N_S Quiz 4
Unlock all answers in this set
Unlock answersquestion
A disadvantage of a point-to-point network is
answer
Difficult to expand Broadcasting is impossible (Top of 484)
question
A disadvantage of a star network is
answer
Limited Growth Broadcasting (Bottom of 485)
question
An advantage of a bus network is
answer
Easy to add endpoints Possibly node-free No routing Broadcasting is easy (Top of 487)
question
A disadvantage of a tree network is
answer
Inefficency at the fringes. Inflexible addresses Address-based size limits Broadcasting is very hard (Bottom of 489)
question
A disadvantage of a mesh network is
answer
Routing gets tricky Congestion Broadcasting is very hard (Top of 491)
question
Modern internet technology evolved from research on
answer
the ARPANET and the research networks attached to it
question
Packet addressing and routing on the Internet rely entirely on
answer
IP addresses
question
A major obstacle to becoming an ISP today is
answer
the shortage of Internet Addresses
question
The well-known port number 80 is used for
answer
World Wide Web
question
192.168.1.1 is an example of
answer
IP Address
question
1111 1111 - 1111 1111 - 1111 0000 - 0000 0000 is an example of
answer
Subnet Mask (Network Mask)
question
The element that automatically assigns IP addresses to LAN hosts is
answer
Dynamic Host Configuration Protocol (DHCP)
question
A tool that captures packets on a network and helps you analyze the packets is
answer
WireShark?
question
An autonomous system (AS)
answer
is essentially an ISP that handles routing between its networking customers. (Maybe Do more, Pg. 498) Interrior routing - route packets between networks within the AS Exterior routing - route packets from a network within the AS to a network on another AS
question
The nmap utility
answer
is a well-respected open source utility for mapping computer networks
question
An attack in which one or more hosts conspire to inundate a victim with ping requests is called a
answer
Ping Flood
question
An attack that forges the sender's IP address is called
answer
IP Spoofing
question
On the Internet, the entity that looks up a domain name and retrieves information about it is the
answer
Domain Name System (DNS)
question
In the Web site address www.stthomas.edu, the top-level domain is
answer
.edu
question
Issuing the nslookup command along with a domain name displays
answer
the domain's ip address/s
question
To resolve a domain name on the Internet, the DNS resolver first contacts
answer
the root zone
question
The whois database provides the following information except
answer
It DOES include -Registrant -Administrative Contact -Technical Contact -Name Servers -Domain record activated -domain record last updated -domain expires
question
Packet filtering looks at any packet header and filters on these values except
answer
It DOES filter these values -MAC Address -Broadcast transmissions -ICMP -IP Address -IP application Protocol
question
The TCP fields that help ensure reliable transmission of data by keeping track of the number of bytes sent and received are
answer
Sequence and Acknowledgment
question
TCP connections go through three stages
answer
setup, operation, and termination
question
DNS security improvements include
answer
Randomized requests Limited access to resolvers Distributed DNS Servers
question
A network address translation (NAT) gateway rewrites an outbound packet's header to refer to
answer
the gateway's global IP address and the gateway's chosen port number
question
Confidential company information that would give competitors a commercial advantage if leaked is called
answer
Trade Secrets
question
Rules that restrict certain types of information to specific groups within a company are categorized as
answer
Need to Know
question
Two-person or multiperson control in important transactions helps to reduce the risk of
answer
Insider threats
question
A typical profit center in an enterprise is
answer
a division, department, or other component that makes money for the company
question
A qualified security assessor (QSA) performs audits to check adherence to
answer
The QSA reviews the system against the PCI-DSS requirements and reports on its compliance or deficiencies. In many cases, however, systems may perform self-assessments.
question
An uninterruptable power system (UPS)
answer
These were once the exclusive province of larger, enterprise-level computing systems. Today, even households can afford an effective UPS. A high-end UPS may include its own motor-driven generator to handle lengthy power outages. The capacity and duration of a site's UPS depends on their disaster planning.
question
The software-based access control that identifies data items that require different types of protection is
answer
Internal Security Label
question
Off-line authentication
answer
Provides a practical approach to truly distributed authentication.
question
An image backup
answer
are bit-by-bit copies of one mass storage device to another.
question
The phases of a large-scale attack on an enterprise network or systems include the following except
answer
The 4 Phases -Surveillance -Infiltration -Execution -Disengagement
question
In an enterprise, successful information security strikes a balance between three separate elements
answer
Objectives of the enterprise Risks Costs of security measures
question
Management processes that help build security in an enterprise are
answer
Policies and procedures?
question
Decommissioning an ex-employee's resources may include
answer
-Changing any shared, memorized secrets that protect resources. This includes safe combinations, shared administrative passwords, alarm codes, and other similar information. -Retrieving any physical keys, especially master keys, issued to the employee. It's possible, though costly, to change locks if an employee leaves without returning keys. It's often impractical, however, to change locks when a master key goes missing. -Revoking access to computer and network resources. Sites often simply disable the user's login. Sites rarely delete user identities wholesale, except perhaps for students leaving a school, because the user may have produced valuable files that others in the enterprise need. The site might change ownership of the orphaned files and directories.
