There are 10 multiple choice questions regarding basic network security. I had answered what I thought would be the correct answers. If I am incorrect, please offer the correct answer along with your comments as to why your answers are correct.
1. Why are computer networks so difficult to secure?
a. User Anonymity
b. Networks are complex, dynamic, and difficult to understand and verify
c. There are many points of attack, making it difficult to completely secur
d. All of the above
My answer is all of the above
2. Which of the following are shortcomings of most intrusion detection systems?
a. Their effectiveness is based upon where you put them in your network.
b. Too may false alarms can cause an operator to disbelieve bona fide attacks.
c. They need to be continually updated to recognize the latest attacks.
d. They are limited in their ability to detect intrusive activity within encrypted data packets/sessions.
e. All of the above
My anser is C.
3. An intrusion detection sensor and "sniffer" have this in common.
a. They evesdrop on all network data looking for patterns of interest
b. It is difficult to detect that either is running somewhere on the network
c. They collect and store network information
d. All of the above
e. None of the above
My Answer is A but I am not sure
4. I used my firewall rule table to filter out (deny) IP addresses of "bad guys". Am I safe?
a. Yes, because I can accurately determine the packet sender from the IP address
b. No, because the attacker can put a fictitious source IP his/her packet.
c. Not necessarily, because the attacker may use micro-fragmentation to prevent the firewall from assembling the entire packet and reading the important TCP/UDP port information.
d. All but (A)
5. My answer is C
When placing VPN hardware on your corporate network to harness the Internet, you should consider placing it:
a. Just inside of your wireless access point
b. It depends on the operational needs and security model of your company.
c. Just outside of your corporate firewall
d. So that your network intrusion detection system can only see encrypted packets transmitted by the VPN hardware.
I am not sure what a VPN is actually...
6. My company is located in three geographical locations and is connected via the Internet. I purchase one Class C network and then assign contiguous blocks of IP addresses (subnets) to each location. The Internet has the capability to route between my locations. Twenty years ago, this would not have been possible. This is possible mostly due to the introduction of:
b. Classless Internet Domain Routing (CIDR)
My answer would be d however I am confusing it with TCP.
7. The process of adding headers and trailers to an application data packet prior to transport over a network is called:
My answer would be a.
8.To securely encrypt data between company branch offices, using the public Internet as the communication network, I would use:
a. QoS Encryption
b. Link Encryption
c. A VPN
d. A firewall
My guess would be d.
9.I entered 'www.cybercrime.com' in my web browser and the web site comes up on my computer. How did the computer find this web server's IP address?
a. Domain Name Services (DNS)
b. Address Resolution Protocol (ARP)
c. Border Gateway Protocol (BGP)
d. Dynamic Host Configuration Protocol (DHCP)
My answer would be a.
10.Computers really communicate using their hardware (MAC) addresses. What service performs the translation between a computer's MAC and IP addresses?
a. Domain Name Services (DNS)
b. Border Gateway Protocol (BGP)
c. Dynamic Host Configuration Protocol (DHCP)
d. Address Resolution Protocol (ARP)
My answer would be b but I am confusing this with a.© BrainMass Inc. brainmass.com October 24, 2018, 8:28 pm ad1c9bdddf
Question about Network security
You are an independent consultant who specializes in Information Technology security issues. You have been retained by the Designer Distributions Company, a mid-sized and growing consumer goods distribution company, for an assignment to assess the state of their computing environment security situation. The company's newly hired VP of IT is conducting this project because she does not have a security specialist on her staff and has learned that the company does not have a comprehensive security strategy. In fact, she suspects lack of even basic security knowledge in both the IT staff and the user community.
The company has a headquarters office building, which includes the principal data center, and a separate warehouse linked to the office by an private data network. The warehouse has a small computing facility of its own for order shipment data entry and tracking. This computer is linked to the headquarters order entry systems through the network. Additionally, there are Internet-based data links to several key suppliers used to share reorder, production and shipping schedules and status information. When potential new suppliers compete for contracts with Designer Distributions, their proposals are received and negotiated via Email.
You have been interviewing executives and staff at the company and at key suppliers and are beginning to evaluate what you have learned in preparation for preparing your report to the VP of IT.
Details: One of the recommendations you are making to Designer Distributions corporation is to create a full-time position of security administrator. Until now, the job has been done on a part-time basis in the systems administration department, which was a viable approach when the company did not have inter-facility and Internet networking connections. Now you believe that security planning, implementation, and administration tasks required to support the growing network justify a stand-alone position. In support of this recommendation, you are preparing a presentation describing these tasks, their purpose, and their criticality.
Write a 8-10 slide presentation outlining the security concerns and resulting administrative functions required for a network that contains the following elements
Access to business applications such as Designer Distributions' order processing/shipment scheduling system from a remote company location (e.g. the warehouse)
A corporate email system used internally by employees and externally to the Internet for correspondence and supplier bid proposals
A company website on the Internet as well as employee access to the Internet
File transfer capabilities allowing sales staff access to and transmission of data files containing supplier and customer specific information (using remote dial-up phone connections)
A wireless network within the headquarters building that allows employees to move their laptop computers from desks to conference rooms while maintaining connectivity to the computer applications and email system
Your presentation should describe the implementation and ongoing maintenance of security system features that protect these networking elements from the risks that you identify.View Full Posting Details