Chapter 15 Determining And Monitoring Who Can Access

Chapter 15: Network Security Key

1. Network security is one of the most critical technical areas within IT.

2. Network security breaches rarely happen.

3. All Internet security breaches are reported.

4. The annual costs of preventing attacks and implementing reparative security measures are massive.

5. In 1988, the U.S. government funded the establishment of the Computer Emergency Response Team (CERT)

to spearhead responses to computer security problems, report incidents, research security technologies, and

educate network users about security.

6. Numerous CERTs have been formed around the world to detect, report, and respond to network security

problems.

7. In the early days of the Internet before security became a significant problem, hacking had a more positive

connotation of creative programming.

8. White hat hacking involves malicious motivation.

9. A gray hat hacker always breaks into systems for ethical reasons such as trying to help a company identify

security vulnerabilities.

10. A wormis malicious code embedded within a seemingly legitimate program that only becomes active when

the program is executed.

11. Often, a virus contains an extension such as .exe rather than .doc or .jpg, meaning it is raw code that

executes once activated by a user.

12. A virus is not self-replicating or self-disseminating.

13. A wormpresents a greater threat than a virus.

14. A worm is autonomous—once unleashed, it replicates itself without any action on the part of users.

15. Security holes in software are common.

16. Denial-of-service attacks consume bandwidth and system resources but are easy to combat.

17. In a denial-of-service attack, the hacker doesn’t actually gain unauthorized access to the targeted computer.

Instead the targeted computer is flooded with so many requests it cripples functionality.

18. DDoS tools that are designed to disable systems are freely available on the Internet.

19. Password theft is possible with software tools that rapidly cycle through various letter and number

combinations or capture passwords sent over a network.

20. Encryption algorithms are more difficult to apply to digital than analog transmissions.

21. If someone accesses encrypted data during transmission, the message should be unreadable.

22. The shorter the encryption key is, the stronger the encryption.

23. An encrption key length of n bits provides 2 to the nth power possible unique keys.

24. Encryption key lengths of 20-40 bits long are common.

25. In public key encryption, the sender and receiver use the same key to encrypt and decrypt a message

26. Private key encryption is more secure than public key encryption.

27. Public key cryptography is vital for any type of electronic commerce over the Internet.

28. An important aspect of access control is physical security—ensuring that unauthorized users have no

physical access to a networked computer in an office building or to a person’s networked laptop.

29. Firewalls can only be implemented in hardware.

30. The most complex type of firewall is the application proxy firewall, which filters information based on the

application data itself.

31. Digital signatures are related to public key encryption.

32. Determining and monitoring who can access a network and what they can access is called:

33. The first highly publicized network security problem occurred in 1988, when a Cornell University student

unleashed an Internet worm that affected thousands of computers and disrupted the Internet for several days.

34. CERT was first launched at what University?

35. How many security incidents are reported to US-CERT annually?

36. Someone, often a security professional, who attempts to hack into systems to identify security

vulnerabilities for the system owner is sometimes called a:

37. Someone who breaks into systems for malicious reasons or personal financial gain is called a:

38. A serious security challenge comes from people who send enormous amounts of unwanted e-mail

solicitations called:

39. Rival business organizations seeking competitive information or, less frequently, sabotaging systems, is

usually called:

40. A virus that is cloaked in a legitimate program or file is called a:

41. Which of the following is self-replicating and self-propagating?

42. Worms that can theoretically exploit system vulnerabilities throughout the Internet in less than a second are

called:

43. Attacks that have hit networks before the software or hardware manufacturer of the affected product is

aware of the vulnerability are called:

44. An attack that floods a targeted computer with so many requests that it cripples functionality is called:

45. The master program in a DDoS is called a:

46. The act of accessing unsecured wireless LAN transmissions is known as:

47. The most effective method of protecting the privacy of network information is:

48. To encrypt data, a transmitting computer mathematically manipulates data according to a predetermined

algorithm called a:

49. Private key encryption is also known as:

50. Using this technique, every recipient possesses two keys: a private key that no one else can access and a

public key that is accessible to anyone.

51. An access control mechanism installed between a secure private network and a nonsecure public network to

regulate access to and from the private network’s resources is called a:

52. This type of firewall intercepts packets and then inspects their header contents, including the source IP

address, destination IP address, source port, and destination port.

53. A more intelligent form of packet filtering that notes when an incoming response is expected after an

outgoing request is made is called:

54. An approach in which the firewall converts the IP address of every outgoing packet into a shared IP address

before the traffic is sent over a network is called:

55. Social engineering schemes that use e-mail or text messages to try to coerce users into relinquishing

sensitive information such as a password, bank account number, Social Security number, or credit card number

are called:

56. One level of authentication that surpasses a memorized password is token-based authentication, which

requires a computer user to physically hold a device called a:

57. In 2003, the U.S. Homeland Security Department established a federally run

_________________________________________________________ to serve as a public/private partnership

that protects the U.S. Internet infrastructure and responds to security problems.

58. Statistical information about incidents and vulnerabilities is available at this Web site:

____________________________.

59. In general, the term ____________________refers to people who gain unauthorized access to a computing

resource either for malicious or benign purposes.

60. The perpetrators of network or system attacks have a wide range of motives and capabilities, and they fall

loosely into several categories: hackers, spammers, rogue employees, corporate or national spies, and

____________________.

61. Malicious code embedded within a seemingly legitimate program that only becomes active when the

program is executed is called a ____________________.

62. Before a ____________________ can spread, a user must activate the host program in which the

____________________ is embedded.

63. A computer virus can have devastating impacts, such as ____________________ files on a hard drive.

64. A ____________________ can rapidly copy itself from computer to computer in a matter of hours.

65. Worms exploit existing vulnerabilities, or ____________________, in operating systems, Web browsers,

and other applications.

66. A piece of code developed by a product vendor to address a software problem or to upgrade software is

called a software ____________________.

67. Hoax viruses use social ____________________techniques to make users take some action that simulates

the actual effects of a virus.

68. An attack that simultaneously floods a single system with requests from thousands of unwitting computers

is called a ______________________________ attack.

69. One preventative measure against a DDoS attack is to use ____________________ monitoring tools to

identify significant changes in traffic flow patterns.

70. Hackers sometimes solicit a legitimate user’s ____________________ from an unwitting help desk

administrator.

71. Because wireless access points are so easy and inexpensive to establish, many people at a business, school,

or other environment set up ____________________ access points outside the purview of technical

administrators without being aware of the necessary security requirements.

72. A critical infrastructure attack could potentially disrupt important systems and networks such as stock

market networks, systems of automatic teller machines, the power grid, water systems, hospital information

systems, or the ____________________ system.

73. The process of staying vigilant about product vulnerabilities and the availability of vendor-supplied

software patches and instituting procedures for systematically upgrading systems with these patches is called

74. Sometimes, a large software patch that addresses significant security weaknesses in a product is called a

____________________upgrade.

75. Most security approaches fall into one of the following three categories: privacy, ____________________,

and ____________________.

76. The scrambling of data prior to transmission over a shared or vulnerable network is called

____________________.

77. A fundamental characteristic of any encryption’s strength is its ____________________ length.

78. Encryption approaches take one of two forms: private key and ____________________ key.

79. Third-party trusted entities called certificate ____________________verify that the public keys belong to

their rightful owners.

80. A de factostandard for encrypted, end-to-end Internet communication is TLS. TLS is short for

_________________________.

81. SSL encryption relies on a stream cipher called ____________________, which uses an algorithm to

generate a random bit stream called a key stream.

82. NAT is short for ____________________.

83. Password authentication is not foolproof because passwords can be stolen or ____________________.

84. Token based authentication is not foolproof because users can ____________________ their tokens.

85. A person’s ____________________ characteristics can never be lost, forgotten, or easily copied.

86. Biometrics can identify any of a person’s unique physical characteristics, including: fingerprints, facial

features, voice patterns, retinal patterns, irises, or ____________________.

87. List the major security challenges that global information networks face.

88. Why would a business not report a network security breach?

89. What expenses are included in the costs of preventing attacks and responding to attacks?

90. Why is spam a problem?

91. How can disgruntled employees present a security threat?

92. How could cyberterrorism threaten networks?

93. What is the historical origination of the term “Trojan Horse” virus?

94. What types of damage can be done by a worm?

95. How can a hoax virus simulate the actual effects of a virus?

96. What is a distributed denial-of-service attack?

97. What is a drawback of private key encryption?

98. Describe some guidelines for a strong password.

99. How is a public key assigned?