ITS 2110 - Introduction to Network Security
Review for Second Test
The following questions are provided to help you study for
the second test. Do not expect to see these exact questions on the test.
- What organization made the series of 802.11x standards? What technology do
they relate to?
- What is a WAP? What are its typical components?
- Name two wireless security standards that have become
obsolete in this decade?
- Why is UEFI preferred over a BIOS system on a contemporary
- Why were the TEMPEST standards invented? What agency
- Since servers are supposed to provide services, why would
you turn some of them off when you harden a server?
- Name three physical security controls.
- Name two software security controls.
- What do Bluetooth and NFC technologies have in common?
- What are some potential security risks that can be found on
- What is an ICS? What sort of OS would we expect to find in
- Explain the difference between identification,
authentication, and authorization.
- What are the three classic factors used in authentication?
What is a newer possible factor?
- How might you try to steal a person's password if you
cannot get personal access to their device?
- What is the difference between a brute force atttack and a
dictionary attack on a user's account?
- What are some examples of "something you are"?
- What is meant by "separation of duties" with regard to
- How does an implicit deny system work?
- What is an ACL? How does it relate to an ACE?
- What does this image have to do with security? Where would
it commonly be found?
- What is the purpose of a RADIUS server?
- Computing risk is important to enterprise security. What three steps should occur before you can do risk calculation?
- What is a port scanner? Why is it a useful security tool?
- What is a packet sniffer? How might a hacker use it?
- In addtion to attacks on our data, why must we prepare for natural disasters?
- What is business continuity? What is its goal?
- What is a business impact analysis? How does the data produced in this step become useful in the next plan?
- What would be the annualized down time of a system whose up time is four nines? How about five nines?
- Describe the benefits of using RAID 0 and RAID 1.
- What is a UPS? Compare the performance of an inline UPS to that of an off-line UPS.
- What are the four standard fire classes in the United States?
- What is meant by the likelihood of an attack? How is that different from the impact of the same attack?
- What is the difference between a preventive control and a
detective control? When would each be used in a properly designed