Networks And Connectivity

Question 0

What are the four principal LAN topologies?

Answer 0

Bus topology
Ring topology
Star topology
Tree topology

Question 1

What are the two main forms of network?

Answer 1

LAN Local Area Network

WAN Wide Area Network

Question 2

Describe the bus topology

Answer 2

All devices are connected to a central cable called the bus. Fast and relatively inexpensive.

Question 3

Describe the ring topology

Answer 3

All devices are connected to one another in the shape of a closed loop. Each device is directly connected to two other devices. Relatively expensive and difficult to install but have high bandwidth.

Question 4

Describe the star topology

Answer 4

All devices are connected to a central hub. Relatively easy to install and manage, but bottlenecks can occur as all data has to pass through central hub.

Question 5

Describe the tree topology

Answer 5

Combines characteristics of the bus and star topologies

Question 6

List the main options for connecting computers and devices in a network

Answer 6

Unshielded twisted pair
Type 1 cable
Fibre optic cable
Broadband
Infrared
Wireless
Satellite

Question 7

Which type of cable is the most basic used to connect devices on a network?

Answer 7

Unshielded twisted pair

Question 8

Why are risks created when connecting devices with cables?

Answer 8

If an attacker can access cables they can compromise the network

Question 9

How are WANs usually connected?

Answer 9

Fibre optic cable

Question 10

What is the main risk of cable-less network connections?

Answer 10

Attacker does not need physical access to cables to access the network

Question 11

What are the four primary advantages of a wireless network?

Answer 11

Users can connect at any location with no additional wires
Reconfiguration easy as no wiring changes involved
Office based and remote workers can upload and download data directly without need for memory sticks
Fewer points of failure

Question 12

List seven main risks of wireless network connections

Answer 12

Can be eavesdropped outside building
Can be eavesdropped by visitors
May suffer radio interference
Failures tend to make all access unavailable
More types of risky devices in wireless network e.g. Bluetooth
Wireless network could be broadcast without encryption or weak encryption
Even 256 bit WEP encryption can be broken quite easily

Question 13

A network or group of networks may be referred to as a d—

Answer 13

Domain

Question 14

What is the purpose of a domain?

Answer 14

To group together devices and networks that share a common function or location

Question 15

What are the eight main network management responsibilities?

Answer 15

Planning and design
Change management
Maintenance
Performance
Capacity management
Availability management
Problem determination and troubleshooting
Configuring, monitoring, controlling and optimising all networked resources

Question 16

Network planning is typically aligned closely with what?

Answer 16

The business and information technology strategy

Question 17

A review of network management should address what six things?

Answer 17

Network procedures in place
Network management responsibilities and roles
Network technologies and tools used
Customer service requirements and network service level agreements
Current and planned business requirements impacting the network
Effectiveness/quality of network services in place

Question 18

When messages are transmitted across the internet, they are broken up into a number of — depending on the length of the message

Answer 18

Packets

Question 19

What happens to packets when they arrive at the receiving computer?

Answer 19

They are reassembled

Question 20

What is the term describing the process of turning messages into packets and back again?

Answer 20

Transaction Control Protocol TCP

Question 21

What are the three main design characteristics of the internet?

Answer 21

System uses routers intelligent enough to determine whether particular routes are usable and route packets accordingly
Designed for transmission of academic material so no inbuilt security
No central control

Question 22

With respect to the internet, what are the three main types of customer within a business context?

Answer 22

Trading partners (B2B)
Individual customers (B2C)
Staff (B2E)

Question 23

Why do many organisations now specify in their security policy that emails have the same status as headed notepaper?

Answer 23

Because an email acknowledgment to an offer forms a contract

Question 24

In general, with whom does the responsibility lie for protecting an email message?

Answer 24

The sender

Question 25

Are emails between individuals within an organisation any safer than emails to people outside the organisation?

Answer 25

No, attackers can use sniffer programs

Question 26

What does a sniffer program allow an attacker to do?

Answer 26

It allows all network traffic to be seen and manipulated as it passes along the network

Question 27

When considering whether access to certain internet content should be restricted, what aspects should an organisation take into consideration?

Answer 27

Does the site offer info that will enhance organisation? Will use of site be a distraction that reduces productivity? Is site likely to contain malware? Should downloads be permitted from site to individual machines or to a central download point? Is access to site legal?

Question 28

What is an INTRAnet?

Answer 28

An internal version of the internet, but functioning only within the organisation. Server providing the information only has an internal IP address.

Question 29

What is an EXTRAnet?

Answer 29

Similar to the intranet, it is not for public access, but links two or more trading partners to form a shared private network

Question 30

What is a virtual private network (VPN)?

Answer 30

It provides a secure network to link devices or LANs ACROSS the internet, using a process known as tunnelling.

Question 31

What is the primary inherent risk associated with the use of social networking sites?

Answer 31

That personal information is made public, including comments about employers and so forth, leading to loss of reputation or breach of legislation

Question 32

What is the risk of using social networking sites to employee productivity?

Answer 32

It can adversely affect it

Question 33

What are the four main ways in which an organisation can gain from social media?

Answer 33

Advertising Engagement (with customers, etc) Interaction (replying to comments about products) Understanding the market (using feedback)

Question 34

How can social media help an organisation in the face of bad publicity?

Answer 34

It can help them react quickly and positively

Question 35

In what seven ways can trust be exploited via social networking?

Answer 35

``` Requests for money Charges Phishing Mystery trips Chain letters Grooming Cyber-bullying ```

Question 36

What is a 'mystery trip'?

Answer 36

When you click on a link only showing the short form of the website address but you are diverted elsewhere

Question 37

How can the risks of personal internet use during office hours be minimised?

Answer 37

By introducing an Acceptable Use Policy AUP

Question 38

What controls should be considered to manage the risks of using social networking sites

Answer 38

Refer to printed list

Question 39

What are the four main risks of using a chat room?

Answer 39

Usernames identifying gender or colour may attract unwelcome remarks or assumptions Open conversations may give away personal details Not all users may actually be who they seem Users may receive advice or guidance from those not qualified to give it

Question 40

What is 'cyber slacking'?

Answer 40

Use of the internet and mobile technology during work hours for personal purposes

Question 41

What are the 5 negative consequences to the business of cyber slacking?

Answer 41

Lost working hours Lost productivity Reduced bandwidth for business activities Inappropriate or illegal material being downloaded Compromise of organisation due to implication in employee's activities

Question 42

What are likely to be the three main reasons for cyber slacking?

Answer 42

Employees are bored Work too many hours Or feel unchallenged

Question 43

What are the first lines of defence in mitigating the risks associated with social networking?

Answer 43

Staff training and awareness | Sound policies impartially enforced

Question 44

Apart from losses to productivity and the use of company bandwidth, what are four other risks arising from uncontrolled use of social networks?

Answer 44

Reputation risk Fraud or commercial confidentiality risks Risks to both staff and employer from providing personal info Data security risks

Question 45

List a number of protective systems, for both the individual and the organisation, that can minimise the risks of social networking.

Answer 45

See printed list

Question 46

What is a protocol?

Answer 46

A standard for how things should behave

Question 47

What are the two main protocols with respect to information systems?

Answer 47

TCP Transmission Control Protocol | IP Internet Protocol

Question 48

For what is TCP responsible?

Answer 48

Breaking down messages into packets and reassembling them at the other end

Question 49

What does IP Internet Protocol handle?

Answer 49

The various aspects of actually routing packets to their destination

Question 50

What are the two key aspects of IP addressing?

Answer 50

Any device connected to the internet must have a unique IP address The internet does not recognise certain IP addresses, which can only be used privately within organisations

Question 51

What usually handles the links between the internet connections and the private ones?

Answer 51

A gateway computer, usually the firewall

Question 52

List four general controls that should be considered regarding the security of computer networks

Answer 52

Operational responsibility for networks should be separated from computer operations where appropriate Responsibilities and procedures for management of remote equipment including equipment in user areas should be established Special controls should be in place to safeguard confidentiality and integrity of data passing over public networks Management activities should be closely coordinated both to optimise the service to the business and ensure controls are consistently applied across information processing infrastructure

Question 53

What are the key components forming the network structure that ought to be documented so that security decisions can be made?

Answer 53

Communications rooms where equipment is located Management centre where network is controlled Disposition of communication lines All the nodes (or devices) on the network

Question 54

What three TYPES of control can mitigate the risks of connected networks?

Answer 54

Network domain segregation Network connection control Network connection limitations