CSS 211 - Introduction to Network Security

Review for Second Test

The following questions are provided to help you study for the second test. Do not expect to see these exact questions on the test.


  1. What is the difference between cleartext, plaintext, and ciphertext?

  2. Why does hashing only provide one of the text's five kinds of security? Which one?

  3. What should be true about the size of a secure hash output?

  4. If a hash algorithm produces collisions, what principle of secure hashing does it violate?

  5. What is another word for the output of a hash algorithm?

  6. Which of the Message Digest x algorithms is currently recommended as secure?

  7. Which SHA algorithms are considered to be secure and which are not secure?

  8. How are hash algorithms used with regard to passwords on a Windows based network?

  9. What is the relationship between the terms private key system, public key system, symmetric key system, and asymmetric key system?

  10. What is the difference between a stream cipher and a block cypher?

  11. In a public key system, how must a message encrypted with my public key be decrypted?

  12. What common browser based encryption is based on a public key system?

  13. What is the difference between the four sub-types of SHA algorithms?

  14. Assume a public key system is in use. If I send a file to you that has been encrypted with my private key, how must you decrypt it? Why does this transaction not provide security for the file I send to you? What does it provide instead?

  15. What is the most troublesome part of setting up a symmetric cryptographic system?

  16. Why would Diffie-Hellman Ephemeral be preferred over standard Diffie-Hellman if you are a provider of keys and certificates?

  17. What is the name of the open source product that does what Pretty Good Privacy does?

  18. In the PGP scenario in my notes, how does a public key system support the private key system the users want to begin using?

  19. Name two Microsoft products that can be used to encrypt entire hard drives.

  20. What is the purpose of a Certificate Authority, with regard to public keys?

  21. Name four elements that should be included in a digital certificate.

  22. What should we expect to find in a certificate repository? What about in a certificate revocation list?

  23. What are class 1 digital certificates for? What about class 2 and class 3 certificates?

  24. What is a web of trust? Why is it unlikely that this trust model will work?

  25. What might be a circumstance that would cause you to ask your Certificate Authority to revoke your certificate and keys?

  26. Why is it a good security policy to have an expiration date for digital certificates?

  27. When you conduct a transaction to purchase something over SSL, which data streams are encrypted, yours or the vendor's?

  28. SSH is meant to be a secure substitute for an older protocol. Which one?

  29. Which OSI model layer should contain hubs and cables?

  30. Why do switches belong on Layer 2 of the OSI model?

  31. What is port mirroring? What kind of network is it not recommended for?

  32. Which OSI layer do routers belong on?

  33. What protocols would a load balancer deal with if it worked on layers 3 and 4? What if it worked on layer 7?

  34. How can a proxy server provide some security to your network?

  35. Why would a network firewall be placed at a network traffic choke point?

  36. What are the four actions listed in the text that a network firewall might take for a given packet?

  37. How does a stateful firewall offer more security than an stateless firewall?

  38. What port is generally used for SMTP traffic? What is the purpose of that protocol?

  39. What ports are typically used for POP3 and IMAP traffic? What is the difference between their purposes?

  40. What method is commonly used by people who need to connect to their work network when working from home?

  41. What is an Internet content filter? What other device discussed in the text is it commonly used with?

  42. What is the difference between intrusion detection, reaction, and prevention?

  43. What is the difference between an IDPS that is network based and one that is host based?

  44. What kind or resources would you normally expect to see in a DMZ? What kind should not be in it?

  45. How are the purposes of a subnet and a VLAN opposite ideas?

  46. What was the original purpose of the ICMP protocol? What is it often used for by legitimate users?

  47. What was the security problem that caused network admins to stop using SNMP versions 1 and 2?

  48. How might a DNS transfer help an attacker make plans?

  49. Name three kinds of logs that an administrator should review regularly for network devices.

  50. What general advice does the text make about unused ports on switches? What about on switches that support VLANs?