Business Data Communications and Networking 7th Edition Test Bank - Chapter 10
TRUE/FALSE
The following are possible True/False questions for tests. The statement is given and the answer is provided in square brackets. The level of difficulty (easy, moderate, difficult) and the page(s) relevant to the topic are also furnished.
1.Security on a network not only means being able to prevent a hacker from breaking into your computer but also includes being able to recover from temporary service problems or from natural disasters. [True; p. 294]
Easy
2.The rise of the Internet has increased significantly the potential vulnerability of an organization’s assets. [True; p. 294]
Easy
3.The primary goal of network security is to protect the organization’s hardware. [False, it is to protect the organization’s data and application software; p. 295]
Easy
4.The CERT at Carnegie Mellon University was established by the U.S. Department of Agriculture in 1988. [False, it was established by the Department of Defense; p. 296]
Moderate
5. Controls are mechanisms that reduce or eliminate threats to network security. [True; p. 297]
Easy
6. Corrective controls reveal or discover unwanted events. [False, this is the definition of detective controls; p. 298]
Moderate
7. A control spreadsheet lists threats to the network across the top of the spreadsheet and lists the network components down the side of the sheet. [True; p. 298]
Easy
8. A threat to the data communications network is any potential adverse occurrence that can do harm, interrupt the systems using the network, or cause a monetary loss to the organization. [True; p. 299]
Easy
9. Companies have learned that the greatest hacking threat can be from its own employees. [True; p. 301]
Easy
10. A Delphi team that helps the network manager assess the security risks to the organization should always have at least 20 members. [False, it is usually comprised of 3-9 key people; p. 302]
Moderate
11. An uninterruptible power supply utilizes a second redundant disk for every disk on the server. [False, this the definition of disk mirroring; p. 303]
Moderate
12. Disk duplexing uses a redundant disk controller on the server. [True; p. 304]
Moderate
13. The best solution for planning for disaster recovery is to have a fully redundant backup network placed in a different location that would not be threatened by the same natural or man-made disaster that would destroy the original network. [True; p. 304]
Easy
14. Macro viruses can spread when an infected file is opened. [True; p. 304]
Easy
15. The denial-of-service attack disrupts the network by flooding the network with messages so that regular messages cannot be processed. [True; p. 305]
Easy
16. Backups ensure that data can be used. [False, backups cannot guarantee that data can be used; p. 308]
Moderate
17. Crackers are casual hackers with a limited knowledge of computer security. [False, crackers are hackers whose motivation is the thrill of the hunt; p. 310]
Moderate
18. Social engineering refers to creating a team that solves virus problems. [False, this refers to breaking security simply by asking; p. 312]
Moderate
19. Biometric systems scan the user to ensure that the user is the sole individual authorized to access the network account. [True; p. 313]
Easy
20. Network cables are the easiest physical targets for eavesdropping. [True; p. 315]
21. Automatic number identification accepts a login from a user if that user’s incoming phone call comes from a pre-authorized list of phone numbers. [True; p. 316]
Moderate
22. An intruder uses TCP spoofing to send packets to a target computer requesting certain privileges be granted to some user. [False, it is IP spoofing; p. 317]
Moderate
23. With application level firewalls, any access that has not been disabled is permitted. [False, that is the definition of packet level firewalls; p. 317-318]
Moderate
24. A NAT proxy server uses an address table to translate private data link layer addresses used inside the organization into proxy data link layer addressed used on the Internet. [False, IP addresses are translated; p. 319]
Moderate
25. A symmetric algorithm uses a different key to encrypt and decrypt a particular bit stream. [False, it uses the same key; p. 322]
Moderate
26. DES is a commonly used symmetric encryption algorithm developed in the mid-1990s by the American government in conjunction with IBM. [False, it was developed in the 1970s; p. 323]
Moderate
27. Secure Sockets Layer is an encryption standard designed for use on the Web. [True; p. 327]
Easy
MULTIPLE CHOICE
The following are possible multiple-choice questions for tests. The question is posed and the answer is provided under the choices. The level of difficulty (easy, moderate, difficult) and the page(s) relevant to the topic are also furnished.
1. Which of the following is not one of the major categories (or sub-categories) into which network security threats can be placed?
a. disruption
b. destruction
c. controlled chaos
d. unauthorized access
e. disaster
Answer: c, Easy; p. 296
2. In recent years, management’s concern about the adequacy of current control and security mechanisms used in a data communications environment has:
a. decreased because the new sophisticated technology is far more secure than the old manual methods
b. remained the same because management was always deeply interest in control and security
c. decreased because of the change in moral and ethical codes in the U.S. to a kinder and gentler society
d. increased because this commitment to data communications has changed the potential vulnerability of the organization’s assets
e. remained the same because there are very few threats to data communications
Answer: d, Easy, p. 294
3. ________ represents the loss of or reduction in network services.
a. controlled chaos
b. destruction
c. disruption
d. unauthorized access
e. disaster
Answer: c, Easy, p. 296
4. An example of _____ of data would be if a computer virus eliminated files on that computer.
a. disruption
b. controlled chaos
c. unauthorized access
d. destruction
e. disaster
Answer: d, Easy, p. 296
5. A tornado that eliminates a network control center would be an example of a natural __________
a. disaster
b. disruption
c. controlled chaos
d. destruction
e. unauthorized access
Answer: a, Easy, p. 296
6. Most incidents of ___________ involve employees of the organization, surprisingly enough.
a. unauthorized access
b. disruption
c. controlled chaos
d. destruction
e. disaster
Answer: a, Easy; p. 296
7. A network switch failure is an example of a(n) ________ threat.
a. internal
b. disruptive
c. causal
d. unauthorized access
e. disaster
Answer: b, Moderate; p. 296
8. A hacker gaining access to organizational data files and resources is an example of a(n) ____________ threat.
a. disruptive
b. controlled chaos
c. disruptive
d. unauthorized access
e. disaster
Answer: d, Easy; p. 296
9. Developing _______ helps develop a secure network.
a. rules
b. controls
c. network maps
d. vendor documentation
e. service level agreements
Answer: b, Easy, p. 297
10. _________ controls stop a person from acting.
a. detective
b. corrective
c. mitigating
d. preventive
e. backup
Answer: d, Easy, p. 297
11. ________ controls discover unwanted events.
a. preventive
b. corrective
c. detective
d. mitigating
e. backup
Answer: c, Easy, p. 297
12. ________ controls fix a trespass into the network.
a. corrective
b. detective
c. preventive
d. mitigating
e. backup
Answer: a, Easy, p. 297
13. A ___________ assigns levels of risk to various threats to network security by comparing the nature of the threats to the controls designed to reduce them.
a. risk assessment
b. backplane
c. mitigating control factor analysis
d. control verification worksheet
e. control test plan
Answer: a, Moderate, p. 298
14. A(n) ___________ is one of the most common examples of redundancy built into a network to help reduce the impact of disruption.
a. network cloaking device
b. backup punch card reader
c. uninterruptible power supply
d. service level agreement
e. help desk
Answer: c, Moderate, p. 303
15. A ____________ is a situation in which a hacker attempts to disrupt the network by sending messages to the network that prevent normal users’ messages from being processed.
a. denial-of-service attack
b. service level agreement
c. virus
d. spamming
e. scamming
Answer: a, Moderate; p. 305
16. Which of the following statements about computer viruses is false?
a. Macro viruses are contained in documents that spread when an infected program is opened.
b. Some viruses change their appearance when they spread.
c. Viruses can be spread by read-only emails that do not include either executable or downloaded files, or documents.
d. Many viruses attach themselves to other programs.
e. Viruses make copies of themselves when programs are executed.
Answer: c, Moderate, p. 304-305
17. A ____________ lays out different levels of response to a number of possible disasters.
a. disaster recovery plan
b. service level agreement
c. denial-of-service solution
d. control spreadsheet
e. risk test plan
Answer: a, Easy, p. 307
18. Some companies, called _______, can provide services ranging from secure storage to providing complete backup networked data centers for clients’ use.
a. service level agreement firms
b. denial-of-service firms
c. mitigating control firms
d. disaster recovery firms
e. spamming detection firms
Answer: d, Easy, p. 309
19. Which of the following is not a type of intruder who attempts to gain unauthorized access to computer networks?
a. Delphi team member
b. script kiddies
c. crackers
d. professional hackers
e. organization employees
Answer: a, Easy, p. 310-311
20. Which of the following is not a method for deterring unauthorized access?
a. training end users not to divulge passwords
b. using a smart card in conjunction with a password to gain access to a computer system
c. using biometric devices to gain access to a computer system
d. using a security software package that logs out users if that user is ‘idle’ for a certain amount of time
e. performing social engineering
Answer: e, Moderate, p. 311-312
21. The basis of authorized network access is the:
a. user profile
b. client terminal
c. server computer or computers
d. encryption key
e. voice activation
Answer: a, Easy, p. 313
22. Which of the following is considered a good choice for a password?
a. something that is meaningful to the user but to no one else, incorporates special characters, and is at least seven characters long
b. the name of the family pet
c. a keyboard pattern, such as QWERTY
d. the name of family members
e. your birth date
Answer: a, Easy, p. 313
23. Which of the following type of media is least susceptible to eavesdropping?
a. fiber optics
b. twisted pair
c. microwave
d. infrared
e. coaxial cable
Answer: a, Moderate, p. 315
24. Which of the following type of media is most susceptible to eavesdropping?
a. unshielded twisted pair
b. shielded twisted pair
c. coaxial cable
d. infrared
e. fiber optics
Answer: d, Moderate, p. 315
25. For Ethernet networks, a _______ hub can make eavesdropping more difficult.
a. secure
b. Trojan horse
c. proxy
d. spoofing
e. spamming
Answer: a, Easy, p. 315
26. Which of the following is not a method for deterring outside intruders from gaining access to the organization’s office or network equipment facilities?
a. locks on network circuits after working hours
b. passwords that disable the screen and keyboard of a computer
c. secured network cabling behind walls and above ceilings
d. use of armored cable
e. unlocked wiring closet for network devices
Answer: e, Moderate, p. 315
27. A sniffer program is a:
a. type of macro-virus
b. small peep-hole in a door or wall to allow a security guard to sniff the area with his or her nose before entering a secure area or location
c. used in a call-back modem
d. a program that records all LAN messages received for later (unauthorized) analysis
e. secure hub program
Answer: d, Moderate, p. 315
28. A _________ prevents unauthorized intruders from accessing a computer network because the host or server will only permit access via modem calling from prespecified phone numbers.
a. call-back modem
b. network cloaking device
c. call-back codec
d. Trojan horse
e. call-forward modem
Answer: a, Easy, p. 316
29. With ANI security control, the network manager:
a. uses the Authorization Notation Investigation protocol to trace only authorized user passwords
b. allows the Asynchronous NetWare Interface to act as a firewall
c. can define several remote telephone numbers authorized to access each account
d. assigns selected Access Network Invitations to users cleared for various levels of network access
e. can only define one remote telephone number authorized to access each account
Answer: c, Moderate, p. 316
30. Which of the following is not true about one-time passwords?
a. Users’ pagers can receive them.
b. They can be used in conjunction with a token system.
c. The user must enter the one-time password to gain access or the connection is terminated.
d. This is a good security solution for users who travel frequently and who must have secure dial-in access.
e. They create a packet level firewall on the system.
Answer: e, Moderate, p. 316
31. A __________ is a router or special purpose computer that examines packets flowing into and out of a network and restricts access to the organization’s network.
a. firewall
b. token system
c. ANI
d. call-back modem
e. firefighter
Answer: a, Easy, p. 316
32. A(n) ____________ examines the source and destination address of every network packet that passes through it.
a. packet level firewall
b. mullion server
c. ANI system
d. IP spoofing system
e. application level firewall
Answer: a, Easy, p. 317
33. IP spoofing means to:
a. fool the target computer and any intervening firewall into believing that messages from the intruder’s computer are actually coming from an authorized user inside the organization’s network
b. clad or cover the internal processing (IP) lines with insulating material to shield the IP lines from excess heat or radiation
c. illegally tape or listen in on telephone conversations
d. detect and prevent denial-of-service attacks
e. act as an intermediate host computer between the Internet and the rest of the organization’s networks
Answer: a, Moderate, p. 317
34. A(n) ____________ acts an intermediate host computer or gateway between the Internet and the rest of the organization’s networks.
a. application level firewall
b. bullion server
c. ANI system
d. IP spoofing systems
e. packet level firewall
Answer: a, Moderate, p. 318
35. A(n) _________ is a new type of application level firewall that is transparent so that no other computer notices that it is on the network.
a. ANI system
b. NAT proxy server
c. IP spoofing bridge
d. packet level firewall
e. smart hub
Answer: b, Moderate, p. 319
36. A security hole is a(n):
a. malfunction or bug in an application program that allows data to be seen or accessed by unauthorized users
b. small peep-hole in a door or wall to allow a security guard to examine an individual before allowing that individual access to a secure area or location
c. packet-level firewall
d. missing or absent protected mode addressing restrictions on user programs during multitasking or multithreaded program execution
e. ANI system
Answer: a, Moderate, p. 321
37. A way to prevent unauthorized access by disguising information through algorithms is:
a. spoofing
b. call-back access
c. encryption
d. disk elevatoring
e. disk mirroring
Answer: c, Easy, p. 321
38. Encryption is the process of:
a. transmission of information over secure lines in analog form to prevent illegal access
b. detecting errors in messages by means of mathematical rules
c. correcting errors in message by means of mathematical rules
d. disguising information by the use of mathematical rules, known as algorithms
e. preventing errors in messages by means of logical rules
Answer: d, Moderate, p. 321-322
39. A symmetric encryption system has two parts: the key and the ____________.
a. algorithm
b. spamming method
c. IP spoofer
d. clearance code
e. smart card bits
Answer: a, Easy, p. 322
40. A brute force attack against an encryption system:
a. tries to gain access by trying every possible key
b. is called RC4
c. is also known as 3DES
d. always uses the Rijndael algorithm
e. is part of the Advanced Encyrption Standard
Answer: a, Easy, p. 322
41. DES:
a. is maintained by ISO
b. refers to Date Electronic Security
c. is a commonly used symmetric encryption algorithm that was developed in the mid-1970s
d. was developed by a joint effort that included Microsoft
e. is an asymmetric algorithm
Answer: c, Moderate, p. 323
42. The new Advanced Encryption Standard (AES) uses:
a. a DES key
b. a 3DES key
c. the Rijndael algorithm
d. a key size of 32 bits
e. the Dijkstra algorithm
Answer: c, Moderate, p. 323
43. __________ provide authentication which can legally prove who sent a message over a network.
a. Digital signatures
b. DES keys
c. Directory keys
d. Screen names
e. User Ids
Answer: a, Moderate, p. 324
44. A __________ is a trusted organization that can vouch for the authenticity of the person or the organization using the authentication.
a. disaster recovery firm
b. DES company
c. directory company
d. certificate authority
e. fingerprint advisory board
Answer: d, Moderate, p. 326
45. IP Security Protocol:
a. is focused on Web applications
b. is primarily used to encrypt e-mail
c. is a policy which makes public key encryption work on the Internet
d. sits between IP at the network layer and TCP/UDP at the transport layer
e. operates in entrapment mode
Answer: d, Moderate, p. 327
46. Which of the following is a mode that is used by IPSec?
a. exchange
b. sniffer
c. tunnel
d. creeper
e. firefighter
Answer: c, Moderate, p. 327
47. Which of the following is not a type of intrusion detection system?
a. network-based
b. data link-based
c. application-based
d. host-based
e. none of the above is an appropriate answer
Answer: b, Easy, pp. 328-330
48. A fundamental technique to determine if an intrusion is in progress in a stable network is:
a. anomaly detection
b. armoring cable
c. RSA algorithm
d. patching
e. scanning a user’s fingerprint
Answer: a, Moderate, p. 329
49. To snare intruders, many organizations now use _________ techniques.
a. entrapment
b. hacker
c. Trojan horse
d. cracker
e. DES
Answer: a, Easy, p. 331
50. The use of computer analysis techniques to gather evidence for criminal and/or civil trials is known as:
a. Trojan horse
b. sniffing
c. tunneling
d. computer forensics
e. misuse detection
Answer: d, Moderate, p. 330
Short Answer Questions
1. What is a computer virus?
Answer: Viruses cause unwanted events in computers and/or networks. Most viruses attach themselves to other programs or to special parts of disks. As those files execute or are accessed, the virus spreads.
2. Explain how a denial-of-service attack works.
Answer: A hacker attempts to disrupt the network by flooding the network with messages so that the network cannot process messages from normal users. The simplest approach for a DoS attack is to flood a Web server with incoming messages. The server attempts to respond to these, but there are so many messages that it cannot.
3. Explain how a distributed denial-of-service attack works?
Answer: In a DdoS, a hacker breaks into and takes control of many computers on the Internet and plants software on them called a DdoS agent. The hacker then uses software called a DdoS handler to control the agents. The handler issues instructions to the computers under the hacker’s control, which simultaneously begin sending messages to the target site. In this way, the target is deluged with messages from many different sources, making it harder to identify the DoS messages and greatly increasing the messages hitting the target.
4. What is a honey pot?
Answer: It is an “attractive” (to hackers) server that contains fake information available only through illegal intrusion to “bait” an intruder. The objective in using a honey pot is to divert hackers away from the real network. The honey pot server has sophisticated tracking software to monitor access to this information that allows the organization and law enforcement to trace and legally document the intruder’s actions.
5. What is computer forensics?
Answer: Computer forensics is the use of computer analysis techniques to gather evidence for criminal and/or civil trials. The basic steps of computer forensics are similar to those of traditional forensics, but the techniques are different.
6. What is a sniffer?
Answer: It is a computer program that records all messages received on the LAN, and those messages can be (unauthorized) analyzed later. A computer with a sniffer program could be plugged into an unattended hub or bridge to eavesdrop on all message traffic in a LAN.
7. Describe what you think are the two most important threats to security.
Answer: Network security threats can be classified into one of two categories: disruption, destruction, and disaster; and unauthorized access. Disruptions are usually minor and temporary. Some disruptions may also be caused by or result in the destruction of data. Natural (or man-made) disasters may occur that destroy host computers or large sections of the network. Unauthorized access refers to intruders (external hackers or organizational employees) gaining unauthorized access to files. The intruder may gain knowledge, change files to commit fraud or theft, or destroy information to injure the organization.
8. Describe two controls to prevent some types of disruption, destruction, or disaster from occurring.
Answer: The key principle in controlling these threats -- or at least reducing their impact -- is redundancy. Redundant hardware (e.g., uninterruptible power supply, special purpose fault tolerant server, disk mirroring) that automatically recognizes failure and intervenes to replace the failed component can mask a failure that would otherwise result in a service disruption. The best solution is to have a completely redundant network that duplicates every network component, but is in a separate location. Special attention needs to be given to preventing computer viruses and denial-of-service attacks. In some cases, disruption is intentional. One often overlooked security risk is theft. Any security plan should include an evaluation of ways to prevent someone from stealing equipment.
Generally speaking, preventing disasters is difficult, so the best option is a well-designed disaster recovery plan that includes backups and sometime a professional disaster recovery firm. There are some practical common sense steps that can be taken to prevent the full the impact of disasters. The most fundamental principle is to decentralize the network resources. Don't store all critical data on the same server or even multiple servers in the same building (or even in the same part of the country). By decentralizing critical data, you can eliminate the chance that a huge natural disaster can destroy all your data resources. Other steps depend upon the type of disaster to be prevented.
9. Discuss two controls that you consider to be among the most important ways to prevent unauthorized access.
Answer: The key principle in controlling unauthorized access is to be proactive in routinely testing and upgrading security controls. Contrary to popular belief, unauthorized intruders are usually organization employees, not external hackers. There are six general approaches to preventing unauthorized access: developing a security policy, developing user profiles, plugging known security holes, securing network access points (e.g., physical security, call-back modems, and firewalls), preventing eavesdropping (by restricting access to network cables and devices), and using encryption. The basic principle in detecting unauthorized access is looking for anything out of the ordinary. This means logging all messages sent and received by the network, all software used, and all logins (or attempted logins) to the network. These logs should be monitored both by network security personnel and by software programmed to issue alarms or take action if certain parameters are exceeded or if there is an abnormal occurrence.
10. Explain the two types of firewalls.
Answer: A packet level firewall examines the source and destination address of every network packet that passes through it. It only allows packets into or out of the organization’s networks that have acceptable source and destination addresses. In general, the addresses are examined only to the network level (e.g., TCP/IP). Some packet level firewalls also examine the type of packet (e.g., FTP, telnet) and allow or deny certain types of packets to or from certain addresses. Each packet is examined individually, so the firewall has no knowledge of what the user is attempting to do. It simply chooses to permit entry or exit based on the contents of the packet itself. This type of firewall is the simplest and least secure because it does not monitor the contents of the packets or why they are being transmitted, and typically does not log the packets for later analysis.
An application level firewall acts as an intermediate host computer or gateway between the Internet and the rest of the organization’s networks. These firewalls are generally more complicated to install and manage than packet level ones. Anyone wishing to access the organization’s networks from the Internet must login to this firewall, and can only access the information they are authorized for based on the firewall account profile they access. This places an additional burden on users who must now remember an additional set of passwords. With application level firewalls, any access that has not been explicitly authorized is prohibited. In contrast, with a packet level firewall, any access that has not been disabled is permitted.
11. What is a security hole?
Answer: Many commonly used operating systems have major security problems (called security holes) well known to potential intruders; UNIX systems are among the worst. Many security holes have been documented and “patches” are available from vendors to fix them, but network managers may be unaware of all the holes or simply forget to regularly update their systems with new patches.
Many security holes are highly technical; for example, sending a message designed to overflow a network buffer, thereby placing a short command into a very specific memory area that unlocks a user profile. Others are rather simple, but not obvious.
Other security holes are not really holes, but simply policies adopted by computer vendors that open the door for security problems, such as computer systems that come with a variety of pre-installed user accounts.
12. What is a proxy server and how does it work?
Answer: A proxy server is a new type of application level firewall that addresses some of the compatibility problems with traditional application level firewalls. The proxy server is transparent, in that no other computer notices that it is on the network.
The proxy server uses an address table to translate network addresses (i.e., IP addresses) inside the organization into fake addresses for use on the Internet. When a computer inside the organization accesses a computer on the Internet, the proxy server changes the source address in the outgoing IP packet to its own address. It also sets the source port number in the TCP packet to a unique number that it uses as an index into its address table to find the IP address of actual sending computer in the organization's internal network. When the external computer responds to the request, it addresses the message to the proxy server. The proxy server receives the incoming message, and after ensuring the packet should be permitted inside, changes the destination to the actual address of the internal computer before transmitting it on the internal network. This process is sometimes called network address translation or address mapping.
13. Compare and contrast DES and public key encryption.
Answer: DES is a symmetric algorithm, which means that the key used to decrypt a particular bit stream is the same as the one used to encrypt it. Using any other key produces plaintext that appears as random as the ciphertext. Because the DES algorithm is known publicly, the disclosure of a secret key can mean total compromise of encrypted messages. Managing this system of keys can be challenging.
Public key encryption is inherently different from secret key systems like DES. because it is asymmetric; there are two keys. One key (called the public key) is used to encrypt the message and a second, very different private key is used to decrypt the message. Public key systems are based on one-way functions. Even though you originally know both the contents of your message and the public encryption key, once it is encrypted by the one-way function, the message cannot be decrypted without the private key. One-way functions, which are relatively easy to calculate in one direction, are impossible to "uncalculate" in the reverse direction. Public key encryption is one of the most secure encryption techniques available, excluding special encryption techniques developed by national security agencies.
14. Describe how a message can be authenticated to ensure that the message was really sent by a specific person or organization.
Answer: Public key encryption permits authentication (or digital signatures). When one user sends a message to another, it is difficult to legally prove who actually sent the message. Legal proof is important in many communications, such as bank transfers and buy/sell orders in currency and stock trading, which normally require legal signatures. Thus a digital signature or authentication sequence is used as a legal signature on many financial transactions. This signature is usually the name of the signing party plus other key-contents such as unique information from the message (e.g., date, time, or dollar amount). This signature and the other key-contents are encrypted by the sender using the private key. The receiver uses the sender’s public key to decrypt the signature block and compares the result to the name and other key contents in the rest of the message to ensure a match.
15. Thought question: What are the three most important security controls? Why?
Answer: The primary goal of network security is to protect the organization's data and application software. The most likely and most dangerous security threats are viruses, device failure or theft, hackers (both internal and external; though, internal hackers are more prevalent), and natural disasters. Considering these threats, important security controls are virus protection, disaster recovery and backup plan (that are followed and tested), and controls to stop hackers.
Virus protection applications should be put on both servers and PCs. Disaster recovery plan, which should address various levels of response to a number of possible disasters and should provide for partial or complete recovery of all data, application software, network components, and physical facilities. The most important element of the disaster recovery plan are backup and recovery controls that enable the organization to recover its data and restart its application software should some portion of the network fail. There are six general approaches to preventing unauthorized access: developing a security policy, developing user profiles, plugging known security holes, securing network access points (e.g., physical security, call-back modems, and firewalls), preventing eavesdropping (by restricting access to network cables and devices), and using encryption.
16. Thought question: How can a proxy server reduce the impact of a denial-of-service attack?
Answer: When an external computer sends a message to a computer connected with a proxy server, it addresses the message to the proxy server. The proxy server receives the incoming message, and determines if the packet should be permitted inside.
With a denial-of-service attack, a hacker attempts to disrupt the network by sending messages to the network that prevent other's messages from being processed. The simplest approach is to flood a server with incoming messages. A proxy server receiving the flood of messages will log the attack and discard the messages (does not permit the messages inside.
delicious
digg
reddit
google
yahoo
technorati
