a dictionary.

Question 5

Q

Exam Question 205 (p.269):What do I recommend for a password?

Answer

A

initials of a familiar phrase

Question 6

Q

Exam Question 206 (p.269):What is a high-value password?

Answer

A

A password to protect a high-value asset.

Question 7

Q

Exam Question 207 (p.269):What is a low-value password?

Answer

A

A password to protect a low-value asset.

Question 8

Q

Exam Question 208 (p.269):Does it matter if a low-value password is easy to guess?

Answer

A

Not much.

Question 9

Q

Exam Question 209 (p.269):List four ways to prove identity.

Answer

A

What you have. What you know. What you are. What you can do.

Question 10

Q

Exam Question 210 (p.269):What is multi-factor authentication?

Answer

A

Several UNRELATED factors must be presented.

Question 11

Q

Exam Question 211 (p.269):What is single sign-on?

Answer

A

You authenticate once and then receive credentials that are (a) used onrelated websites (b) in place of authenticating again.

Question 12

Q

Exam Question 212 (p.269):What is a hacker?

Answer

A

Someone that goes beyond the routine ways of using a tool.

Question 13

Q

Exam Question 213 (p.269):Is hacking bad?

Answer

A

no

Question 14

Q

Exam Question 214 (p.269):What does black hat mean?

Answer

A

It means a bad-guy hacker

Question 15

Q

Exam Question 215 (p.269):What does white hat mean?

Answer

A

It means a good-guy (ethical) hacker.

Question 16

Q

Exam Question 216 (p.269):What is pen testing?

Answer

A

penetration testing

Question 17

Q

Exam Question 217 (p.269):What are symmetric keys?

Answer

A

Encryption keys that cancel each other out are symmetric.

Question 18

Q

Exam Question 218 (p.269):What does rot13 stand for?

Answer

A

rotate thirteen

Question 19

Q

Exam Question 219 (p.269):How does rot13 work?

Answer

A

Each letter is replaced by the one 13 places away.

Question 20

Q

Exam Question 220 (p.270):Who knows Alice's public key?

Answer

A

everybody

Question 21

Q

Exam Question 221 (p.270):Who knows Alice’s private key?

Answer

A

Alice

Question 22

Q

Exam Question 222 (p.270):How do you send a private message to Bob?

Answer

A

Encrypt it with Bob's public key.

Question 23

Q

Exam Question 223 (p.270):What is the purpose of encrypting a message?

Answer

A

Prevent others from understanding it.

Question 24

Q

Exam Question 224 (p.270):What is the purpose of signing a message?

Answer

A

Prove authorship.

Question 25

Q

Exam Question 225 (p.270):How do you sign a message?

Answer

A

Encrypt it with your private key.

Question 26

Q

Exam Question 226 (p.270):How does signing prove authorship?

Answer

A

Only the person with the private key could have encrypted it. They mustbe the source.

Question 27

Q

Exam Question 227 (p.270):How can Bob send a private, authenticated message to Alice?

Answer

A

First, encrypt it with Bob's private key to prove authorship. Second,encrypt the result with Alice's public key to provide privacy.

Question 28

Q

Exam Question 228 (p.270):Why are public-key systems special?

Answer

A

They let us create a shared secret between parties that did not alreadyknow each other

Question 29

Q

Exam Question 229 (p.270):Why is RSA special?

Answer

A

It easily creates good public keys.

Question 30

Q

Exam Question 230 (p.270):What is a prime number?

Answer

A

A number with no proper factors.

Question 31

Q

Exam Question 231 (p.270):Why are prime numbers used in encryption?

Answer

A

It is easy to multiply two large prime numbers, but it is dicult to ndthe original numbers.

Question 32

Q

Exam Question 232 (p.270):What does the RSA private key consist of?

Answer

A

Two large prime numbers are chosen. They are the private key.

Question 33

Q

Exam Question 233 (p.270):What does the RSA public key consist of?

Answer

A

The large prime numbers of the private key are multiplied together. Theresult is the public key.

Question 34

Q

Exam Question 234 (p.270):If RSA is so great, why are other things used?

Answer

A

other things are faster

Question 35

Q

Exam Question 235 (p.270):Is http considered to be secure? Why?

Answer

A

No. Traffic (data) is not encrypted.

Question 36

Q

Exam Question 236 (p.270):Is https considered to be secure? Why?

Answer

A

Yes. Traffic (data) is encrypted.

Question 37

Q

Exam Question 237 (p.270):What does SSL stand for?

Answer

A

secure sockets layer

Question 38

Q

Exam Question 238 (p.270):What does TLS stand for?

Answer

A

transport layer security

Question 39

Q

Exam Question 239 (p.270):How does SSL protect confidentiality of a TCP connection?

Answer

A

Traffic (data) is (a) encrypted to (b) hide its meaning.

Question 40

Q

Exam Question 240 (p.270):What is an Outside Threat?

Answer

A

A threat by a machine outside of your LAN.

Question 41

Q

Exam Question 241 (p.271):What is a botnet?

Answer

A

A network of computers controlled by a hacker, usually without theknowledge of their real owners.

Question 42

Q

Exam Question 242 (p.271):For what two things are botnets commonly used?

Answer

A

Sending spam. Doing attacks.

Question 43

Q

Exam Question 243 (p.271):What does DDOS stand for?

Answer

A

distributed denial of service (attack)

Question 44

Q

Exam Question 244 (p.271):What is a zombie?

Answer

A

A computer that is part of a botnet.

Question 45

Q

Exam Question 245 (p.271):What does PWN stand for?

Answer

A

ownPwn means you have been owned by a hacker. They control your computer.

Question 46

Q

Exam Question 246 (p.271):What is an Inside Threat?

Answer

A

A threat by a machine inside your LAN.

Question 47

Q

Exam Question 247 (p.271):What two things does server mean?

Answer

A

(a) a program (software) that provides a service, (b) a computer (hard-ware) where such a program runs

Question 48

Q

Exam Question 248 (p.271):How can firewalls mitigate network attacks against servers?

Answer

A

They can control the number of incoming requests based on IP address.

Question 49

Q

Exam Question 249 (p.271):How can firewalls mitigate network attacks against clients?

Answer

A

They can prevent all uninvited access from outside the LAN.

Question 50

Q

Exam Question 250 (p.271):What does DMZ stand for?

Answer

A

demilitarized zone

Question 51

Q

Exam Question 251 (p.271):What service does DMZ provide?

Answer

A

It directs unexpected network trac on all ports to one designated ma-chine.

Question 52

Q

Exam Question 252 (p.271):What service does port forwarding provide?

Answer

A

It directs unexpected network trac on a few ports to a designated ma-chine.

Question 53

Q

Exam Question 253 (p.271):How can sharing your Wi-Fi be dangerous?

Answer

A

Bad people might get directly into your LAN. This bypasses your mainfirewall.

Brainscape's Knowledge GenomeTM

E5 Flashcards

Brainscape's Knowledge Genome^TM