Module 15: Security considerations

Question 1

this includes:

re-formatting a hard drive or changing data such as the price of an item

Answer 1

describe

data loss and manipulation

Question 2

describe a

TCP half open

Answer 2

this is where a server sends a SYN/ACK and is waiting for the ACK reply from the client

NOTE

while the server is in this state memory is consumed as well as network resources since multiple SYN/ACKS will be sent by the server

Question 3

A security tool that controls traffic to and from a network. based on rules

Answer 3

describe a

firewall

Question 4

this is where a server sends a SYN/ACK and is waiting for the ACK reply from the client

NOTE

while the server is in this state memory is consumed as well as network resources since multiple SYN/ACKS will be sent by the server

Answer 4

describe a

TCP half open

Question 5

name 2 common types of

Denial of Service (DoS)

Answer 5

these include:

1. SYN (Synchronous) flooding
2. ping of death

Question 6

software is installed on an end-user workstation to detect and remove spyware and adware.

Answer 6

describe

anti-spyware software

Question 7

Software is installed on an end-user workstation or server to identify and remove unwanted emails.

Answer 7

describe

spam blockers

Question 8

describe

information theft

Answer 8

this involves:

stealing personal or propietary information that may then be sold on

Question 9

describe

popup blocker

Answer 9

Software is installed on an end-user workstation to prevent popup and pop-under advertisement windows from displaying.

Question 10

this is a DoS attack where:

a packet crafted that is larger than the 65,535 bytes that IP allows. these packets can cause a system to crash

Answer 10

describe briefly the

ping of death

Question 11

describe

SYN (Synchronous) flooding

Answer 11

this DoS attack is composed of:

• an attacker crafs a TCP SYN packet with a fake source IP address
• the server tries responding to the TCP SYN with a TCP SYN/ACK
• because the source IP was fake the server is left waiting in a half open state, consuming memory and resources
• the server will send multiple SYN/ACKS to the fake address before it timesout

Question 12

this DoS attack is composed of:

• an attacker crafs a TCP SYN packet with a fake source IP address
• the server tries responding to the TCP SYN with a TCP SYN/ACK
• because the source IP was fake the server is left waiting in a half open state, consuming memory and resources
• the server will send multiple SYN/ACKS to the fake address before it timesout

Answer 12

describe

SYN (Synchronous) flooding

Question 13

this is an intruder who has or is attempting to gain access to a network in order to carry out an attack

Answer 13

describe a

threat actor

Question 14

describe

identity theft

Answer 14

this includes:

stealing a persons personal information so that they may take on their identity and apply for credit, documents such as a pasport or make online transactions

Question 15

the attacks they may undertake are:

1. information theft
2. data loss and manipulation
3. identity theft
4. distruption of service

Answer 15

name 4 types of attack a

threat actor

may undertake

Question 16

describe a

firewall

Answer 16

A security tool that controls traffic to and from a network. based on rules

Question 17

this includes:

stealing a persons personal information so that they may take on their identity and apply for credit, documents such as a pasport or make online transactions

Answer 17

describe

identity theft

Question 18

describe

anti-spyware software

Answer 18

software is installed on an end-user workstation to detect and remove spyware and adware.

Question 19

Software is installed on an end-user workstation to prevent popup and pop-under advertisement windows from displaying.

Answer 19

describe

popup blocker

Question 20

describe

data loss and manipulation

Answer 20

this includes:

re-formatting a hard drive or changing data such as the price of an item

Question 21

describe

spam blockers

Answer 21

Software is installed on an end-user workstation or server to identify and remove unwanted emails.

Question 22

describe

distruption of service

Answer 22

this includes:

distrupting the network in a way that it becomes unavailable to ordinary users, DoS is such an attck

Question 23

software is installed on an end-user workstation or server to detect and remove viruses, worms, and Trojan horses from files and email.

Answer 23

describe

anti-virus software

Question 24

Software that is applied to an OS or application to correct a known security vulnerability or add functionality.

Answer 24

describe

patches and updates

Question 25

describe briefly the

ping of death

Answer 25

this is a DoS attack where:

a packet crafted that is larger than the 65,535 bytes that IP allows. these packets can cause a system to crash

Question 26

describe a

threat actor

Answer 26

this is an intruder who has or is attempting to gain access to a network in order to carry out an attack

Question 27

describe

patches and updates

Answer 27

Software that is applied to an OS or application to correct a known security vulnerability or add functionality.

Question 28

name 4 types of attack a

threat actor

may undertake

Answer 28

the attacks they may undertake are:

1. information theft
2. data loss and manipulation
3. identity theft
4. distruption of service

Question 29

this involves:

stealing personal or propietary information that may then be sold on

Answer 29

describe

information theft

Question 30

these include:

1. SYN (Synchronous) flooding
2. ping of death

Answer 30

name 2 common types of

Denial of Service (DoS)

Question 31

this includes:

distrupting the network in a way that it becomes unavailable to ordinary users, DoS is such an attck

Answer 31

describe

distruption of service

Question 32

describe

anti-virus software

Answer 32

software is installed on an end-user workstation or server to detect and remove viruses, worms, and Trojan horses from files and email.