Exam (elaborations)
CNIT 455 Final Exam with Complete Exam Verified 2024
- Course
- Institution
CNIT 455 Final Exam with Complete Exam Verified 2024
[Show more]
Content preview
CNIT 455 Final Exam with CompleteExam Verified 2024
how are buffer overflows commonly used? - ANSWER-used to cause attacker code to
get executed by overwriting the stack to replace the return address with the address of
the attacker code, so that when the function completes, it runs the attacker code
how are certificate authorities organized? - ANSWER-they are organized in hierarchical
fashion
how are client access VPNs implemented? - ANSWER-a tunnel exists between a client
and a VPN server, where a virtual NIC is created when establishing the tunnel, and the
vNIC gets an internal network address
how are commerical CAs setup? - ANSWER-1. commerical CAs set up as a "trusted
path" by defauly in more OS/browsers
2. costs money to get certificate from commerical CA
3. once you have a server certificate from your CA, you can issue your own trusted
certificates
how are host based IDS architectured? - ANSWER-1. automated log parsing to check
sytem and application for anomalous activity
2. stack based analyzer that integrates in the host's IP stack and remove offending
traffic from the stack
how are private CAs setup? - ANSWER-1. you setup your own CA
2. trust is usually limited to an organization
3. need to manually/push certificates onto client devices
how are site to site VPNs implemented? - ANSWER-they are implemented on the
devices that face the public network, with the traffic being routed and enapsulated by
the VPN devices
how can a root bridge spanning tree attack be mitigated? - ANSWER-1. physically force
a known root bridge
2. limit switches that can join the STP topology after the initial election process
how can one avoid detection while performing fingerprinting? - ANSWER-1. edit out
information from logs by overwriting with zeros
2. utilize rootkits to gain persistence and hide from security scanners
how can one remain nonymous while performing direct reconnaissance? - ANSWER-
employing stealth techniques like using public proxies, internet cafes, or VPNs
,how can packet sniffing be detected? - ANSWER-send a packet with a bad/impossible
address yet a correct IP address, and if it gets a response, then that host must be in
promiscuous mode
how can PKI be used to provide data encryption? - ANSWER-1. used to encrypt data on
an encrypted file system
2. usually doesn't require a complete certificate system
3. can use straight two key encryption
4. keys are commonly stored in the network directory entry for the user
how do ALGs increase latency? - ANSWER-two separate sessions must be managed
per "connection"
how does 802.1x work? - ANSWER-1. uses MAC address or certificates to authenticate
device
2. allows access to the appropriate network upon successful compliance check
3. can use VLANs
how does an IDS proactively close a connection? - ANSWER-it sends a TCP "FIN" flag
to both ends, though it requires the IDS to be able to send traffic (but not necessarily be
in-line)
how does bridging increase latency? - ANSWER-requirement of NICs being in
promiscuous mode reduces efficiency
how does DHCP proxy work? - ANSWER-1. DHCP requests are forward to special
DHCP server(s)
2. identification is based on MAC address
how does DNAT increase latency? - ANSWER-src/dst L3 and L4 addresses must be
rewritten
how does dynamic packet filtering work? - ANSWER-keeps ports closed, then opens
ports based on the context by building a state table that tracks things like TCP
sequence numbers and UDP data flows, as well as examining layer 7 to ensure traffic is
what it says it is
how does hardware protection for preventing overflow attacks work? - ANSWER-a bit in
the memory address denotes whether it is executable or not, so you would mark the
stack and heap as non-executable, though it only works on 64-bit processors
how does NAC client software work for network admission? - ANSWER-client will not
allow traffic to flow until being admitted by the policy server
how does PKI secure email? - ANSWER-1. digitally sign messages to prevent
tampering and verifies sender identity
,2. encrypt the messages to prevent anyone other than the intended recipient from
reading them
how does PKI secure IPsec? - ANSWER-1. it encrypts all data contained in the IP
packet
2. positively identifies the source and destination
how does PKI secure websites/web transactions? - ANSWER-1. it authenticates the
website
2. provides encryption for transactions between the browser and web server
3. can require clients to have digital certificates to authenticate themselves to the web
server
how does SNAT increase latency? - ANSWER-the src/dst L3 addresses must re-written
in both directions
how does standard routing increase latency? - ANSWER-barely affects latency as
minimal additional processing is required
how does the firewall keep track of connections when using DNAT? - ANSWER-the
firewall builds a state table comprised of L3 addresses, L4 ports, and L5 session info to
track which connection belongs to which internal device
how is a port mirror used for in a network based IDS? - ANSWER-the port on the
boundary router or firewall get mirrored so it can be inspects, though its only good for
short term use as a hogs an interface and still has some performance impact
how is RADIUS configured? - ANSWER-1. a shared secret is created between the
RADIUS client (NAS) and the server
2. the server IP and port is entered on the NAS
3. the client is authorized on the server via the IP address
4. access profiles are created on the server
how is RSA used for digital signatures? - ANSWER-1. hash the content
2. encrypt the hash with the private key
3. publish the content along with the encrypted hash
4. decrypt with the public key
how is the CA hierarchy structured? - ANSWER-1. always one root CA, which issues its
own certificate
2. root CA issues a special certificate to subordinate CAs that allows them to hand out
certificates
3. results in a "trust path" where any certificate handed out by any CAin the hierarchy is
considered part of the trust path
, how many hops does a tunnel appear as to a client? - ANSWER-only a single hop,
regardless of the number of routers/hops as it crosses the internet
how many SAs are needed for duplex communication? - ANSWER-two SAs are
required for duplex communication
is a ping of death still a problem? - ANSWER-"The original Ping of Death attack has
mostly gone the way of the dinosaurs" - Cloudflare
T/F a firewall always includes a packet filter, but not all packet filters are firewalls -
ANSWER-true
T/F admission control and access control are the same thing? - ANSWER-false
T/F AES is the best choice for symmetric encryption for most applications day -
ANSWER-true
T/F an IDS can suffer from false positives and false negatives - ANSWER-true
T/F both ends do not need to match on all parameters for IPsec configuration? -
ANSWER-false, all parameters need to match on both ends for IPsec to work
T/F buffer overflows are not the most commonly used attack vector? - ANSWER-false,
they are the most commonly used attack vector
T/F CBC is not the most commonly used approach for block cipher modes - ANSWER-
false, it is the most commonly used approach
T/F client access VPNs should be on the same internal network as on-premise clients? -
ANSWER-false, ideally VPN clients will be on a separate address space to allow for
firewall rules
T/F collisions are not possible with hashes - ANSWER-false, collisions are always
possible, but good hash functions minimize collisions so that its impractical to try to find
one
T/F data endpoints and encapsulation endpoints are the same for a client access VPN?
- ANSWER-true, the VPN server deencapsulates the data from the client and passes it
to the private network
T/F data endpoints and encapsulation endpoints are the same for a site to site VPN -
ANSWER-false, the endpoints for data and enapsulation are different
T/F DES is strong enough for today's computers? - ANSWER-false, too weak due to
small keys and small block sizes, don't use unless you have too
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller CLOUND. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78252 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now