MIS 505 FINAL EXAM ACCURATE EXAM SESSION
GRADED A (SUMMER- FALL SESSION)
OSI Model Layers - ANSWER: Application
Presentation
Session
Transport
Network
Data Link
Physical
default gateway - ANSWER: Your way out, typically the router for the network that
directs you to the internet. Almost always ends in a .1
subnet mask - ANSWER: determines your network and host ID
internal/private - ANSWER: the IP that your computer has before hitting the router
and being changed with NAT
external - ANSWER: the IP that the public sees for you after NAT
25/2525/465/587 - ANSWER: SMTP (email)
80/443 - ANSWER: web servers (HTTP)
110/995 - ANSWER: 110 is unencrypted POP3 mail (TCP), 995 is encrypted (TLS/SSL)
143/993 - ANSWER: 143 is newer version of 110 IMAP (TSL/SSL)
23 - ANSWER: Telnet port (telnet protocol)
20/21 - ANSWER: FTP as data transfer (TCP/UDP)
53 - ANSWER: DNS uses this port (typically TCP but could be UDP)
3389 - ANSWER: enables users to access remote computers (remote desktop
protocol) (TCP protocol, RDP service
differences between switches, routers, and hubs - ANSWER: - Hubs operate on layer
1 - broadcasts data to every device connected to it
- Switches operate on layer 2 - sending frames (uses mac address)
- Router layer 3 - sends packets using ip addresses
dhcp server - ANSWER: DHCP servers dynamically assign IP addresses. If you hit a
DHCP server for an IP, it will assign you one that is not being used
, advantages and disadvantages of IPv4 and IPv6 - ANSWER: IPv6 is more secure,
harder to breach, and is also divided by continent, so you know based on the IPv6
what continent it is coming from. A disadvantage is that IPv6 is a lot bigger, harder to
remember. An advantage of IPv4 is that it is a lot easier to deal with (being smaller),
it's a lot simpler.
data names at each layer of the osi model - ANSWER: - Application, presentation,
session: upper layer data
- Transport: segments (TCP) or datagrams (UDP)
- Network: packets
- Data Link: frames
- Physical: bits
threat enviornment - ANSWER: the cyber threat environment is the online space
where cyber threat actors conduct malicious cyber threat activity. It includes the
networks, devices, and processes that are connected to the Internet and can be
targeted by cyber threat actors, as well as the methods threat actors use to target
those systems.
threats from employees and ex-employees? - ANSWER: current and ex-employees
may have access to highly sensitive company data
threats from malware writers? - ANSWER: malware writers intentionally write code
that attempts to avoid reverse engineering or detection and spread itself throughout
the network in a very aggressive manner.
CI Triple A + N - ANSWER: Confidentiality: information kept private and secure
Integrity: data mot modified, deleted, or added
Availability: systems available to whom requires them
Authenticity: providing verification of the identities
Accountability: assurance by recording the identities and activities
Non-Repudiation: assuming the identities of the parties in a transaction
pretexting - ANSWER: A pretext is a made-up scenario developed by threat actors for
the purpose of stealing a victim's personal data. During pretexting attacks, threat
actors typically ask victims for certain information, stating that it is needed to
confirm the victim's identity
malicious insider - ANSWER: a person who has insider knowledge of an
organization's proprietary information and intentionally misuses it to negatively
impact the integrity of the business. Could be a current or former employee,
contractor, or business partner.
GRADED A (SUMMER- FALL SESSION)
OSI Model Layers - ANSWER: Application
Presentation
Session
Transport
Network
Data Link
Physical
default gateway - ANSWER: Your way out, typically the router for the network that
directs you to the internet. Almost always ends in a .1
subnet mask - ANSWER: determines your network and host ID
internal/private - ANSWER: the IP that your computer has before hitting the router
and being changed with NAT
external - ANSWER: the IP that the public sees for you after NAT
25/2525/465/587 - ANSWER: SMTP (email)
80/443 - ANSWER: web servers (HTTP)
110/995 - ANSWER: 110 is unencrypted POP3 mail (TCP), 995 is encrypted (TLS/SSL)
143/993 - ANSWER: 143 is newer version of 110 IMAP (TSL/SSL)
23 - ANSWER: Telnet port (telnet protocol)
20/21 - ANSWER: FTP as data transfer (TCP/UDP)
53 - ANSWER: DNS uses this port (typically TCP but could be UDP)
3389 - ANSWER: enables users to access remote computers (remote desktop
protocol) (TCP protocol, RDP service
differences between switches, routers, and hubs - ANSWER: - Hubs operate on layer
1 - broadcasts data to every device connected to it
- Switches operate on layer 2 - sending frames (uses mac address)
- Router layer 3 - sends packets using ip addresses
dhcp server - ANSWER: DHCP servers dynamically assign IP addresses. If you hit a
DHCP server for an IP, it will assign you one that is not being used
, advantages and disadvantages of IPv4 and IPv6 - ANSWER: IPv6 is more secure,
harder to breach, and is also divided by continent, so you know based on the IPv6
what continent it is coming from. A disadvantage is that IPv6 is a lot bigger, harder to
remember. An advantage of IPv4 is that it is a lot easier to deal with (being smaller),
it's a lot simpler.
data names at each layer of the osi model - ANSWER: - Application, presentation,
session: upper layer data
- Transport: segments (TCP) or datagrams (UDP)
- Network: packets
- Data Link: frames
- Physical: bits
threat enviornment - ANSWER: the cyber threat environment is the online space
where cyber threat actors conduct malicious cyber threat activity. It includes the
networks, devices, and processes that are connected to the Internet and can be
targeted by cyber threat actors, as well as the methods threat actors use to target
those systems.
threats from employees and ex-employees? - ANSWER: current and ex-employees
may have access to highly sensitive company data
threats from malware writers? - ANSWER: malware writers intentionally write code
that attempts to avoid reverse engineering or detection and spread itself throughout
the network in a very aggressive manner.
CI Triple A + N - ANSWER: Confidentiality: information kept private and secure
Integrity: data mot modified, deleted, or added
Availability: systems available to whom requires them
Authenticity: providing verification of the identities
Accountability: assurance by recording the identities and activities
Non-Repudiation: assuming the identities of the parties in a transaction
pretexting - ANSWER: A pretext is a made-up scenario developed by threat actors for
the purpose of stealing a victim's personal data. During pretexting attacks, threat
actors typically ask victims for certain information, stating that it is needed to
confirm the victim's identity
malicious insider - ANSWER: a person who has insider knowledge of an
organization's proprietary information and intentionally misuses it to negatively
impact the integrity of the business. Could be a current or former employee,
contractor, or business partner.
