ITN 262 Final Exam Review
Unlock all answers in this set
Unlock answersquestion
Session Layer
answer
OSI layer that handles a set of transport connections used for a particular purpose.
question
Data Link Layer
answer
OSI layer that manages the structure and content of data carried by the physical layer.
question
Presentation Layer
answer
OSI layer that reformats host data to meet network-wide standards and vice versa.
question
Physical Layer
answer
OSI layer that includes the physical wiring and signaling between nodes.
question
Application Layer
answer
OSI layer that provides a specific service to the user on a host computer, such as email.
question
Transport Layer
answer
OSI layer that associates packets with specific application processes in end-point hosts and ensures reliability.
question
Network Layer
answer
OSI layer that manages intranetwork routing of packets.
question
Six Steps of the NIST Risk Management Framework
answer
1) Categorize information systems. 2) Select security controls. 3) Implement security controls. 4) Assess security controls. 5) Authorize information systems. 6) Monitor security controls.
question
SSL Handshake Protocol
answer
A combination of shared secret hashing and an RSA-protected key exchange. The client and the server exchange randomly generated nonces, then the client uses the server's public key to transmit a randomly generated secret value. Each one then uses the exchanged data to generate a set of shared secret keys to use.
question
3 Major DNS Vulnerabilities
answer
1) Cache poisoning: A resolver receives a bogus response to a DNS query. All subsequent queries receive the wrong information and redirect connections to the wrong IP address. 2) Denial-of-service attack on major DNS servers: Attackers try to disable part or all DNS service in parts of the Internet by attacking major DNS servers. 3) DOS attack using a shared resolver: An attacker transmits numerous bogus DNS queries to the shared resolver.
question
Steps DNS Domain Name Resolver Software takes to look up a Domain Name
answer
1) The software retrieves the domain name of interest. 2) The software looks up the domain name in the host's cache. Each host keeps a cache of previous domain name queries. 3) If the name isn't in the cache, the host sends a query across the network to its assigned DNS server. 4) The software saves the answer in the cache in case the same query recurs, and it returns the answer to the caller.
question
3-Way Handshake
answer
The client sends a packet with the SYN flag set to a server. The server responds with a packet that has the SYN and ACK flags set. The client sends a packet with the ACK flag set back to the server.
question
Briefly explain the purpose of a routing table and identify the protocol that populates the table.
answer
The internet layer of every protocol stack contains a routing table that chooses a network and/or MAC address for outgoing packets. Most hosts rely on the Address Resolution Protocol to fill in the routing table with addresses on its subnet. Packets destined for other IP addresses go to a default router.
question
List five types of authentication vulnerabilities that apply to tokens.
answer
1) Cloning or borrowing the credential. 2) Sniffing the credential. 3) Trial and error guessing. 4) Denial of service. 5) Retrieving a copy of the computer's database for authenticating tokens
question
Identify the five general steps of a security risk assessment.
answer
1) Identify assets. 2) Identify threat agents and attacks. 3) Estimate the likelihood of attacks. 4) Estimate the impact of attacks. 5) Calculate the relative significance of attacks.
question
Briefly explain the two types of authentication vulnerabilities that most often occur with biometrics.
answer
An attacker can clone or borrow the credential, such as cloning fingerprints, faces, and even irises to fool biometric readers. An attacker can also sniff the credential if the biometric reader is connected to the protected system through a cable, such as a USB connection. The attacker could install a sniffer and later transmit the sniffed credential down the same USB connection.
question
Subject
answer
General security access controls refer to objects, rights, and _______.
question
Root
answer
To resolve a domain name on the Internet, the DNS resolver first contacts the ____ DNS server.
question
Separation of Duty
answer
The principle that deals with dividing up a task so that it requires two or more people in order to reduce risk is referred to as __________ __ ____.
question
Transport Layer Security (TLS)
answer
Secure Sockets Layer (SSL) has been replaced by _________ _____ ________.
question
Processing
answer
Data may exist in three different states known as information states. They are: the storage state, the transmission state, and the __________ state.
question
Nonrepudiation
answer
Digital signatures are often used to provide ______________.
question
Entropy
answer
When discussing Key Strength, a longer secret with a larger choice of characters is said to have greater _______.
question
Transposition
answer
The type of cipher that rearranges the text of a message is called _____________.
question
Rootkit
answer
A software that hides on a computer and provides a back door for an attacker.
question
NIST SP 800-37
answer
Publication that establishes 6-step risk management framework
question
Network Address Translation
answer
Encapsulating Security Payload (ESP) does not work with _______ _______ ___________.
question
Unintended Data Emanations
answer
TEMPEST is a code word assigned by the NSA to __________ ____ __________.
question
Risk-Assessment Process
answer
OCTAVE is a ____-__________ _______.
question
CCM Mode
answer
To provide both encryption and integrity protection, WPA2 uses AES encryption with ___ ____.
question
Public-Key Certificates
answer
Off-line authentication relies on ______-___ ____________.
question
Utilities
answer
Supervisory control and data acquisition (SCADA) devices are most often associated with _________.
question
Take actions to mitigate a serious risk
answer
A security analyst is performing a security assessment. The analyst should NOT:
question
ipconfig /all
answer
To see a list of MAC addresses on a Windows-based network, issue the ________/___ command:
question
Internet Key Exchange (IKE)
answer
The protocol that establishes security associations (SAs) between a pair of hosts is the:
question
PCI-DSS Requirements
answer
A qualified security assessor (QSA) performs audits to check adherence to:
question
assign security responsibility to appropriate officials in the agency
answer
The Federal Information Security Management Act (FISMA) requires U.S. executive branch agencies to:
question
An Attack
answer
An attempt by a threat agent to exploit assets without permission is referred to as:
question
Virtual Private Networking
answer
The principal application of IPsec is:
question
the corresponding IP address
answer
Issuing the nslookup command along with a domain name displays:
question
Number of Addresses
answer
Packet filtering looks at any packet header and filters on these values except:
question
Wi-Fi Protected Access version 2 (WPA2)
answer
The latest protocol that effectively protects 802.11 wireless traffic across a LAN is:
question
No Broadcasting
answer
A disadvantage of a point-to-point network is:
question
Broadcasting
answer
A disadvantage of a star network is:
question
Request To Send (RTS) message
answer
In a wireless transmission, a host first sends a:
question
No Routing
answer
An advantage of a bus network is:
question
Address-Based Size Limits
answer
A disadvantage of a tree network is:
question
Security through Obscurity
answer
Hiding an object, such as a diary, to prevent others from finding it is an example of:
question
Congestion
answer
A disadvantage of a mesh network is:
question
both participants in the exchange must have a public/private key pair
answer
Using the Diffie-Hellman algorithm:
question
cannot be produced by a procedure
answer
For data to be cryptographically random, it:
question
secret key
answer
To use symmetric cryptography, the sender and receiver must share a:
question
Botnets
answer
A keystroke logger is often associated with:
question
Common Criteria
answer
The security framework that replaced the U.S. DOD Orange Book is called:
question
Dynamic Inheritance
answer
The condition in which files automatically take on the same permissions as the folder in which they reside is called:
question
Access Control List (ACL)
answer
A security database that contains entries for users and their access rights for files and folders is an:
question
Software Patch
answer
A zero-day exploit has no:
question
True
answer
When internet technology connects two networks with separate link layers together, each individual network is called a subnet. True or False
question
False
answer
SSL works on top of IPsec and applies security to an orderly stream of bytes moving between a client and server. True or False
question
False
answer
Two users can construct a shared secret by sharing Diffie-Hellman private keys. True or False
question
False
answer
When handling an analog signal, the electronic circuits can self-correct minor errors. True or False
question
True
answer
An effective line of defense against social engineering is authentication. True or False
question
False
answer
RADIUS uses tickets encrypted with secret keys and an authentication server to provide authentication. True or False
question
False
answer
Regarding TCP connections, a three-way handshake that doesn't complete because the client fails to send the final ACK to the server results in a closed connection. True or False
question
False
answer
A digital signature uses symmetric keys to sign or verify digital data. True or False
question
True
answer
A frame is a single data packet on an Ethernet network. True or False
