____ enables the attacker's computer to forward any network traffic it receives from Computer A to the actual router.
A group of piconets in which connections exist between different piconets is called a ____.
A(n) _____ attack intercepts legitimate communication and forges a fictitious response to the sender.
A __________ attack occurs when the attacker intercepts legitimate communication and forges a fictitious response to the sender.
A(n) ____ is an account that is secretly set up without the administrator's knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.
__________ is the unauthorized access of information from a wireless device through a Bluetooth connection and allows the attacker to access e-mails, calendars, contact lists, and cell phone pictures and videos by simply connecting to that Bluetooth device without the owner's knowledge or permission.
One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.
A __________ attack occurs when the attacker intercepts legitimate communications and saves the data to be used at a later time.
rogue access point
A __________ is a wireless attack that bypasses all of the network security and opens the network and all users to direct attacks.
Often _____ accounts are created to allow support personnel to remotely connect to a device for troubleshooting without the "inconvenience" of asking the local network administrator to set up a temporary account.
____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.
At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
A __________ attack occurs when an attacker is pretending to be someone or something else by presenting false information.
Address Resolution Protocol (ARP)
__________ is used by TCP/IP on an Ethernet network to find the MAC address of another device.
With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.
In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.
Using a combination of upper- and lower-case letters, numbers, and symbols
All of the following are characteristics of weak passwords except __________ .
denial of service
A __________ attack occurs when an attacker attempts to consuem network resources so that the network or its devices cannot respond to legitimate requests.
____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.
In a "____ attack," a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.
"_____" is a type of fraud that involves the unlawful use of checking accounts to gain additional time before the fraud is detected.
The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.
An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
removes private addresses when the packet leaves the network
Network address translation (NAT) __________ .
convergence resource attacks (CRA)
Each of the following is a convergence security vulnerability except __________.
It contains server that are only used by internal network users
Which of the following is not true regarding a demilitarized zone (DMZ)?
__________ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.
__________ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.
A(n) __________ intercepts internal user requests and then processes that request on behalf of the user.
Using __________, networks can essentially be divided into three parts: network, subnet, and host.
integrated network security hardware device
A multipurpose security appliance integrated into a router is known as a(n) __________.
__________ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization's honeypot.
The goal of __________ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.
__________ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.
Network or local
Each of the following is a variation available in network access control (NAC) implementations except __________.
A __________ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
Filter packets before they reach the network
A honeypot is used for each of the following except __________.
__________ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.
Intenet content filters
__________ monitor Internet traffic and block access to preselected Web sites and files.
__________ examines the current state of a system or network device before it is allowed to connect to the network.
The goal of a __________ is to hide the IP address of client systems inside the secure network.
A __________ is an instruction that interrupts the program being executed and requests a service from the operating system.
A software-based __________ attempt to monitor and possibly prevent attempts to attack a local system.
__________ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.
__________ honeypots are complex to deploy and capture extensive information. These are used primarily by research, military, and government organizations.
A variation of NAT is __________. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.
__________ allows a device to become authenticated to an AP before moving into range of the AP.
integrity check value (ICV)
The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the __________ and appends it to the end of the text.
This IEEE __________ standard specifies a maximum rated speed of 54 Mbps using the 5GHz spectrum.
initialization vector (IV)
The WEP __________ is a 24-bit value that changes each time a packet is encrypted.
open system authentication requires an authentication server
Each of the following is a weakness of open system authentication except __________.
__________ supports wireless devices that are up to 115 meters (375 feet) apart using the 2.4 gigahertz (GHz) radio frequency spectrum.
Open system authentication
There are two types of authentication supported by the 802.11 standard. __________ is the default method.
__________ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.
WEP accomplishes confidentiality by taking unencrypted text and then encrypting or "scrambling" it into __________ so that it cannot be viewed by unauthorized parties while being transmitted.
In the early 1980s, the IEEE began work on developing computer network architectural standards. This work was called __________, and it quickly expanded into several different categories of network technology.
With __________ scanning, a wireless device simply listens for a beacon frame for a set period of time.
For computer networking and wireless communications, the most widely known and influential organization is the __________.
Because of the weakness of WEP it is possible for an attacker to identify two packets derived from the same IV (called a(n) __________).
In order to address the growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced __________.
Group Key Renewal
Access points have a setting called "__________," which is what the PSK uses as a seed value to generate new keys.
__________ was designed to ensure that only authorized parties can view transmitted wireless information.
Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called __________).
__________ is intended for personal and small office home office users who do not have advanced server capabililties.
IEEE 802.11i includes __________, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.
To provide __________, the APs are positioned so that the cells overlap to facilitate movement between cells.
A(n) __________ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.
Message Integrity Check (MIC)
__________ was designed to prevent an attacker from capturing, altering, and resending data packets.
IEEE 802.11i authentication and key management is accomplished by the IEEE __________ standard.