Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/44

Click to flip

44 Cards in this Set

  • Front
  • Back
What is hashing?
changing a character string into a shorter fixed-length value or key
What four trust models do PKI's fall into?
heirarchical; network/mesh; trust list; key ring
What is unique about the network/mesh model of PKI?
multiple parties must be present before access to the token is granted
Does PPTP require IP connectivity?
yes
Does L2TP require IP connectivity?
no
What does IPSec use for authentication and key exchange?
Diffie-Hellman
What does IPSec use for encryption?
40-bit DES algorithm
What three methods are used to determine VLAN membership on the local switch?
port-based; MAC-based; protocol-based
What two methods are used to determine VLAN membership on a remote switch?
implicit, based on MAC address; explicit, where the first switch adds a tag
Why is detecting statistical anomolies a good approach to intrusion detection?
don't have to understand the root cause of the anomolies
Why is detecting statistical anomolies a good approach to intrusion detection?
don't have to understand the root cause of the anomolies
What is the top priority in computer forensics?
document each step taken
What type of access control do most commercial OS's use?
DAC
How does CHAP work?
server sends random value to client; client uses MD5 to create hash with ID, random value, and shared secret; client sends hash to server; server performs same function and compares values
Is PPTP usually implemented through hardware or software?
software
Is L2TP usually implemented through hardware or software?
hardware
What is compulsory tunneling?
situation where VPN server chooses the endpoint of a communication
What advantage does compulsory tunneling provide?
allows VPN connections to be concentrated over fewer high-capacity lines
What port does L2TP use?
UDP 1701
What are the two encryption modes for IPSec?
Transport, where only the data is encrypted; and Tunneling, where the entire packet is encrypted
What protocol does IPSec use to exchange keys?
Internet Key Exchange (IKE)
What is key escrow?
administration of a private key by a trusted third party
What advantage does TACACS+ have over RADIUS?
better security
What advantage does RADIUS have over TACACS+?
better vendor support and implementation
What makes non-repudiation a stronger version of authentication?
non-repudiation comes from a third party
Non-repudiation has been compared to what real-world version of authentication?
using a public notary
What is a teardrop attack?
a type of DoS attack using a false fragmentation offset value
What is an AUP?
Acceptable Use Policy
From what does RSA derive its strength?
the difficulty of factoring large numbers
What three people were involved in the creation of RSA?
Rivest, Shamir, Adleman
Is RSA a public- or private-key system?
public-key
What is the standard key length for DES?
56 bits
What is the standard key length for IDEA?
128 bits
What is the standard key length for 3DES?
168 bits
How are RSA and DES used together?
RSA is used to encrypt the key for transmission; DES is used for message encryption
What kind of encryption does AES use?
private-key
What is IDEA?
International Data Encryption Algorithm- a 128-bit private-key encryption system
What are the two most popular hashing routines in use today?
MD5 and SHA-1
What size is an MD5 hash?
128 bits
What is MD5 designed for?
digital signatures
Observing the timer value in the TCP stack makes what possible?
determining the OS in use, useful in planning attacks
What are the three A's in computer forensics?
Acquire, Authenticate, Analyze
What is the first step in risk analysis?
identifying assets
What type of network is CHAP primarily used on?
PPP