Quiz: Securing your network

Your network is the lifeline of your organization. It allows your users to access the information they need to do their jobs correctly and efficiently – but does it do so securely? And, are you sure only your users are accessing it? Hone your knowledge of network attacks and security with this WhatIs-powered quiz.

1.) This is a standard for security that is located at the network or packet-processing layer of network communications, as opposed to the application layer.
a. SSL
b. TCP
c. S-HTTP
d. passive FTP
e. IPsec

2.) When fending off an attack, this is a method of monitoring network traffic that involves forwarding a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied.
a. port mirroring
b. emanation monitoring
c. network scanning
d. footprinting
e. hijacking

3.) This is a common type of denial-of-service attack that involves sending more traffic to a network address than the temporary data storage area is intended to hold, thereby shutting down the service and possibly corrupting or overwriting valid data.
a. war dialing
b. buffer overflow
c. smurf attack
d. ping sweep
e. bucket brigade

4.) This is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network.
a. firewall
b. VPN
c. man in the middle
d. DMZ
e. sheepdip computer

5.) This is one of the older and slower methods an intruder might use to scan a network to determine which of a range of IP addresses map to live hosts.
a. smurfing
b. brute force cracking
c. phreaking
d. ping sweep
e. war driving

6.) This is a firewall facility that can monitor the state of active connections and use this information to determine which network packets to allow through the firewall.
a. ICMP sweep
b. dynamic packet filter
c. roving analysis port
d. logic bomb
e. static packet filter

7.) This is a computer system on the Internet that is expressly set up to attract and "trap" intruders.
a. exploit
b. demilitarized zone
c. Trojan horse
d. snoop server
e. honeypot

8.) This is the transmission of data through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.
a. tunneling
b. virtual private network
c. output feedback
d. chaffing
e. promiscuous mode

9.) This occurs when a multitude of compromised systems attack a single targeted system, thereby causing the target system to shut down.
a. denial of service
b. global spy network
c. cipher block chaining
d. distributed denial-of-service attack
e. social engineering

10.) This allows remote workers to have secure access to their organization's network while using a public telecommunication infrastructure, such as the Internet.
a. shoulder surfing
b. Wingate
c. VPN
d. hot site
e. intrusion detection system

SCROLL DOWN FOR ANSWER KEY

Answers:

1.) e. IPsec
Learn more about IPsec with our Featured Topic.

2.) a. port mirroring
For more information on port mirroring, visit our intrusion detection Best Web Links.

3.) b. buffer overflow
Learn more about buffer overflows in the Web Security Tip Defining and preventing buffer overflows.

4.) d. demilitarized zone
Do you need a DMZ? Find out in our Featured Topic.

5.) d. ping sweep
Learn more about ping sweep in our Ask the Expert Q&A Strange firewall log entries.

6.) b. dynamic packet filter
Learn more about firewalls with our WhatIs-powered quiz.

7.) e. honeypot
For more information, read the Executive Security Briefing Honeypots: Handle with care.

8.) a. tunneling
Learn more about VPNs and tunneling in this Q&A with Lisa Phifer.

9.) d. distributed denial-of-service attack
For more information on mitigating the threat of DDoS attacks, read the Security Policies Tip Preparing for DDoS attacks.

10.) c. VPN
Learn more about virtual private networks with this Featured Topic.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT DMZ Should a domain controller be placed within the DMZ? If one server in a DMZ network gets attacked from outside, will the other servers be corrupted? A security checklist: How to build a solid DMZ What server considerations should be made when setting up an internal network's private applications? How is internal mail channeled through an enterprise firewall? Microsoft NAP-TNC compatibility won't speed adoption, users say How do a DMZ and VPN work together? What are the risks of placing enterprise users in a DMZ? Infrastructure security: Remote access DMZ How to configure and implement a DMZ Unified Threat Management (UTM) IBM announcements mark two years of ISS marriage Fortinet acquires database vulnerability scanner from IPLocks Verizon UTM service reflects telecom security push Firewall deployment options increase for enterprises Screencast: How to configure a UTM device What are common (and uncommon) unified threat management features? Interop: Vendors update software, demonstrate new security features Microsoft NAP-TNC compatibility won't speed adoption, users say Screencast: How to configure a UTM device Snort creator, Sourcefire seek fresh approach Network Firewalls Kaminsky: DNS issue still major threat Product Review: Sophos Endpoint Security and Control 8.0 PCI DSS 1.2 clarifies wireless, antivirus use Check Point adds virtual firewall appliance Researchers develop lightweight Cisco IOS rootkit Is it possible to allow select access to IP addresses using Windows Server 2003? Sophos finds patching issues through endpoint NAC tool Fortinet acquires database vulnerability scanner from IPLocks Users are complaining that they can no longer reach any login site belonging to Microsoft. Any ideas? Is an IPsec VPN necessary when connecting remote servers that process financial transactions?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary DMZ  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary