Elective 1: Prelim

Question 1

____ defined as the interconnection of two or more computers. It is done to enable the computers to communicate and share available resources.

Answer 1

What is Networking?
computer network

Question 2

✓ Sharing of resources such as printers
✓ Sharing of expensive software’s and database
✓ Communication from one computer to another
computer
✓ Exchange of data and information among users via network
✓ Sharing of information over geographically wide areas.

Answer 2

Application:

Question 3

Networking
Computer networks have opened up an entire frontier in the world of computing called the ______

Answer 3

client / server model.

Question 4

Advantages of Computer Network

Answer 4

✓ Increased speed
✓ Reduced cost
✓ Improved security
✓ Centralized software managements
✓ Electronic mail
✓ Flexible access

Question 5

Disadvantages of Computer Network

Answer 5

✓High cost of installation
✓Requires time for administration
✓Failure of server
✓Cable faults

Question 6

Classification of Area by Geography

Answer 6

PAN LAN WAN MAN CAN

Question 7

A ____ is a computer network organized around an individual person.

Answer 7

PERSONAL AREA NETWORK(PAN)

Question 8

It generally consists of a mobile, a computer, a cell phone or personal digital assistant. __ enables the communication among these devices.

Answer 8

PERSONAL AREA NETWORK(PAN)

Question 9

The ___ can be constructed using wireless or cables.

Answer 9

PERSONAL AREA NETWORK(PAN)

Question 10

___ is a network which is designed to operate over a small physical area such as an office, factory or a group of buildings.

Answer 10

LOCAL AREA NETWORK (LAN)

Question 11

___ are easy to design and troubleshoot.

Answer 11

LOCAL AREA NETWORK (LAN)

Question 12

Exchange of information and sharing of resources becomes easy because of ___.

Answer 12

LOCAL AREA NETWORK (LAN)

Question 13

In ___ all machines are connected to a single cable.

Answer 13

LOCAL AREA NETWORK (LAN)

Question 14

Different types of topologies such as star, tree, bus, ring, etc Can be used.

Answer 14

LOCAL AREA NETWORK (LAN)

Question 15

It is usually a privately owned network.

Answer 15

LOCAL AREA NETWORK (LAN)

Question 16

When network spans over a large distance or when the computers to be connected to each other are at widely separated locations a local area network cannot be used. A ____ is installed.

Answer 16

WIDE AREA NETWORK(WAN)

Question 17

The communication between different users of __ is established using leased telephone lines, satellite links and similar channels.

Answer 17

WIDE AREA NETWORK(WAN)

Question 18

It is cheaper and more efficient to use the phone network for the link.

Answer 18

WIDE AREA NETWORK(WAN)

Question 19

Most ___ networks are used to transfer large blocks of data between its users.

Answer 19

WIDE AREA NETWORK(WAN)

Question 20

It is in between LAN & WAN technology that covers the entire city.

Answer 20

METROPOLITAN AREA NETWORK (MAN)

Question 21

It uses similar technology as LAN.

Answer 21

METROPOLITAN AREA NETWORK (MAN)

Question 22

is derived from two Greek words topo
and logy

Answer 22

TOPOLOGY

Question 22

The ___ is made up of an interconnection of LAN with limited geographical area.

Answer 22

CAMPUS AREA NETWORK (CAN)

Question 23

Network equipments such as switches, routers and the transmission media i.e. optical fibers etc are almost entirely owned by the _.

Answer 23

CAMPUS AREA NETWORK (CAN)
_campus owner

Question 23

It can be a single network such as cable TV network, or a measure of connecting a number of LAN’s or a large network so that resources can be shared LAN to LAN as well as device to device.

Answer 23

METROPOLITAN AREA NETWORK (MAN)

Question 24

‘place’

Answer 24

topo

Question 25

‘study’

Answer 25

logy

Question 26

used to explain how a network is physically connected and the logical flow of information in the network.

Answer 26

TOPOLOGY

Question 27

describes how devices are connected and interact with each other using communication links.

Answer 27

TOPOLOGY

Question 27

two types of topologies:

Answer 27

• Physical Topology
• Logical Topology

Question 28

describes the way in which the computers or nodes are connected with each other in a computer network.

Answer 28

Physical Topology

Question 29

It is the arrangement of various elements(link, nodes, etc.), including the device location and code installation of a computer network.

Answer 29

Physical Topology

Question 29

the physical layout of nodes, workstations, and cables in the network.

Answer 29

Physical Topology

Question 30

describes the way, data flow from
one computer to another.

Answer 30

Logical Topology

Question 31

It is bound to a network protocol and defines how data is moved throughout the network and which path it takes.

Answer 31

Logical Topology

Question 32

devices communicate
Internally.

Answer 32

Logical Topology

Question 33

six types of physical topology:

Answer 33

• Bus Topology
• Ring Topology
• Star Topology
• Mesh Topology
• Tree Topology
• Hybrid Topology

Question 34

simplest kind of topology in which a common bus or channel is used for communication in the network. The _ is connected to various taps and droplines.

Answer 34

Bus Topology

Question 34

In other words, there is only a single transmission line for all nodes.

Answer 34

Bus Topology

Question 34

Taps are the __, while droplines are the __ connecting the bus with the computer.

Answer 34

connectors
cables

Question 35

___ acts as the backbone of the network, which joins every computer and peripherals in the network. Both ends of the shared channel have line terminators. The data is sent only in one direction and as soon as it reaches the end, the terminator removes the data from the communication line(to prevent signal bounce and data flow disruption).

Answer 35

bus

Question 36

___, each computer communicates to another computer on the network independently. Every computer can share the network’s total bus capabilities. The devices share the responsibility for the flow of data from one point to the other in the network.

Answer 36

bus topology

Question 37

which each computer is connected to exactly two other computers to form the _. The message passing is
unidirectional and circular in nature.

Answer 37

Ring topology
_ring

Question 37

mainly works on a token-based
system and the token travels in a loop in one specific direction.

Answer 37

Ring topology

Question 38

deterministic in nature, i.e., each computer is given access for transmission at a fixed time interval. All the nodes are connected in a closed-loop.

Answer 38

Ring topology

Question 39

if a token is free then the node can capture the token and attach the data and destination address to the token, and then leaves the token for communication. When this token reaches the destination node, the data is removed by the receiver and the token is made free to carry the next data.

Answer 39

Ring topology

Question 40

which all the nodes are connected to a centralized hub.

Answer 40

Star topology

Question 41

• is a computer network topology in which nodes are interconnected with each other. In other words, direct communication takes place between the nodes in the network.

Answer 41

Mesh topology

Question 41

hub and switch act as a server, and the other connected devices act as clients. Only one input-output port and one cable are required to connect a node to the central device. This topology is better in terms of security because the data does not pass through every node.

Answer 41

star topology

Question 42

is a computer network topology in which all the nodes are directly or indirectly connected to the main buscable.

Answer 42

Tree topology

Question 43

two types of Mesh:

Answer 43

1. Full mesh & 2. Partial mesh

Question 44

In which each node is connected to every other node in the network.

Answer 44

Full Mesh

Question 45

In which, some nodes are not connected to every node in the network.

Answer 45

Partial Mesh

Question 46

is a combination of Bus and Star topology.

Answer 46

Tree topology

Question 47

the whole network is divided into segments, which can be easily managed and maintained. There is a main hub and all the other sub-hubs are connected to each other in this topology.

Answer 47

Tree topology

Question 47

A _ has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe.

Answer 47

successful cybersecurity approach

Question 47

points need to be considered when
selecting a physical topology:

Answer 47

• Ease of Installation.
• Fault Tolerance.
• Implementation Cost.
• Cabling Required.
• Maintenance Required.
• Reliable Nature.
• Ease of Reconfiguration and upgradation.

Question 47

• In this topology, all topologies are interconnected according to the
  needs to form a hybrid. All the good features of each topology can be used to make an efficient _.

Answer 47

Hybrid topology

Question 48

is a computer topology which is a combination of two or more topologies. In practical use, they are the most widely used.

Answer 48

Hybrid topology

Question 49

is the practice of protecting systems, networks, and programs from digital attacks.

Answer 49

Cybersecurity

Question 50

These _ are usually aimed at _, _, _, _, _. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative

Answer 50

_cyberattacks
accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes

Question 51

In an organization, the people, processes, and technology must _ to create an effective
defense from cyber-attacks.

Answer 51

complement one another

Question 52

A _ can automate integrations across select Cisco Security products and
accelerate key security operations functions: _, _, and _.

Answer 52

_unified threat management system
detection, investigation, and remediation.

Question 53

Cybersecurity Models :

Answer 53

CIA Triad

Question 54

is not only about securing information from unauthorized access.

Answer 54

Information security

Question 55

is basically the practice of preventing unauthorized _, _, _, _, _, _, _ or _.

Answer 55

Information security
_access, use, disclosure, disruption, modification, inspection, recording or destruction of information

Question 56

can be anything like your profile on social media, your data in mobile phone, your biometrics etc.

Answer 56

Information

Question 57

spans so many areas like cryptography, mobile computing, forensics, online social media etc.

Answer 57

Information security

Question 58

Information Security programs are built around 3 objectives, commonly known as CIA –

Answer 58

Confidentiality, Integrity, Availability.

Question 59

• means that only the authorized individuals/systems can view sensitive or classified information.

Answer 59

Confidentiality

Question 59

A primary way to avoid this is to use encryption techniques to safeguard your data so that even if the attacker gains access to your data, he/she will not be able to decrypt it.

Answer 59

Confidentiality

Question 60

Encryption standards include

Answer 60

AES(Advanced Encryption Standard) and DES (Data Encryption Standard).

Question 61

Another way to protect your data is through a

Answer 61

VPN tunnel

Question 61

VPN

Answer 61

Virtual Private Network

Question 62

helps the data to move securely over the network

Answer 62

VPN

Question 63

making sure that data has not been modified

Answer 63

Integrity

Question 64

_ is a failure to maintain data integrity.

Answer 64

Corruption of data

Question 65

To check if our data has been modified or not, we make use of a _.

Answer 65

hash function

Question 66

This means that the data should be
readily available to its users.

Answer 66

Availability

Question 67

This applies to systems and to networks - not simply the data, but the technology necessary to obtain and view the data need to be available.

Answer 67

Availability

Question 68

To ensure _, the network/system administrator should _, _, _ and _ in a network

Answer 68

availability
maintain hardware, make regular upgrades, have a plan for fail-over and prevent bottleneck

Question 69

The Parkerian Hexad Added The
Following Three Additional Elements:

Answer 69

Authenticity, Possession, Utility

Question 70

• refers to the veracity of the claim of origin or authorship of the information.

Answer 70

Authenticity

Question 71

means usefulness

Answer 71

Utility

Question 72

Avenues of Attack
- A computer system is attacked for one of two general reasons:

Answer 72

1. It is specifically targeted by an attacker.
2. It is a target of opportunity.

Question 73

Types of malicious software include:

Answer 73

• Viruses, Trojan horses, logic bombs, spyware, and worms

Question 73

• _, or _, refers to software that has been designed for some nefarious purpose.

Answer 73

Malicious Code
_malware

Question 74

Malware can be fairly complex in its construction.

Answer 74

• Multipartite, polymorphic, and metamorphic

Question 75

The best-known type of malicious code

Answer 75

Virus

Question 76

a piece of malicious code that replicates by attaching itself to
another piece of executable code.

Answer 76

Virus

Question 77

The first viruses created were of two types:

Answer 77

• Boot sector viruses and program viruses

Question 78

attaches itself to executable files so that it is executed before the program executes.
- Most _ also hide a nefarious purpose, such as deleting the hard drive data.

Answer 78

program virus

Question 78

are pieces of code that attempt to penetrate networks and
computer systems.
* Once a penetration occurs, the worm will create a new copy of itself on the penetrated system.
— There is an important distinction:
** _mcode has to attach itself to something else.
** _ code can “survive” on its own.

Answer 78

Worms

Question 79

infects the boot sector portion of a floppy disk or hard drive.

Answer 79

Boot sector virus

Question 80

• One of the primary means of avoiding detection by sensors is the use of polymorphic code.
  ** This is code that changes on a regular basis.
  ** These changes or mutations are designed not to affect the functionality of the code, but rather to mask any signature from detection.
  *** Polymorphic programs can change their coding after each use, making each replicant different from a detection point of view.

Answer 80

Polymorphic Malware

Question 81

or simply _, is a piece of software that appears
to do one thing (and may, in fact, actually do that thing) but hides
some other functionality.
* is a standalone program that must be copied and installed by the user.

Answer 81

Trojan Horses

Question 82

a form of malware specifically designed to modify the operation of the operating system in some fashion to facilitate nonstandard functionality.
* Can do virtually anything that the operating system does
* Designed to avoid the security functions of the operating system to avoid
detection using subversion or evasion
* Can load before the operating system loads, acting as a virtualization layer
* Acts as a form of malware and can exist in firmware and as loadable library modules

Answer 82

Rootkits

Question 83

a type of malicious software that is deliberately installed, generally by an authorized user.
* is a piece of code that sits dormant for a period of time until some event invokes its malicious payload.
* _ are difficult to detect.
* They demonstrate the need for a separation of duties and a periodic review of all programs and services that are running on a system.
* They reinforce need for active backups.

Answer 83

Logic Bombs

Question 84

is software that “spies” on users, recording and reporting on their activities.
* Typically installed without user knowledge, spyware can do a wide range of activities.
* It can record keystrokes (commonly called keylogging) when the user logs
into specific web sites.
* It can monitor how a user uses a specific piece of software (monitor attempts to cheat at games).

Answer 84

Spyware

Question 85

Software that is supported by advertising

Answer 85

Adware

Question 86

• Adware comes in many different forms:

Answer 86

• Legitimate adware
• Adware in the form of malware

Question 87

The user is aware of the advertising and agrees to the arrangement in return for free use of the software.

Answer 87

• Legitimate adware

Question 88

It is characterized by software that presents unwanted ads.

Answer 88

• Adware in the form of malware

Question 89

• Hackers create armies of machines by installing malware agents on the machines, which then are called _.

Answer 89

zombies

Question 89

One form of malware that is seemingly benign to a user is a botnet zombie.

Answer 89

Botnets

Question 90

• These collections of machines are called _.

Answer 90

botnets

Question 91

• These _ are used to conduct other attacks and to spread spam
  and other malware.

Answer 91

zombies machines

Question 92

nothing more than methods used by software developers to ensure that they could gain access to an application even if something were to happen in the future to prevent normal access methods.

Answer 92

Backdoors and Trapdoors

Question 93

used to refer to programs that attackers install after gaining unauthorized access to a system to ensure that they can continue to have unrestricted access to the system, even if their initial access method is discovered and blocked.

Answer 93

backdoor

Question 94

is a form of malware that performs some action and extracts ransom from a user.
– most common form of _ is one that encrypts a key file or set of files, rendering a system unusable, or dataset unavailable.

Answer 94

Ransomware

Question 95

Malware Defenses
* Malware can be defended against in a couple of simple steps:

Answer 95

• Use an antivirus program
• Keep your software up to date

Question 96

are attacks against a system that can occur at the network level, at the operating system level, at the application level, or at the user level (social engineering).

Answer 96

Application-level attacks

Question 96

take advantage of several facts associated with computer applications.

Answer 96

Application-level attacks

Question 97

• Attacks on computer systems and networks can be grouped into two broad categories:

Answer 97

1. Attacks on specific software
2. Attacks on a specific protocol or service

Question 98

Generally possible because of an oversight in the code (and possibly in the testing of that code) or because of a flaw, or bug, in the code

Answer 98

Attacks on specific software

Question 99

Attempt to take advantage of a specific feature of the protocol or service or to use the protocol or service in a manner for which it was not intended

Answer 99

Attacks on a specific protocol or service

Question 100

is an attack designed to prevent a system or service from functioning normally.
** Can exploit a known vulnerability in a specific application or operating system
** Can attack features (or weaknesses) in specific protocols or services
** Attempts to deny authorized users access either to specific information or to the computer system or network itself

Answer 100

Denial-of-Service Attack

Question 101

A DoS attack employing multiple attacking systems

Answer 101

distributed denial-of-service (DDoS) attack.

Question 102

In a specific DoS attack known as a _, the attacker sends a spoofed packet to the broadcast address for a network, which distributes the packet to all systems on that network.

Answer 102

Smurf attack

Question 103

relies on lies and misrepresentation, which an attacker uses to trick an authorized user into providing information or access the attacker would not normally be entitled to.

Answer 103

Social Engineering

Question 104

is when someone examines all the network traffic that passes their NIC, whether addressed for them or not.

Answer 104

Sniffing

Question 105

is nothing more than making data look like it has come from
a different source.

Answer 105

Spoofing

Question 106

• generally occurs when attackers are able to
  place themselves in the middle of two other hosts that are communicating.
• A common method: hijacking.

Answer 106

Man-in-the-Middle Attacks

Question 107

used to refer to a more specific type of attack—one in which the encrypted traffic issue is addressed.

Answer 107

“man-in-the-middle attack”

Question 108

not generally considered a social engineering issue, nor a security issue for that matter, spam can, however, be a security concern.
– bulk unsolicited e-mail.

Answer 108

Spam

Question 109

• is the use of fraudulent e-mails or instant messages that appear to be genuine but are designed to trick users.
• GOAL: is to obtain from the user information

Answer 109

Phishing

Question 110

consists of misdirecting users to fake web sites that have been made to look official.

Answer 110

Pharming