






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive list of questions and answers related to network security. It covers a wide range of topics, including access control, malware, encryption, attacks, and security planning. A valuable resource for students and professionals seeking to understand the fundamentals of network security.
Typology: Exams
1 / 11
This page cannot be seen from the preview
Don't miss anything!







Access Control - answer A method for determining and assigning privileges to resources Adware - answer Produces pop-up messages in Internet Explorer, the Windows messenger service, or other applications Algorithms - answer A rule or mechanism used to encrypt data Anti-Malware Programs - answer Help to prevent malicious code from executing on the system Asymmetric Key Encryption - answer Uses a pair of keys, one public and the other private Attacker - answer A person with malicious intent
Auditing (Accounting) - answer A stage involving the tracking of user activities and actions that can include the length of connection time, access types, data transfer, etc. Authentication - answer The process of validating the identity of an individual to the system Authorization - answer The process of determining the level of access that is going to be granted to a user based on their identity Backdoor Attack - answer An attacker creates an alternative way into the system via remote access Block Cipher - answer Encrypts data one block at a time often in 64-bit chunks, which is more secure but generally slower Bluejacking - answer A way of spamming a device with messages using a Bluetooth connection Bluesnarfing - answer Occurs when an attacker gains unauthorized access to data contained on the mobile device via a Bluetooth connection Botnets - answer Systems that are functioning as drones or zombies due to the fact that a Trojan horse has placed undesirable software to allow them to be remotely controlled Brute-Force Attacks - answer Go one character at a time and can utilize special characters in alphanumeric passwords, making them the most difficult to defend against Buffer Overflows - answer Used by attackers to fill up and exceed the extent of a memory buffer, allowing code to be executed against the destination
Data Thief - answer An individual who is intending to steal data to sell to competitors, and would be taking part in a form of corporate espionage Default Security Attacks - answer Leverage the default settings of network devices and operating systems in order to take advantage and exploit them Denial-Of-Service Attack - answer A network attack that is used to consume or disable resources so that the service is unavailable for users and customers Dictionary-Based Attacks - answer Use a list of words based on both English and non-English dictionaries in order to attempt to crack a password Digital Signature - answer A hash value of a particular message that has been encrypted again with the user's private key Disaster Recovery - answer Ensures that if the system goes down, we have the ability to get it back into an operational state as quickly as possible Distributed Denial-Of-Service Attacks (DDoS) - answer When multiple systems are used to coordinate an attack against a victim system DMZ - answer Provides the ability to set up a perimeter network that is accessible from the Internet while maintaining security for internal systems Electronic Activists - answer Use their computer programming skills for a cause Electronic Vandals - answer Take part in defacing a website for various reasons
Encryption - answer The technique that converts source information from plaintext into a form that cannot be read by anyone other than the intended recipients Extensible Authentication Protocol (EAP) - answer Allows for the negotiation of the most secure method of authentication prior to gaining access remotely File Transfer Protocol (FTP) - answer More efficient in transferring files from source to destination than HTTP; has two ports: ports 20 and 21 Firewalls - answer Used to control the types of traffic that are allowed in and out of the system and can exist on an individual host or at the network perimeter Four As - answer Concepts that are used to achieve security goals for the organization: authentication, authorization, auditing, access control Hacker - answer Somebody who has computer programming skills and the ability to get into systems from the outside, though they may not actually exercise that ability Hardening - answer Ensures that the default configurations are dealt with appropriately Hashing Encryption - answer A one-way type of encryption that takes clear text and turns it into ciphertext, which can not be decrypted High-Availability - answer The implementation of redundancy at various levels to ensure that the loss of a single component or service does not result in a service outage HTTPS - answer Simply HTTP in conjunction with a Secure Sockets Layer (SSL), which adds encryption to the connection
Key - answer The piece of information that determines the result of an encryption algorithm Logic Bombs - answer Malicious code attacks where a program with hidden code is designed to run when a particular condition is met, such as a date and time in the future Malicious Code Attacks - answer A specific type of software attack that uses programming code with malicious intent Man-In-The-Middle Attack - answer A situation where an attacker positions himself between two hosts that are communicating with one another and then listens in on the session MS-CHAP - answer Hashes passwords using the MD5 and SHA algorithms Network Access Control - answer Describes a set of technologies and protocols that are used to enforce system security at the initial time of connection Non-Repudiation - answer The inability of a person or organization to disown its own data Patch Management - answer Ensures that operating system patches, software patches, and firmware upgrades for network devices are able to be deployed in a very consistent fashion Penetration Testing - answer Attempts to breach security that is set up on the system and is therefore more intrusive Port Scanning Attacks - answer Utilizes software to determine the ports that are open on the destination system
Privilege Escalation - answer When the attacker exploits a bug in the system to enable an account or an application to perform additional actions that are outside the normal range of permissions Ransomware - answer A particular type of malware that holds the system hostage so to speak Remote Authentication Dial-In User Service (RADIUS) - answer Provides a mechanism in which all of the AAA functions can be centralized Risk - answer A concept that is indicative of the exposure to damage or loss, and is a calculated value Routers - answer Operate at layer three and will use IP addresses and routing tables in order to determine the best path that a packet should take Secure Shell (SSH) - answer A secure form of command-line administration primarily used with UNIX and Linux systems Security Planning - answer Involves identifying the various threats, vulnerabilities, and risks that exist for an organization and dealing with those appropriately Session Hijacking - answer An attacker takes over one side of the communication session without the knowledge of the other system SFTP - answer A secure version of the FTP protocol which accounts for the vulnerabilities of transmitting data in plain text
Trojan Horses - answer Malware hidden inside another program Unintentional Threats - answer Threats that can occur without malicious intent Virus - answer A type of malicious code that attaches itself to another program or data file VLAN - answer Advanced filtering techniques used by most modern switches to allow computers connected to separate segments to appear and behave as if they are on the same segment Volatile Data - answer Data that is more likely to be eliminated very quickly Vulnerability - answer Any condition would that would make that type of threat increasingly possible Vulnerability Scanning - answer Uses programs to identify things like unnecessary running services, open ports, unencrypted channels, unsecure protocols, etc. Wired Equivalent Privacy (WEP) - answer Attempts to provide the privacy that matched wired networks by encrypting data across the wireless network using a shared network key and RC4 encryption Wireless Access Points (WAP) - answer A device that provides a connection between the wired and wireless networks Worm - answer A type of malicious code that replicates itself without user intervention
Zero-Day Exploits - answer Any attack that is targeting a vulnerability for which a patch is just been released but the administrative personnel haven't had time to patch