









Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A wide range of cybersecurity topics, including network security, cryptography, authentication methods, and various types of attacks and defenses. It provides an overview of fundamental cybersecurity principles, technologies, and best practices. The document delves into the technical details of encryption algorithms, digital signatures, virtual private networks (vpns), and wireless security protocols. It also explores common security threats such as denial-of-service (dos) attacks, man-in-the-middle attacks, and social engineering. The information presented can be valuable for understanding the core concepts and mechanisms that underpin modern cybersecurity solutions, as well as the evolving landscape of cyber threats and mitigation strategies.
Typology: Exams
1 / 16
This page cannot be seen from the preview
Don't miss anything!










What were the motivations of traditional external hackers? - Solution Ego, the trill of the break-in, and the validation of their skills Did traditional external hackers engage in theft? - Solution They often did What is an exploit? - Solution The specific attack method that the attacker uses to break into the computer What does "owning" a computer mean? - Solution Being able to do anything the attacker wishes on the computer. What is IP address spoofing? - Solution Sending packets with false IP source addresses. Why is IP address spoofing done? - Solution So that the attacker cannot determine the identity of the attacker. When can an attacker not use IP address spoofing? - Solution when they are trying to read replies of probe packets. How can social engineering be used to get access to a sensitive file? - Solution Simply by asking someone to send the file or to give access to the file What is piggybacking? - Solution Following someone through the door to a secure area without authenticating oneself. What is shoulder surfing? - Solution Watching someone type his or her password in order to learn the password. What is pretexting? - Solution an attacker calls claiming to be a certain person in order to ask for private information about that person.
What is a DoS attack? - Solution attack that attempts to make a server or network unavailable to serve legitimate users by flooding it with attack packets Describe a DDoS attack. - Solution an attacker controls many computers with bots. The attacker (or "botmaster") sends the bots a command to attack. All the bots then send the victim a flood of attack packets Why do many botnets have multiple owners over time? - Solution Typically, a botmaster will use the botnet for his or her purpose, then sell the botnet to someone else. What are the two primary characteristics of skilled hackers? - Solution Strong technical skills and dogged persistence Why are script kiddies dangerous? - Solution because of their sheer numbers and because their many attacks make it difficult to recognize the few attacks that are highly sophisticated Why are malware and exploit toolkits expanding the danger of script kiddies? - Solution They are making it much easier for script kiddies to act. What is a governance framework? - Solution Something that specifies how to do planning, implementation, and oversight. What does COSO focus on - Solution It focuses on corporate level governance What does COBIT focus on - Solution It focuses on IT governance What are the four objectives of COSO? - Solution Strategic, Operations, Reporting, and Compliance List the four COBIT domains. - Solution Planning & organization; acquisition & implementation; delivery & support; and monitoring How many high-level control objectives does COBIT have? - Solution 34 How many detailed control objectives does COBIT have? - Solution More than 300
What are the disadvantages of codes? - Solution code books must be distributed ahead of time, and if one code book is intercepted, all confidentiality is lost Why is the word symmetric used in symmetric key encryption? - Solution Because two parties only use a single key for encryption and decryption in both directions When two parties communicate with each other using symmetric key encryption, how many keys are used in total? - Solution Only 1 key What type of encryption cipher is almost always used in encryption for confidentiality? - Solution Nearly all encryption What is the best way to thwart exhaustive searches by cryptanalysts? - Solution make the key so long that the time needed for attackers to crack the key is far too long for practicality How long must a symmetric encryption key be to be considered strong today? - Solution must be 100 bits or longer to be considered a strong key Why is an RC4 key length of 40 bits commonly used? - Solution because national export limits in many countries once limited commercial products up to 40-bit encryption. How long is a DES key? - Solution DES keys are 56 bits long How does 3DES work? - Solution It applies DES 3 times, with two or three different keys What are the two common effective key lengths in 3DES? - Solution 112 bit and 168 bit What is the disadvantage of 3DES? - Solution DES is slow and having to apply DES three times is extremely slow, therefore, extremely expensive in terms of processing cost What is the big advantage of AES over 3DES? - Solution It offers 3 alternative key lengths instead of two
What are the three key lengths offered by AES? - Solution 128 bit, 192 bit, and 256 bit. Which strong symmetric key encryption cipher can be used with small mobile devices? - Solution AES can be used with small mobile devices. Which symmetric key encryption cipher probably will dominate in the near future? - Solution AES What is security through obscurity, and why is it bad? - Solution It relies on attackers not to obtain learnable information and it is bad because it could result in catastrophic loss of security if known. What is an impostor? - Solution someone who pretends to be someone else What is authentication? - Solution Proving your identity to communicate to a partner What is mutual authentication? - Solution When both parties authenticate themselves to the other Why is a secure keying phase necessary? - Solution because if the key is not protected, it can be stolen and this will defeat the purpose of encrypting the data. What three protections do cryptographic systems provide on a message- by-message basis? - Solution An electronic signature, message integrity, and message encryption. What is an electronic signature? - Solution a field in a message that authenticates the message. What two protections do electronic signatures usually provide? - Solution message-by-message authentication and message integrity In SSL/TLS, what is a cipher suite? - Solution a specific set of options for a particular cryptographic system standard. What are credentials? - Solution They are proofs of identity
What is a man-in-the-middle attack? - Solution A form of attack in which an attacker intercepts messages being sent between two parties and forwards them on What is a replay attack? - Solution It's where an adversary intercepts an encrypted message and transmits it again later. In public key authentication, what must the sender know that an impostor should not be able to learn? - Solution The true party's private key For what type of authentication is a digital signature used—initial authentication or message-bymessage authentication? - Solution Digital signatures How does the supplicant create a message digest? - Solution by hashing the plaintext message. How does the supplicant create a digital signature? - Solution by encrypting the message digest with its own private key In public key encryption, what is "signing?" - Solution the act of encrypting the message digest with its own private key What combined message does the supplicant send? - Solution It is the digital signature plus the plaintext How is the combined message encrypted for confidentiality? - Solution The sender will use symmetric key encryption. Besides authentication, what security benefit does a digital signature provide? - Solution Message integrity From what kind of organization can a verifier receive digital certificates? - Solution The certificate authority (CA) Are most CAs regulated? - Solution CAs in many countries are not regulated What are the two most critical fields in the digital certificate? - Solution The name of the true party and the true party's public key
What two cryptographic protections does an HMAC provide? - Solution Authentication and message integrity Do HMACs use symmetric key encryption, public key encryption, or hashing? - Solution a combination of hashing and symmetric key encryption What is the benefit of HMACs over digital signatures? - Solution HMACs are much faster and less expensive What is quantum key distribution? - Solution It's a way to deliver enormously long keys to communication partners. What is the definition of a VPN? - Solution It's a cryptographic system that provides secure communication over an untrusted network. Which types of VPNs use VPN gateways? - Solution Remote access and site-to-site VPNs For what type of VPN was SSL/TLS developed? - Solution Host-to-host VPNs For what type of VPN is SSL/TLS increasingly being used? - Solution Remote access VPN At what layer does SSL/TLS operate? - Solution at the transport layer. What are the two commonly SSL/TLS-aware applications? - Solution Web applications and e-mail What device can turn SSL/TLS into a remote access VPN? - Solution The SSL/TLS border gateway What is webification? - Solution converting messages into webpages for the browser to present to the user. What software does the client need for basic SSL/TLS VPN operation? - Solution Only a Web browser
What is a Smurf flood? - Solution a variation of a reflected attack that takes advantage of an incorrectly configured network device (router) to flood a victim What is black holing? - Solution when a firm drops all IP packets from an attacker. How can the effects of SYN floods be mitigated? - Solution by validating the TCP handshake, rate limiting, or even black holing Can ARP poisoning be used outside the LAN? - Solution Typically not What is ARP spoofing? - Solution uses false ARP replies to map any IP address to any MAC address How could an attacker use ARP spoofing to manipulate host ARP tables? - Solution they do not require authentication or verification Do switches record IP addresses? - Solution No, they only look at MAC addresses What is the main access control threat to wireless LANs? - Solution An intruder can connect by radio to an unprotected wireless access point. Is eavesdropping usually a concern for wired LANs, wireless LANs, or both? - Solution It is a concern in both Why is 802.1X called Port-Based Access Control? - Solution because security is implemented on specific ports of an Ethernet workgroup switch Where is the heavy authentication work done? - Solution on a central authentication server How does an EAP session start? - Solution When a switch senses a connection, it sends an EAP Start message to the RADIUS server. What types of messages carry requests for authentication information and responses to these requests? - Solution EAP request and response messages.
When a new authentication method is added, what device software must be changed to use the new method? - Solution the central authentication server and supplicant What standard do most central authentication servers follow? - Solution the RADIUS standard How are EAP and RADIUS related in terms of functionality? - Solution RADIUS is an AAA server that uses EAP for authentication What authentication method does RADIUS use? - Solution EAP What is the most common attack against wireless networks? - Solution unauthorized access, or connecting to a network without permission. Which IEEE standard governs WLAN transmission? - Solution IEEE
Which device acts as a relay between wired and wireless networks? - Solution An access point What is the typical range of a WLAN? - Solution 30 to 100 meters extending in all directions from the AP Who would set up a rogue access point? - Solution internal employees for convenience Are you liable if someone else uses your wireless network to commit a crime? - Solution not liable for crimes committed by criminals using your wireless network if you attempted to secure it What man-in-the-middle attack is a danger for 802.11 WLANs? - Solution evil twin access point what is an evil twin access point? - Solution a PC that has software to allow it to masquerade as an access point In what two types of attacks can the evil twin engage? - Solution Capturing credential transmission and key, and sending packets of its own
Why is 802.1X mode unsuitable for homes and small offices? - Solution Because the use of a central authentication server is very expensive. What mode was created for homes or very small businesses with a single access point? - Solution PSK/personal mode ) How do users in this mode authenticate themselves to the access point? - Solution via the use of a single, shared initial key How are PSK/personal keys generated? - Solution The administrator types a passphrase into every client and into the access point. How long must passphrases be for adequate security? - Solution at least 20 characters long for adequate security What is the purpose of a wireless IDS? - Solution to collect data from wireless access points that can be used to detect attacks. What is a rogue access point? - Solution Unauthorized access points set up by individuals or departments What are MAC access control lists? - Solution list of pre-approved stations allowed to use the access point. List the AAA access controls - Solution Authentication, Authorizations, and Auditing. What are the four bases for authentication credentials? - Solution What you know, What you have ,Who you are , What you do What is two-factor authentication's promise? - Solution defense in depth What is Role-based access control? - Solution When authorizations are assigned to roles instead of to individuals Why is RBAC less expensive than access control based on individual accounts? - Solution because fewer assignments need be made Why is having a single point of building entry important? - Solution easier to apply protections to people coming into and going out of the building.
Why are emergency exits important? - Solution In case of fire or other problems, people must be able to escape List the four elements of entry authorization in CobiT? - Solution building entry must be justified, authorized, logged, and monitored. Why is loading dock security important? - Solution This is a busy area with many strangers. It is a likely penetration point. What is siting? - Solution synonym for locating or placing If wiring cannot be run through walls, what should be done to protect the wiring? - Solution the wiring should be protected by running it through conduits What should be done to protect laptops taken off-premises? - Solution should never be left unattended What controls should be applied to equipment disposal? - Solution sensitive data must be removed What controls should be applied to equipment reuse? - Solution the hard drive should be destroyed What is dumpster diving? - Solution an attack in which an attacker goes through a firm's trash bins looking for documents, backup tapes, floppy disks, and other information- carrying media. What are reusable passwords? - Solution passwords that are used for weeks or months at a time Why is password cracking over a network difficult to do? - Solution because the attacker will almost always be locked out after a few attempts Why is it a problem to use the same password at multiple sites? - Solution because when a password is compromised at one site, it is compromised at all sites, expanding the risk of the compromise.
On what two things about you is biometric authentication based? - Solution based upon something you are and something you do What is the major promise of biometrics? - Solution to make reusable passwords obsolete. What are key features? - Solution specific metrics extracted from the scanning data. What does the server do with the key features created by the enrollment scan? - Solution it uses these key features as the template for that user What is a template? - Solution the file entry containing key features from the enrollment process for a single individual. What is user access data? - Solution This is data collected during an access attempt scan What does a match index do? - Solution compares access key features with the template. In biometrics, what is a match? - Solution occurs when a match index meets the decision criteria What are false acceptance rates (FARs) and false rejection rates (FRRs)? - Solution These are the percentages of time there is a false acceptance or a false rejection from a scan For computer access, why is a false acceptance bad? - Solution because someone other than the authorized user, possibly an imposter, will gain access to the resource. Why is a false rejection bad? - Solution because a legitimate user is denied access to a resource. For watch lists of criminals, what is a false acceptance? - Solution an innocent person is identified as a criminal. What is failure to enroll? - Solution something that occurs if a system will not enroll a user