Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Ch08

advertisement 
Review Questions
1. Each of the following is a layer that protects information security except
a. products
b. people
c. communication
d. procedures
2. Each of the following is a reason why security is becoming increasingly difficult
except
a. speed of attacks
b. slower processors
c. sophistication of attacks
d. faster detection of weaknesses
3. _____ is a category of attacker who only wants to expose security flaws.
a. hacker
b. cracker
c. employee
d. spy
4. Guarding the availability of information is achieved by
a. access control
b. closed system authentication
c. wireless protection environment (WPE)
d. frame count check (FCC)
5. _____ is the science of transforming information so that it is secure while it is
being transmitted or stored
a. Default key transformation (DKT)
b. Access control
c. Steganography
d. Cryptography
6. Cryptography depends upon the process called an algorithm that uses a cipher.
True or False?
7. Using the same (shared) secret key to both encrypt as well as decrypt is called
private key cryptography or symmetric encryption algorithms. True or False?
8. WEP keys must be a minimum of 1,664 bits in length. True or False?
9. WEP can support up to 32 keys, but only one of which can be the default key.
True or False?
10. The initialization vector (IV) is a 24-bit value that changes each time a packet is
encrypted. True or False?
11. The output of the pseudo-random number generator (PRNG) is the_____.
keystream
12. The _____ is added to the front (“pre-pended”) of the ciphertext and is in
plaintext and is not encrypted. initialization vector (IV)
13. RC4 is a stream _____that accepts keys up to 128 bits in length and takes one
character and replaces it with one character. cipher
14. In order for an attacker to be authenticated he only has to discover the _____.
SSID
15. In a(n) _____ attack an attacker attempts to create every possible key combination
by systematically changing one character at a time in a possible default key, and
then using each newly generated key to decrypt a message. brute force
16. Explain how WEP violates the “cardinal rule” of cryptography.
A mathematical key that creates a detectable pattern or structure provides an
attacker with valuable information to break the encryption (keys that create this
type of repeating pattern are known as weak keys). The implementation of WEP
creates a detectable pattern for attackers. IV’s are 24-bit numbers, meaning there
are 16,777,216 possible values. An AP transmitting at only 11 Mbps can send and
receive 700 packets each second. If a different IV were used for each packet, then
the IVs would start repeating in fewer than seven hours (a “busy” AP can produce
duplicates in fewer than five hours). An attacker who captures packets for this
length of time can see the duplication and use it to crack the code.
17. What is a man-in-the-middle attack and how can one be launched against a
wireless network?
Man-in-the-middle attacks on computer information are common attacker tools.
This type of attack makes it seem that two computers are communicating with each
other, when actually they are sending and receiving data with a computer between
them, or the “man in the middle.” In Figure 8-15, Computer A and Computer B are
communicating without recognizing that an attacker, as the man in the middle, is
intercepting their transmissions. Man-in-the-middle attacks can be active or
passive. In a passive attack, the attacker captures the sensitive data that is being
transmitted and then sends it on to the original recipient without his presence being
detected. In an active attack, the contents of the message are intercepted and altered
before they are sent on. On wireless networks, man-in-the-middle attacks are
commonly done by attackers setting up a “fake” access point. An attacker sets up
his own AP and tricks all wireless devices to communicate with the imposter access
point instead of the legitimate AP.
18. List two ways in which a denial of service (DoS) attack can be launched against a
WLAN.
One type of wireless DoS attacks requires an attacker to flood the radio frequency
spectrum with noise (called jamming) that makes it appear that there is legitimate
traffic being transmitted. Because WLANs use Carrier Sense Multiple
Access/Collision Avoidance, which requires all devices to listen before transmitting,
jamming will prevent any wireless device from transmitting. Another wireless DoS
attack can be launched against a single wireless device. An attacker can send a
series of disassociation frames to a wireless device, forcing it to disassociate and then
attempt to reassociate with the access point.
19. Explain how an attacker can force a renegotiation to capture an SSID.
If an attacker cannot capture an initial negotiation process, it can force one to occur.
An attacker can pretend to be an access point and send a forged disassociation
frame to a wireless device. This will cause the device to disassociate from the access
point. However, the device will then immediately attempt to reconnect to the AP, at
which time the attacker can be capturing packets and see the SSID transmitted in
plaintext.
20. What is a dictionary attack?
Unlike a brute force attack in which all possible combinations are used, a dictionary
attack takes each word from a dictionary and encodes it in the same way the
passphrase was encoded. Attackers then compare the encoded dictionary words
against those in the encrypted frame. When attackers find a match, they know
which dictionary word made up the passphrase.
Related documents
How to Efficiently Communicate When Your Network is Under Attack
How to Efficiently Communicate When Your Network is Under Attack
Chapter02 - Cisco Networking Academy
Chapter02 - Cisco Networking Academy
Finding_26
Finding_26
Concerns for College Students - Sexual Assault Response Services
Concerns for College Students - Sexual Assault Response Services
Drill No Turn U9+
Drill No Turn U9+
Hands on Demonstration for Testing Security in Web Applications
Hands on Demonstration for Testing Security in Web Applications
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM
CSCI4911 SPECIAL TOPICS: COMPUTER SECURITY FINAL EXAM
Availability
Availability
Abstract
Abstract
Download
advertisement