CIS377 Final Exam Fall 2015

andresmall's version from 2015-12-15 21:49

Section 1

Question Answer
Physical Design Processtechnologies supporting the information security blueprint, identifies complete technical solutions, Designs physical security measures, and prepares project plans for the implementation phase
Firewallprevents specific types of information from moving between the outside world, known as the untrusted network, and the inside world, known as the trusted network
Processing Mode: Packet filteringfirewalls examine the header information of data packets that come into a network. NETWORK LAYER.
Processing Mode: Application Gatewayalso known as an application-level firewall or application firewall, is frequently installed on a dedicated computer, separate from the filtering router, but is commonly used in conjunction with a filtering router. APPLICATION, PRESENTATION, AND SESSION LAYER
Processing Mode: Circuit gatewayfirewall operates at the transport layer. Connections are authorized based on addresses. DON'T Look at data traffic flowing between one network and another, but do prevent connections between one network and another. TRANSPORT LAYER
Processing Mode: MAC Layerdesigned to operate at the media access control layer of the OSI network model. This gives these firewalls the ability to consider the specific host computer’s identity in its filtering decisions. DATA LINK LAYER
Processing Mode: Hybridtype of firewalls combine the elements of other types of firewalls
SOHOfirewall device, called "broadband gateways" connect the user’s local area network or a specific computer system to the Internetworking device
Packet filtering routersrouter used as interface to the Internet and perimeter between external and internal networks
Screened host firewallscombines packet filtering router and dedicated firewall. Allows the router to prescreen packets to slow traffic and load to internal proxy
Dual-host firewallsbation host has two NICS one connected to the internal network, one connected to the external network.All must go through firewall with this implementation
Screened subnetfirewallsdominant architecture used today. Provides DMZ. DMZ can be dedicated port or connected to subnet
Best Practices for Firewalls1. let trusted network traffic out 2. firewall is not directly accessible by public network 3) SMTP data can pass through, but should be routed to SMTP gateway 4) ICMP data should be denied 5) Telnet from public networks = blocked 6)HTTP traffic should be denied from external networks through some form of proxy access
Content filteressentially a set of scripts or programs that restricts user access to certain networking protocols and Internet locations
War dialeran automatic phone-dialing program that dials every number in a configured range and checks to see if a person, machine or modem picks up.
Kerberosuses symmetric key encryption to validate an individual user to various network resources
VPNa private and secure network connection between systems that uses the data communication capability of an unsecured and public network
Trusted VPNused leased circuits from a service provider & conducts packet switching over these leased circuits
Secure VPNuses security protocols and encrypts traffic transmitted across unsecured public networks like the Internet
Hybrid VPNcombination of both types of VPNS
Keys to VPNEncapsulation, Encryption, and Authentication
Tunnel modethe organization establishes two perimeter tunnel servers. These servers serve as the encryption points, encrypting all traffic that will traverse an unsecured network.
Proxy Servera server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers

Section 2

Question Answer
Intrustiona type of attack on information assets in which the instigator attempts to gain entry intoa system or disrupt the normal operations of a systems.
Incident responsethe indentification of, classisfatin of, response to, and recovery frogman incident
Honey potsdecoy systems designed to lure potential attackers away from critical systems
Port Scannerare tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network
Packet sniffernetwork protocol analyzer, is a network tool that collects copies of packets from the network and analyzes them.
Authenticationthe validation of a supplicant’s identity
Honey netstwo or more honey pots
IDPSTo detect unauthorized activity within the inner network or on individual machines, organizations can implement
Host-based IDPSusually installed on the machines they protect to monitor the status of various files stored on those machines
Network IDPSpatterns of network traffic and attempt to detect unusual activity based on previous baselines
Signature-Based IDPSexamines network traffic in search of patterns that match known signatures—that is, preconfigured, predetermined attack patterns.
Statistical Anomaly-Based IDPScollects statistical summaries by observing traffic that is known to be normal
Padded Cell a honeypot that has been protected so that that it cannot be easily compromised

Section 3

Question Answer
AlgorithmThe mathematical formula used to convert an unencrypted message into an encrypted message.
CipherThe transformation of the individual components (characters, bytes, or bits) of an unencrypted message into encrypted components.
CiphertextThe unintelligible encrypted or encoded message that results from an encryption.
CodeThe transformation of the larger components (words or phrases) of an unencrypted message into encrypted components
DecipherTo decrypt or convert ciphertext to plaintext.
EncipherTo encrypt or convert plaintext to ciphertext.
KeyThe information used in conjunction with the algorithm to create ciphertext from plaintext.
PlaintextThe original unencrypted message that is encrypted
Symmetric Encryptionuses the same key, also known as a secret key, to encrypt and decrypt a message.
Asymmetric Encryption another category of encryption techniques also known as public-key encryption.
Public-Key Infrastructurean integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.
Digital signaturesencrypted messages that can be mathematically proven authentic.
Digital certificatean electronic document, similar to a digital signature that is attached to a file and certifies that the file is from the organization it claims to be from and has not been modified from the original format.
S-HTTPan extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages between a client and server across the Internet
SSLprotocol to use public-key encryption to secure a channel over the public Internet, thus enabling secure communications.
PGPdeveloped by Phil Zimmerman and uses the IDEA Cipher along with RSA for key exchange.
Dictionary Attacksthe attacker encrypts every word in a dictionary using the same cryptosystem as used by the target
Hybrid Encryptionuses symmetric for the session, asymmetric for the message

Section 4

Question Answer
Uninterruptible Power Supplya UPS is a backup power source for major computer systems.
Direct Changeovera direct change over involves stopping the old method and beginning the new
Phase implementationThe most common approach, phase implementation involves rolling out a piece of the system across the entire organization
Pilot Implementationimplementing all security improvements in a single office, department, or division, and resolving issues within that group before expanding to the rest of the organization.
Parallel operationsinvolve running the new methods alongside the old methods.

Section 5

Question Answer
1, Advantage of IDPSdetect preambles to attack
2,Advantage of IDPSdetect attacks not seen my security measures
3, Advantage of IDPSdocument existing threats
4, Advantage of IDPSacts as quality control

Section 6

Question Answer
Port 20FTP
Port 23Telnet
Port 25SMTP
Port 80HTTP

Section 7

Question Answer
Usability MeasureEffectiveness, Efficiency, Satisfaction, Memorability, Error Frequency, Ease of Learning

Recent badges