Emerging Issues Midterm
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| The SysAdmin,Audit,Network, Security (SANS) Institute offers training and IT security certifications through ___ | GIAC
🗑
|
||||
| ISC^2 | CISSP
🗑
|
||||
| The ___ certification is designationed by the Institute for Security and Open Methodologies... | OPST
🗑
|
||||
| The ___ disseminates research documents on computer and network security worldwide at no cost. | SANS Institute
🗑
|
||||
| The ___ layer is concerned with controlling the flow of data, sequencing packets... | Transport
🗑
|
||||
| The ___ layer is concerned with physically moving electrons across a medium. | Network
🗑
|
||||
| The ___ layer is where applications and protocols, such as HTTP... | Application
🗑
|
||||
| The ___ layer uses IP addresses to route packets. | Internet
🗑
|
||||
| Microsoft RPC port | 135
🗑
|
||||
| NetBIOS port | 139
🗑
|
||||
| NNTP port | 119
🗑
|
||||
| POP3 port | 110
🗑
|
||||
| SMTP port | 25
🗑
|
||||
| The ___ tool can generate a report that can show an attacker how a Web site is structured... | Paros
🗑
|
||||
| ___ is a Web tool used to gather IP and domain information. Available in UNIX and Windows | SamSpade
🗑
|
||||
| ___ is a tool used to gather IP and domain information | Whois
🗑
|
||||
| ___ is a tool used to perform DNS zone transfers | Dig
🗑
|
||||
| ___ is a tool used to read/write data to ports over a network | Netcat
🗑
|
||||
| Closed ports respond to a ___ | XMAS scan
🗑
|
||||
| In an ACK scan, if the attacked port returns an RST packet.... | unfiltered
🗑
|
||||
| The ___ relies on the OS of the attacked computer... | connect scan
🗑
|
||||
| The ___ tool enables you to craft IP packet | Hping
🗑
|
||||
| The ___ tool written for Phrack magazine | Nmap
🗑
|
||||
| Unicron scan optimizes ___ ... | UDP
🗑
|
||||
| The ___ tool can ping multiple IP addresses simultaneously | Fping
🗑
|
||||
| ___ is a protocol packet analyzer | Tcpdump
🗑
|
||||
| ___ is a reasonably priced commercial port scanner with a GUI interface. | AW Security Port Scanner
🗑
|
||||
| ___ is currently the standard port-scanning tool.... | Nmap
🗑
|
||||
| ___ was developed to assist security testers in.... | Unicornscan
🗑
|
||||
| 2 Main Testing methods | Black Box / White Box
🗑
|
||||
| Collecting information on a company network i.e. Paros, e-mail, cookies | Footprinting
🗑
|
||||
| 4 Social engineering methods | Shoulder Surfing, dumpster diving, piggy backing, phishing
🗑
|
||||
| Finding services used by a host to find vulnerabilities | Port Scanning
🗑
|
||||
| What can be done to prevent a Smurf attack? | Deny ICMP packets
🗑
|
||||
| How are SQL injections performed? | When code is faulty.
🗑
|
||||
| How to realize digital signature with hash algorithm and public key algorithm | To generate the digital signature, the sender should first generate a hash value of the message. Then the sender should sign the hash value with his private key.
To verify the digital signature, the receiver should first decrypt the digital signature wit
🗑
|
||||
| Please explain how to do a direct and indirect DOS attack. Explain what is reflected DOS attack with example | Direct DoS attack: attacker floods SYN packets directly from attacker's computer.
Indirect DoS attack: attacker IP address is spoofed to hinder tracing of source.
🗑
|
||||
| How to reduce the DOS attack | Black holing
Validate the SYN
rate limiting
🗑
|
||||
| Please explain what is ARP poisoning. And how to prevent it | IP address to MAC address storage information is manipulated to reroute network traffic. It can be used for the man in the middle attack.
Prevention: Static ARP table, Limit the local access
🗑
|
||||
| What protocol you can use to achieve workgroup switch authentication. What method you can use for wireless access authentication | EAP or Radius
WEP and WPA
🗑
|
||||
| What is AAA and explain correspondingly | i. Authentication: who you are
ii. Authorization: what you can do
iii. Auditing: recording what people do
🗑
|
||||
| What are the four authentication credentials and explain that with examples? | i. What you know (e.g., a password)
ii. What you have (e.g., an access card)
iii. What you are, or (e.g., your fingerprint)
iv. What you do (e.g., speaking a passphrase)
🗑
|
||||
| Please list at least four main types of Biometric Scanning and list the four main aspects related to Biometric Performance | Fingerprint Hand geometry Retina scan Iris scan Enrollment 2 minutes Through put 10 subject FAR % people are identified /verified as matches to template but not be FRR % of people who should be identified or verified as matches to a template but are not
🗑
|
||||
| what is least privilege in the authorization? | a. Initially give people only the permissions a person absolutely needs to do his or her job
🗑
|
||||
| Please list the three access control(authorization) model | DAC, MAC, RBAC
🗑
|
||||
| If there are too much log information, what you need to do for the configuration. Could you example to explain that. | Setting up the clipping level. For example, I only log the activity that users fail for three times.
🗑
|
||||
| What is firewall | A firewall is a system that prevents unauthorized access to or from a private network. It can be implemented as both hardware and software.
🗑
|
||||
| Please list the three main types of firewall types; explain what that is, and their advantage and limitation. | -static: filters by header info [it is fast however they are unable to stop many types of attack]
-stateful: check the state of the packet for allowing or denying of the traffic [it is low cost, fast however does not guarantee safety against application
🗑
|
||||
| Please explain what IDS is and what IPS is | -Intrusion Detection System: Looks for suspicious traffic, sends an alarm message if attack appears serious; does not drop data
- Intrusion Prevention System: use ids filtering mechanisms to prevent certain traffic similar to firewall
🗑
|
||||
| Please list the five main components in unified threat management: | -stateful inspection firewall
-Antivirus filtering (application proxy firewall)
-VPN
-DOS protection
-NAT
🗑
|
||||
| Please list the four main kinds of firewall architecture: | -single router
-main border
-DMZ
-internal
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
ITSec_guy
Popular Computers sets