Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ITEC85A - Information Assurance And Security 1 > Lecture 6.5 > Flashcards

Lecture 6.5 Flashcards

1
Q

Technical controls – ?

Identify

Firewalls and VPN

A

essential

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Technical controls – ?

Identify

Firewalls and VPN

A

essential

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Enforcing policy for many ?

Identify

Firewalls and VPN

A

IT functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Not involve direct ?

Identify

Firewalls and VPN

A

human control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Improve organization’s ability to ?

Identify

Firewalls and VPN

A

balance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

?

Use data classification schemes

Identify

Firewalls and VPN - Access Control

A

Mandatory access control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

?

Give users and data owners limited control over access

Identify

Firewalls and VPN - Access Control

A

Mandatory access control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

?

Each collection of information is rated

Identify

Firewalls and VPN - Access Control

A

Data classification schemes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

?

Each user is rated

Identify

Firewalls and VPN - Access Control

A

Data classification schemes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

?

May use matrix or authorization

Identify

Firewalls and VPN - Access Control

A

Data classification schemes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

?

Managed by central authority

Identify

Firewalls and VPN - Access Control

A

Nondiscretionary controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

?

Tied to the role a user performs

Identify

Firewalls and VPN - Access Control

A

Role-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

?

Tied to a set of tasks user performs

Identify

Firewalls and VPN - Access Control

A

Task-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

?

Implemented at the option of the data user

Identify

Firewalls and VPN - Access Control

A

Discretionary access controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

?

Used by peer to peer networks

Identify

Firewalls and VPN - Access Control

A

Discretionary access controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

? ?? ??? ????

(4) All controls rely on

Enumerate

Firewalls and VPN - Access Control

A
  • Identification
  • Authentication
  • Authorization
  • Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Unverified entity – ?

Identify

Firewalls and VPN - Access Control - Identification

A

supplicant

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Seek access to a resource by ?

Identify

Firewalls and VPN - Access Control - Identification

A

label

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

?

is called an identifier

Identify

Firewalls and VPN - Access Control - Identification

A

Label

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Mapped to one & only one ?

Identify

Firewalls and VPN - Access Control - Identification

A

entity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Authentication:
* Something a supplicant ?
* Something a supplicant ??
* Something a supplicant ???

Identify

Firewalls and VPN - Access Control - Authentication

A
  • knows
  • has
  • is
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Matches supplicant to ?

Identify

Firewalls and VPN - Access Control - Authorization

A

resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Often uses access control ?

Identify

Firewalls and VPN - Access Control - Authorization

A

matrix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

(3) Handled by 1 of 3 ways

Enumerate

Firewalls and VPN - Access Control - Authorization

A
  • Authorization for each authenticated users
  • Authorization for members of a group
  • Authorization across multiple systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Accountability known as ?

Identify

Firewalls and VPN - Access Control - Accountability

A

auditability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

All actions on a system can be attributed to an authenticated ?

Identify

Firewalls and VPN - Access Control - Accountability

A

identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

System logs and ?

Identify

Firewalls and VPN - Access Control - Accountability

A

database journals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Prevent information from moving between the ? and ??

Identify

Firewalls and VPN - Firewalls - Purpose

A
  • outside world
  • inside world
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

?

untrusted network

Identify

Firewalls and VPN - Firewalls - Purpose

A

Outside world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

?

trusted network

Identify

Firewalls and VPN - Firewalls - Purpose

A

Inside world

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

?

Five major categories

Enumerate

Firewalls and VPN - Processing Mode

A
  • Packet filtering
  • Application gateway
  • Circuit gateway
  • MAC layer
  • Hybrids
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

?

Filtering firewall

Identify

Firewalls and VPN

A

Packet Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

?

Examine header information & data packets

Identify

Firewalls and VPN

A

Packet Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

? ?? ??? ???? ?????

(5) Installed on TCP/IP based network

Enumerate

Firewalls and VPN - Packet Filtering

A
  • Functions at the IP level
  • Drop a packet (deny)
  • Forward a packet (allow)
  • Action based on programmed rules
  • Examines each incoming packet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Inspect networks at the ?

Identify

Firewalls and VPN - Filtering Packets

A

network layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Packet matching restriction = ?

Identify

Firewalls and VPN - Filtering Packets

A

deny movement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

? ?? ??? ????

(4) Restrictions most commonly implemented in Filtering Packets

Enumerate

Firewalls and VPN - Filtering Packets

A
  • IP source and destination addresses
  • Direction (incoming or outgoing)
  • Protocol
  • Transmission Control Protocol (TCP) or User Datagram Protocol (UD) source or destination
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

?

Requires rules to be developed and installed with firewall

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Static filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

?

Allows only a particular packet with a particular source, destination, and port address to enter

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Dynamic filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

?

Uses a state table

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

?

Tracks the state and context of each packet

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

?

Records which station sent what packet and when

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

?

Perform packet filtering but takes extra step

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

?

Can expedite responses to internal requests

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

?

Vulnerable to DOS attacks because of processing time required

Identify

Firewalls and VPN - Packet Filtering Subsets

A

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

?

Installed on dedicated computer

Identify

Firewalls and VPN

A

Application Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

?

Used in conjunction with filtering router

Identify

Firewalls and VPN

A

Application Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

?

Goes between external request and webpage

Identify

Firewalls and VPN - Application Gateway

A

Proxy server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

?

Between trusted and untrusted network

Identify

Firewalls and VPN - Application Gateway - 1/4 ?

A

Resides in DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

?

Exposed to risk

Identify

Firewalls and VPN - Application Gateway - 2/4 ?

A

Resides in DMZ

51
Q

?

Can place additional filtering routers behind

Identify

Firewalls and VPN - Application Gateway - 3/4 ?

A

Resides in DMZ

52
Q

?

Restricted to a single application

Identify

Firewalls and VPN - Application Gateway - 4/4 ?

A

Resides in DMZ

53
Q

?

Operates at transport level

Identify

Firewalls and VPN - 1/6 ?

A

Circuit Gateways

54
Q

?

Authorization based on addresses

Identify

Firewalls and VPN - 2/6 ?

A

Circuit Gateways

55
Q

?

Don’t look at traffic between networks

Identify

Firewalls and VPN - 3/6 ?

A

Circuit Gateways

56
Q

?

Do prevent direct connections

Identify

Firewalls and VPN - 4/6 ?

A

Circuit Gateways

57
Q

?

Create tunnels between networks

Identify

Firewalls and VPN - 5/6 ?

A

Circuit Gateways

58
Q

?

Only allowed traffic can use tunnels

Identify

Firewalls and VPN - 6/6 ?

A

Circuit Gateways

59
Q

?

Designed to operate at media access sublayer

Identify

Firewalls and VPN - 1/3 ?

A

MAC Layer Firewalls

60
Q

?

Able to consider specific host computer identity in filtering

Identify

Firewalls and VPN - 2/3 ?

A

MAC Layer Firewalls

61
Q

?

Allows specific types of packets that are acceptable to each host

Identify

Firewalls and VPN - 3/3 ?

A

MAC Layer Firewalls

62
Q

? ?? ??? ???? ????? ?????? ???????

(7) OSI Model

Enumerate

Firewalls and VPN

A
  1. Physical
  2. Data
  3. Network
  4. Transport
  5. Session
  6. Presentation
  7. Application
63
Q

?

Combine elements of other types of firewalls; i.e., elements of packet filtering and proxy services, or of packet filtering and circuit gateways

Identify

Firewalls and VPN - 1/2 ?

A

Hybrid Firewalls

64
Q

?

Alternately, may consist of two separate firewall devices; each a separate firewall system, but are connected to work in tandem

Identify

Firewalls and VPN - 2/2 ?

A

Hybrid Firewalls

65
Q

?

Static packet filtering

Identify

Firewalls and VPN - Categorization by Development Generation - 1/3 ?

A

First Generation

66
Q

?

Simple networking devices

Identify

Firewalls and VPN - Categorization by Development Generation - 2/3 ?

A

First Generation

67
Q

?

Filter packets according to their headers

Identify

Firewalls and VPN - Categorization by Development Generation - 3/3 ?

A

First Generation

68
Q

?

Application level or proxy servers

Identify

Firewalls and VPN - Categorization by Development Generation - 1/3 ?

A

Second Generation

69
Q

?

Dedicated systems

Identify

Firewalls and VPN - Categorization by Development Generation - 2/3 ?

A

Second Generation

70
Q

?

Provides intermediate services for the requestors

Identify

Firewalls and VPN - Categorization by Development Generation - 3/3 ?

A

Second Generation

71
Q

?

Stateful

Identify

Firewalls and VPN - Categorization by Development Generation - 1/2 ?

A

Third Generation

72
Q

?

Uses state tables

Identify

Firewalls and VPN - Categorization by Development Generation - 2/2 ?

A

Third Generation

73
Q

?

Dynamic filtering

Identify

Firewalls and VPN - Categorization by Development Generation - 1/2 ?

A

Fourth Generation

74
Q

?

Particular packet with a particular source, destination, and port address to enter

Identify

Firewalls and VPN - Categorization by Development Generation - 2/2 ?

A

Fourth Generation

75
Q

?

Kernel proxy

Identify

Firewalls and VPN - Categorization by Development Generation - 1/4 ?

A

Fifth Generation

76
Q

?

Works un the Windows NT Executive

Identify

Firewalls and VPN - Categorization by Development Generation - 2/4 ?

A

Fifth Generation

77
Q

?

Evaluates at multiple layers

Identify

Firewalls and VPN - Categorization by Development Generation - 3/4 ?

A

Fifth Generation

78
Q

?

Checks security as packet passes from one level to another

Identify

Firewalls and VPN - Categorization by Development Generation - 4/4 ?

A

Fifth Generation

79
Q

?

State-alone

Identify

Firewalls and VPN - Categorized by Structure - 1/3 ?

A

Commercial-Grade

80
Q

?

Combination of hardware and software

Identify

Firewalls and VPN - Categorized by Structure - 2/3 ?

A

Commercial-Grade

81
Q

?

Many of features of stand alone computer

Identify

Firewalls and VPN - Categorized by Structure - 3/3 ?

A

Commercial-Grade

82
Q

?

Configured application software

Identify

Firewalls and VPN - Categorized by Structure - 1/2 ?

A

Commercial-Grade Firewall Systems

83
Q

?

Runs on general-purpose computer

Identify

Firewalls and VPN - Categorized by Structure - 2/2 ?

A

Commercial-Grade Firewall Systems

84
Q

? ??

(2) Runs on general-purpose computer

Enumerate

Firewalls and VPN - Categorized by Structure - Runs on general-purpose computer

A
  • Existing computer
  • Dedicated computer
85
Q

?

Broadband gateways or DSL/cable modem routers

Identify

Firewalls and VPN - Categorized by Structure - 1/6 ?

A

Small Office/Home Office (SOHO)

86
Q

?

First – stateful

Identify

Firewalls and VPN - Categorized by Structure - 2/6 ?

A

Small Office/Home Office (SOHO)

87
Q

?

Many newer one – packet filtering

Identify

Firewalls and VPN - Categorized by Structure - 3/6 ?

A

Small Office/Home Office (SOHO)

88
Q

?

Can be configured by use

Identify

Firewalls and VPN - Categorized by Structure - 4/6 ?

A

Small Office/Home Office (SOHO)

89
Q

?

Router devices with WAP and stackable LAN switches

Identify

Firewalls and VPN - Categorized by Structure - 5/6 ?

A

Small Office/Home Office (SOHO)

90
Q

?

Some include intrusion detection

Identify

Firewalls and VPN - Categorized by Structure - 6/6 ?

A

Small Office/Home Office (SOHO)

91
Q

?

Installed directly on user’s system

Identify

Firewalls and VPN - Categorized by Structure - 1/3 ?

A

Residential

92
Q

?

Many free version not fully functional

Identify

Firewalls and VPN - Categorized by Structure - 2/3 ?

A

Residential

93
Q

?

Limited protection

Identify

Firewalls and VPN - Categorized by Structure - 3/3 ?

A

Residential

94
Q

?

Lacks auditing and strong authentication

Identify

Firewalls and VPN - Firewall Architectures - 1/2 ?

A

Packet filtering routers

95
Q

?

Can degrade network performance

Identify

Firewalls and VPN - Firewall Architectures - 2/2 ?

A

Packet filtering routers

96
Q

?

Combines packet filtering router with dedicated firewall – such as proxy server

Identify

Firewalls and VPN - Firewall Architectures - 1/3 ?

A

Screened Host firewall

97
Q

?

  • Allows router to prescreen packets
  • Application proxy examines at application layer

Identify

Firewalls and VPN - Firewall Architectures - 2/3 ?

A

Screened Host firewall

98
Q

?

  • Separate host – bastion or sacrificial host
  • Requires external attack to compromise 2 separate systems.

Identify

Firewalls and VPN - Firewall Architectures - 3/3 ?

A

Screened Host firewall

99
Q

?

Two network interface cards

Identify

Firewalls and VPN - Firewall Architectures

A

Dual Homed Host

100
Q

?

  • Dominant architecture used today
  • Provides DMZ

Identify

Firewalls and VPN - Firewall Architectures

A

Screened Subnet Firewalls (with DMZ)

101
Q

?

Protocol for handling TCP traffic through a proxy server

Identify

Firewalls and VPN - Firewall Architectures - 1/3 ?

A

SOCS Servers

102
Q

?

Proprietary circuit-level proxy server

Identify

Firewalls and VPN - Firewall Architectures - 2/3 ?

A

SOCS Servers

103
Q

?

Places special SOCS client-side agents on each workstation

Identify

Firewalls and VPN - Firewall Architectures - 3/3 ?

A

SOCS Servers

104
Q

?

Extent to which the firewall design provides the required protection

Identify

Firewalls and VPN - Selecting the Right Firewall

A

Most important factor

105
Q

?

Cost

Identify

Firewalls and VPN - Selecting the Right Firewall

A

Second most important factor

106
Q

?

Software filter—not a firewall—that allows administrators to restrict content access from within network

Identify

Firewalls and VPN - 1/4 ?

A

Content Filters

107
Q

?

Essentially a set of scripts or programsrestricting user access to certain networking protocols/Internet locations

Identify

Firewalls and VPN - 2/4 ?

A

Content Filters

108
Q

?

Primary focus to restrict internal access to external material

Identify

Firewalls and VPN - 3/4 ?

A

Content Filters

109
Q

?

Most common content filters restrict users from accessing non-business Web sites or deny incoming span

Identify

Firewalls and VPN - 4/4 ?

A

Content Filters

110
Q

?

Installing internetwork connections requires leased lines or other data channels; these connections usually secured under requirements of formal service agreement

Identify

Firewalls and VPN

A

Protecting Remote Connections

111
Q

?

Unsecured, dial-up connection points represent a substantial exposure to attack

Identify

Firewalls and VPN - Protecting Remote Connections

A

Dial-Up

112
Q

?

: automatic phone-dialing program that dials every number in a configured range and records number if modem picks up

Identify

Firewalls and VPN - Protecting Remote Connections - Dial-Up

A

War dialer

113
Q

? ??

(2) Authentication Systems

Enumerate

Firewalls and VPN - Protecting Remote Connections - Authentication systems

A
  • RADIUS AND TACACS
  • Kerberos
114
Q

?

Access control for dial-up

Identify

Firewalls and VPN - Protecting Remote Connections - 1/2 Authentication systems

A

RADIUS AND TACACS

115
Q

?

  • Symmetric key encryption to validate
  • Keeps a database containing the private keys

Identify

Firewalls and VPN - Protecting Remote Connections - 2/2 Authentication systems 1/2 ?

A

Kerberos

116
Q

?

  • Both networks and clients have to register
  • Does the authentication based on database

Identify

Firewalls and VPN - Protecting Remote Connections - 2/2 Authentication systems 2/2 ?

A

Kerberos

117
Q

?

  • Secure European System for applications in Multiple vendor Environment
  • Similar to Kerberos

Identify

Firewalls and VPN - Protecting Remote Connections

A

Sesame

118
Q

?

Implementation of cryptographic technology

Identify

Firewalls and VPN - Protecting Remote Connections

A

VPN

119
Q

? ?? ???

(3) Private and secure network connection

Enumerate

Firewalls and VPN - Protecting Remote Connections - VPN

A
  • Trusted VPN
  • Secure VPN
  • Hybrid VPN
120
Q

?

Data within IP packet is encrypted, but header information is not

Identify

Firewalls and VPN - 1/2 ?

A

Transport Mode

121
Q

?

Allows user to establish secure link directly with remote host, encrypting only data contents of packet

Identify

Firewalls and VPN - 2/2 ?

A

Transport Mode

122
Q

?

Organization establishes two perimeter tunnel servers

Identify

Firewalls and VPN - 1/3 ?

A

Tunnel Mode

123
Q

?

These servers act as encryption points, encrypting all traffic that will traverse unsecured network

Identify

Firewalls and VPN - 2/3 ?

A

Tunnel Mode

124
Q

?

Primary benefit to this model is that an intercepted packet reveals nothing about true destination system

Identify

Firewalls and VPN - 3/3 ?

A

Tunnel Mode

ITEC85A - Information Assurance And Security 1 (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions