Generic Security Concepts Review Q: What is the CIA triad, what does each mean? Q: What is non-repudiation? Q: Define Layered Security Q: What is the main security reasoning for mandatory vacations? Generic Security Concepts Review Q: What type of authentication system does the OS (Security Kernel) determined who is allowed access to a resource Q: What access control model helps fight “authorization creep” Q: Biometrics are an example of “What you ____” Q: What is a better security model, network based or host based? Justify your answer. Chapter 2 – Review Questions Q. What is the best countermeasure against phishing attacks? Q. Why is a hoax still a security concern? Q. Installing camera to read credit card numbers at gas pumps is what type of attack? Q. Does an Organization Security Policy Statement detail specifics such as how to properly encrypt data? Chapter 2 – Review Questions Q. What is the difference between Due Diligence and Due Care? Q. What is the term for a set of “required steps to be taken” when doing some action called? Cryptography review Q. Which of the CIA triad does a hash provide? Q. An HMAC is used to try to prevent MiM attacks. Does a HMAC provide non- repudiation? Q. Why don’t we just use Asymmetric Encryption for all encryption? Q. What is Diffie-Hellman primarily used for? Cryptography review Q. What is AES meant to replace, what is the algorithm that was chosen to be AES? Q. True or false, If I encrypt a message with someone's public key, anyone with the public key can decrypt it. Q. What is the Asymmetric algorithm commonly used in PDAs and cell phones? Q. How many rounds of transposition/substitution does DES have? How about Triple DES? PKI review questions Q. What is a digital certificate? What is it intended to represent? Q. What are two important pieces of info in a digital certificate Q. Why would you use multiple certificates Q. If you have 100 users, in a 2 certificate model (encryption & signing) how many total keys do you have? PKI review Q. What is key escrow Q. How do I validate the identity of a certificate that someone has given me? When does the validation chain end? Q. What version of X.509 were extensions added? Q. My certificate has been revoked, how do I “un- revoke it” Physical Security Review Q. What feature can allow a windows computer to automatically run a Trojan program on an inserted CD or USB drive Q. Which of the following water based automatic fire suppression systems would be best used for a data center. Q. Why is access to a network jack a risk? Q. What is the CER in terms of biometrics Q. What is a type 1 and type 2 error? Physical Security Review Q. If providing access to a bank vault, would I prefer higher false positives or higher false negatives? Q. What type of fire rating is electrical fires? Q. What is the difference between smart cards and memory cards. Q. What type of motion sensor detects a human through emanated heat? [...]... application layer proxy different than a circuit layer proxy? Chapter 9 – Review Questions Q Name the 3 AAA protocols we talked about Q Which of the following items does Kerberos use – – – – Shared keys Tickets Public keys Digital signatures Q Does L2TP use TCP or UDP? Q Explain the difference between CHAP and PAP Chapter 9 – Review Questions Q What protocol (TCP/UDP) does Radius use, how about TACACS+ Q Why... Review Questions Q What encryption protocol does WEP use Q What 2 key lengths does WEP support Q WPA takes the algorithm from WEP and changes the encryption key with every packet What is this called? T_ _ _ Q What encryption protocol does WPA2 use? Q Why is MAC filtering or turning off SSID broadcasting not sufficient security? Q What does WAP use as the “secure” WAP protocol? W _ Chapter 10 – Review Questions . model, network based or host based? Justify your answer. Chapter 2 – Review Questions Q. What is the best countermeasure against phishing attacks? Q. Why. detail specifics such as how to properly encrypt data? Chapter 2 – Review Questions Q. What is the difference between Due Diligence and Due Care? Q.