Question 1

________ is the process of obscuring an attackers source IP address.

Accepted Answer

A)  Backscatter 
B)  Spoofing 
C)  IP Flood 
D)  None of the above 
A)  Backscatter 
B)  Spoofing 
C)  IP Flood 
D)  None of the above

Question 2

802.11i works in ________ mode.

Accepted Answer

A)  pre-shared key 
B)  enterprise 
C)  Both A and B 
D)  Neither A nor B 
A)  pre-shared key 
B)  enterprise 
C)  Both A and B 
D)  Neither A nor B

Question 3

802.11i offers strong security.

Accepted Answer

A) True 
 B)False

Question 4

In 802.11i, ________ authentication always uses SSL/TLS.

Accepted Answer

A)  inner 
B)  outer 
C)  Both A and B 
D)  Neither A nor B 
A)  inner 
B)  outer 
C)  Both A and B 
D)  Neither A nor B

Question 5

One problem with ARP requests and replies is that they do not require authentication of verification.

Accepted Answer

A) True 
 B)False

Question 6

WLAN DoS attacks are designed to affect the ________ of the network.

Accepted Answer

A)  confidentiality 
B)  integrity 
C)  availability 
D)  authentication 
A)  confidentiality 
B)  integrity 
C)  availability 
D)  authentication

Question 7

In a man-in-the-middle attack, ________.

Accepted Answer

A)  an evil twin must have a stronger signal than the legitimate AP 
B)  an evil twin sends own attacks, impersonating the victim 
C)  Both A and B 
D)  Neither A nor B 
A)  an evil twin must have a stronger signal than the legitimate AP 
B)  an evil twin sends own attacks, impersonating the victim 
C)  Both A and B 
D)  Neither A nor B

Question 8

Most DoS attacks are difficult to detect.

Accepted Answer

A) True 
 B)False

Question 9

Once established, botnets can be leased to other criminals for DoS attacks.

Accepted Answer

A) True 
 B)False

Question 10

In a large organization, WEP rekeying is inexpensive.

Accepted Answer

A) True 
 B)False

Question 11

In a P2P attack, there is a change in traffic pattern but the overall volume of traffic is the same.

Accepted Answer

A) True 
 B)False

Question 12

In a reflected DoS attack, attackers send spoofed requests to legitimate servers. The servers then send all responses to the victim.

Accepted Answer

A) True 
 B)False

Question 13

________ is one method of thwarting DoS attacks by dropping all IP packets from an attacker.

Accepted Answer

A)  Black holing 
B)  ICMP echo 
C)  P2P redirect 
D)  None of the above 
A)  Black holing 
B)  ICMP echo 
C)  P2P redirect 
D)  None of the above

Question 14

A firewall does note set aside resources for a connection when a SYN segment arrives, so handling a large number of false SYN segments is only a small burden.

Accepted Answer

A) True 
 B)False

Question 15

WEP stands for ________.

Accepted Answer

A)  wireless equivalent privacy 
B)  wireless equivalent policy 
C)  wired equivalent privacy 
D)  wired equivalent policy 
A)  wireless equivalent privacy 
B)  wireless equivalent policy 
C)  wired equivalent privacy 
D)  wired equivalent policy

Question 16

When a new EAP authentication is added, software does not have to be changed on the ________.

Accepted Answer

A)  client 
B)  authenticator 
C)  central authentication server 
D)  No software has to be changed on ANY device 
A)  client 
B)  authenticator 
C)  central authentication server 
D)  No software has to be changed on ANY device

Question 17

WEP typically takes ________ to crack today.

Accepted Answer

A)  minutes 
B)  hours 
C)  days 
D)  weeks 
A)  minutes 
B)  hours 
C)  days 
D)  weeks

Question 18

________ security uses the RC4 cipher in encryption for confidentiality and the Temporal Key Integrity Protocol for keying and rekeying.

Accepted Answer

A)  802.11i 
B)  WPA 
C)  WEP 
D)  None of the above 
A)  802.11i 
B)  WPA 
C)  WEP 
D)  None of the above

Question 19

WEP encrypts each frame with a per-frame key that consists of the shared RC4 key plus a 24-bit initialization vector that is different for each frame.

Accepted Answer

A) True 
 B)False

Question 20

PEAP is a popular extended EAP protocol.

Accepted Answer

A) True 
 B)False

________ is the process of obscuring an attackers source IP address.

802.11i works in ________ mode.

802.11i offers strong security.

In 802.11i, ________ authentication always uses SSL/TLS.

One problem with ARP requests and replies is that they do not require authentication of verification.

WLAN DoS attacks are designed to affect the ________ of the network.

In a man-in-the-middle attack, ________.

Most DoS attacks are difficult to detect.

Once established, botnets can be leased to other criminals for DoS attacks.

In a large organization, WEP rekeying is inexpensive.

In a P2P attack, there is a change in traffic pattern but the overall volume of traffic is the same.

In a reflected DoS attack, attackers send spoofed requests to legitimate servers. The servers then send all responses to the victim.

________ is one method of thwarting DoS attacks by dropping all IP packets from an attacker.

A firewall does note set aside resources for a connection when a SYN segment arrives, so handling a large number of false SYN segments is only a small burden.

WEP stands for ________.

When a new EAP authentication is added, software does not have to be changed on the ________.

WEP typically takes ________ to crack today.

________ security uses the RC4 cipher in encryption for confidentiality and the Temporal Key Integrity Protocol for keying and rekeying.

WEP encrypts each frame with a per-frame key that consists of the shared RC4 key plus a 24-bit initialization vector that is different for each frame.

PEAP is a popular extended EAP protocol.

The Threat Environment

Planning and Policy

Cryptography

Access Control

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters

Exam 4: Secure Networks

________ is the process of obscuring an attackers source IP address.

802.11i works in ________ mode.

802.11i offers strong security.

In 802.11i, ________ authentication always uses SSL/TLS.

One problem with ARP requests and replies is that they do not require authentication of verification.

WLAN DoS attacks are designed to affect the ________ of the network.

In a man-in-the-middle attack, ________.

Most DoS attacks are difficult to detect.

Once established, botnets can be leased to other criminals for DoS attacks.

In a large organization, WEP rekeying is inexpensive.

In a P2P attack, there is a change in traffic pattern but the overall volume of traffic is the same.

In a reflected DoS attack, attackers send spoofed requests to legitimate servers. The servers then send all responses to the victim.

________ is one method of thwarting DoS attacks by dropping all IP packets from an attacker.

A firewall does note set aside resources for a connection when a SYN segment arrives, so handling a large number of false SYN segments is only a small burden.

WEP stands for ________.

When a new EAP authentication is added, software does not have to be changed on the ________.

WEP typically takes ________ to crack today.

________ security uses the RC4 cipher in encryption for confidentiality and the Temporal Key Integrity Protocol for keying and rekeying.

WEP encrypts each frame with a per-frame key that consists of the shared RC4 key plus a 24-bit initialization vector that is different for each frame.

PEAP is a popular extended EAP protocol.

The Threat Environment

Planning and Policy

Cryptography

Access Control

Firewalls

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters