Lesson 9: Basic Network Security

Question 1

A standard used to secure wireless LANs that follow the various 802.11 standards.

Answer 1

802.11x

Question 1

A network security term that refers to the following:

• Authentication, or any process by which an entity’s identity is verified
• Authorization, or any process used to verify that an entity has permission to perform some activity or has access to some resource
• Accounting, or the ability to track various events on a network

Answer 1

AAA (Authentication, Authorization, and Accounting)

Question 1

People (hackers) who threaten to get something from or do something to end users that the end users don’t want them to get or do.

Answer 1

Attackers

Question 1

The ability to ensure that the data came from a valid source or from where it claims to have come from.

Answer 1

Authentication

Question 1

A group of computers which have been compromised by a single attacker or a group of attackers, giving them a certain level of control over those computers.

Answer 1

Botnet

Question 1

The ability to verify that an entity has permission to perform some activity or has access to certain resources.

Answer 1

Authorization

Question 1

The ability to track various events on a network.

Answer 1

Accounting

Question 2

A digital document that accompanies a public key to certify the origins of the public key and its validity.

Answer 2

Certificate/Digital Certificate

Question 4

A trusted server that issues digital certificates to end users.

Answer 4

Certificate Authority

Question 5

An authentication method used by Point-to-Point Protocol (PPP) to verify the identity of a client after a connection has been successfully established.

Answer 5

Challenge-Handshake Authentication Protocol (CHAP)

Question 5

An attempt by hackers to make a target IP address unavailable to it’s intended users by launching continuous ping requests from numerous computers so frequently that the target computer’s network capacity is overloaded and brought down.

Answer 5

Denial of Service (DoS) attack

Question 6

A type of attack in which intruders search through trash looking for personal information that they can use to steal identities or gain access to protected computer systems.

Answer 6

Dumpster Diving

Question 7

An authentication protocol primarily used in wireless communications, although it can also be used with Point-to-Point Protocol (PPP) connections.

Answer 7

Extensible Authentication Protocol (EAP)

Question 7

A protocol used to transfer files over the internet.

Answer 7

File Transfer Protocol (FTP)

Question 8

A type of Denial of Service (DoS) attack which is similar to a Smurf Attack, except that it uses UDP echo replies instead of ICMP replies.

Answer 8

Fraggle Attack

Question 8

The owner of a public key.

Answer 8

Holder

Question 9

A protocol used to transfer web pages across a network, most commonly the Internet.

Answer 9

Hypertext Transfer Protocol (HTTP)

Question 10

A technology which, combined with an SSL/TLS protocol, can secure a connection on the internet or some other unsecure network to ensure that the hyper-text data being transferred over that connection is also secured.

Answer 10

Hypertext Transfer Protocol Secure (HTTPS)

Question 12

The act of presenting yourself as someone you are not in order to steal in one way or another from the person you are presenting yourself to be.

Answer 12

Identity Theft

Question 13

A passive system that monitors network activity and notifies the network administrator so that he can take steps to stop any suspect activity found on the monitored network.

Answer 13

Intrusion Detection Software (IDS)

Question 13

An active system that monitors network activity and takes steps to stop any questionable activity without involving the network administrator.

Answer 13

Intrusion Prevention Software (IPS)

Question 13

A protocol commonly used to authenticate clients over an unsecured network, most commonly LANs.

Answer 13

Kerberos

Question 14

Software programs or hardware devices that can be loaded onto a computer or plugged into a computer to record the keystrokes that are typed into the keyboard.

Answer 14

Key Logger

Question 15

The ability to gain entry to a computer via a LAN.

Answer 15

Local Access

Question 17

A type of scripted software subroutine that executes a predetermined series of actions on a selected document or part of a document.

Answer 17

Macro

Question 18

Specific to the particular application into which it was built, it is intended to automate tasks within that application.

Answer 18

Macro Language

Question 19

A type of virus which attaches itself to the documents produced by common software applications in the form of a macro created in the macro language of the affected application document.

Answer 19

Macro Virus

Question 21

A broad category of software programs that includes any application that an attacker can use against a company or an individual.

Answer 21

Malicious Software

Question 23

A type of cyberattack in which a person positions him or herself between 2 other people and eavesdrops digitally on them.

Answer 23

Man-In-The-Middle-Attack

Question 25

An authentication method similar to standard CHAP and designed to work closely with Microsoft operating systems, specifically the authentication protocols and capabilities built into various Windows operating systems.

Answer 25

Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP)

Question 26

An overall approach to computer security that limits what a host, client, or device can do on a proprietary network.

Answer 26

Network Access Control (NAC)

Question 28

An application designed to capture network packets and break them apart to analyze and interpret them.

Answer 28

Packet Sniffer/Packet Analyzer

Question 30

A type of cyberattck which uses various means to trick people into revealing passwords, account numbers, social security numbers, and various other sensitive pieces of information.

Answer 30

Phishing

Question 31

An essential practice to protect against unwarranted physical access to a computer or network.

Answer 31

Physical Security

Question 32

A software program designed to search a host or a network server for port addresses that are open but not being used.

Answer 32

Port Scanner

Question 33

A type of encryption where one must have the original encryption key to decrypt a cipher text.

Answer 33

Private Key Encryption

Question 34

A type of encryption where you start with a secret private key which is used to generate a public key which is used to encrypt the message. The public key is then sent to the destination computer either before or along with the message when it’s sent. The public key is then used to decrypt the cipher text.

Answer 34

Public Key Encryption

Question 35

A set of people, policies, software, and equipment needed to handle digital certificates for various applications.

Answer 35

Public Key Infrastructure (PKI)

Question 37

The ability to gain entry to a computer via a WAN connection.

Answer 37

Remote Access

Question 38

A service that provides a method of centralized AAA (authentication, authorization, accounting) between a computer and a managed network.

Answer 38

Remote Authentication Dial-In User Service (RADIUS)

Question 39

A small computer program used to issue line commands remotely across a network.

Answer 39

Remote Shell (RSH)

Question 40

An unauthorized wireless access point that an attacker has added to a network to facilitate illicit access.

Answer 40

Rouge Access Point

Question 41

An SSH extension which encrypts and transports data across network connections.

Answer 41

Secure Copy Protocol (SCP)

Question 42

A means of providing access, transfer, and management of files over secure network communication sessions. Sometimes called SSH File Transfer Protocol.

Answer 42

Secure File Transfer Protocol or SSH File Transfer Protocol (SFPT)

Question 44

A protocol which acts to authenticate the user attempting to gain access to a system via encrypted passwords.

Answer 44

Secure Shell (SSH)

Question 45

A set of protocols developed in the early 1980s and used to manage and monitor complex network systems.

Answer 45

Simple Network Management Protocol version 3 (SNMPv3)

Question 46

A type of Denial of Service (DoS) attack in which the target server or network is flooded with Internet Control Message Protocol (ICMP) replies.

Answer 46

Smurf Attack

Question 47

The manipulation of a person into revealing important information.

Answer 47

Social Engineering

Question 49

A type of malicious software which is secretly installed on a person’s computer to spy on a computer system’s user and obtain information that the user would not normally allow to be known without the user being aware that the information is being taken.

Answer 49

Spyware

Question 50

A terminal emulation program which provides bidirectional interactive command line access to either a remote or local host.

Answer 50

TELNET (TErminaLNETwork)

Question 51

A Cisco proprietary protocol used for routers, network access services, and similar devices.

Answer 51

Terminal Access Controller Access Control System Plus (TACACS+)

Question 52

A malicious program which actively masquerades as a legitimate program that belongs on your computer.

Answer 52

Trojan Horse

Question 53

A type of malicious software that modifies the code of existing programs in an attempt to cause harm, reproduce itself, and/or escape detection.

Answer 53

Virus

Question 54

A malicious program which is placed on a computer and then activated

Answer 54

Worm