INMT 441 FINAL QUESTIONS AND ANSWERS ALL CORRECT
Content filters - Answer--(or proxy server) allows administrators to restrict content that comes into a network.
-The most common application of a content filter is the restriction of access to Web sites.
Wireless local area network (WLAN) - An...
INMT 441 FINAL QUESTIONS AND
ANSWERS ALL CORRECT
Content filters - Answer--(or proxy server) allows administrators to restrict content that
comes into a network.
-The most common application of a content filter is the restriction of access to Web
sites.
Wireless local area network (WLAN) - Answer-designed to replace or supplement a
wired LAN
Wired equivalent privacy (WEP) - Answer--the most basic level of wireless security
using encryption
-Uses a random initialization vector (IV) that is 24 bits.
-There is a 50% probability that the same IV will repeat after 5,000 packets.
-Deprecated
Wi-Fi protected access (WPA) - Answer--WPA utilizes 256-bit keys
-Dynamically generates new keys for each data packet using Temporal Key Integrity
Protocol (TKIP)
-Authentication: WPA Personal or PSK: using a pre-shared key or PSK, which is
manually entered on both the AP and each wireless device
WPA Enterprise - Answer--Intended for larger organizations
-Each device has its own credentials (typically username and password) stored in the
RADIUS server, which handles authentication.
-This offers centralized control and individual accountability for network access.
Wi-Fi protected access 2 - Answer--Introduced in 2006
-Encryption
-Instead of TKIP, it uses the stronger AES.
-Requires more processing power than WPA-1
Scanning and analysis tools - Answer-can find vulnerabilities in systems, holes in
security components, and other unsecured aspects of the network
Footprinting - Answer-the organized gathering of information about the target
organization's networks and systems.
Fingerprinting - Answer-entails the systematic examination of all target organizations to
achieve a detailed network analysis that reveals useful information.
,Vulnerability scanners - Answer--variants of port scanners
-capable of scanning networks for very detailed information
Packet sniffer - Answer--A packet sniffer is a network tool that collects and analyzes
packets on a network
-It can be used to eavesdrop on network traffic.
Trap and trace applications - Answer-detect agents who are intruding into network
areas or investigating systems without authorization (ex: honey pots)
Honey pots - Answer-a host with intentional vulnerabilities and fake data
Purposes of honey pots - Answer--neutralizing attackers' active reconnaissance
-learning about the attackers' methods
-distracting the attackers from the main networks (illusion of hacking success)
Cryptography - Answer--scrambling information so it cannot be read
-transforming information into a secure form
-avoiding unauthorized access
Cryptography uses - Answer-Can provide protection to data in the following states:
-Data-in-use
-Data-in-transit
-Data-at-rest
-Ensures confidentiality (only authorized users can view the information) ex: Encryption
-Ensures integrity (information will not be altered by unauthorized users) ex: Hashing
-Ensures non-repudiation (proves that a user performed an action) ex: Digital signature
Data-in-use - Answer-data actions being performed by endpoint devices (ex: printing a
report)
Data-in-transit - Answer-actions that transmit data across a network (ex: sending an
attachment via email)
Data-at-rest - Answer-data stored on electronic media
Cryptography elements - Answer--Cleartext
-Plaintext
-Encryption
-Algorithm
-Key
-Ciphertext
-Decryption
, Cleartext - Answer-readable data stored or transmitted without encryption
Plaintext - Answer--cleartext data to be encrypted
-plaintext data is input into a cryptographic algorithm
Encryption - Answer-changing original text into a secret message using cryptography
Algorithm - Answer-consists of procedures based on mathematical formula used to
encrypt and decrypt the data
Key - Answer--a mathematical value entered into the algorithm to produce ciphertext
-the reverse process uses the key to decrypt the message
Ciphertext - Answer-the encrypted message
Decryption - Answer-changing the ciphertext back to the original form
Substitution - Answer--substituting 1 for the letter A
-Ex: ROT13 (a simple letter sub cipher that replaces a letter with the 13th letter after it)
XOR cipher - Answer--based on the binary operation (comparing two characters at
once)
-Plaintext is XOR'ed by a keystream
-if both binary characters are the same, the return is 0. If they are different, the return is
1.
Symmetric cryptographic algorithms - Answer--uses a secret key to encrypt and decrypt
-use the same key to encrypt and decrypt a document
-also called private key cryptography
-unlike hashing, it is 2 way
-can use either stream ciphers or block ciphers
Data encryption standard (DES) - Answer-key size: 56 bits
Triple data encryption standard (3DES) - Answer--uses the same block size
-applies the DES algorithm three times to each block
-performs better in HARDWARE than software
Advanced encryption standard (AES) - Answer--official encryption standard used by the
US gov.
-key sizes = 128, 256, or 512 bits
-longer keys are more resistant to brute-force attacks
-key size options offer flexibility
Asymmetric cryptography algorithms - Answer--Also known as public key cryptography
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller victoryguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
