Deck 12: Network Security

One of the most common ways to control access to a system is to require user IDs and passwords.

Because of security concerns, modern network operating systems do not allow network administrators to create workgroups.

The two leading attack methods for the last few years have exploited known vulnerabilities in operating systems and in application software.

Both SSL and IPsec may eventually give way to S-HTTP, the newer security standard created by the Internet Engineering Task Force.

Rarely, passwords become known, or "misplaced," and fall into the wrong hands.

Top-level executives often have access to a narrow range of information within a company.

Early cryptography algorithms used the same key for both encryption and decryption.

Some computer systems generate random passwords that are very difficult to guess, but are also hard to remember.

Pings are used most commonly by Unix-based systems.

A popular attack method is to abuse or take advantage of valid user accounts and the permissions associated with those accounts.

The physical protection of a computer system or a computer network consists of protecting the equipment from physical damage.

Many employees feel surveillance is an intrusion into their privacy.

A worm is a form of computer virus.

Controlling access to a computer network involves deciding and then limiting who can use the system and when the system can be used.

One of the inherent problems with protecting a single key is that it means that only one key is used to both encode and decode the message.

Internet systems are the only systems that experience security problems.

One popular application of IPsec is in the support of virtual private networks.

Expensive computer systems should always be placed in the basements of buildings.

All system attacks need a user to open an e-mail or Web page.

A proxy server sits inside a company's corporate network.

The DES algorithm works with 128-bit blocks of data.

All certificates are issued by a certificate authority.

The National Institute of Standards and Technology selected the algorithm Lucifer in October 2000 as the basis for AES.

To authenticate electronic documents as yours, you need to create a digital signature.

If you exclusive-OR a 0 and a 0, as is done with certain spread spectrum techniques, the result is 1.

WAP has been replaced by a new standard, Wired Equivalency Protocol (WEP).

A firewall cannot limit users on the Internet from accessing certain portions of a corporate network.

One of the primary functions of Kerberos is to authenticate users.

A packet filter firewall is a computer running proxy server software, whose function is much like that of a librarian who controls access to books in a library's rare books room.

In ____________________, a perpetrator sends an excessive amount of unwanted e-mail messages to someone.

____________________ define the network resources that a user or set of users can access.

A computer ____________________ is a program that copies itself from one system to another over a network, without the assistance of a human being.

____________________ techniques that observe and record some aspect of the user, such as voiceprints, fingerprints, eyeprints, and faceprints, appear to be the wave of the future to replace passwords.

In computer terminology, a(n) ____________________ is a trap that is set by network personnel in order to detect unauthorized use of a network resource.

_________________________ bombard a computer site with so many messages that the site is incapable of performing its normal duties.

A mobile malicious code is also known as ____________________ because it is hiding inside a harmless-looking piece of code.

A(n) ____________________ is a condition in which the Internet ping program is used to send a flood of packets to a server to make the server inoperable.

When hackers will even go so far as to create an application that appears to be legitimate and prompts users for an ID and password, the type of attack is termed ____________________.

A computer ____________________ is a small program that alters the way a computer operates without the knowledge of the computer's users and often does various types of damage.