Security+ Set 4
Terms
undefined, object
copy deck
- What are the seven stages in a certificate life cycle?
- certificate enrollment; distribution; validation; revocation; renewal; destruction; auditing
- What security advantage do managed hubs provide over other hubs?
- they can detect physical configuration changes and report them
- What is port mirroring?
- on switches, the ability to map the input and output of one or more ports to a single port
- What does an attacker need to conduct ARP cache poisoning?
- physical connectivity to a local segment
- What security hole does RIPv1 pose?
- RIPv1 does not allow router passwords
- What are the five main services provided by firewalls?
- packet filtering; application filtering; proxy server; circuit-level; stateful inspection
- Which of the five router services do e-mail gateways provide?
- application filtering
- What OSI layer do stateful firewalls reside at?
- network layer
- What are the three types of NAT?
- static NAT; dynamic NAT; overloading NAT
- What security weakness does SPAP have?
- does not protect against remote server impersonation
- How do the RADIUS client and server avoid sending their shared secret across the network?
- shared secret is hashed and hash is sent
- In MAC, what is read-up?
- the ability of users in lower security categories to read information in higher categories
- In MAC, of read-up, read-down, write-up, and write-down, which two are legal? Which two are illegal?
-
legal- read-down, write-up
illegal- read-up, write-down - Do hashing algorithms protect files from unauthorized viewing?
- no, only verify files have not been changed
- What is an SIV?
- System Integrity Verifier- IDS that monitors critical system files for modification
- Why are VLAN's considered broadcast domains?
- all hosts on the VLAN can broadcast to all other hosts on the VLAN
- What language are most new smart card applications written in?
- Java
- What is a bastion host?
- a gateway in a DMZ used to secure an internal network
- What type of IDS will likely detect a potential attack first? Why?
- Network-based IDS: runs in real-time
- What drawback do heuristic-based IDS's have?
- higher rate of false positives
- What are the four layers of the TCP/IP suite? How do they map to the OSI model?
-
Application > Application-Session
Transport > Transport
Internet > Network
Network < Data Link-Physical - What are the six steps to incident response?
- Preparation; Identification; Containment; Eradication; Recovery; Follow-Up
- What are most fire extinguishers loaded with?
- FE-36
- What is FE-13 used for?
- explosion prevention
- What is the maximum length of a valid IP datagram?
- 64K
- What is the RFC-recommended size of an IP datagram?
- 576 bytes
- What is IGMP used for?
- multicasting
- What is bytestream?
- data from Application layer is segmented into datagrams that source and destination computers will support
- What two pieces of information comprise a socket?
- source IP address and source port
- At the Network Interface layer, what is the packet of information placed on the wire known as?
- a frame
- What IP layer do man-in-the-middle attacks take place at?
- internet layer
- What IP layers do DoS attacks occur at?
- any layer
- What IP layer do SYN floods occur at?
- transport layer
- Which hashing algorithm is more secure, MD5 or SHA-1?
- SHA-1
- What is the key length for Blowfish?
- variable length
- How are digital signatures implemented?
- a hash is created and encrypted with the creator's private key
- How are asymmetric algorithms used for authentication?
- authenticator sends a random number (nonce) to receiver, who encrypts it with their private key
- In a bridge CA architecture, what is the CA that connects to a bridge CA called?
- a principal CA
- Who defines a certificate's life cycle?
- the issuing CA
- At what OSI layer (and above) must networked computers share a common protocol?
- data link and above
- What security hole does SPAP have?
- remote server can be impersonated
- What protocol does RADIUS use?
- UDP
- What protocol does TACACS+ use?
- TCP
- What sort of devices normally use TACACS?
- network infrastructure devices
- What limitation does IPSec have?
- only supports unicast transmissions
- What does IPSec require to be scaleable?
- a PKI
- What are the three major components of SSH?
- Transport Layer protocol (SSH-TRANS); User authentication protocol (SSH-USERAUTH); connection protocol (SSH-CONN)
- What do BSS and ESS stand for?
- Basic Service Set and Extended Service Set
- What does ESS offer that BSS does not?
- the ability to roam between AP's
- What are the two parts of a Key Distribution Center?
- An authentication server (AS) and a ticket-granting server (TGS)
- What are the three major classification levels with MAC?
- Top Secret; Confidential; Unclassified