Save
Upgrade to remove ads
Busy. Please wait.
Log in with Clever
or
show password
Forgot Password?
Don't have an account?  Sign up 
Sign up using Clever
or
Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account. Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
edit
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CTAINASL_Week 10

QuestionAnswer
Ethernet Security focuses only on wireless local area networks and does not apply to wired LAN connections. False. Explanation: Ethernet is mainly a wired networking technology used to connect devices in local area networks. Correct answer: Ethernet security applies strongly to wired LAN environments.
Ethernet originally began with a data rate of 10 Mbps before evolving to faster standards such as Fast Ethernet and Gigabit Ethernet. True.
Fast Ethernet refers to 1 Gbps Ethernet communication. False. Explanation: Fast Ethernet refers to 100 Mbps. Correct answer: Gigabit Ethernet refers to 1 Gbps.
Ethernet has evolved beyond 10 Gbps and may support speeds such as 40 Gbps and 100 Gbps. True.
Ethernet security is important because Ethernet carries sensitive data such as personal information, financial records, trade secrets, and intellectual property. True.
Data confidentiality in Ethernet security mainly protects against unauthorized modification of data. False. Explanation: Unauthorized modification relates more to data integrity. Correct answer: Data confidentiality protects information from unauthorized access or interception.
Data integrity ensures that Ethernet-transmitted information remains accurate, reliable, and protected from tampering or malicious injection. True.
An Ethernet network with weak security cannot be used as an entry point for malware because malware attacks only occur through wireless networks. False. Explanation: Insecure Ethernet connections can serve as entry points for malware and unauthorized intrusions. Correct answer: Wired Ethernet networks also require protection against malware.
Distributed Denial of Service attacks can threaten Ethernet network availability by overwhelming network resources. True.
Network availability in Ethernet security is concerned with keeping services accessible to legitimate users even during attacks or disruptions. True.
Compliance and legal requirements are part of Ethernet security because some industries require strict protection of data and networks. True.
Failure to secure Ethernet connections can lead to penalties, reputational damage, and loss of customer trust. True.
Unauthorized access is considered a common Ethernet security threat. True.
Man-in-the-Middle attacks are irrelevant to Ethernet networks because Ethernet traffic cannot be intercepted. False. Explanation: Ethernet traffic can be intercepted in insecure environments. Correct answer: Man-in-the-Middle attacks are a recognized Ethernet security threat.
MAC address spoofing can be a threat because an attacker may impersonate another device on the Ethernet network. True.
DHCP snooping attacks and ARP spoofing attacks are examples of threats that can affect Ethernet environments. True.
Network security is limited to installing antivirus software on computers. False. Explanation: Network security includes practices, technologies, and policies for protecting networks, systems, and data. Correct answer: Antivirus is only one possible part of a broader security approach.
Data protection, business continuity, regulatory compliance, customer trust, intellectual property protection, and risk management are all reasons network security is important. True.
A comprehensive network security approach may include firewalls, secure configuration management, access control, encryption, employee training, patching, segmentation, incident response, monitoring, and auditing. True.
Network segmentation is used to make all devices belong to one unrestricted network zone. False. Explanation: Network segmentation separates networks into smaller sections to reduce risk. Correct answer: Segmentation limits the impact of breaches and helps control access.
A Denial of Service attack attempts to make a network, system, or service unavailable to legitimate users. True.
The primary goal of a DoS attack is to improve the target system’s performance by testing its capacity. False. Explanation: A DoS attack is malicious and attempts to exhaust resources or exploit weaknesses. Correct answer: Its goal is service disruption.
Volumetric attacks consume bandwidth or network resources by flooding the target with large amounts of traffic. True.
UDP floods, ICMP floods, and DNS amplification attacks are examples of volumetric DoS attacks. True.
Application layer attacks target specific applications or services by overwhelming them with requests or exploiting resource limitations. True.
HTTP floods and Slowloris attacks are examples of application layer DoS attacks. True.
DDoS attacks are easier to mitigate than single-source DoS attacks because all attack traffic comes from one device. False. Explanation: DDoS attacks use multiple compromised devices, making them harder to mitigate. Correct answer: DDoS traffic is distributed across many sources.
A botnet can be used in a DDoS attack to coordinate traffic from multiple compromised devices. True.
Resource exhaustion attacks may target memory, CPU, or disk space until the system becomes unresponsive or crashes. True.
SYN floods, Ping of Death, and Smurf attacks are examples of resource exhaustion attacks. True.
A successful DoS attack can cause service disruption, productivity loss, inconvenience, and user frustration. True.
DoS attacks cannot cause financial losses because they do not directly steal money. False. Explanation: Downtime can cause revenue loss, especially for online services and e-commerce. Correct answer: DoS attacks can cause financial damage through service unavailability.
DoS attacks can damage an organization’s reputation if users lose trust in its service reliability. True.
Customer dissatisfaction from DoS-related outages can lead users to seek alternative service providers. True.
A DoS attack may be used as a smokescreen while attackers perform other malicious actions such as data breaches or intrusions. True.
Organizations may face legal or regulatory consequences if a DoS attack exposes failures in data protection or service obligations. True.
Network monitoring and traffic analysis can help detect abnormal traffic spikes that may indicate a DoS attack. True.
DoS attack prevention systems can detect, filter, block, or rate-limit suspicious traffic in real time. True.
Load balancing reduces DoS impact by distributing traffic across multiple servers instead of overloading a single server. True.
Bandwidth management ensures that all traffic receives unlimited bandwidth during a DoS attack. False. Explanation: Bandwidth management regulates and prioritizes network resources based on policies. Correct answer: It helps critical services receive sufficient resources.
Traffic filtering and access control can use firewalls, routers, and intrusion prevention systems to block malicious traffic. True.
IDS and IPS tools can identify abnormal behavior, excessive requests, and attack patterns associated with DoS attacks. True.
Rate limiting and connection throttling help prevent a single source from overwhelming resources. True.
DDoS mitigation services are never useful because organizations must always handle large-scale attacks using only their internal network. False. Explanation: Specialized vendors can provide large-scale DDoS mitigation services. Correct answer: Cloud or vendor-based DDoS mitigation can reduce attack impact.
Regular patching helps prevent DoS attacks that exploit vulnerabilities in software, servers, and network devices. True.
An incident response plan for DoS attacks should define roles, responsibilities, communication channels, and recovery steps. True.
Employee education can help reduce DoS risk by teaching staff to identify phishing, suspicious links, and unusual network behavior. True.
Redundancy and failover mechanisms improve service availability by allowing backup systems or links to take over during disruptions. True.
Regular vulnerability assessments and penetration testing help verify whether DoS mitigation measures remain effective. True.
Strong authentication and least privilege access control are best practices for network security. True.
Encryption protects data in transit and may also protect sensitive stored data, backups, and communication channels. True.
Backups are unnecessary in network security because they do not stop attacks from happening. False. Explanation: Backups support recovery after security incidents or disasters. Correct answer: Reliable backup and recovery are essential security practices.
Message-by-Message Authentication verifies the integrity and authenticity of individual messages or data units. True.
Message authentication only proves that a message was delivered quickly. False. Explanation: Message authentication verifies that the message was not tampered with and came from a trusted source. Correct answer: It focuses on integrity and authenticity.
Hashing algorithms produce fixed-size digest values that act like digital fingerprints of messages. True.
MD5 and SHA-256 are examples of hashing algorithms used to generate message digests. True.
A hash value is designed to represent input data for verification purposes. True.
Message Authentication Codes use a secret key to generate a unique authentication tag for each message. True.
In MAC-based authentication, the receiver verifies authenticity by recalculating the MAC using the received message and shared key. True.
HMAC and CMAC are examples of Message Authentication Code algorithms. True.
Digital signatures use symmetric cryptography where both sender and receiver use the same private key. False. Explanation: Digital signatures use asymmetric cryptography. Correct answer: The sender signs with a private key and the receiver verifies with the sender’s public key.
A valid digital signature helps confirm that a message was not altered and came from the claimed sender. True.
RSA, DSA, and ECDSA are examples of digital signature algorithms. True.
SSL and TLS use message authentication concepts to help protect communication from tampering and impersonation. True.
DKIM and SPF help support email authentication and reduce spoofing or tampering risks. True.
File integrity verification can be performed by comparing a calculated hash or MAC against the expected value. True.
Secure software updates can use digital signatures or MACs to verify that updates are genuine and untampered. True.
Quantum security focuses on cryptographic algorithms and protocols that can resist attacks from quantum computers. True.
Quantum computing has no effect on cryptography because cryptographic algorithms depend only on password length. False. Explanation: Quantum computers may threaten traditional cryptographic schemes based on certain mathematical problems. Correct answer: Quantum security prepares cryptography for quantum-capable attackers.
Classical computers use bits, while quantum computers use qubits that may exist in multiple states simultaneously. True.
Quantum-resistant algorithms are also called post-quantum or quantum-safe algorithms. True.
Quantum-resistant algorithms are designed to withstand attacks from both classical and quantum computers. True.
Lattice-based cryptography relies on hard mathematical problems related to lattices, such as Learning With Errors. True.
Code-based cryptography uses error-correcting codes and the difficulty of decoding them to provide security. True.
Multivariate cryptography is based on the difficulty of solving systems of multivariate polynomial equations. True.
Hash-based cryptography can use hash functions and Merkle tree construction for secure digital signatures and key exchange. True.
Post-quantum cryptography aims to protect sensitive information against both classical and quantum computer attacks. True.
IPsec is a protocol suite used to secure communication at the IP layer. True.
IPsec provides authentication, integrity, and confidentiality for IP packets. True.
IPsec is useful only on trusted private networks and cannot secure communication over the Internet. False. Explanation: IPsec is designed to secure communication over potentially untrusted networks such as the Internet. Correct answer: IPsec is widely used for secure Internet-based communication.
In IPsec tunnel mode, the entire original IP packet is encapsulated inside a new IP packet. True.
Tunnel mode is often used for site-to-site VPNs because it can protect traffic between entire networks. True.
Tunnel mode helps hide internal network structure while protecting data between networks. True.
In IPsec transport mode, the original IP header is encrypted together with the payload. False. Explanation: In transport mode, only the original IP payload is encrypted and authenticated while the original IP header remains intact. Correct answer: Transport mode protects the payload, not the entire original packet.
IPsec transport mode is typically used for end-to-end communication between two hosts or devices. True.
IPsec VPNs allow remote users or branch offices to securely connect to private networks over the Internet. True.
Site-to-site communication commonly uses IPsec tunnel mode between routers or security gateways. True.
Secure remote access commonly uses IPsec transport mode for individual devices connecting securely to a network. True.
IPsec can secure Voice over IP and video communication by providing confidentiality and integrity for real-time media streams. True.
IPsec can be deployed in IoT environments to secure communication between IoT devices and gateways. True.
Created by: MamurMD
 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards