ACING MIS 562 EXAMS: FUNDAMENTALS OF INFORMATION
SYSTEMS SECURITY WITH AN A+ QUESTIONS AND ANSWERS
BREAKDOWN
CIDR Classes InterDomain Routing
subnet portion of address of arbitrary length
Dynamic Host Configuration Protocol DHCP
dynamically get IP address from network server when it joins network
MAC or LAN or physical or Ethernet address
used 'locally" to get frame from one interface to another physically-connected interface -
same network, in IP-addressing sense
packet filtering
Compares received traffic with a set of rules that define which traffic it will permit to pass
through
Stateful inspection firewall
Remembers information about the status of a network communication
Application proxy firewall
Doesn't actually allow packets to travel directly between systems on opposite sides of
the firewall
Border Firewall
sits behind the router and receives all communications passing from the router into the
private network;
either packet filtering or stateful inspection
Screened Subnet Firewall or demilitarized zone DMZ
If host a public website or own email server, need to allow inbound connections on a
limited basis.
WPA/WPA2
Uses strong AES encryption to protect data on networks
Chapter 3
Transitive Access
, Desired target system or service is indirectly attacked by first compromising a system
trusted by the target.
Armored viruses
hardened code - Makes it difficult to reverse-engineer and build an antivirus for the
malware
Ransomware
Forces victim organization to pay a ransom to prevent its data from being deleted
Cryptolocker
Encrypts critical files or data until the victim pays a ransom to obtain the decryption keys
Polymorphic malware
Difficult to see and be remediated with antivirus or anti-malware applications
Intellectual Property
Asset of an organization
Opportunity cost
amount of money a company loses due to downtime
Downtime
either intentional or unintentional directly affects system availability
hacker
someone who breaks into a computer system without authorization
Protocol Analyzers
Software program that enables computer to monitor and capture network traffic whether
LAN or a wireless network
Vulnerability Scanners
used to identify and verify vulnerabilities on an IP host device
Denial of Service Attack
A coordinated attempt to deny service by occupying a computer to perform large
amounts of unnecessary tasks
Character- generator Chargen
a protocol that generates stream of packets to test network's capacity. Can be done with
a single host
Host constantly responds to own echoes
SYSTEMS SECURITY WITH AN A+ QUESTIONS AND ANSWERS
BREAKDOWN
CIDR Classes InterDomain Routing
subnet portion of address of arbitrary length
Dynamic Host Configuration Protocol DHCP
dynamically get IP address from network server when it joins network
MAC or LAN or physical or Ethernet address
used 'locally" to get frame from one interface to another physically-connected interface -
same network, in IP-addressing sense
packet filtering
Compares received traffic with a set of rules that define which traffic it will permit to pass
through
Stateful inspection firewall
Remembers information about the status of a network communication
Application proxy firewall
Doesn't actually allow packets to travel directly between systems on opposite sides of
the firewall
Border Firewall
sits behind the router and receives all communications passing from the router into the
private network;
either packet filtering or stateful inspection
Screened Subnet Firewall or demilitarized zone DMZ
If host a public website or own email server, need to allow inbound connections on a
limited basis.
WPA/WPA2
Uses strong AES encryption to protect data on networks
Chapter 3
Transitive Access
, Desired target system or service is indirectly attacked by first compromising a system
trusted by the target.
Armored viruses
hardened code - Makes it difficult to reverse-engineer and build an antivirus for the
malware
Ransomware
Forces victim organization to pay a ransom to prevent its data from being deleted
Cryptolocker
Encrypts critical files or data until the victim pays a ransom to obtain the decryption keys
Polymorphic malware
Difficult to see and be remediated with antivirus or anti-malware applications
Intellectual Property
Asset of an organization
Opportunity cost
amount of money a company loses due to downtime
Downtime
either intentional or unintentional directly affects system availability
hacker
someone who breaks into a computer system without authorization
Protocol Analyzers
Software program that enables computer to monitor and capture network traffic whether
LAN or a wireless network
Vulnerability Scanners
used to identify and verify vulnerabilities on an IP host device
Denial of Service Attack
A coordinated attempt to deny service by occupying a computer to perform large
amounts of unnecessary tasks
Character- generator Chargen
a protocol that generates stream of packets to test network's capacity. Can be done with
a single host
Host constantly responds to own echoes
