Download Chapter 4

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
Document related concepts

Deep packet inspection wikipedia , lookup

Hardware random number generator wikipedia , lookup

Access control wikipedia , lookup

Unix security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Distributed firewall wikipedia , lookup

Password strength wikipedia , lookup

Carrier IQ wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Network tap wikipedia , lookup

Mobile device forensics wikipedia , lookup

Stingray phone tracker wikipedia , lookup

Computer security wikipedia , lookup

Social engineering (security) wikipedia , lookup

Mobile security wikipedia , lookup

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
Chapter 4
Review Questions
1. Authentication is based on each of the following except
a. What you have
b. What you purchase
c. What you know
d. What you are
2. Each of the following is a characteristic of a weak password except
a. Using a common word
b. Changing the password every 30 days
c. Short passwords
d. Using the same password for all accounts
3. _____ is a service that allows devices on a network to discover other devices and
determine how to work with them.
a. Plug and Play (PnP)
b. Transmission Control Protocol (TCP)
c. Internetworking Protocol Exchange Messaging (IPEM)
d. Universal Plug and Play (UPnP)
4. A(n) _____ must attach itself to a computer document, such as an e-mail message,
and is spread by traveling along with the document.
a. virus
b. worm
c. adware
d. trojan
5. Each of the following may indicate a virus has infected a wireless laptop except
a. A program suddenly disappears from the computer
b. New programs do not install properly
c. The Service Set Identifier (SSID) changes from uppercase to
lowercase
d. Out-of-memory error messages appear
6. A security weakness can be in the security procedures, controls, or even the
physical layout of the network. True or False?
7. The problem with passwords is that lengthy and complex passwords should be
used yet they are difficult to memorize. True or False?
8. The Simple Network Management Protocol (SNMP) is a popular protocol used to
manage only wireless networked equipment. True or False?
9. The default SNMP community strings for read-only and read-write are public and
private, respectively. True or False?
10. Identity theft occurs when an individual uses the personal information of someone
else, such as a Social Security number, credit card number, or other identifying
information, to impersonate that individual with the intent to commit fraud or
other crimes. True or False?
11. A(n) _____ may be defined as a weakness or flaw in an information system that
could be exploited to cause harm. security vulnerability
12. A(n) _____ is a computer program that lies dormant until it is triggered by a
specific logical event. logic bomb
13. _____ is a general term used to describe software that violates a user’s personal
security. spyware
14. Unsolicited e-mail is known as _____. spam
15. A wireless access point that is secretly installed in an office without the
employer’s permission is known as a(n) _____. rogue access point
16. Explain how a disassociation frame DoS attack functions.
An attacker can pretend to be an access point and send a forged disassociation
frame to a wireless device. This will cause the device to disassociate from the access
point. Sending repeated disassociation frames an attacker can continuously prevent
any device from communicating with the AP.
17. Explain the weaknesses of SNMP community strings.
The use of community strings in the first two versions of SNMP, SNMPv1 and
SNMPv2, created several vulnerabilities. First, the default SNMP community
strings for read-only and read-write were public and private, respectively.
Administrators who did not change these default strings were leaving open the
possibility of an attacker taking control of a network device. Second, many
administrators who reset the community strings used weak strings (passwords) for
security. Finally, community strings are transmitted in cleartext, meaning that an
attacker with a packet sniffer can view the contents of the strings as they are being
transmitted.
18. What are the vulnerabilities of UPnP?
UPnP is a service that allows devices on a network to discover other devices and
determine how to work with them. There are vulnerabilities associated with UPnP
based on the way the UPnP performs device discovery (determining what network
devices are available). These vulnerabilities can enable an attacker to either gain
complete control over an affected device or an attacker to either prevent an affected
system from its intended useful service.
19. Explain how a Physical layer DoS attack can be performed.
Physical layer attacks are those that correspond to the Physical layer of the Open
System Interconnection (OSI) network model. Physical layer attacks flood the RF
spectrum with enough radiomagnetic interference to prevent a device from
effectively communicating with the AP. If a WLAN was set up using Channel 1 in
an IEEE 802.11b network, an attacker would flood the 2.412 GHz frequency with
enough “noise” that would prevent a device from sending or receiving packets.
20. Explain how CSMA/CA is used with IEEE 802.11 WLANs.
Because the wireless medium is shared among all devices, there must be rules for
cooperation among the wireless devices. The 802.11 standard uses a procedure
known as Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA).
CSMA/CA attempts to prevent multiple wireless devices from transmitting at the
same time. It does this by requiring that all devices wait a random amount of time
after a transmission is completed and the medium is clear. With wireless CSMA/CA
the amount of time that a device must wait after the medium is clear is called the
slot time. Each device must wait a random amount of slot times. For example, the
slot time for an 802.11b WLAN is 20 microseconds. If a wireless device’s backoff
interval is 3 slot times, then it must wait 60 microseconds (20 microseconds X 3 slot
times) before attempting to transmit. Because CMSA/CA has all stations wait a
random amount of time after the medium is clear, the number of collisions is
significantly reduced.
Related documents
(P1) How networks communicate
(P1) How networks communicate
88% 73%
88% 73%
Polytel® Remote Data Termininal (RDT)
Polytel® Remote Data Termininal (RDT)
Chpt 10 - 07 test.doc
Chpt 10 - 07 test.doc
MTA 98-366 Networking Fundamentals
MTA 98-366 Networking Fundamentals
PPT presentation
PPT presentation
Wireless Monitoring System
Wireless Monitoring System
Electric Guitars
Electric Guitars
Nauman Parkar
Nauman Parkar
Name: Shaikh Fahad Saeed ID: 200800652
Name: Shaikh Fahad Saeed ID: 200800652