CSS 211 - Introduction to Network Security

Review for Third Test

The following questions are provided to help you study for the third test. Do not expect to see these exact questions on the test.


  1. Arrange these wireless technologies by their effective ranges: 802.11 variations, Bluetooth, near field communication.

  2. What is the difference between a scatternet and a piconet?

  3. If someone is performing Bluejacking are they pushing data to a device or pulling data from it?

  4. If someone is performing Bluesnarfing are they pushing data to a device or pulling data from it?

  5. Where are we most likely to see a commercial application of near field communications?

  6. How does the text propose a denial of service attack might be staged against NFC technology?

  7. What is the text's proposed defense against an NFC man-in-the-middle attack?

  8. What is the major shortcoming of the 802.11a standard?

  9. What is the major shortcoming of the 802.11b standard?

  10. Which 802 standard combined the better parts of the a and b standards?

  11. Which three 802 standards mentioned in the text can or do use the 5 GHz band?

  12. What are the three components listed in the text that are commonly found in a Wireless Access Point?

  13. What feature of wireless networks makes them harder to defend?

  14. With regard to a wireless network, what is an evil twin?

  15. What are some devices that might cause interference on the 2.4 GHz band?

  16. What are disassociation frames? How might an attacker use them to disrupt service?

  17. What are two shortcomings that lead us not to use WEP encryption?

  18. Why is MAC address filtering unlikely to be an effective method of keeping attackers out of a wireless access point?

  19. Why is the decision not to beacon a WAP's SSID unlikely to be effective at hiding the WAP?

  20. Which versions of WPA use AES-CCMP encryption? Which versions use a separate authentication server?

  21. What are access controls?

  22. When logging in to a network, what does a user generally furnish for identification? What does a user generally furnish for authentication?

  23. Which of the four access control methodologies is the most restrictive? Why?
    Which is the least restrictive? What can be done in that one that cannot be done in the other?

  24. What is the principle of implicit denial?

  25. What is the principle of least privilege?

  26. Can we grant permissions for a particular resource to twenty different users by means of an Access Control List?

  27. Can we grant permissions for a particular resource to twenty different users by means of a Group Policy?

  28. On a system that uses a RADIUS server, what is a supplicant? What is an authenticator?

  29. Name two reasons it is more practical to use LDAP than to use DAP in a commonly equipped and configured network.

  30. What are the three classic things that a user may "present" as proof of identity on a secure network? (Something you...)

  31. What is the most effective, least invasive approach to learning someone else's password?

  32. What is a hardware/software solution for capturing passwords, IDs, and anything else a user types?

  33. What is a brute force attack? How can a system administrator guard against them?

  34. On most Windows systems, how can you enter a character that is not available on the keyboard, such as or ?

  35. Name three items that might satisfy the security requirement for something you have.

  36. What are some physical characteristics that might be used for biometric scanning?

  37. Why should a system be configured to require a maximum and a minimum age for passwords?

  38. In an Active Directory network, what is the effect of setting account lockout duration to 0?

  39. When is a business continuity plan activated and used?

  40. How is a business continuity plan different from an incident response plan?

  41. What is the purpose of a disaster recovery plan?

  42. What is a single point of failure? How can we have several of them in our system?

  43. How many nines of reliability do we need in order to have less than ten minutes of down time in a year? What percentage of up time does this equate to?

  44. What is Mean Time to Recovery? How does the text recommend that we reduce that number for a system?

  45. What is the difference between a symmetric cluster and an asymmetric cluster? Which seems more likely to you to provide uninterrupted service?

  46. What are the two kinds of UPS described in the text? Which one is constantly providing power to a system at all times?

  47. Describe the differences between cold, warm, and hot emergency work sites. Which would you prefer/recommend if your management requires the use of "the cloud" as well?

  48. In terms of data backups, what is a target?

  49. How does a file's archive bit generally become set to ON?

  50. Describe the differences between full, incremental, and differential backups. What would be required to have continuous data protection instead?

  51. What are the three components that are necessary for a fire? Which is the basis for the most effective form of fire prevention?

  52. Which two American fire classes are most likely to occur in data centers?

  53. Are Halon systems still allowed in data centers? What might be an alternative?

  54. What is a Faraday cage and what is its purpose?

  55. It is recommended that we have 50% relative humidity in operational data centers. What is the purpose of this?

  56. If you are working as an investigator of a suspected computer related crime, what are the four duties that the text lists that you should perform?

  57. What is the name of the file that Windows uses to store cached page files?

  58. What is generally stored in RAM slack when Windows saves a file?

  59. Can we predict what we will find in RAM slack or drive slack?  Why?