102 terms

4-6: Network Infrastructure

IP forwarding
____ enables the attacker's computer to forward any network traffic it receives from Computer A to the actual router.
A group of piconets in which connections exist between different piconets is called a ____.
A(n) _____ attack intercepts legitimate communication and forges a fictitious response to the sender.
A __________ attack occurs when the attacker intercepts legitimate communication and forges a fictitious response to the sender.
back door
A(n) ____ is an account that is secretly set up without the administrator's knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.
__________ is the unauthorized access of information from a wireless device through a Bluetooth connection and allows the attacker to access e-mails, calendars, contact lists, and cell phone pictures and videos by simply connecting to that Bluetooth device without the owner's knowledge or permission.
DNS poisoning
One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.
A __________ attack occurs when the attacker intercepts legitimate communications and saves the data to be used at a later time.
rogue access point
A __________ is a wireless attack that bypasses all of the network security and opens the network and all users to direct attacks.
Often _____ accounts are created to allow support personnel to remotely connect to a device for troubleshooting without the "inconvenience" of asking the local network administrator to set up a temporary account.
Port mirroring
____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
A __________ attack occurs when an attacker is pretending to be someone or something else by presenting false information.
Address Resolution Protocol (ARP)
__________ is used by TCP/IP on an Ethernet network to find the MAC address of another device.
slot time
With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.
The most common protocol suite used today for networks as well as the Internet is ____.
war driving
Wireless location mapping is the formal expression for ____.
In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.
A(n) ____ attack makes a copy of the transmission before sending it to the recipient.
Using a combination of upper- and lower-case letters, numbers, and symbols
All of the following are characteristics of weak passwords except __________ .
denial of service
A __________ attack occurs when an attacker attempts to consuem network resources so that the network or its devices cannot respond to legitimate requests.
DNS poisoning can be prevented by using the latest editions of the DNS software, ____.
____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.
In a "____ attack," a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.
____ is a popular protocol used to manage network equipment.
Check kiting
"_____" is a type of fraud that involves the unlawful use of checking accounts to gain additional time before the fraud is detected.
____ is the name given to a wireless technology that uses short-range RF transmissions.
The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.
Each wireless device looks for beacon frames in a process known as ____.
ARP poisoning
An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
is also called subnet addressing
Subnetting __________ .
__________ work to protect the entire network and all devices that are connected to it.
A(n) __________ attempts to identify inappropriate activity.
A virtual LAN (VLAN) allows devices to be grouped __________.
removes private addresses when the packet leaves the network
Network address translation (NAT) __________ .
convergence resource attacks (CRA)
Each of the following is a convergence security vulnerability except __________.
A(n) __________ finds malicious traffic and deals with it immediately.
__________ switches are connected directly to the devices on the network.
It contains server that are only used by internal network users
Which of the following is not true regarding a demilitarized zone (DMZ)?
__________ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.
__________ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.
over a single IP network
Convergence combines voice, data, and video traffic __________.
proxy server
A(n) __________ intercepts internal user requests and then processes that request on behalf of the user.
Using __________, networks can essentially be divided into three parts: network, subnet, and host.
A __________ watches for attempts to penetrate a network.
integrated network security hardware device
A multipurpose security appliance integrated into a router is known as a(n) __________.
__________ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization's honeypot.
rule base
The __________ establishes the action that a firewall takes on a packet.
The goal of __________ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.
Another name for a packet filter is a(n) __________.
Proxy servers
__________ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.
Network or local
Each of the following is a variation available in network access control (NAC) implementations except __________.
A __________ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
Filter packets before they reach the network
A honeypot is used for each of the following except __________.
__________ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.
Intenet content filters
__________ monitor Internet traffic and block access to preselected Web sites and files.
__________ examines the current state of a system or network device before it is allowed to connect to the network.
Each of the following is an option in a firewall rule base except __________.
proxy server
The goal of a __________ is to hide the IP address of client systems inside the secure network.
system call
A __________ is an instruction that interrupts the program being executed and requests a service from the operating system.
A software-based __________ attempt to monitor and possibly prevent attempts to attack a local system.
routes incoming requests to the correct server
A reverse proxy __________.
__________ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.
__________ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.
A variation of NAT is __________. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.
__________ allows a device to become authenticated to an AP before moving into range of the AP.
integrity check value (ICV)
The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the __________ and appends it to the end of the text.
This IEEE __________ standard specifies a maximum rated speed of 54 Mbps using the 5GHz spectrum.
initialization vector (IV)
The WEP __________ is a 24-bit value that changes each time a packet is encrypted.
open system authentication requires an authentication server
Each of the following is a weakness of open system authentication except __________.
802.11b standard
__________ supports wireless devices that are up to 115 meters (375 feet) apart using the 2.4 gigahertz (GHz) radio frequency spectrum.
Open system authentication
There are two types of authentication supported by the 802.11 standard. __________ is the default method.
Shared key
__________ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.
Encryption under the WPA2 personal security model is accomplished by __________.
WEP accomplishes confidentiality by taking unencrypted text and then encrypting or "scrambling" it into __________ so that it cannot be viewed by unauthorized parties while being transmitted.
Project 802
In the early 1980s, the IEEE began work on developing computer network architectural standards. This work was called __________, and it quickly expanded into several different categories of network technology.
WPA also replaces the cyclic redundancy check (CRC) function in WEP with the __________.
With __________ scanning, a wireless device simply listens for a beacon frame for a set period of time.
PSK authentication
__________ uses a passphrase to generate the encryption key.
__________ is the second generation of WPA security.
For computer networking and wireless communications, the most widely known and influential organization is the __________.
access point (AP)
The __________ acts as the central "base station" for the wireless network.
wireless device
A wireless network requires that the __________ be authenticated first.
Because of the weakness of WEP it is possible for an attacker to identify two packets derived from the same IV (called a(n) __________).
In order to address the growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced __________.
Group Key Renewal
Access points have a setting called "__________," which is what the PSK uses as a seed value to generate new keys.
__________ was designed to ensure that only authorized parties can view transmitted wireless information.
a handoff
Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called __________).
__________ is intended for personal and small office home office users who do not have advanced server capabililties.
Passive scanning
__________ is the most common type of scanning.
The PRNG in WEP is based on the __________ cipher algorithm.
IEEE 802.11i includes __________, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.
Wi-Fi Alliance
In 2002, the WECA organization changed its name to __________.
MAC addressing filtering
Access to the wireless network can be restricted by __________.
To provide __________, the APs are positioned so that the cells overlap to facilitate movement between cells.
WPA replaces WEP with an encryption technology called __________.
association request
A(n) __________ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.
Message Integrity Check (MIC)
__________ was designed to prevent an attacker from capturing, altering, and resending data packets.
IEEE 802.11i authentication and key management is accomplished by the IEEE __________ standard.
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as __________ .