Review Questions s2
Total Page:16
File Type:pdf, Size:1020Kb
Chapter 4
Review Questions 1. Authentication is based on each of the following except a. What you have b. What you purchase c. What you know d. What you are 2. Each of the following is a characteristic of a weak password except a. Using a common word b. Changing the password every 30 days c. Short passwords d. Using the same password for all accounts 3. _____ is a service that allows devices on a network to discover other devices and determine how to work with them. a. Plug and Play (PnP) b. Transmission Control Protocol (TCP) c. Internetworking Protocol Exchange Messaging (IPEM) d. Universal Plug and Play (UPnP) 4. A(n) _____ must attach itself to a computer document, such as an e-mail message, and is spread by traveling along with the document. a. virus b. worm c. adware d. trojan 5. Each of the following may indicate a virus has infected a wireless laptop except a. A program suddenly disappears from the computer b. New programs do not install properly c. The Service Set Identifier (SSID) changes from uppercase to lowercase d. Out-of-memory error messages appear 6. A security weakness can be in the security procedures, controls, or even the physical layout of the network. True or False? 7. The problem with passwords is that lengthy and complex passwords should be used yet they are difficult to memorize. True or False? 8. The Simple Network Management Protocol (SNMP) is a popular protocol used to manage only wireless networked equipment. True or False? 9. The default SNMP community strings for read-only and read-write are public and private, respectively. True or False? 10. Identity theft occurs when an individual uses the personal information of someone else, such as a Social Security number, credit card number, or other identifying information, to impersonate that individual with the intent to commit fraud or other crimes. True or False? 11. A(n) _____ may be defined as a weakness or flaw in an information system that could be exploited to cause harm. security vulnerability 12. A(n) _____ is a computer program that lies dormant until it is triggered by a specific logical event. logic bomb 13. _____ is a general term used to describe software that violates a user’s personal security. spyware
14. Unsolicited e-mail is known as _____. spam 15. A wireless access point that is secretly installed in an office without the employer’s permission is known as a(n) _____. rogue access point 16. Explain how a disassociation frame DoS attack functions.
An attacker can pretend to be an access point and send a forged disassociation frame to a wireless device. This will cause the device to disassociate from the access point. Sending repeated disassociation frames an attacker can continuously prevent any device from communicating with the AP.
17. Explain the weaknesses of SNMP community strings.
The use of community strings in the first two versions of SNMP, SNMPv1 and SNMPv2, created several vulnerabilities. First, the default SNMP community strings for read-only and read-write were public and private, respectively. Administrators who did not change these default strings were leaving open the possibility of an attacker taking control of a network device. Second, many administrators who reset the community strings used weak strings (passwords) for security. Finally, community strings are transmitted in cleartext, meaning that an attacker with a packet sniffer can view the contents of the strings as they are being transmitted.
18. What are the vulnerabilities of UPnP?
UPnP is a service that allows devices on a network to discover other devices and determine how to work with them. There are vulnerabilities associated with UPnP based on the way the UPnP performs device discovery (determining what network devices are available). These vulnerabilities can enable an attacker to either gain complete control over an affected device or an attacker to either prevent an affected system from its intended useful service.
19. Explain how a Physical layer DoS attack can be performed. Physical layer attacks are those that correspond to the Physical layer of the Open System Interconnection (OSI) network model. Physical layer attacks flood the RF spectrum with enough radiomagnetic interference to prevent a device from effectively communicating with the AP. If a WLAN was set up using Channel 1 in an IEEE 802.11b network, an attacker would flood the 2.412 GHz frequency with enough “noise” that would prevent a device from sending or receiving packets.
20. Explain how CSMA/CA is used with IEEE 802.11 WLANs. Because the wireless medium is shared among all devices, there must be rules for cooperation among the wireless devices. The 802.11 standard uses a procedure known as Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA). CSMA/CA attempts to prevent multiple wireless devices from transmitting at the same time. It does this by requiring that all devices wait a random amount of time after a transmission is completed and the medium is clear. With wireless CSMA/CA the amount of time that a device must wait after the medium is clear is called the slot time. Each device must wait a random amount of slot times. For example, the slot time for an 802.11b WLAN is 20 microseconds. If a wireless device’s backoff interval is 3 slot times, then it must wait 60 microseconds (20 microseconds X 3 slot times) before attempting to transmit. Because CMSA/CA has all stations wait a random amount of time after the medium is clear, the number of collisions is significantly reduced.