Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

CIS 196 midterm review fall 15

advertisement 
CS/IS 196 Midterm Review
Midterm: Monday, November 23
Midterm Overview
• Chapters 1 through 12
• Multiple Choice
• Similar to questions at the end of each
chapter and in the homework assignments.
• 50 questions
• You will have the full class time to complete
Chapter 1
Introduction and Security Trends
•
•
•
•
•
•
•
•
•
•
•
•
Critical infrastructures
Elite hackers
Hacker
Hacking
Hacktivist
Highly structured threat
Information warfare
Ping sweep
Port scan
Script kiddies
Structured threat
Unstructured threat
Chapter 2
General Security Concepts
•
•
•
•
•
•
•
•
•
Access control
Authentication
Availability
Confidentiality
Data aggregation
Diversity of defense
Hacking
Host security
Implicit deny
•
•
•
•
•
•
Integrity
Layered security
Least privilege
Nonrepudiation
Phreaking
Security through
Obscurity
• Separation of Duties
• Simple Security Rule
• Social engineering
Chapter 3
Operational and Organizational Security
•
•
•
•
•
•
•
•
•
•
•
Biometrics
Bluetooth
Guidelines
Heating, Ventilation, and Air Conditioning (HVAC)
IEEE 802.11
Physical security
Policies
Procedures
Standards
TEMPEST
Uninterruptible power supply (UPS)
Chapter 4
The Role of People in Security
•
•
•
•
•
•
•
•
Backdoor
Dumpster diving
Phishing
Piggybacking/Tailgating
Reverse social engineering
Shoulder surfing
Social engineering
Vishing
Chapter 5
Cryptography
•
•
•
•
•
•
Algorithm
Block cipher
Collision attack
Cryptanalysis
Cryptography
Digital rights
management
• Hash
•
•
•
•
•
•
•
•
Key
Key escrow
Key management
Keyspace
Multiple encryption
Shared secret
Steganography
Stream cipher
Chapter 6
Public Key Infrastructure (PKI)
• Certificate authority
(CA)
• Certificate revocation
list (CRL)
• Certification practices
statement (CPS)
• Digital certificate
• Dual control
•
•
•
•
•
•
End-entity certificates
Key archiving system
Key escrow
Key recovery
Policy certificate
Public key infrastructure
(PKI)
• Registration authority
(RA)
Chapter 7
Standards and Protocols
• Certificate
• Certificate Authority (CA)
• Certificate Revocation List
(CRL)
• IPsec
• Pretty Good Privacy (PGP)
• Public key infrastructure
(PKI)
• Secure Sockets Layer (SSL)
• Transport Layer Security
(TLS)
• Wired Equivalent Privacy
(WEP)
• Wireless Application
Protocol (WAP)
• Wireless Transport Layer
Security (WTLS)
• X.509
Chapter 8
Physical Security
•
•
•
•
•
•
Access control
Access tokens
Biometrics
BIOS passwords
Bootdisk
Closed circuit television
(CCTV)
• Contactless access cards
• Drive imaging
•
•
•
•
•
•
False negative
False positive
Layered access
LiveCD
Mantrap
Multi-factor
authentication
• Policies and procedures
• Smart cards
• USB devices
Chapter 9
Network Fundamentals
•
•
•
•
•
•
•
•
•
•
•
•
•
Address Resolution Protocol (ARP)
Bus topology
Denial-of-service (DoS)
Domain Name System (DNS)
DMZ
Extranet
Internet Control Message Protocol
(ICMP)
Internet Protocol (IP)
Intranet
Local area network (LAN)
Media Access Control (MAC) address
Network Address Translation (NAT)
Packet
•
•
•
•
•
•
•
•
•
•
•
Ring topology
Routing
Star topology
Storage area network (SAN)
Transmission Control Protocol (TCP)
Trunking
Tunneling
User Datagram Protocol (UDP)
Virtual local area network (VLAN)
VPN concentrator
Wide area network (WAN)
Chapter 10
Infrastructure Security
•
•
•
•
•
•
•
•
•
•
Cloud computing
Coaxial cable
Collision domain
Firewall
Hub
Loop protection
MAC limiting
Modem
Network access control
Network Access Protection
(NAP)
•
•
•
•
•
•
•
•
•
•
•
Network Attached Storage
Network interface card (NIC)
Private branch exchange (PBX)
Router
Servers
Shielded twisted-pair (STP)
Software as a Service (SaaS)
Switch
Unshielded twisted-pair (UTP)
Wireless access point
Workstation
Chapter 11
Authentication and Remote Access
• Authentication, authorization,
and accounting (AAA)
• Access control
• Accounting
• Authentication
• Authentication Header (AH)
• Authentication server (AS)
• Authorization
• Discretionary access control
(DAC)
• Encapsulating Security Payload
(ESP)
• Internet Protocol Security
(IPsec)
• Kerberos
• Layer 2 Tunneling Protocol
(L2TP)
• Mandatory access control
(MAC)
• Point-to-Point Tunneling
Protocol (PPTP)
• Remote Access Server (RAS)
• Role-based access control
(RBAC)
• Rule-based access control
(RBAC)
Chapter 12
Wireless Security
•
•
•
•
•
•
•
•
Beacon frames
Bluejacking
Bluesnarfing
Bluebugging
Confidentiality
IEEE 802.1X
IEEE 802.11
WPA & WPA2
• Service set identifier
(SSID)
• WAP gap
• Wired Equivalent
Privacy (WEP)
• Wireless Application
Protocol (WAP)
• Wireless Transport
Layer Security (WTLS)
The Midterm
• Bring a #2 pencil and an eraser.
• Mr. Hodges will supply the scantron forms.
• Closed book, closed note, closed computer.
Questions
• Any Questions?
Related documents
Internet Protocol - Blog Unsri
Internet Protocol - Blog Unsri
the Powerpoint slide deck
the Powerpoint slide deck
CS 2813 - Loyola College
CS 2813 - Loyola College
SCHOOL BOARD RECOGNITION
SCHOOL BOARD RECOGNITION
Child Protection study day 12th June 2007
Child Protection study day 12th June 2007
Security in Mobile Communications: Challenges and Opportunities Audun Jøsang Gunnar Sanderud
Security in Mobile Communications: Challenges and Opportunities Audun Jøsang Gunnar Sanderud
CSE 713: Wireless Networks Security – Principles and Practices Shambhu Upadhyaya
CSE 713: Wireless Networks Security – Principles and Practices Shambhu Upadhyaya
Research Journal of Applied Sciences, Engineering and Technology 4(20): 4043-4050,... ISSN: 2040-7467
Research Journal of Applied Sciences, Engineering and Technology 4(20): 4043-4050,... ISSN: 2040-7467
Authentication for Humans Audun Jøsang, Mary Anne Patton and Anthony Ho
Authentication for Humans Audun Jøsang, Mary Anne Patton and Anthony Ho
Communication Systems 13th lecture - uni
Communication Systems 13th lecture - uni
Download
advertisement