Intro To Networking Chapter 9 Terms

Question 1

a document that describes the rules governing access to an organization’s information resources, enforcement of these rules, and steps taken if rules are breached

Answer 1

Security Policy

Question 2

Describes what staff, customers, and business partners can expect for monitoring and reporting network use.

Answer 2

Privacy policy

Question 3

Explains for what purposes network resources can be used.

Answer 3

Acceptable use policy

Question 4

Describes how users identify themselves to gain access to network resources. Logon names, password conventions, and authentication methods should be described.

Answer 4

Authentication policy

Question 5

Explains what constitutes proper or improper use of Internet resources.

Answer 5

Internet use policy

Question 6

Specifies how and when users are allowed to access network resources. Policies should exist for both onsite and remote access to the network.

Answer 6

Access policy

Question 7

Explains the manner in which security compliance or violations can be verified and the consequences for violations

Answer 7

Auditing policy

Question 8

Outlines the policies for backup procedures, virus protection, and disaster recovery.

Answer 8

Data protection

Question 9

features such as data encryption, complex password requirements, detailed auditing and monitoring of computer and network access, intricate authentication methods, including multifactor authentication, and strict policies governing use of the Internet and e-mail.

Answer 9

Highly Restrictive Security Policies

Question 10

require passwords for each user but not overly complex passwords. Auditing is geared toward detecting unauthorized logon attempts, misuse of network resources, and network attacker activity.

Answer 10

Moderately Restrictive Security Policies

Question 11

simple or no passwords, unrestricted access to resources, and probably no monitoring and auditing.

Answer 11

Open Security Policies

Question 12

Identifying who’s permitted to access which network resources

Answer 12

Authentication and authorization

Question 13

Making data unusable to anyone except authorized users

Answer 13

Encryption

Question 14

Allowing authorized remote access to a private network via the public Internet

Answer 14

Virtual private networks (VPNs)

Question 15

Implementing measures for protecting data and authorizing access to a wireless network

Answer 15

Wireless security

Question 16

Using a hardware device or software (including firewalls, intrusion detection and prevention systems, and content filters) that protects a computer or network from unauthorized access and attacks designed to cripple network or computer performance

Answer 16

Network security devices

Question 17

Securing data from software designed to destroy data or make computers and networks operate inefficiently

Answer 17

Malware protection

Question 18

the authentication protocol used in a Windows domain environment to authenticate logons and grant accounts access to domain resources. An account can be a user or a computer because computers must also authenticate to the domain. _________ provides mutual authentication between a client and server or between two servers

Answer 18

Kerberos

Question 19

the identity of both parties is verified.

Answer 19

Mutual authentication

Question 20

industry-standard client/server protocol that centralizes authentication, authorization, and accounting (AAA) for a network.

Answer 20

Remote Authentication Dial-In User Service—RADIUS

Question 21

not a self-contained authentication protocol; rather, it’s a framework for other protocols that provide encryption and authentication.

Answer 21

Extensible Authentication Protocol

Question 22

Knowledge—What the user knows, such as a username and password

Possession—What the user has, or possesses, such as a smart card or key

Inherence—What the user is; a unique biometric identifying trait, such as a fingerprint, retina scan, or voice pattern

Answer 22

multifactor authentication (MFA)

Question 23

works by establishing an association between two communicating devices. An association is formed by two devices authenticating their identities via a preshared key, Kerberos authentication, or digital certificates.

Answer 23

IP Security (IPsec)

Question 24

a series of letters, numbers, and special characters, much like a password, that both communicating devices use to authenticate each other’s identity.

Answer 24

preshared key

Question 25

A commonly used VPN protocol in Windows OSs with client support for Linux and Mac OS X, too. Most OSs that support VPN clients support PPTP.

Answer 25

Point-to-Point Tunneling Protocol (PPTP)

Question 26

a VPN connection is established between two VPN devices

Answer 26

Site-to-site

Question 27

establishes a VPN connection between a single client computer and a VPN device

Answer 27

Client-to-site

Question 28

Attackers who drive around looking for wireless LANs (WLANs) to intercept

Answer 28

wardrivers.

Question 29

the boundary between your network and external networks such as the Internet

Answer 29

network perimeter

Question 30

a hardware device or software program that inspects packets going into or out of a network or computer, and then discards or forwards the packets based on a set of rules.

Answer 30

firewall

Question 31

a network device such as a server installed as a decoy to lure potential attackers.

Answer 31

honeypot

Question 32

virus
A malicious program that spreads by replicating itself into other programs or documents; it usually aims to disrupt computer or network functions by deleting and corrupting files.

Answer 32

virus

Question 33

a type of malware that doesn’t require another file to spread to other computers; it’s a self-contained program that just needs a computer to be connected to a network

Answer 33

worm

Question 34

a form of malware that can monitor traffic to and from a computer, monitor keystrokes, and capture passwords

Answer 34

rootkit

Question 35

a from of malware that appears to be something useful, such as a free utility, but in reality it contains some type of malware

Answer 35

trojan horse

Question 36

time-dependent malware that can come in different forms. Its main characteristic is that it’s activated when a particular event occurs, such as a specific date and time, or when a particular file is accessed

Answer 36

logic bomb

Question 37

a type of malware that monitors or controls part of your computer at the expense of your privacy and the gain of some third party.

Answer 37

Spyware

Question 38

unsolicited e-mail

Answer 38

Spam

Question 39

a security consultant who detects holes in a system’s security for the purpose of correcting these vulnerabilities.

Answer 39

penetration tester

Question 40

an automated method for pinging a range of IP addresses

Answer 40

ping scanner

Question 41

determines which TCP and UDP ports are available on a computer or device

Answer 41

port scanner

Question 42

a source address inserted into the packet that isn’t the sender’s actual address.

Answer 42

spoofed address

Question 43

Usually a component of a firewall, a hardware device or software that detects an attempted security breach and notifies the network administrator. An ——– can also take countermeasures to stop an attack in progress.

Answer 43

intrusion detection system (IDS)

Question 44

A variation of an IDS that can take countermeasures if an attack is in progress. See also intrusion detection system (IDS).

Answer 44

intrusion prevention system (IPS)