Chapter 1-10 multiple choice
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| A __________ attack attempts to learn or make use of information from the system but does not affect system resources. | passive
🗑
|
||||
| A __________ is data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery. | digital signature
🗑
|
||||
| A __________ takes place when one entity pretends to be a different entity. | masquerade
🗑
|
||||
| A loss of _________ is the disruption of access to or use of information or an information system. | availability
🗑
|
||||
| A possible danger that might exploit a vulnerability, a _________ is a potential for violation of security which exists when there is a circumstance, capability, action, or event that could breach security and cause harm. | threat
🗑
|
||||
| Active attacks can be subdivided into four categories: replay, modification of messages, denial of service, and __________ . | masquerade
🗑
|
||||
| An intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is an __________ . | attack
🗑
|
||||
| In the context of network security, _________ is the ability to limit and control the access to host systems and applications via communications links. | access control
🗑
|
||||
| The __________ service addresses the security concerns raised by denial-of-service attacks. | availability
🗑
|
||||
| The common technique for masking contents of messages or other information traffic so that opponents, even if they captured the message, could not extract the information from the message is _________ . | encryption
🗑
|
||||
| The prevention of unauthorized use of a resource is __________ . | access control
🗑
|
||||
| The protection of data from unauthorized disclosure is _________ . | data confidentiality
🗑
|
||||
| The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity is _________ . | accountability
🗑
|
||||
| Three key objectives that are at the heart of computer security are: confidentiality, availability, and _________ | accountability
🗑
|
||||
| Three key objectives that are at the heart of computer security are: confidentiality, availability, and _________ | integrity
🗑
|
||||
| Verifying that users are who they say they are and that each input arriving at the system came from a trusted source is _________ . | authenticity
🗑
|
||||
| X.800 defines _________ as a service that is provided by a protocol layer of communicating open systems and that ensures adequate security of the systems or of data transfers. | security service
🗑
|
||||
| X.800 divides security services into five categories: authentication, access control, nonrepudiation, data integrity and __________ . | data confidentiality
🗑
|
||||
| is a pro membership society with worldwide org/individual membership that provides leadership in addressing issues that confront the future of Internet and is org home for groups responsible for Internet infrastructure standards incl. IETF and the IAB. | ISOC
🗑
|
||||
| _________ is a variety of mechanisms used to assure the integrity of a data unit or stream of data units. | Data integrity
🗑
|
||||
| _________ is defined as "the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources". | computer security
🗑
|
||||
| _________ is the insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. | Traffic padding
🗑
|
||||
| _________ security consists of measures to deter, prevent, detect, and correct security violations that involve the transmission of information. | Internet
🗑
|
||||
| __________ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system. | System integrity
🗑
|
||||
| __________ assures that systems work promptly and service is not denied to authorized users. | Availability
🗑
|
||||
| __________ attacks attempt to alter system resources or affect their operation. | Active
🗑
|
||||
| __________ is a U.S. federal agency that deals with measurement science, standards, and technology related to U.S. government use and to the promotion of U.S. private sector innovation. | NIST
🗑
|
||||
| __________ is the use of mathematical algorithms to transform data into a form that is not readily intelligible, in which the transformation and subsequent recovery of the data depend on an algorithm and zero or more encryption keys. | Encipherment
🗑
|
||||
| prevents either tx/rx from denying a transmitted message; when a message is sent the receiver can prove that alleged sender in fact sent the message and when a message is received sender can prove that alleged receiver in fact received the message. | nonrepudiation
🗑
|
||||
| A PRNG takes as input a fixed value called the ________ and produces a sequence of output bits using a deterministic algorithm. | seed
🗑
|
||||
| A ________ takes as input a source that is effectively random and is often referred to as an entropy source. | TRNG
🗑
|
||||
| A _________ approach involves trying every possible key until an intelligible translation of the ciphertext into plaintext is obtained. | brute-force
🗑
|
||||
| A _________ cipher processes the plaintext input in fixed sized blocks and produces a block of ciphertext of equal size for each plaintext block. | block
🗑
|
||||
| A __________ processes the input elements continuously, producing output one element at a time, as it goes along. | stream cipher
🗑
|
||||
| A symmetric block cipher processes _________ of data at a time. | one block
🗑
|
||||
| A symmetric encryption scheme has _________ ingredients. | five
🗑
|
||||
| All encryption algorithms are based on two general principles: _________, in which each element in the plaintext is mapped into another element, and transposition, in which elements in the plaintext are rearranged. | substitution
🗑
|
||||
| Also referred to as conventional encryption, secret-key, or single-key encryption, _________ encryption was the only type of encryption in use prior to the development of public-key encryption in the late 1970's. | symmetric
🗑
|
||||
| If both sender and receiver use the same key the system is referred to as _________ encryption. | symmetric
🗑
|
||||
| If the analyst is able to get the source system to insert into the system a message chosen by the analyst, a _________ attack is possible. | chosen plaintext
🗑
|
||||
| If the sender and receiver each use a different key the system is referred to as __________ encryption. | asymmetric
🗑
|
||||
| In _________ mode a counter equal to the plaintext block size is used | CTR
🗑
|
||||
| Many symmetric block encryption algorithms including DES have a structure first described by _________ of IBM in 1973. | Horst Feistel
🗑
|
||||
| The ________ source is drawn from the physical environment of the computer and could include things such as keystroke timing patterns, disk electrical activity, mouse movements, and instantaneous values of the system clock. | entropy
🗑
|
||||
| The _________ algorithm performs various substitutions and transformations on the plaintext. | encryption
🗑
|
||||
| The _________ algorithm takes the ciphertext and the same secret key and produces the original plaintext. | decryption
🗑
|
||||
| The _________ key size is used with the Data Encryption Standard algorithm. | 56 bit
🗑
|
||||
| The most common key length in modern algorithms is ________ . | 128 bits
🗑
|
||||
| The process of attempting to discover the plaintext or key is known as _________ . | cryptanalysis
🗑
|
||||
| Two requirements for secure use of symmetric encryption are: sender and receiver must have obtained copies of the secret key in a secure fashion and a strong __________ is needed. | encryption algorithm
🗑
|
||||
| With the ________ mode if there is an error in a block of the transmitted ciphertext only the corresponding plaintext block is affected. | ECB
🗑
|
||||
| With the use of symmetric encryption, the principal security problem is maintaining the secrecy of the _________ . | key
🗑
|
||||
| _________ is the original message or data that is fed into the algorithm as input. | Plaintext
🗑
|
||||
| _________ mode requires only the implementation of the encryption algorithm and not the decryption algorithm. | CTR
🗑
|
||||
| __________ is a stream cipher used in the Secure Sockets Layer/Transport Layer Security standards that have been defined for communication between Web browsers and servers and is also used in WEP and WPA protocols. | RC4
🗑
|
||||
| "It is easy to generate a code given a message, but virtually impossible to generate a message given a code" describes the __________ hash function property. | preimage resistant
🗑
|
||||
| A _________ is when two sides cooperate to exchange a session key. | key exchange
🗑
|
||||
| A __________ is when the sender "signs" a message with its private key, which is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message. | digital signature
🗑
|
||||
| As with symmetric encryption there are two approaches to attacking a secure hash function: brute-force attack and ___________ . | cryptanalysis
🗑
|
||||
| Based on the use of a mathematical construct known as the elliptic curve and offering equal security for a far smaller bit size, __________ has begun to challenge RSA. | ECC
🗑
|
||||
| Bob and Alice yada yada | digital signature
🗑
|
||||
| If the message includes a _________ the receiver is assured that the message has not been delayed beyond that normally expected for network transit. | timestamp
🗑
|
||||
| It is computationally infeasible to find any pair (x, y) such that H(x) = H(y). A hash function with this property is referred to as __________ . | collision resistant
🗑
|
||||
| Like the MAC, a __________ accepts a variable size message M as input and produces a fixed size message digest H(M) as output. Unlike the MAC, it does not take a secret key as input. | hash function
🗑
|
||||
| Public key cryptography is __________ . | asymmetric
🗑
|
||||
| Secure Hash Algorithms with hash value lengths of 256, 384, and 512 bits are collectively known as _________ . | SHA-2
🗑
|
||||
| The __________ algorithm accepts the ciphertext and the matching key and produces the original plaintext. | decryption
🗑
|
||||
| The __________ approach has two advantages: it provides a digital signature as well as message authentication and it does not require the distribution of keys to communicating parties. | public-key
🗑
|
||||
| The __________ property protects against a sophisticated class of attack known as the birthday attack. | collision resistant
🗑
|
||||
| The key algorithmic ingredients of __________ are the AES encryption algorithm, the CTR mode of operation, and the CMAC authentication algorithm. | CCM
🗑
|
||||
| The key used in conventional encryption is typically referred to as a _________ key. | secret
🗑
|
||||
| The most important hash function is ________ . | SHA
🗑
|
||||
| The most widely accepted and implemented approach to public-key encryption, _________ is a block cipher in which the plaintext and ciphertext are integers between 0 and n - 1 for some n. | RSA
🗑
|
||||
| The purpose of a ___________ is to produce a "fingerprint" of a file, message, or other block of data. | hash function
🗑
|
||||
| The purpose of the _________ algorithm is to enable two users to exchange a secret key securely that then can be used for subsequent encryption of messages and depends on the difficulty of computing discrete logarithms for its effectiveness. | Diffie-Hellman
🗑
|
||||
| The readable message or data that is fed into the algorithm as input is the __________ . | plaintext
🗑
|
||||
| The two most widely used public key algorithms are RSA and _________ . | Diffie-Hellman
🗑
|
||||
| ________ protects against passive attack (eavesdropping). | Encryption
🗑
|
||||
| __________ is a procedure that allows communicating parties to verify that received messages are authentic. | Message authentication
🗑
|
||||
| A _________ is a key used between entities for the purpose of distributing session keys. | permanent key
🗑
|
||||
| A _________ is the client's choice for an encryption key to be used to protect this specific application session. | subkey
🗑
|
||||
| A __________ indicates the length of time for which a ticket is valid (e.g., eight hours). | lifetime
🗑
|
||||
| A __________ is a set of managed nodes that share the same Kerberos database which resides on the Kerberos master computer system that is located in a physically secure room. | Kerberos realm
🗑
|
||||
| A __________ server issues tickets to users who have been authenticated to the authentication server. | ticket-granting
🗑
|
||||
| A ___________ is a service or user that is known to the Kerberos system and is identified by its principal name. | Kerberos principal
🗑
|
||||
| A random value to be repeated to assure that the response is fresh and has not been replayed by an opponent is the __________ . | nonce
🗑
|
||||
| An __________ manages the creation and maintenance of attributes such as passwords and biometric information. | attribute service
🗑
|
||||
| Containing the hash code of the other fields encrypted with the CA's private key, the __________ covers all of the other fields of the certificate and includes the signature algorithm identifier. | signature
🗑
|
||||
| Encryption in version 4 makes use of a nonstandard mode of DES known as ___________ . | PCBC
🗑
|
||||
| In order to prevent an opponent from capturing the login ticket and reusing it to spoof the TGS, the ticket includes a __________ indicating the date and time at which the ticket was issued. | timestamp
🗑
|
||||
| In order to solve the problem of minimizing the number of times that a user has to enter a password and the problem of a plaintext transmission of the password a __________ server is used. | ticket granting
🗑
|
||||
| Kerberos version 4 requires the use of ____________ . | IP address
🗑
|
||||
| Once the authentication server accepts the user as authentic it creates an encrypted _________ which is sent back to the client. | ticket
🗑
|
||||
| Rather than building elaborate authentication protocols at each server, _________ provides a centralized authentication server whose function is to authenticate users to servers and servers to users. | Kerberos
🗑
|
||||
| The _________ exentsion is used only in certificates for CAs issued by other CAs and allows an issuing CA to indicate that one or more of that issuer's policies can be considered equivalent to another policy used in the subject CAs domain. | policy mappings
🗑
|
||||
| The _________ extension lists policies that the certificate is recognized as supporting, together with optional qualifier information. | certificate policies
🗑
|
||||
| The __________ knows the passwords of all users and stores these in a centralized database and also shares a unique secret key with each server. | authentication server
🗑
|
||||
| The strength of any cryptographic system rests with the _________ technique, a term that refers to the means of delivering a key to two parties that wish to exchange data without allowing others to see the key. | key distribution
🗑
|
||||
| The technical deficiencies of Kerberos version 4 are: double encryption, PCBC encryption, session keys and __________ . | password attacks
🗑
|
||||
| Used in most network security applications the __________ standard has become universally accepted for formatting public-key certificates. | X.509
🗑
|
||||
| When two end systems wish to communicate they establish a logical connection and, for the duration of that logical connection, all user data are encrypted with a one-time __________ which is destroyed at the end of the session. | session key
🗑
|
||||
| _________ are entities that obtain and employ data maintained and provided by identity and attribute providers, which are often used to support authorization decisions and to collect audit information. | Data Consumers
🗑
|
||||
| __________ defines a framework for the provision of authentication services by the X.500 directory to its users and defines alternative authentication protocols based on the use of public-key certificates. | X.509
🗑
|
||||
| is a centralized, auto approach to provide enterprise wide access to resources by employees & other authorized individuals with a focus of defining an ID for each user associating attributes with identity & enforcing a means by which a user can verify ID. | Identity management
🗑
|
||||
| __________ is a process where authentication and permission will be passed on from one system to another, usually across multiple enterprises, thereby reducing the number of authentications needed by the user. | Federation
🗑
|
||||
| A Pseudorandom Function takes as input: | all of the above
🗑
|
||||
| A signature is created by taking the hash of a message and encrypting it with the sender's _________ . | private key
🗑
|
||||
| An SSL session is an association between a client and a server and is created by the ___________ . | Handshake Protocol
🗑
|
||||
| An arbitrary byte sequence chosen by the server to identify an active or resumable session state is a _________ . | session identifier
🗑
|
||||
| Defined as a Proposed Internet Standard in RFC 2246, _________ is an IETF standardization initiative whose goal is to produce an Internet standard version of SSL. | TLS
🗑
|
||||
| Phase _________ of the Handshake Protocol establishes security capabilities. | 1
🗑
|
||||
| The SSL Internet standard version is called _________ . | TLS
🗑
|
||||
| The _________ Protocol allows the server and client to authenticate each other and to negotiate an encryption and MAC algorithm along with cryptographic keys to be used to protect data sent in an SSL Record. | handshake
🗑
|
||||
| The _________ is used to convey SSL-related alerts to the peer entity. | Alert Protocol
🗑
|
||||
| The _________ takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit in a TCP segment. | SSl Record Protocol
🗑
|
||||
| The __________ approach is vulnerable to man-in-the-middle attacks. | Anonymous Diffie-Hellman
🗑
|
||||
| The final message in phase 2, and one that is always required, is the ___________ message, which is sent by the server to indicate the end of the server hello and associated messages. | server_done
🗑
|
||||
| The handshake is complete and the client and server may begin to exchange application layer data after the server sends its finished message in phase _________ of the Handshake Protocol. | 4
🗑
|
||||
| The most complex part of SSL is the __________ . | Handshake Protocol
🗑
|
||||
| The symmetric encryption key for data encrypted by the client and decrypted by the server is a _________ . | client write key
🗑
|
||||
| Three higher-layer protocols defined as part of SSL and used in the management of SSL exchanges are: The Handshake Protocol, The Change Cipher Spec Protocol, and the __________ . | Alert Protocol
🗑
|
||||
| Three standardized schemes that are becoming increasingly important as part of Web commerce and that focus on security at the transport layer are: SSL/TLS, HTTPS, and _________. | SSH
🗑
|
||||
| Two important SSL concepts are the SSL session and the SSL _________ . | connection
🗑
|
||||
| With each element of the list defining both a key exchange algorithm and a CipherSpec, the list that contains the combination of cryptographic algorithms supported by the client in decreasing order of preference is the __________ . | CipherSuite
🗑
|
||||
| _________ attacks include eavesdropping on network traffic between browser and server and gaining access to information on a Web site that is supposed to be restricted. | Passive
🗑
|
||||
| _________ attacks include impersonating another user, altering messages in transit between client and server and altering information on a Web site. | Active
🗑
|
||||
| _________ is organized as three protocols that typically run on top of TCP for secure network communications and are designed to be relatively simple and inexpensive to implement. | SSH
🗑
|
||||
| _________ provides secure, remote logon and other secure client/server facilities. | SSH
🗑
|
||||
| _________ require a client write MAC secret, a server write MAC secret, a client write key, a server write key, a client write IV, and a server write IV, which are generated from the master secret in that order. | CipherSpecs
🗑
|
||||
| __________ allows the client to set up a "hijacker" process that will intercept selected application-level traffic and redirect it from an unsecured TCP connection to a secure SSH tunnel. | Local forwarding
🗑
|
||||
| __________ provides confidentiality using symmetric encryption and message integrity using a message authentication code. | SSL/TLS
🗑
|
||||
| __________ refers to the combination of HTTP and SSL to implement secure communication between a Web browser and a Web server. | HTTPS
🗑
|
||||
| A WML _________ is similar to an HTML page in that it is identified by a URL and is the unit of content transmission. | deck
🗑
|
||||
| Forming a hierarchy beginning with a master key from which other keys are derived dynamically and used for a limited period of time, __________ are used for communication between a pair of devices typically between a STA and an AP. | pairwise keys
🗑
|
||||
| The MPDU authentication phase consists of three phases. They are: connect to AS, EAP exchange and _________ . | secure key delivery
🗑
|
||||
| The MPDU exchange for distributing pairwise keys is known as the _________ which the STA and SP use to confirm the existence of the PMK, to verify the selection of the cipher suite, and to derive a fresh PTK for data sessions. | 4-way handshake
🗑
|
||||
| The PMK is used to generate the _________ which consists of three keys to be used for communication between a STA and AP after they have been mutually authenticated. | PTK
🗑
|
||||
| The WAP Programming Model is based on three elements: the client, the original server, and the _________ . | gateway
🗑
|
||||
| The _________ is used to ensure the confidentiality of the GTK and other key material in the 4-Way Handshake. | EAPOL-KEK
🗑
|
||||
| The __________ function is the logical function that determines when a station operating within a BSS is permitted to transmit and may be able to receive PDUs. | coordination
🗑
|
||||
| The __________ is the information that is delivered as a unit between MAC users. | MSDU
🗑
|
||||
| The __________ is used to convey WTLS-related alerts to the peer entity. | Alert Protocol
🗑
|
||||
| The __________ layer keeps track of which frames have been successfully received and retransmits unsuccessful frames. | logical link control
🗑
|
||||
| The function of the __________ is to on transmission assemble data into a frame, on reception disassemble frame and perform address recognition and error detection, and govern access to the LAN transmission medium. | media access control layer
🗑
|
||||
| The layer of the IEEE 802 reference model that includes such functions as encoding/decoding of signals and bit transmission/reception is the _________ . | physical layer
🗑
|
||||
| The master session key is also known as the __________ key. | AAA
🗑
|
||||
| The purpose of the discovery phase in the ___________ is for a STA and an AP to recognize each other, agree on a set of security capabilities, and establish an association for future communication using those security capabilities. | RSN
🗑
|
||||
| The specification of a protocol along with the chosen key length is known as a __________ . | cipher suite
🗑
|
||||
| The term used for certified 802.11b products is ___________ . | Wi-Fi
🗑
|
||||
| WAP security is primarily provided by the __________ which provides security services between the mobile device and the WAP gateway to the Internet. | WTLS
🗑
|
||||
| _________ is a standard to provide mobile users of wireless phones and other wireless terminals access to telephony and information services including the Internet and the Web. | WAP
🗑
|
||||
| was designed to describe content & format for presenting data on devices with limited bandwidth, limited screen size, and limited user input capability and to work with telephone keypads, styluses, and other input devices common to mobile, wireless comm. |
WML
🗑
|
||||
| __________ is the primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS. | Distribution
🗑
|
||||
| __________ specifies security standards for IEEE 802.11 LANs including authentication, data integrity, data confidentiality, and key management. | IEEE 802.11i
🗑
|
||||
| A _________ is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer, which is then encoded using base64 encoding. | digital signature
🗑
|
||||
| Computed by PGP, a _________ field indicates the extent to which PGP will trust that this is a valid public key for this user; the higher the level of trust, the stronger the binding of this user ID to this key. | key legitimacy
🗑
|
||||
| E-banking, personal banking, e-commerce server, software validation and membership-based online services all fall into the VeriSign Digital ID _________ . | Class 3
🗑
|
||||
| For the __________ subtype the order of the parts is not significant. | multipart/parallel
🗑
|
||||
| Key IDs are critical to the operation of PGP and __________ key IDs are included in any PGP message that provides both confidentiality and authentication. | two
🗑
|
||||
| MIME is an extension to the ________ framework that is intended to address some of the problems and limitations of the use of SMTP. | RFC 5322
🗑
|
||||
| PGP makes use of four types of keys: public keys, private keys, one-time session keys, and ___________ symmetric keys. | passphrase-based
🗑
|
||||
| PGP provides authentication through the use of _________ . | digital signatures
🗑
|
||||
| PGP provides compression using the __________ algorithm. | ZIP
🗑
|
||||
| PGP provides e-mail compatibility using the __________ encoding scheme. | radix-64
🗑
|
||||
| S/MIME cryptographic algorithms use __________ to specify requirement level. | SHOULD and MUST
🗑
|
||||
| The ________ MIME field is a text description of the object with the body which is useful when the object is not readable as in the case of audio data. | Content-Description
🗑
|
||||
| The _________ accepts the message submitted by a Message User Agent and enforces the policies of the hosting domain and the requirements of Internet standards. | Mail Submission Agent
🗑
|
||||
| The _________ transfer encoding is useful when the data consists largely of octets that correspond to printable ASCII characters. | quoted-printable
🗑
|
||||
| The _________ transfer encoding, also known as radix-64 encoding, is a common one for encoding arbitrary binary data in such a way as to be invulnerable to the processing by mail-transport programs. | base64
🗑
|
||||
| The _________ type refers to other kinds of data, typically either uninterpreted binary data or information to be processed by a mail-based application. | application
🗑
|
||||
| The __________ field is used to identify MIME entities uniquely in multiple contexts. | Content-ID
🗑
|
||||
| The __________ MIME field describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user or otherwise deal with the data in an appropriate manner. | Content-Type
🗑
|
||||
| The __________ enables the recipient to determine if the correct public key was used to decrypt the message digest for authentication. | leading two octets of message digest
🗑
|
||||
| The __________ subtype is used when the different parts are independent but are to be transmitted together. They should be presented to the receiver in the order that they appear in the mail message. | multipart/mixed
🗑
|
||||
| The key legitimacy field, the signature trust field and the owner trust field are each contained in a structure referred to as a ___________ . | trust flag byte
🗑
|
||||
| To provide transparency for e-mail applications, an encrypted message may be converted to an ASCII string using _________ conversion. | radix-64
🗑
|
||||
| Typically housed in the user's computer, a _________ is referred to as a client e-mail program or a local network e-mail server. | Message User Agent
🗑
|
||||
| Video content will be identified as _________ type. | MPEG
🗑
|
||||
| __________ is an Internet standard approach to e-mail security that incorporates the same functionality as PGP. | S/MIME
🗑
|
||||
| A _________ is a one way relationship between a sender and a receiver that affords security services to the traffic carried on it. | SA
🗑
|
||||
| A __________ attack is one in which an attacker obtains a copy of an authenticated packet and later transmits it to the intended destination. | replay
🗑
|
||||
| A value chosen by the responder to identify a unique IKE SA is a _________ . | Responder Cookie
🗑
|
||||
| At any point in an IKE exchange the sender may include a _________ payload to request the certificate of the other communicating entity. | Certificate Request
🗑
|
||||
| Authentication applied to all of the packet except for the IP header is _________ . | transport mode
🗑
|
||||
| Authentication applied to the entire original IP packet is _________ . | tunnel mode
🗑
|
||||
| Authentication makes use of the _________ message authentication code. | HMAC
🗑
|
||||
| IKE key determination employs __________ to ensure against replay attacks. | nonces
🗑
|
||||
| IPsec encompasses three functional areas: authentication, key management, and __________ . | confidentiality
🗑
|
||||
| IPsec provides security services at the ________ layer by enabling a system to select required security protocols, determine the algorithms to use for the services and put in place any cryptographic keys required to provide the requested services. | IP
🗑
|
||||
| The _________ facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. | confidentiality
🗑
|
||||
| The _________ payload allows peers to identify packet flows for processing by IPsec services. | Traffic Selector
🗑
|
||||
| The __________ facility is concerned with the secure exchange of keys. | key management
🗑
|
||||
| The __________ mechanism assures that a received packet was in fact transmitted by the party identified as the source in the packet header and assures that the packet has not been altered in transit. | authentication
🗑
|
||||
| The __________ payload contains either error or status information associated with this SA or this SA negotiation. | Notify
🗑
|
||||
| The key management mechanism that is used to distribute keys is coupled to the authentication and privacy mechanisms only by way of the _________ . | SPI
🗑
|
||||
| The means by which IP traffic is related to specific SAs is the _________ . | SPD
🗑
|
||||
| The selectors that determine a Security Policy Database are: Name, Local and Remote Ports, Next Layer Protocol, Remote IP Address, and _________ . | Local IP Address
🗑
|
||||
| Three different authentication methods can be used with IKE key determination: Public key encryption, symmetric key encryption, and _________ . | digital signatures
🗑
|
||||
| _________ consists of an encapsulating header and trailer used to provide encryption or combined encryption/authentication. The current specification is RFC 4303. | ESP
🗑
|
||||
| _________ defines a number of techniques for key management. | IKE
🗑
|
||||
| _________ identifies the type of data contained in the payload data field by identifying the first header in that payload. | Next Header
🗑
|
||||
| _________ mode is used when one or both ends of an SA are a security gateway, such as a firewall or router that implements IPsec. | Tunnel
🗑
|
||||
| __________ provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. | IPsec
🗑
|
||||
| A ________ is a legitimate user who accesses data, programs, or resources for which such access is not authorized, or who is authorized for such access but misuses his or her privileges. | Misfeasor
🗑
|
||||
| A ________ is an individual who seizes supervisory control of the system and uses this control to evade auditing and access controls or to suppress audit collection. | Clandestine User
🗑
|
||||
| A ________ is used to measure the current value of some entity. Examples include the number of logical connections assigned to a user application and the number of outgoing messages queued for a user process. | Gauge
🗑
|
||||
| A _________ is an individual who is not authorized to use the computer and who penetrates a system's access controls to exploit a legitimate user's account. | Masquerader
🗑
|
||||
| A fundamental tool for intrusion detection is the _________ record. | audit
🗑
|
||||
| Eg of a metric used for profile-based intrus detect is ? which is a non-neg int that may be + but not - until reset by mgmt. Eg the # of login by a single usr during an Hr/the # of time a given cmd is exe during single user sess/the # of pwrd fails/Min. | Counter
🗑
|
||||
| An operation such as login, read, perform, I/O or execute that is performed by the subject on or with an object is the _________ audit record field. | Action
🗑
|
||||
| Designed to lure a potential attacker away from critical sys _ are decoy systems that divert an attacker from accessing critical sys, collect info about the hacker's activity, and encourage the attacker to stay on the sys long enough for admin to respond. | honeypots
🗑
|
||||
| Metrics that are useful for profile-based intrusion detection are: counter, gauge, resource utilization, and _________ . | interval timer
🗑
|
||||
| One of the most important results from probability theory is known as ________ which is used to calculate the probability that something really is the case, given evidence in favor of it. | Bayes' theorem
🗑
|
||||
| Password files can be protected in one of two ways: One-way function or __________ . | Access control
🗑
|
||||
| Software trespass can take the form of a _________ . | all of the above
🗑
|
||||
| The ________ is an audit collection module operating as a background process on a monitored system whose purpose is to collect data on security related events on the host and transmit these to the central manager. | host agent module
🗑
|
||||
| The _________ is based on a judgment of what is considered abnormal rather than an automated analysis of past audit records. | Operational model
🗑
|
||||
| The _________ model is used to establish transition probabilities among various states, such as looking at transitions between certain commands. | Markov process
🗑
|
||||
| The _________ prevents duplicate passwords from being visible in the password file. Even if two users choose the same password, those passwords will be assigned at different times. | salt
🗑
|
||||
| The most promising approach to improved password security is __________ . | a proactive password checker
🗑
|
||||
| The simplest statistical test is to measure the _________ of a parameter over some historical period which would give a reflection of the average behavior and its variability. | mean and standard deviation
🗑
|
||||
| The three classes of intruders identified by Anderson are: Masquerader, Misfeasor, and _________ . | Clandestine user
🗑
|
||||
| Two types of audit records used are Detection-specific audit records and _________ audit records. | Native
🗑
|
||||
| _________ detection involves the collection of data relating to the behavior of legit users over a time. Statistical tests are applied to observed behavior to determine with a hi level of confidence whether that behavior is not legit user behavior. | Statistical anomaly
🗑
|
||||
| _________ is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified. | Intrusion detection
🗑
|
||||
| _________ detection focuses on characterizing the past behavior of individual users or related groups of users and then detecting significant deviations. | Profile-based anomaly
🗑
|
||||
| _________ involves counting the number of occurrences of a specific event type over an interval of time. | Threshold detection
🗑
|
||||
| _________ techniques detect intrusion by observing events in the system and applying a set of rules that lead to a decision regarding whether a given pattern of activity is or is not suspicious. | Rule-based
🗑
|
||||
| __________ systems have been developed to provide early warning of an intrusion so that defensive action can be taken to prevent or minimize damage. | Intrusion detection
🗑
|
||||
| A _________ is a secret entry point into a program that allows someone who is aware of it to gain access without going through the usual security access procedures. | backdoor
🗑
|
||||
| A _________ is used when the programmer is developing an application that has an authentication procedure or a long setup requiring the user to enter many different values to run the application. | maintenance hook
🗑
|
||||
| A _________ virus is a form of virus explicitly designed to hide itself from detection by antivirus software. | stealth
🗑
|
||||
| A computer virus has three parts: infection mechanism, trigger, and __________ . | payload
🗑
|
||||
| A network worm exhibits the same characteristics as a computer virus: a dormant phase, a propagation phase, a __________ phase, and an execution phase. | triggering
🗑
|
||||
| Advertising that is integrated into software that can result in pop-up ads or redirection of a browser to a commercial site is called _________ . | adware
🗑
|
||||
| In a ________ attack an attacker is able to recruit a number of hosts throughout the Internet to simultaneously or in a coordinated fashion launch an attack upon the target. | DDoS
🗑
|
||||
| In a _ attack the slave zombies construct packets requiring a response that contains the target's IP as the source IP in the packet's IP header. These packets are sent to uninfected machines that respond with packets directed at the target machine. | reflector DDoS
🗑
|
||||
| Malicious software that needs a host program is referred to as _________ . | parasitic
🗑
|
||||
| Mobile phone worms communicate through Bluetooth wireless connections or via the _________ . | MMS
🗑
|
||||
| The IDEAL solution to the threat of viruses is __________ . | prevention
🗑
|
||||
| The Nimda attack, erroneously referred to as a worm, uses four distribution methods: Windows shares, Web servers, Web clients, and __________ . | E-mail
🗑
|
||||
| The _________ is code embedded in some legitimate program that is set to explode when certain conditions are met. | logic bomb
🗑
|
||||
| The _________ worm exploits a security hole in the Microsoft Internet Information Server to penetrate and spread to other hosts. It also disables the system file checker in Windows. | Code Red
🗑
|
||||
| The sheer number of ways in which they can operate make coping with _________ attacks challenging because the countermeasures must evolve with the threat. | DDoS
🗑
|
||||
| Two major trends in Internet technology that have had an increasing impact on the rate of virus propagation in recent years are: integrated mail systems and _________ systems. | mobile program
🗑
|
||||
| Unlike heuristics or fingerprint based scanners,the _________ integrates with the operating system of a host computer and monitors program behavior in real time for malicious actions. | behavior blocking software
🗑
|
||||
| Worm propagation proceeds through __________ phases. | 3
🗑
|
||||
| Worms and bot programs are examples of __________ malicious software programs. | independent
🗑
|
||||
| ________ attacks make computer systems inaccessible by flooding servers, networks, or even end user systems with useless traffic so that legitimate users can no longer gain access to those resources. | DDoS
🗑
|
||||
| _________ antivirus programs are memory resident programs that identify a virus by its actions rather than its structure in an infected program. | Third generation
🗑
|
||||
| _________ are used to attack networked computer systems with a large volume of traffic to carry out a denial-of-service attack. | Flooders
🗑
|
||||
| _________ is a mass mailing e-mail worm that installs a backdoor in infected computers thereby enabling hackers to gain remote access to data such as passwords and credit card numbers. | Mydoom
🗑
|
||||
| _________ software runs on server and desktop computers and is instructed through policies set by the network administrator to let benign actions take place but to intercede when unauthorized or suspicious actions occur. | Behavior blocking
🗑
|
||||
| __________ is software that is intentionally included or inserted in a system for a harmful purpose. | Malicious software
🗑
|
||||
| __________ software is essentially fragments of programs that cannot exist independently of some actual application program, utility, or system program. | Parasitic
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
ITSec_guy
Popular Computers sets