Chat with AI
Deck 12: Protection Mechanisms
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/61
Play
Full screen (f)
Deck 12: Protection Mechanisms
1
Which of the following access control processes confirms the identity of the entity seeking access to a logical or physical area?
A) Identification
B) Authentication
C) Authorization
D) Accountability
A) Identification
B) Authentication
C) Authorization
D) Accountability
B
2
Which of the following biometric authentication systems is considered to be the most secure?
A) Fingerprint recognition
B) Signature recognition
C) Voice pattern recognition
D) Retina pattern recognition
A) Fingerprint recognition
B) Signature recognition
C) Voice pattern recognition
D) Retina pattern recognition
D
3
Which tool can best identify active computers on a network?
A) Packet sniffer
B) Port scanner
C) Trap and trace
D) Honey pot
A) Packet sniffer
B) Port scanner
C) Trap and trace
D) Honey pot
B
4
Which of the following is NOT among the three types of authentication mechanisms?
A) Something a person knows
B) Something a person has
C) Something a person sees
D) Something a person can produce
A) Something a person knows
B) Something a person has
C) Something a person sees
D) Something a person can produce
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
5
Secure Shell (SSH)provides security for remote access connections over public networks by creating a secure and persistent connection..
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
6
The "something a person has" authentication mechanism takes advantage of something inherent in the user that is evaluated using biometrics.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
7
Which of the following is true about firewalls and their ability to adapt in a network?
A) Firewalls can interpret human actions and make decisions outside their programming
B) Because firewalls are not programmed like a computer, they are less error prone
C) Firewalls are flexible and can adapt to new threats
D) Firewalls deal strictly with defined patterns of measured observation
A) Firewalls can interpret human actions and make decisions outside their programming
B) Because firewalls are not programmed like a computer, they are less error prone
C) Firewalls are flexible and can adapt to new threats
D) Firewalls deal strictly with defined patterns of measured observation
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
8
Which of the following is NOT a method employed by IDPSs to prevent an attack from succeeding?
A) Sending DoS packets to the source
B) Terminating the network connection
C) Reconfiguring network devices
D) Changing the attack's content
A) Sending DoS packets to the source
B) Terminating the network connection
C) Reconfiguring network devices
D) Changing the attack's content
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
9
The intermediate area between trusted and untrusted networks is referred to as which of the following?
A) Unfiltered area
B) Semi-trusted area
C) Demilitarized zone
D) Proxy zone
A) Unfiltered area
B) Semi-trusted area
C) Demilitarized zone
D) Proxy zone
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
10
The KDC component of Kerberos knows the secret keys of all clients and servers on the network.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
11
Which of the following biometric authentication systems is the most accepted by users?
A) Keystroke pattern recognition
B) Fingerprint recognition
C) Signature recognition
D) Retina pattern recognition
A) Keystroke pattern recognition
B) Fingerprint recognition
C) Signature recognition
D) Retina pattern recognition
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
12
The ability to restrict specific services is a common practice in most modern routers,and is invisible to the user.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
13
Which type of firewall keeps track of each network connection established between internal and external systems?
A) Packet filtering
B) Stateful packet inspection
C) Application layer
D) Cache server
A) Packet filtering
B) Stateful packet inspection
C) Application layer
D) Cache server
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
14
Which technology employs sockets to map internal private network addresses to a public address using a one-to-many mapping?
A) Network-address translation
B) Screened-subnet firewall
C) Port-address translation
D) Private address mapping
A) Network-address translation
B) Screened-subnet firewall
C) Port-address translation
D) Private address mapping
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
15
Which type of IDPS is also known as a behavior-based intrusion detection system?
A) Network-based
B) Anomaly-based
C) Host-based
D) Signature-based
A) Network-based
B) Anomaly-based
C) Host-based
D) Signature-based
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
16
Which type of device allows only specific packets with a particular source,destination,and port address to pass through it.
A) Dynamic packet filtering firewall
B) Proxy server
C) Intrusion detection system
D) Application layer firewall
A) Dynamic packet filtering firewall
B) Proxy server
C) Intrusion detection system
D) Application layer firewall
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
17
Which of the following is a commonly used criteria used to compare and evaluate biometric technologies?
A) False accept rate
B) Crossover error rate
C) False reject rate
D) Valid accept rate
A) False accept rate
B) Crossover error rate
C) False reject rate
D) Valid accept rate
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
18
What is the next phase of the preattack data gathering process after an attacker has collected all of an organization's Internet addresses?
A) Footprinting
B) Content filtering
C) Deciphering
D) Fingerprinting
A) Footprinting
B) Content filtering
C) Deciphering
D) Fingerprinting
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
19
Technical controls alone,when properly configured,can secure an IT environment.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
20
Which of the following characteristics currently used today for authentication purposes is the LEAST unique?
A) Fingerprints
B) Iris
C) Retina
D) Face geometry
A) Fingerprints
B) Iris
C) Retina
D) Face geometry
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
21
________ recognition authentication captures the analog waveforms of human speech.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
22
A(n)____________________ token uses a challenge-response system in which the server challenges the user with a number,that when entered into the token provides a response that provides access.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
23
Which port number is commonly used for the Hypertext Transfer Protocol service.
A) 25
B) 53
C) 80
D) 8080
A) 25
B) 53
C) 80
D) 8080
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
24
Which port number is commonly used for the Simple Mail Transfer Protocol service?
A) 25
B) 53
C) 68
D) 443
A) 25
B) 53
C) 68
D) 443
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
25
What is the range of the well-known ports used by TCP and UDP?
A) 1024-65,536
B) 0-1023
C) 0-65,536
D) 20, 21, 25, 53, 80
A) 1024-65,536
B) 0-1023
C) 0-65,536
D) 20, 21, 25, 53, 80
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
26
The ___________ wireless security protocol was replaced by stronger protocols due to several vulnerabilities found in the early 2000s.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following is a Kerberos service that initially exchanges information with the client and server by using secret keys?
A) Authentication Server
B) Authentication Client
C) Key Distribution Center
D) Ticket Granting Service
A) Authentication Server
B) Authentication Client
C) Key Distribution Center
D) Ticket Granting Service
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
28
____________ is a technology in which multiple real,routable external IP addresses are converted to special ranges of internal IP addresses,usually on a one-to-one basis.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
29
You might put a proxy server in the __________________,which is exposed to the outside world,neither in the trusted nor untrusted network.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
30
Which of the following provides an identification card of sorts to clients who request services in a Kerberos system?
A) Ticket Granting Service
B) Authentication Server
C) Authentication Client
D) Key Distribution Center
A) Ticket Granting Service
B) Authentication Server
C) Authentication Client
D) Key Distribution Center
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
31
Which technology has two modes of operation: transport and tunnel?
A) Secure Hypertext Transfer Protocol
B) Secure Shell
C) IP Security
D) Secure Sockets Layer
A) Secure Hypertext Transfer Protocol
B) Secure Shell
C) IP Security
D) Secure Sockets Layer
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
32
Which of the following is true about symmetric encryption?
A) Uses a secret key to encrypt and decrypt
B) Uses a private and public key
C) It is also known as public key encryption
D) It requires four keys to hold a conversation
A) Uses a secret key to encrypt and decrypt
B) Uses a private and public key
C) It is also known as public key encryption
D) It requires four keys to hold a conversation
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
33
____________________ is the determination of actions that an entity can perform in a physical or logical area.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
34
A(n)____________________ is a secret word or combination of characters known only by the user.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
35
What tool would you use if you want to collect information as it is being transmitted on the network and analyze the contents for the purpose of solving network problems?
A) Port scanner
B) Packet sniffer
C) Vulnerability scanner
D) Content filter
A) Port scanner
B) Packet sniffer
C) Vulnerability scanner
D) Content filter
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
36
Which of the following is used in conjunction with an algorithm to make computer data secure from anybody except the intended recipient of the data?
A) Key
B) Plaintext
C) Cipher
D) Cryptosystem
A) Key
B) Plaintext
C) Cipher
D) Cryptosystem
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
37
In which cipher method are values rearranged within a block to create the ciphertext?
A) Permutation
B) Vernam
C) Substitution
D) Monoalphabetic
A) Permutation
B) Vernam
C) Substitution
D) Monoalphabetic
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
38
A(n)____________________ is any device that prevents a specific type of information from moving between an untrusted network and a trusted network.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
39
____________________ presents a threat to wireless communications,a practice that makes it prudent to use a wireless encryption protocol to prevent unauthorized use of your Wi-Fi network.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
40
What is most commonly used for the goal of nonrepudiation in cryptography?
A) Block cipher
B) Secret key
C) PKI
D) Digital signature
A) Block cipher
B) Secret key
C) PKI
D) Digital signature
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
41
List the most common firewall implementation architectures.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
42
What should you look for when selecting a firewall for your network?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
43
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic operation that involves simply rearranging the values within a block based on an established pattern.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic operation that involves simply rearranging the values within a block based on an established pattern.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
44
There are six recommended best practices for firewall use according to Laura Taylor. List three of them.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
45
What is asymmetric encryption?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
46
What is a packet sniffer and how can it be used for good or nefarious purposes?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
47
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
An integrated system of software,encryption methodologies,protocols,legal agreements,and third-party services that enables users to communicate securely through the use of digital certificates.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
An integrated system of software,encryption methodologies,protocols,legal agreements,and third-party services that enables users to communicate securely through the use of digital certificates.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
48
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
The organized research and investigation of Internet addresses owned or controlled by a target organization.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
The organized research and investigation of Internet addresses owned or controlled by a target organization.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
49
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic method that incorporates mathematical operations involving both a public key and a private key to encipher or decipher a message.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
50
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
Was developed by Netscape in 1994 to provide security for online e-commerce transactions.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
Was developed by Netscape in 1994 to provide security for online e-commerce transactions.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
51
Briefly describe how biometric technologies are generally evaluated.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
52
Describe and provide an example for each of the types of authentication mechanisms.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
53
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
In IPSec,an encryption method in which only a packet's IP data is encrypted,?not the IP headers themselves; this method allows intermediate nodes to read the source and?destination addresses.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
In IPSec,an encryption method in which only a packet's IP data is encrypted,?not the IP headers themselves; this method allows intermediate nodes to read the source and?destination addresses.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
54
What is WEP and why is it no longer in favor?
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
55
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A software program or hardware/software appliance that allows administrators to restrict content that comes into or leaves a network-for example,restricting user access to Web sites with material that is not related to business,such as pornography or entertainment.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A software program or hardware/software appliance that allows administrators to restrict content that comes into or leaves a network-for example,restricting user access to Web sites with material that is not related to business,such as pornography or entertainment.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
56
What are NAT and PAT? Describe these technologies.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
57
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A private,secure network operated over a public and insecure network.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A private,secure network operated over a public and insecure network.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
58
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic technique developed at AT&T and known as the "one-time pad," this cipher uses a set of characters for encryption operations only one time and then discards it.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
A cryptographic technique developed at AT&T and known as the "one-time pad," this cipher uses a set of characters for encryption operations only one time and then discards it.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
59
The Ticket Granting Service (TGS)is one of three services in the __________ system,and provides tickets to clients who request services.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
60
Describe in basic terms what an IDPS is.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
61
a. VPN
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
Public key container files that allow PKI system components and end users to validate a public key and identify its owner.
b. transport mode
c. SSL
d. PKI
e. digital certificate
f. asymmetric encryption
g. Vernam cipher
h. transposition cipher
i. content filter
j. footprinting
Public key container files that allow PKI system components and end users to validate a public key and identify its owner.
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 61 flashcards in this deck.
