$12.99
Description
- (3 points) You should rekey an encryption key:
- when a key is leaked to unauthorized parties
- when some major event occurs, such as a major new version of the file that the key protects
- every two to three months regardless of other factors
- more often on larger cryptonets
- ( 2 points) To avoid problems with reused encryption keys, you can:
- use the same passphrase
- clear your computer’s RAM
- change the internal key
- combine the key with a nonce
- (3 points) Strategies for preventing man-in-the-middle attacks include:
- restrict distribution of public keys so that only authorized people get them
- publish individual keys widely so that people can double check their copies
- use public-key certificates
- do not use a hash
- (3 points) Three strategies for sending data across a network are:
- message switching
- circuit switching
- media switching
- packet switching
- ( 3 points) A basic network packet contains:
- virus protection
- a header
- data
- a checksum
- ( 2 points) A MAC address:
- must be unique on a network
- is associated with a network interface
- is 24 bits in length
- is assigned by the network administrator
- (2 points) The TCP fields that help ensure reliable transmission of data by keeping track of the number of bytes sent and received are:
- Size
- Sequence number
- Status
- Acknowledgment number
- ( 3 points) TCP connections go through three stages:
- Setup
- Operation
- Error reporting
- Termination
- (3 points) DNS security improvements include:
- cache poisoning
- randomized requests
- distributed DNS servers
- limited access to resolvers
- (3 points) Management processes that help build security in an enterprise are:
- written policies and procedures
- delegation through a management hierarchy
- auditing and review
- network authentication
- ( 3 points) Decommissioning an ex-employee’s resources may include:
- issuing a company ID card
- changing passwords
- retrieving physical keys
- revoking access to computer and network resources
- (3 points) Benefits of secret-key cryptography are:
- lower computing resources required than public-key algorithms
- flexibility—techniques become easier as the user community grows in size
- reliable key revocation
- trustworthy central servers
- ( 2 points) VPN clients may be:
- firewalls
- computers
- mobile devices
- gateways
- (2 points) The two primary components of IPsec are:
- Transport Layer Security (TLS)
- Secure Sockets Layer (SSL)
- Authentication Header (AH)
- Encapsulating Security Payload (ESP)
- (3 points) Mailbox protocols include:
- Simple Mail Transfer Protocol (SMTP)
- Post Office Protocol 3 (POP3)
- Internet Message Access Protocol (IMAP)
- Internet Control Message Protocol (ICMP)
- (2 points) Session filtering keeps track of session/connection states and filters on a packet’s:
- link header
- IP header
- TCP/UDP header
- application data
Matching – here , of course, you have to use all of the answers. Please insert your answers in the small spaces provided in front of each answer.
- (3 points) The phrases below describe terms and entities associated with encryption. Match the term or entity with its description.
___ No single person is universally trusted to sign certificates; individual users decide who they trust to sign certificates
___ Used to validate public keys and to use them safely
___ A trusted third party that issues certificates
- Public-key infrastructure (PKI)
- Web of trust
- Certificate authority
- (7 points) The phrases below describe the seven layers of the Open Systems Interconnect (OSI) model. Match the layer with its description.
___ Includes the physical wiring and signaling between nodes
___ Manages the structure and content of data carried by the physical layer
___ Manages intranetwork routing of packets
___ Associates packets with specific application processes in end-point hosts and ensures reliability
___ Handles a set of transport connections used for a particular purpose
___ Reformats host data to meet network-wide standards and vice versa
___ Provides a specific service to the user on a host computer, such as email
- Transport layer
- Application layer
- Physical layer
- Presentation layer
- Data link layer
- Network layer
- Session layer
- ( 3 points) The phrases below describe the primary entities involved in sharing resources on a network. Match the entity with its description.
___ Presents a uniform way to use a resource across a network
___ Software contacted by the API to access a resource across a network
___ Software that provides resources
- Client
- Resource API
- Server
- (5 points ) The phrases below describe network topologies. Match the network topology with its description.
___ Connects exactly two endpoints together
___ Connects three or more endpoints through a central node
___ Connects all endpoints to a single, shared communications medium
___ Connects endpoints through a hierarchy of nodes
___ Connects endpoints through a network of arbitrarily connected nodes
- Tree
- Mesh
- Star
- Point-to-point
- Bus
- ( 7 points) The phrases below describe fields in an IP packet. Match the IP packet field with its description.
___ Manages the fragmentation and reassembly of IP packets
___ Counts the number of times a packet passes through a router
___ Indicates the type of TCP/IP transport protocol carried by this IP packet
___ Contains the checksum of the IP header fields
___ Contains the IP address of the sending host
___ Contains the IP address of the receiving host
___ Contains the header indicated by the Type field and the data contents
- Source IP address field
- Fragment field
- Destination IP address field
- TTL field
- IP checksum field
- Data field
- Type field
- (3 points) The phrases below describe internet transport protocols. Match the protocol with its description.
___ Provides global addressing for Internet hosts
___ Provides reliable transport
___ Leaves reliability to be handled by the application layer
- User Datagram Protocol (UDP)
- Internet Protocol (IP)
- Transmission Control Protocol (TCP)
- (3 points) The phrases below describe forms of communication that do not require a written message. Match the form of communication with its description.
___ Transmits data using photons, either visually or by shining a light and measuring the signal
___ Transmits data using electromagnetic signals across metal wire
___ Transmits data through the air using nonvisual electromagnetic signals
- Radio
- Wire
- Optical
- (5 points) The phrases below describe or provide examples of types of computer-based attacks on enterprises. Match the type of attack with its description or example.
___ Theft of trade secrets
___ Social engineering
___ Logic bombs
___ An employee rigs the accounting system to make improper periodic payments and hides them from auditors
___ Someone steals computing or networking equipment
- Subversion
- Disclosure
- Masquerade
- Service loss
- Physical loss
- (4 points) The phrases below describe basic network authentication strategies. Match the authentication strategy with its description.
___ The system resides within a security boundary; each device contains an authentication database that’s independent from the others
___ The system contains its own, independent authentication database but users authenticate to it remotely
___ The system accepts remote logins but relies on an authentication server to perform authentication
___ The system uses public-key certificates to authenticate users
- Local
- Indirect
- Direct
- Off-line
- (3 points) The phrases below describe functions of protocols that are part of the modern SSL protocol. Match the protocol with its function.
___ Establishes the shared secret and the keys to be used to protect SSL traffic
___ Transfers information using a symmetric cipher and integrity check
___ Indicates errors and the end of a secure session
- Record protocol
- Handshake protocol
- Alert protocol
- (4 points) T he phrases below describe strategies used by gateways for controlling Internet traffic. Match the strategy with its description.
___ Restricts traffic according to IP addresses of clients and servers
___ Restricts traffic according to TCP or UDP port numbers
___ Restricts traffic depending on whether it originated inside or outside of the internal network
___ Restricts traffic based on an analysis of application layer data
- Service control
- Direction control
- Content control
- Host control
- (3 points) The phrases below describe Web traffic blocking techniques. Match the technique with its description.
___ Lists all websites that employees may visit
___ Lists all websites that employees should not visit
___ Searches for malware in the HTML and other files returned to browsers by web servers
- Website blacklisting
- Web traffic scanning
- Website whitelisting
- (4 points) The phrases below describe properties or functions of a web host. Match the web host component with its property or function.
___ Implements static HTML, SSL security, and can pass a script to a separate interpreter for execution
___ Receives GET, POST, and other HTTP requests and returns a web page in response
___ Stores and retrieves data in a structure manner
___ A set of files that contain the site’s data
- Database management system software
- Content management system software
- Web server software
- Database