T/F: Human errors, ignorance, and omissions cause more than half of all security breaches sustained by networks.
T/F: Network security is more often compromised "from the inside" than from external sources.
T/F: A security policy should state exactly which hardware, software, architecture, or protocols will be used to ensure security.
T/F: Encryption is the last means of defense against data theft.
T/F: By default, the 802.11 standard offers substantial security.
____ is a social engineering practice in which a person attempts to glean access or authentication information by posing as someone who needs that information.
man in the middle
In a ____ attack, a person redirects or captures secure transmissions as they occur.
____ software searches a node for open ports.
transmission and hardware
A router that is not configured to drop packets that match certain suspicious characteristics is an example of a risk associated with ____.
protocols and software
An NOS that contains a "back door" is an example of a risk associated with ____.
A ____ attack occurs when an Internet chat user sends commands to a victim's machine that cause the screen to fill with garbage characters and requires the victim to terminate their chat sessions.
denial of service
A ____ attack occurs when a system becomes unable to function because it has been deluged with data transmissions or otherwise disrupted.
A ____ main function is to examine packets and determine where to direct them based on their Network layer addressing information.
A ____ firewall is a router (or a computer installed with software that enables it to act as a router) that examines the header of every packet of data it receives to determine whether that type of packet is authorized to continue to its destination.
A ____ attack occurs when a hacker uses programs that try a combination of a user ID and every word in a dictionary to gain access to the network.
A ____ attack occurs when a hacker tries numerous possible character combinations to find the key that will decrypt encrypted data.
The combination of a public key and a private key is known as a ____.
A(n) ____ is a password-protected and encrypted file that holds an individual's identification information, including a public key.
The use of certificate authorities to associate public keys with certain users is known as ____.
____ is a public key encryption system that can verify the authenticity of an e-mail sender and encrypt e-mail data in transmission.
____ is a method of encrypting TCP/IP transmissions.
In ____ , a hacker forges name server records to falsify his host's identity.
A VPN ____ authenticates VPN clients and establishes tunnels for VPN connections.
____ protocols are the rules that computers follow to accomplish authentication.
authentication, authorization, and accounting
RADIUS and TACACS belong to a category of protocols known as AAA (____).
In ____, both computers verify the credentials of the other.
A(n) ____________________ is a thorough examination of each aspect of the network to determine how it might be compromised.
A(n) ____________________ identifies an organization's security risks, levels of authority, designated security coordinator and team members, responsibilities for each team member, and responsibilities for each employee.
In general, information is ____________________ if it could be used by other parties to impair an organization's functioning, decrease customers' confidence, cause a financial loss, damage an organization's status, or give a significant advantage to a competitor.
A(n) ____________________ is a software application on a network host that acts as an intermediary between the external and internal networks, screening all incoming and outgoing traffic.
____________________ is the use of an algorithm to scramble data into a format that can be read only by reversing the algorithm.
public key encryption
Data is encrypted using two keys.
A firewall that can block designated types of traffic based on application data contained within packets.
A software application on a network host that acts as an intermediary between the external and internal networks, screening all incoming and outgoing traffic.
A firewall that protects only the computer on which it is installed.
Software that can react to suspicious activity.
A firewall that can view a data stream.
The host that runs the proxy service.
private key encryption
Data is encrypted using a single key.
Software that can only detect and log suspicious activity.