1. What is the name of the concept that DOD uses in net defense?
    defense in depth
  2. What are some examples of computer security incedents?
    comprimise of integrity, DOS, misuse, damage, intrusions, alterations
  3. Where would a network monitoring device such as an ASIM be placed in relation to the network?
    outside the boundary protection mechanism to monitor all attempted attacks
  4. Describe tunneling
    encapsulating a message inside a second message that will pass through the firewall
  5. What kind of servers would typically be found in a DMZ?
    web servers, smtp, dns, proxy, web mail, dial up
  6. What is the simplest and least expensive type of firewall, and what is its purpose?
    Packet filtering, accept/reject messages based on info in the messages header,source addy, destination addy, and the port
  7. What type of firewall is used to separate secure sites, networks, or network segments from less secure areas?
    Bastion host
  8. Describe the two categories that security related access controls fall into
    Technical controls-passwords/encryption. Admin controls-segregation of duties/screening of users
  9. Regardless of the source of the threat, what is it usually targeting?
    a vulnerability or weakness in the network
  10. How does a virus activate?
    when the infected program executes
  11. Describe botnets
    a group of computers that have been infected by bots under the control of a person or group
  12. How is a trojan different from a regular virus?
    it acts as a cover or disguise for something else, it does not replicate itself
  13. What step is taken before an IS is connected to the AFGIG?
    a baseline configuration is applied to them
  14. What does the PKI enable users of basically unsecured public networks to do?
    to securely and privately exchange data through the use of public and private cryptographic key pairs obtained and shared through a TA
  15. What are the components that compose a PKI?
    A certificate policy mgmt system, registration authority verifies user requests for digital certs and tells the cert authority to issue them, a CA that is responsible for managing certs, one or more directories or repositories are created where the certs are held
  16. Describe a symmetric central server architecture
    each entity in the community shares a secret key with the central server
  17. Why are PKI keys said to be asymmetric?
    The keys for encryption and decryption were related but conspicuously different
  18. How do digital signatures work?
    a single entity can sign data but any number of entities can read the signature
  19. What do users use to verify that a particular public key belongs to a particular user?
    the pki cert
  20. What is CA responsible for?
    establishing, authenticating, maintaining, and revoking certs and hardware
  21. What are the 2 ways that key establishment can occur?
    key transfer and key agreement
  22. Describe key transfer
    one entiry generates the symmetric key and sends it to the other entity
  23. Describe key agreement
    both entities jointly contribute to the generation of the symmetric key
  24. How long should ECDSA and ECDH keys be to provide adequate security for the medium to long term?
    192 bits
  25. What was the fundemental premise in the original formulation of public key cryptography?
    two strangers should be able to communicate securely
  26. What does the PKI user population trust CA authorities to do?
    to perform the binding of of a public key pair to a given identity
  27. What are the 4 configurations for CA servers?
    enterprise root ca, enterprise subordinate ca, stand alone root ca, stand alone subordinate ca
  28. What happens when a certificate on a CRL is used?
    it will be rejected
  29. Describe a users key history
    a collection of certs and corresponding private keys
  30. What is the dif between a software token and a hardware token?
    hardware tokens have built in security, software has no security other than what is provided by the host system
  31. List 3 types of certs and waht they are used for
    Identity-signing on to the network or signing a EPR, Email signing-used to sign email, Encryption-used to support data confidentiality
  32. what does the global directory service provide for?
    Provides for the ability to search for individuals, access contact infor about them
  33. What does middleware allow the use of?
    allows the use of the CAC and its certificates
Card Set