Secure Network Architecture and Securing Network Components Flashcards

1
Q

Name the layers of the OSI model and their numbers from top to bottom.

A

Application (7), Presentation (6), Session (5), Transport (4), Network (3), Data Link (2), and Physical (1).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name three problems with cabling and the methods to counteract those issues.

A

Problems with cabling and their countermeasures include attenuation (use repeaters or don’t violate distance recommendations), using the wrong CAT cable (check the cable specifications against throughput requirements, and err on the side of caution), crosstalk (use shielded cables, place cables in separate conduits, or use cables of different twists per inch), cable breaks (avoid running cables in locations where movement occurs), interference (use cable shielding, use cables with higher twists per inch, or switch to fiber-optic cables), and eavesdropping (maintain physical security over all cable runs or switch to fiber-optic cables).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the various technologies employed by wireless devices to maximize their use of the available radio frequencies?

A

Some of the frequency spectrum-use technologies are spread spectrum, Frequency Hopping Spread Spectrum (FHSS), Direct Sequence Spread Spectrum (DSSS), and Orthogonal Frequency-Division Multiplexing (OFDM).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Discuss methods used to secure 802.11 wireless networking.

A

Methods to secure 802.11 wireless networking include disabling the SSID broadcast; changing the SSID to something unique; enabling MAC filtering; considering the use of static IPs or using DHCP with reservations; turning on the highest form of encryption offered (such as WEP, WPA, or WPA2/802.11i); treating wireless as remote access and employing 802.1X, RADIUS, or TACACS; separating wireless access points from the LAN with firewalls; monitoring all wireless client activity with an IDS; and considering requiring wireless clients to connect with a VPN to gain LAN access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Name the LAN shared media access technologies and examples of their use, if known.

A

The LAN shared media access technologies are CSMA, CSMA/CA (used by 802.11 and AppleTalk), CSMA/CD (used by Ethernet), token passing (used by Token Ring and FDDI/CDDI), and polling (used by SDLC, HDLC, and some mainframe systems).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is layer 4 of the OSI model?

A. Presentation
B. Network
C. Data Link
D. Transport

A

D. The Transport layer is layer 4. The Presentation layer is layer 6, the Data Link layer is layer 2, and the Network layer is layer 3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is encapsulation?

A. Changing the source and destination addresses of a packet
B. Adding a header and footer to data as it moves down the OSI stack
C. Verifying a person’s identity
D. Protecting evidence until it has been properly collected

A

B. Encapsulation is adding a header and footer to data as it moves down the OSI stack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which OSI model layer manages communications in simplex, half-duplex, and full-duplex modes?

A. Application
B. Session
C. Transport
D. Physical

A

B. Layer 5, Session, manages simplex (one-direction), half-duplex (two-way, but only one direction can send data at a time), and full-duplex (two-way, in which data can be sent in both directions simultaneously) communications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is the least resistant to EMI?

A. Thinnet
B. 10Base-T UTP
C. 10Base5
D. Coaxial cable

A

B. 10Base-T UTP is the least resistant to EMI because it is unshielded. Thinnet (10Base2) and thicknet (10Base5) are each a type of coaxial cable, which is shielded against EMI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is not an example of network segmentation?

A. Intranet
B. DMZ
C. Extranet
D. VPN

A

D. A VPN is a secure tunnel used to establish connections across a potentially insecure intermediary network. Intranet, extranet, and DMZ are examples of network segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following is not considered a non-IP protocol?

A. IPX
B. UDP
C. AppleTalk
D. NetBEUI

A

B. UDP is a transport layer protocol that operates as the payload of an IP packet. While it is not IP itself, it depends upon IP. IPX, AppleTalk, and NetBEUI are all alternatives to IP and thus are labeled as non-IP protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

If you are the victim of a bluejacking attack, what was compromised?

A. Your car
B. Your switch
C. Your cell phone
D. Your web cookies

A

C. A bluejacking attack is a wireless attack on Bluetooth, and the most common device compromised in a bluejacking attack is a cell phone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which networking technology is based on the IEEE 802.3 standard?

A. Ethernet
B. Token Ring
C. FDDI
D. HDLC

A

A. Ethernet is based on the IEEE 802.3 standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a TCP wrapper?

A. An encapsulation protocol used by switches
B. An application that can serve as a basic firewall by restricting access based on user IDs or system IDs
C. A security protocol used to protect TCP/IP traffic over WAN links
D. A mechanism to tunnel TCP/IP through non-IP networks

A

B. A TCP wrapper is an application that can serve as a basic firewall by restricting access based on user IDs or system IDs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is both a benefit and a potentially harmful implication of multilayer protocols?

A. Throughput
B. Encapsulation
C. Hash integrity checking
D. Logical addressing

A

B. Encapsulation is both a benefit and a potentially harmful implication of multilayer protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

By examining the source and destination addresses, the application usage, the source of origin, and the relationship between current packets with the previous packets of the same session,_______________ firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.

A. Static packet-filtering
B. Application-level gateway
C. Stateful inspection
D. Circuit-level gateway

A

C. Stateful inspection firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

________________ firewalls are known as third-generation firewalls.

A. Application-level gateway
B. Stateful inspection
C. Circuit-level gateway
D. Static packet-filtering

A

B. Stateful inspection firewalls are known as third-generation firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following is not true regarding firewalls?

A. They are able to log traffic information.
B. They are able to block viruses.
C. They are able to issue alarms based on suspected attacks.
D. They are unable to prevent internal attacks.

A

B. Most firewalls offer extensive logging, auditing, and monitoring capabilities as well as alarms and even basic IDS functions. Firewalls are unable to block viruses or malicious code transmitted through otherwise authorized communication channels, prevent unauthorized but accidental or intended disclosure of information by users, prevent attacks by malicious users already behind the firewall, or protect data after it passed out of or into the private network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following is not a routing protocol?

A. OSPF
B. BGP
C. RPC
D. RIP

A

C. There are numerous dynamic routing protocols, including RIP, OSPF, and BGP, but RPC is not a routing protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A _________________ is an intelligent hub because it knows the addresses of the systems connected on each outbound port. Instead of repeating traffic on every outbound port, it repeats traffic only out of the port on which the destination is known to exist.

A. Repeater
B. Switch
C. Bridge
D. Router

A

B. A switch is an intelligent hub. It is considered to be intelligent because it knows the addresses of the systems connected on each outbound port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following is not a technology specifically associated with 802.11 wireless networking?

A. WAP
B. WPA
C. WEP
D. 802.11i

A

A. Wireless Application Protocol (WAP) is a technology associated with cell phones accessing the Internet rather than 802.11 wireless networking.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which wireless frequency access method offers the greatest throughput with the least interference?

A. FHSS
B. DSSS
C. OFDM
D. OSPF

A

C. Orthogonal Frequency-Division Multiplexing (OFDM) offers high throughput with the least interference. OSPF is a routing protocol, not a wireless frequency access method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What security concept encourages administrators to install firewalls, malware scanners, and an IDS on every host?

A. Endpoint security
B. Network access control (NAC)
C. VLAN
D. RADIUS

A

A. Endpoint security is the security concept that encourages administrators to install firewalls, malware scanners, and an IDS on every host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What function does the RARP protocol perform?

A. It is a routing protocol.
B. It converts IP addresses into MAC addresses.
C. It resolves physical addresses into logical addresses.
D. It manages multiplex streaming.

A

C. Reverse Address Resolution Protocol (RARP) resolves physical addresses (MAC addresses) into logical addresses (IP addresses).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What form of infrastructure mode wireless networking deployment supports large physical environments through the use of a single SSID but numerous access points?

A. Stand-alone
B. Wired extension
C. Enterprise extension
D. Bridge

A

C. Enterprise extended infrastructure mode exists when a wireless network is designed to support a large physical environment through the use of a single SSID but numerous access points.

26
Q

Which of the following attacks take advantage of dynamic system actions and the ability to manipulate the timing of those actions?

a. Active attacks
b. Passive attacks
c. Asynchronous attacks
d. Tunneling attacks

A

c. Asynchronous attacks take advantage of dynamic system activity to get access. User requests are placed into a queue and are satisfied by a set of predetermined criteria.

27
Q

Routers, which are network connectivity devices, use which of the following?

a. Sink tree and spanning tree
b. Finger table and routing table
c. Fault tree and decision tree
d. Decision table and truth table

A

a. A sink tree shows the set of optimal routes from all sources to a given destination, rooted at the destination. A sink tree does not contain any loops, so each packet is delivered within a finite and bounded number of hops.

28
Q

Enforcing effective data communications security requires other types of security such as physical security. Which of the following can easily compromise such an objective?

a. Smart cards with PINs
b. Nonreusable passwords
c. Network cabling
d. Last login messages

A

c. Data communications security requires physical security and password controls. The network cables that carry data are vulnerable to intruders.

29
Q

An effective way to run a World Wide Web (WWW) service is not by:

a. Disabling automatic directory listings
b. Placing the standalone WWW computer outside the firewall in the DMZ
c. Implementing encryption
d. Relying on third-party providers

A

d. Important security features of WWW include (i) disabling automatic directory listings for names and addresses, (ii) placing the standalone, stripped-down WWW computer outside the firewall in the demilitarized zone (DMZ), and (iii) providing encryption when sensitive or personal information is transmitted or stored.

30
Q

For Web services, which of the following uses binary tokens for authentication, digital signatures for integrity, and content-level encryption for confidentiality?

a. Web service interoperability (WS-I)
b. Web services security (WS-Security)
c. Web services description languages (WSDL)
d. Web-Oriented architecture (WOA)

A

b. The Web service is a software component or system designed to support an interoperable machine or application-oriented interaction over a network.

31
Q

Radio frequency identification technologies rely on which of the following to ensure security?

a. Defense-in-depth strategy
b. Defense-in-breadth strategy
c. Defense-in-time strategy
d. Defense-in-technology strategy

A

b. Radio frequency identification (RFID) technologies are used in supply chain systems which, in turn, use defense-in-breadth strategy for ensuring security. Defense-in-depth strategy considers layered defenses to make security stronger.

32
Q
Which of the following is not an example of race condition attacks?
a Symbolic links
b. Object-oriented
c. Deadlock
d. Core-file manipulation
A

c. Allowing exclusive access to a dedicated input/output device (e.g., printer, plotter, and disk) in response to a user request can lead to a deadlock situation in the absence of spooling. Deadlocks are not related to race condition attacks because the latter is called timing attacks.

33
Q

What do most effective security controls over remote maintenance ports include?

a. Legal contracts and dial-back systems
b. Dial-back systems and modem pools
c. Legal contracts and modem pools
d. Dial-back systems and disconnecting unneeded connections

A

c. Remote maintenance ports enable the vendor to fix operating problems.

34
Q

Which of the following statements is not true about Internet firewalls?

a. A firewall can enforce security policy.
b. A firewall can log Internet activity.
c. A firewall can limit an organization’s security exposure.
d. A firewall can protect against all computer viruses in PCs.

A

d. Firewalls (also known as secure gateways) cannot keep personal computer viruses out of a network. There are simply too many types of viruses and too many ways a virus can hide within data.

35
Q

Web content filtering software is related to which of the following?

a. Web bug
b. Blacklisting
c. RED
d. BLACK

A

b. Web content filtering software is a program that prevents access to undesirable websites, typically by comparing a requested website address to a list of known bad websites (i.e., blacklisting). Blacklisting is a hold placed against IP addresses to prevent inappropriate or unauthorized use of Internet resources.

36
Q

Which of the following identifies calls originating from nonexistent telephone extensions to detect voice-mail fraud?

a. Antihacker software
b. Call-accounting system
c. Antihacker hardware
d. Toll-fraud monitoring system

A

b. A call-accounting system can indicate calls originating from nonexistent “phantom” telephone extensions or trunks.

37
Q

Regarding instant messaging (IM), which of the following is an effective countermeasure to ensure that the enclave users cannot connect to public messaging systems?

a. Disable file-sharing feature
b. Restrict IM chat announcements
c. Block ports at the enclave firewall
d. Install antivirus software

A

c. Blocking ports at the enclave firewall ensures that enclave users cannot connect to public messaging systems.

38
Q

Synchronization of file updates in a local-area network environment cannot be accomplished by using which of the following?

a. File locks
b. Record locks
c. Semaphores
d. Security labels

A

d. Security labels deal with security and confidentiality of data, not with file updates.

39
Q

Which of the following is a byproduct of administering the security policy for firewalls?

a. Protocol filtering policy
b. Connectivity policy
c. Firewall implementation
d. Protocol filtering rules

A

c. The role of site security policy is important for firewall administration.

40
Q

Communications between computers can take several approaches. Which of the following approaches is most secure?

a. Public telephone network
b. Fiber optic cables
c. Direct wiring of lines between the computer and the user workstation
d. Microwave transmission or satellites

A

b. Due to their design, fiber optic cables are relatively safer and more secure than other types of computer links.

41
Q

Which of the following is risky for transmission integrity and confidentiality when a network commercial service provider is engaged to provide transmission services?

a. Commodity service
b. Cryptographic mechanisms
c. Dedicated service
d. Physical measures

A

a. An information system should protect the integrity and confidentiality of transmitted information whether using a network service provider.

42
Q

Network security and integrity do not depend on which of the following controls?

a. Logical access controls
b. Business application system controls
c. Hardware controls
d. Procedural controls

A

b. Application system controls include data editing and validation routines to ensure integrity of the business-oriented application systems such as payroll and accounts payable.

43
Q

Which of the following questions must be answered first when planning for secure telecommuting?

a. What data is confidential?
b. What systems and data do employees need to access?
c. What type of access is needed?
d. What is the sensitivity of systems and data?

A

c. Telecommuting is the use of telecommunications to create a virtual office away from the established (physical) office.

44
Q

The Internet uses which of the following?

a. Mesh topology
b. Star topology
c. Bus topology
d. Ring topology

A

a. The Internet uses the mesh topology with a high degree of fault tolerance.

45
Q

Which of the following network architectures is designed to provide data services using physical networks that are more reliable and offer greater bandwidth?

a. Integrated services digital network (ISDN)
b. Transmission control protocol/Internet Protocol (TCP/IP)
c. File transfer protocol (FTP)
d. The open system interconnection (OSI) protocol

A

a. Integrated services digital network (ISDN) was designed to provide both voice and a wide variety of data services, initially using the existing phone network.

46
Q

Which of the following is the most important aspect of a remote access?

a. User authentication
b. Media authentication
c. Device authentication
d. Server authentication

A

d. Server authentication is the most important for remote access methods where a user is manually establishing the remote access connections, such as typing a URL into a Web browser.

47
Q

Possible security threats inherent in a local-area network (LAN) environment include passive and active threats. Which of the following is a passive threat?

a. Denial of message service
b. Masquerading
c. Traffic analysis
d. Modification of message service

A

c. Passive threats do not alter any data in a system.

48
Q

In which of the following remote access methods is a pinholing scheme used to facilitate the network address translation (NAT) contact to occur with internal workstations?

a. Tunneling
b. Application portals
c. Remote desktop access
d. Direct application access

A

c. There are two major styles of remote desktop access: (i) direct between the telework client device (e.g., a consumer device such as a smartphone and PDA or PC used for performing telework) and the internal workstation, and (ii) indirect through a trusted intermediate system. However, direct access is often not possible because it is prevented by many firewalls.

49
Q

When constructing the communications infrastructure for moving data over a wide-area network, the major implementation choices involve decisions about all the following except which of the following?

a. Multiplexers
b. Network interface cards
c. Concentrators
d. Front-end processors

A

b. A network interface card (NIC) is used in implementing local-area networks (LANs), not wide-area networks (WANs).

50
Q

A website has been vandalized. Which of the following should be monitored closely?

a. Illegal logging
b. Illegal privilege usage
c. Illegal file access
d. Illegal Web server shutdown

A

c. Selecting the illegal file access addresses the vandalism issue because that is what the attacker can benefit from the most. Files have critical data useful to an attacker. The other three choices are incidental.

51
Q

The Voice over Internet Protocol (VoIP) technology can lead to which of the following?

a. Converged network
b. Ad hoc network
c. Content delivery network
d. Wireless sensor network

A

a. The Voice over Internet Protocol (VoIP) technology can lead to a converged network, where the latter combines two different networks such as data and voice networks, similar to the VoIP.

52
Q

Which of the following transmission media is unsuitable for handling intra-building data or voice communications?

a. Twisted pair
b. Coaxial cable
c. Optical fiber
d. Microwave transmission

A

d. Microwave transmission is a point-to-point transmission using radio frequency spectrum signals and is commonly used as a substitution for copper or fiber cable. Because of this, it is not suitable for handling intra-building communications and is more appropriate for long-distance transmission.

53
Q

From a corporation viewpoint, which of the following design objectives is most important for a local-area network?

a. Productivity
b. Availability
c. Throughput
d. Responsiveness

A

b. Availability is the ratio of the total time a functional unit is capable of being used during a given interval to the length of the interval. It is the time during which a functional unit can be used. What good are productivity, throughput, and response time if the system is shut down and not available? Therefore, system availability is the most important objective for a local-area network (LAN) or any other network.

54
Q

Which of the following wiring schemes makes future network changes easier to implement?

a. Post wiring
b. Wiring on demand
c. Buildings with high ceilings
d. Cable conduits

A

d. Because the cost of wiring an existing building goes up with the height of the ceiling and rises even higher after the tenants have moved in, making the right decisions as early as possible can significantly reduce future costs.

55
Q

Which of the following is a disadvantage of satellite communications versus a conventional communications method?

a. User-owned stations
b. Cost
c. Frequency bands
d. Broadcast ability

A

c. Frequency bands are of two types: low and high frequency. All the lower frequency bands have become increasingly crowded, and developing higher frequencies is difficult and expensive.

56
Q

Host-based firewalls can have a serious negative effect on system usability and user satisfaction with which of the following?

a. Deny-by-default rulesets for incoming traffic
b. Deny-by-default rulesets for outgoing traffic
c. Deny-by-default rulesets for servers
d. Deny-by-default rulesets for desktops

A

b. To prevent malware incidents, organizations should configure host-based firewalls with deny-by-default rulesets for incoming traffic.

57
Q

Which of the following is an example of an asynchronous attack?

a. Data diddling attack
b. Data leakage attack
c. TOC-TOU attack
d. Salami attack

A

c. In a time-of-check to time-of-use (TOC-TOU) attack, a print job under one user’s name is exchanged with a print job for another user.

58
Q

Security mechanisms implement security services. Which of the following security services is provided by a notarization security mechanism?

a. Confidentiality
b. Integrity
c. Authentication
d. Nonrepudiation

A

d. Nonrepudiation services prevent the parties to a communication from denying that they sent or received it, or disputing its contents.

59
Q

Legacy IEEE 802.11 wireless local-area networks (WLANs) operate in which of the following layers of the ISO/OSI reference model?

a. Physical and data layers
b. Data and network link layers
c. Transport and presentation layers
d. Application and session layers

A

a. Legacy IEEE 802.11 wireless LANs (WLANs) operate in the physical layer and the data link layer of the ISO/OSI reference model because they define the physical characteristics and access rules for the network.

60
Q

Which of the following security practices is supported by most remote control program (RCP) products when accessing a host workstation on a local-area network (LAN)?

a. Matching user ID and name with password
b. Controlling reboot options
c. Limiting access to local drives and directories
d. Controlling file transfer rights

A

a. Some remote control products provide minimal security support, whereas others provide varying degrees of support.

61
Q

When a nonremote user connection is established with a remote device using a virtual private network (VPN), the configuration settings generally prevent which of the following?

a. Split knowledge
b. Split domain name service
c. Split tunneling
d. Split gateway

A

c. Split tunneling is a method that routes organization-specific traffic through the secure sockets layer (SSL) VPN tunnel, but other traffic uses the remote user’s default gateway.