N_S Quiz 4

A disadvantage of a point-to-point network is
Difficult to expand
Broadcasting is impossible
(Top of 484)
A disadvantage of a star network is
Limited Growth
Broadcasting
(Bottom of 485)
An advantage of a bus network is
Easy to add endpoints
Possibly node-free
No routing
Broadcasting is easy
(Top of 487)
A disadvantage of a tree network is
Inefficency at the fringes.
Inflexible addresses
Address-based size limits
Broadcasting is very hard
(Bottom of 489)
A disadvantage of a mesh network is
Routing gets tricky
Congestion
Broadcasting is very hard
(Top of 491)
Modern internet technology evolved from research on
the ARPANET and the research networks attached to it
Packet addressing and routing on the Internet rely entirely on
IP addresses
A major obstacle to becoming an ISP today is
the shortage of Internet Addresses
The well-known port number 80 is used for
World Wide Web
192.168.1.1 is an example of
IP Address
1111 1111 – 1111 1111 – 1111 0000 – 0000 0000 is an example of
Subnet Mask (Network Mask)
The element that automatically assigns IP addresses to LAN hosts is
Dynamic Host Configuration Protocol (DHCP)
A tool that captures packets on a network and helps you analyze the packets is
WireShark?
An autonomous system (AS)
is essentially an ISP that handles routing between its networking customers. (Maybe Do more, Pg. 498)
Interrior routing – route packets between networks within the AS
Exterior routing – route packets from a network within the AS to a network on another AS
The nmap utility
is a well-respected open source utility for mapping computer networks
An attack in which one or more hosts conspire to inundate a victim with ping requests is called a
Ping Flood
An attack that forges the sender’s IP address is called
IP Spoofing
On the Internet, the entity that looks up a domain name and retrieves information about it is the
Domain Name System (DNS)
In the Web site address www.stthomas.edu, the top-level domain is
.edu
Issuing the nslookup command along with a domain name displays
the domain’s ip address/s
To resolve a domain name on the Internet, the DNS resolver first contacts
the root zone
The whois database provides the following information except
It DOES include
-Registrant
-Administrative Contact
-Technical Contact
-Name Servers
-Domain record activated
-domain record last updated
-domain expires
Packet filtering looks at any packet header and filters on these values except
It DOES filter these values
-MAC Address
-Broadcast transmissions
-ICMP
-IP Address
-IP application Protocol
The TCP fields that help ensure reliable transmission of data by keeping track of the number of bytes sent and received are
Sequence and Acknowledgment
TCP connections go through three stages
setup, operation, and termination
DNS security improvements include
Randomized requests
Limited access to resolvers
Distributed DNS Servers
A network address translation (NAT) gateway rewrites an outbound packet’s header to refer to
the gateway’s global IP address and the gateway’s chosen port number
Confidential company information that would give competitors a commercial advantage if leaked is called
Trade Secrets
Rules that restrict certain types of information to specific groups within a company are categorized as
Need to Know
Two-person or multiperson control in important transactions helps to reduce the risk of
Insider threats
A typical profit center in an enterprise is
a division, department, or other component that makes money for the company
A qualified security assessor (QSA) performs audits to check adherence to
The QSA reviews the system against the PCI-DSS requirements and reports on its compliance or deficiencies. In many cases, however, systems may perform self-assessments.
An uninterruptable power system (UPS)
These were once the exclusive province of larger, enterprise-level computing systems. Today, even households can afford an effective UPS. A high-end UPS may include its own motor-driven generator to handle lengthy power outages. The capacity and duration of a site’s UPS depends on their disaster planning.
The software-based access control that identifies data items that require different types of protection is
Internal Security Label
Off-line authentication
Provides a practical approach to truly distributed authentication.
An image backup
are bit-by-bit copies of one mass storage device to another.
The phases of a large-scale attack on an enterprise network or systems include the following except
The 4 Phases
-Surveillance
-Infiltration
-Execution
-Disengagement
In an enterprise, successful information security strikes a balance between three separate elements
Objectives of the enterprise
Risks
Costs of security measures
Management processes that help build security in an enterprise are
Policies and procedures?
Decommissioning an ex-employee’s resources may include
-Changing any shared, memorized secrets that protect resources. This includes safe combinations, shared administrative passwords, alarm codes, and other similar information.

-Retrieving any physical keys, especially master keys, issued to the employee. It’s possible, though costly, to change locks if an employee leaves without returning keys. It’s often impractical, however, to change locks when a master key goes missing.

-Revoking access to computer and network resources. Sites often simply disable the user’s login. Sites rarely delete user identities wholesale, except perhaps for students leaving a school, because the user may have produced valuable files that others in the enterprise need. The site might change ownership of the orphaned files and directories.