4-6: Network Infrastructure

102 terms by peterb323 

Create a new folder

Advertisement Upgrade to remove ads

IP forwarding

____ enables the attacker's computer to forward any network traffic it receives from Computer A to the actual router.

scatternet

A group of piconets in which connections exist between different piconets is called a ____.

man-in-the-middle

A(n) _____ attack intercepts legitimate communication and forges a fictitious response to the sender.

man-in-the-middle

A __________ attack occurs when the attacker intercepts legitimate communication and forges a fictitious response to the sender.

back door

A(n) ____ is an account that is secretly set up without the administrator's knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.

Bluesnarfing

__________ is the unauthorized access of information from a wireless device through a Bluetooth connection and allows the attacker to access e-mails, calendars, contact lists, and cell phone pictures and videos by simply connecting to that Bluetooth device without the owner's knowledge or permission.

DNS poisoning

One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.

replay

A __________ attack occurs when the attacker intercepts legitimate communications and saves the data to be used at a later time.

rogue access point

A __________ is a wireless attack that bypasses all of the network security and opens the network and all users to direct attacks.

backdoor

Often _____ accounts are created to allow support personnel to remotely connect to a device for troubleshooting without the "inconvenience" of asking the local network administrator to set up a temporary account.

Port mirroring

____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.

beaconing

At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.

Bluesnarfing

____ is the unauthorized access of information from a wireless device through a Bluetooth connection.

spoofing

A __________ attack occurs when an attacker is pretending to be someone or something else by presenting false information.

Address Resolution Protocol (ARP)

__________ is used by TCP/IP on an Ethernet network to find the MAC address of another device.

slot time

With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.

TCP/IP

The most common protocol suite used today for networks as well as the Internet is ____.

war driving

Wireless location mapping is the formal expression for ____.

ARP

In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.

replay

A(n) ____ attack makes a copy of the transmission before sending it to the recipient.

Using a combination of upper- and lower-case letters, numbers, and symbols

All of the following are characteristics of weak passwords except __________ .

denial of service

A __________ attack occurs when an attacker attempts to consuem network resources so that the network or its devices cannot respond to legitimate requests.

BIND

DNS poisoning can be prevented by using the latest editions of the DNS software, ____.

CSMA/CD

____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.

smurf

In a "____ attack," a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.

SNMP

____ is a popular protocol used to manage network equipment.

Check kiting

"_____" is a type of fraud that involves the unlawful use of checking accounts to gain additional time before the fraud is detected.

Bluetooth

____ is the name given to a wireless technology that uses short-range RF transmissions.

dipole

The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.

scanning

Each wireless device looks for beacon frames in a process known as ____.

ARP poisoning

An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.

DNS

When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.

is also called subnet addressing

Subnetting __________ .

NIPS

__________ work to protect the entire network and all devices that are connected to it.

IDS

A(n) __________ attempts to identify inappropriate activity.

logically

A virtual LAN (VLAN) allows devices to be grouped __________.

removes private addresses when the packet leaves the network

Network address translation (NAT) __________ .

convergence resource attacks (CRA)

Each of the following is a convergence security vulnerability except __________.

IPS

A(n) __________ finds malicious traffic and deals with it immediately.

Workgroup

__________ switches are connected directly to the devices on the network.

It contains server that are only used by internal network users

Which of the following is not true regarding a demilitarized zone (DMZ)?

Private

__________ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.

Subnets

__________ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.

over a single IP network

Convergence combines voice, data, and video traffic __________.

proxy server

A(n) __________ intercepts internal user requests and then processes that request on behalf of the user.

subnetting

Using __________, networks can essentially be divided into three parts: network, subnet, and host.

NIDS

A __________ watches for attempts to penetrate a network.

integrated network security hardware device

A multipurpose security appliance integrated into a router is known as a(n) __________.

Production

__________ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization's honeypot.

rule base

The __________ establishes the action that a firewall takes on a packet.

NAC

The goal of __________ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.

firewall

Another name for a packet filter is a(n) __________.

Proxy servers

__________ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.

Network or local

Each of the following is a variation available in network access control (NAC) implementations except __________.

honeypot

A __________ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.

Filter packets before they reach the network

A honeypot is used for each of the following except __________.

Stateful

__________ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.

Intenet content filters

__________ monitor Internet traffic and block access to preselected Web sites and files.

NAC

__________ examines the current state of a system or network device before it is allowed to connect to the network.

delay

Each of the following is an option in a firewall rule base except __________.

proxy server

The goal of a __________ is to hide the IP address of client systems inside the secure network.

system call

A __________ is an instruction that interrupts the program being executed and requests a service from the operating system.

HIDS

A software-based __________ attempt to monitor and possibly prevent attempts to attack a local system.

routes incoming requests to the correct server

A reverse proxy __________.

NIPS

__________ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.

Research

__________ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.

PAT

A variation of NAT is __________. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.

Pre-authentication

__________ allows a device to become authenticated to an AP before moving into range of the AP.

integrity check value (ICV)

The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the __________ and appends it to the end of the text.

802.11a

This IEEE __________ standard specifies a maximum rated speed of 54 Mbps using the 5GHz spectrum.

initialization vector (IV)

The WEP __________ is a 24-bit value that changes each time a packet is encrypted.

open system authentication requires an authentication server

Each of the following is a weakness of open system authentication except __________.

802.11b standard

__________ supports wireless devices that are up to 115 meters (375 feet) apart using the 2.4 gigahertz (GHz) radio frequency spectrum.

Open system authentication

There are two types of authentication supported by the 802.11 standard. __________ is the default method.

Shared key

__________ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.

AES-CCMP

Encryption under the WPA2 personal security model is accomplished by __________.

ciphertext

WEP accomplishes confidentiality by taking unencrypted text and then encrypting or "scrambling" it into __________ so that it cannot be viewed by unauthorized parties while being transmitted.

Project 802

In the early 1980s, the IEEE began work on developing computer network architectural standards. This work was called __________, and it quickly expanded into several different categories of network technology.

MIC

WPA also replaces the cyclic redundancy check (CRC) function in WEP with the __________.

passive

With __________ scanning, a wireless device simply listens for a beacon frame for a set period of time.

PSK authentication

__________ uses a passphrase to generate the encryption key.

WPA2

__________ is the second generation of WPA security.

IEEE

For computer networking and wireless communications, the most widely known and influential organization is the __________.

access point (AP)

The __________ acts as the central "base station" for the wireless network.

wireless device

A wireless network requires that the __________ be authenticated first.

collision

Because of the weakness of WEP it is possible for an attacker to identify two packets derived from the same IV (called a(n) __________).

WPA

In order to address the growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced __________.

Group Key Renewal

Access points have a setting called "__________," which is what the PSK uses as a seed value to generate new keys.

WEP

__________ was designed to ensure that only authorized parties can view transmitted wireless information.

a handoff

Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called __________).

PSK

__________ is intended for personal and small office home office users who do not have advanced server capabililties.

Passive scanning

__________ is the most common type of scanning.

RC4

The PRNG in WEP is based on the __________ cipher algorithm.

key-caching

IEEE 802.11i includes __________, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.

Wi-Fi Alliance

In 2002, the WECA organization changed its name to __________.

MAC addressing filtering

Access to the wireless network can be restricted by __________.

roaming

To provide __________, the APs are positioned so that the cells overlap to facilitate movement between cells.

TKIP

WPA replaces WEP with an encryption technology called __________.

association request

A(n) __________ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.

Message Integrity Check (MIC)

__________ was designed to prevent an attacker from capturing, altering, and resending data packets.

802.1x

IEEE 802.11i authentication and key management is accomplished by the IEEE __________ standard.

beaconing

At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as __________ .

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set