StudyGuide2_448

Question 1

___ is the lowest layer in TCP/IP hierarchy

Answer 1

• Link layer (network access)

Question 2

___ is the term applied to basic unit of data that passes through link layer

Answer 2

• Data frames

Question 3

(T/F) TCP is a connectionless protocol?

Answer 3

False

Question 4

___ is the second lowest layer in the TCP/IP hierarchy

Answer 4

• Internet (from host to server)

Question 5

(T/F) IP is a connection-oriented protocol?

Answer 5

False

Question 6

_____ is transport layer with TCP/IP

Answer 6

Transmission Control Protocol(TCP)

Question 7

__ enables the receiving TCP/Ip stack to reconstruct the data stream at the destination in correct order

Answer 7

Sequence number

Question 8

_______ and __________ are two transport layer protocols within TCP/IP

Answer 8

• TCP and UDP

Question 9

_____ is the top layer of the TCP/IP stack

Answer 9

• Application

Question 10

List three physical layer protocols

Answer 10

1) Ethernet
2) Fiber optic
3) Wi-Fi (IEEE 802.11),
4) DSl
5) ETC…

Question 11

If a network interface is place in _________ mode, it will receive all the network traffic irrespective of source destination

Answer 11

• promiscuous

Question 12

__________ and _______ are two address types that corresponds to a networked computer

Answer 12

• Mac and IP

Question 13

_____________ is the protocol that resolves IP address into MAC ID’s

Answer 13

• ARP (address resolution protocol)

Question 14

Explain the following Teardrop attack:
hacker.net 22 > target.org 33: UDP (frag 123:64@0++)
hacker.net 22 > target.org (frag 123:20@24)

Answer 14

The first packet has number 123 with data size 64 and starting offset 0, and ++ suggest oversize or manipulated to overlap with the next fragment.

The second packet is also 123 with 20 byte size and starting offset of 24 bytes.

Therefor the overlapping offset in the packets cause the target to attempt to reassemble themselves incorrectly and lead to potential system crash.

Question 15

In a Smurf attack which of the two Ip addresses are spoofed?
a) Source
b) destination

Answer 15

Source

Question 16

What is the procedure used to establish a TCP/IP connection between two host

Answer 16

3 way handshake

Question 17

________ Spoofing occurs when the attacker’s computer is on the same subnet as the victim

Answer 17

• Non-blind (TCP)

Question 18

_______ spoofing occurs when the attack must guess the victim TCP layer generate Sequence number

Answer 18

• Blind (TCP)

Question 19

______ attack employ spoofing to intercept network traffic and/or take over network session

Answer 19

• Denial of service (DOS)
• Man In the Middle (MITM)

Question 20

_____ compromise an operating system kernel

Answer 20

• Kernel model rootkits

Question 21

If we describe the complexity of a string as R**L, where R is the radix of the symbol set and L is the length of the passwords string, in most practical situation increasing __ adds more security than increasing __

Answer 21

• Length(L) than radix (R)

Question 22

The fact that HTTP is ___ requires that storage of transaction information to create online shopping carts

Answer 22

• Stateless

Question 23

____ is an HTML image tag occurring within a web page that may result in malicious activity

Answer 23

• Web bug

Question 24

List three types of information that may be harvested by the means of web bugs

Answer 24

1) IP address of computer users
2) Data and time of page view
3) Browser type and monitor resolution

Question 25

List three types of social engineering that are used to mislead or defraud computer and network users

Answer 25

1) Phishing
2) Email spoofing
3) Keystroke loggers

Question 26

List four types of viruses that infect computer systems

Answer 26

1) boot virus
2) file virus
3) macro virus
4) script virus

Question 27

_____ are two types of malwares that create a mechanism by means of which an attacker can remotely access and control the victim’s computer

Answer 27

• Trojans and backdoors

Question 28

________ is a type of encryption where the encryption and decrypting keys are either the same or algorithmically related:

Answer 28

• Symmetric encryption

Question 29

______ is a type of encryption where the encryption and decrypting keys are different: one is published and the other is secret

Answer 29

• Asymmetric encryption

Question 30

______ is an information system resource whose values lies in an unauthorized of illicit use of that resource

Answer 30

• Honeypot