IS3440 CHAP 9 NETWORKED APPLICATION SECURITY Flashcards
___ is the open source private branch exchange (PBX) VoIP service.
Asterisk
___ is a frequently malicious insertion of non-authoritative DNS data as if it were authoritative. May also be used by black-hat hackers to redirect users to malicious Web sites.
Cache poisoning
___is an entity such as VeriSign or GoDaddy that issues digital certificates for use by other parties. Secure Web sites without an official CA return an error message.
(CA) Certificate authority
___ is a group of protocols where a serve such as open source sendmail presents a challenge such as a request for a username and password.
(CRAM) Challenge-response authentication mechanism
___ is a protocol used for communications between Web proxy servers such as Squid.
(ICP) Inter-Cache Protocol
___ is a framework for encryption associated with the Java programming language; may also be used with open source sendmail.
(JCE) Java Cryptography Extension
___ is an acronym associated with Web services. The first three letters stand for Linux, Apache, and MySQL. The last letter may stand for Perl, Python, or PHP. It is a system where these services are integrated.
LAMP stack
___ is related to servers such as Dovecot that facilitate the delivery of email to user clients.
(MDA) Mail delivery agent
___is associated with servers that collect email from networks, such as fetchmail.
(MRA) Mail retrieval agent
___ is associated with servers that transmit email, such as sendmail and Postfix.
(MTA) Mail transfer agent
___ is associated with client email applications such as Evolution and Thunderbird.
(MUA) Mail user agent
___ are used to add functionality to the Apache Web server.
(MPMs) Multi-Processing Modules
___ is a dynamic scripting language developed by Larry Wall; frequently used with Apache for Web sites.
Perl
___ is a scripting language associated with dynamic Web sites; frequently used with Apache.
(PHP) PHP: Hypertext Preprocessor
___ is a multi-paradigm programming language frequently used with Apache for Web sites.
Python
___ is a standard packet format for VoIP and video communications.
(RTP) Real-time Transport Protocol
___ is a search of a DNS database that is sent to other DNS servers if the information is not available locally.
Recursive query
___is an Internet Protocol (IP) network protocol frequently used tin VoIP communications.
(SIP) Session Initiation Protocol
___ is a protocol used to authenticate data exchanges between DNS servers.
(TSIG) Transition SIGnature
___ is created on the same physical network as another LAN. Because both LANs are separate and distinct, they are virtual.
(VLAN) Virtual LAN
___ is when associated with DNS, a database of hostnames and Internet Protocol (IP) addresses for a specific authoritative domain.
Zone files
___ is a reference to data exchange between DNS servers with respect to hostnames and Internet Protocol (IP) addresses of a specific domain.
Zone updates
___ is related to servers that authenticate user connections to email services. Frequently integrated into MTAs such as sendmail and Postfix.
(MSA) Mail submission agent
- Which of the following services is NOT part of the LAMP stack?
- Linux
- Apache
- MySQL
- Postfix
Postfix
- Which of the commands sets a password for the MySQL administrative user?
1. mysqladmin -u admin password
"newpassword"
2. mysqladmin -u root password
"newpassword"
3. mysqladmin -u mysql password
"newpassword"
4. mysqladmin -u user root
"newpassword"
mysqladmin -u root password
“newpassword”
- Which of the following commands removes the php5 module in Apache on an Ubuntu system?
- a2enmod php5
- a2rmmod php5
- e2dismod php5
- a2modprobe php5
e2dismod php5
- What is the command that can create users and passwords for access to a Web directory in Apache?
htpasswd (acceptable: htdigest)
- The server . csr file includes identifying information about your system.
TRUE OR FALSE
TRUE
- Which of the following port numbers is associated with Squid?
- 80
- 3128
- 443
- 8080
3128
- Which of the following should NOT be included on a public DNS server?
- Mail server IP addresses
- DNS server IP addresses
- Web server IP addresses
- Squid server IP addresses
Squid server IP addresses
- Which of the following commands reads all changes made to files in the /etc/mail/ directory for open source sendmail?
- make -C /etc/mail
- m4 /etc/mail
- make /etc/mail/sendmail.mc
- m4 /etc/mail/sendmail.mc
make -C /etc/mail
- Which of the following open source sendmail directives is used to specify email protocols?
- define
- DAEMON_OPTIONS
- FEATURE
- MAILER
DAEMON_OPTIONS
- Which of the following configuration files is most important for Postfix?
- main.cf
- master.cf
- maps
- cfsubmit.cf
main.cf
- In Dovecot, if you want to activate both regular and secure POP3 and IMAP services, what options would you add to the PROTOCOLS directive?
imap imaps pop3 pop3s
- Which of the following is NOT a protocol closely associated with Asterisk?
- IPP
- SIP
- RTP
- UDP.
IPP
- Which of the following directives in the main CUPS configuration file specifies groups of users who are allowed to administer CUPS?
- Lpadmin
- Admin
- System
- SystemGroup
SystemGroup
- Which of the following NTP RESTRICT options relate to logging?
- kod
- notrap
- nopeer
- noquery
notrap
- Which of the following directives specify and can limit the information given about an Apache system?
- banner
- System
- ServerTokens
- server string
ServerTokens
