Deck 12: Internet and World Wide Web Security

The objective of a phishing attack is to entice e-mail recipients to click a bogus link where personal information can be stolen.

The term Internet and World Wide Web are different terms that mean the same thing.

Windows Basic Authentication requires that users enter a username and password and the password is transmitted using a hashing algorithm.

Computers on the Internet are identified primarily by their IP address.

SQL injection attacks are isolated to custom applications,so administrators can prevent them.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a variation of phishing directed at specific users instead of using spam e-mail.

___________ direct network traffic to its destination on the Internet using tables and protocols.

A critical buffer component is the function _________ and buffer overflows are usually aimed at this component.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a network architecture that divides DNS services between two servers

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a network architecture that uses a single DNS domain with a DNS server on the organization's DMZ for Internet services and a DNS server on the internal network for service to internal hosts

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
ISP facilities that provide connectivity to the Internet for business,education,and home users

The _______________ Web Server is the most widely used Web server application.

A _______________ applet is a small program sometimes used as embedded code in Web pages.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a variation of phishing that intercepts traffic to a legitimate Web site and redirects it to a phony replica site

The Internet tier system starts with a backbone network connected via _____________________ to regional Internet service providers.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
highly secure public facilities where commercial Internet backbones and ISPs exchange routing and traffic data

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a computing system that is compliant with DNSSEC and that attempts to resolve a fully qualified domain name to an IP address

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a protocol designed to improve DNS security by using cryptography to ensure DNS integrity and authentication

____________ are networks of zombie computers that magnify the scope and intensity of an attack.

_______________________ is a name-resolution service that translates domain names to IP addresses.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
a network addressing scheme that allows DNS services to be decentralized among a group of servers,regardless of their location

The lack of authentication for computers on the Internet make IP _____________ possible,which is a change in the IP addresses in the headers of malicious packets.

DNS _____________ poisoning steers unsuspecting victims to a server of the attacker's choice instead of the intended Web site.

The goal of _____________ is to provide authentication of DNS data and ensure integrity of DNS data.

MATCHING
a.anycast addressing
b.DNSSEC
c.network access points
d.pharming
e.POP ISPs
f.security-aware resolver
g.spear phishing
h.slit DNS architecture
i.split brain DNS architecture
j.zone transfer
the communication of a zone file from the primary DNS server to secondary DNS servers for updating

What is the origin and structure of the Internet? Include some of the services it provides and the protocols they use.

What is a buffer overflow attack?

What are the four guidelines for employees to follow to prevent phishing attacks?

How can you provide data confidentiality for your IIS Web server?

How can you harden a DNS server using the split DNS architecture?

List three of the steps you should take to close potential holes against SQL injection attacks.

What routing protocol is usually used on the Internet? Why is the information used by the protocol vulnerable to compromise?

What are the characteristics of a corporate phishing e-mail? List three of them.

What is the Internet backbone? Describe how routers work with the Internet backbone.

What is the DNS hierarchical system? Include a discussion of root servers in your answer.