0
Computer Network Security
Network security is any form of computer security dealing with multiple computers linked through a network. Questions about everything from firewalls to viruses to denial-of-service attacks belong here.
1,030 Questions
What is piggybacking in computer security?
ACK for the last received packet need not be sent as a new packet, but gets a free ride on the next outgoing data frame(using ACK field in the frame header). The technique is temporarily delaying outgoing ACKs, so that they can be hooked on the next outgoing data frame is called piggybacking. Piggybacking is one of the feature of TCP
How data is transferred between two computers on a network?
The simple answer is that information moves between computers as a data stream. The catch is that there are protocolsthat the computers use to talk to each other, and the ins and outs depend on the network through which they are communicating. To cite just a single example, if a PC or laptop is connected to the Internet, some kind of Internet protocol will be used by the server and that computer so that they can communicate. Certainly there is a lot more to this, and it will, as stated, depend on what network is being used to connect the computers in question.
Firewall is a piece of software that creates a barrier between Internet and your PC.
In short, Firewall analyzes the traffic that goes from and to your computer and blocks such packets (traffic) that could hurt your computer.
Any bidirectional communication channel or link between two or more computers fits into this category. This can be Ethernet port (wired or wireless) directly connected between two machines or associated switch or router which allows more connections to same network. Similarly other wired or wireless serial connections (like serial ports, USB, Bluetooth, Infrared) between computers can also send and receive data instructions and information between computers.
Actually the answer to this question is communication device, stated in the book: Microsoft Office 2007 Introductory Concepts and Techniques
What is the highest transmission speed attainable using the best twisted-pair cable?
The maximum is 1 Gbps (CAT-5e, CAT-6), the maximum distance without attenuation is 100 m.
Without network security, anybody could just hack into the network, make adjustments to files, database's etc... Just think about your bank for example. Without network security anybody could just log in and look at your details, transfer money in or out of your account etc...
How are subnets used to improve network security?
Yes, if you separate the network into different sub-networks, you can then set up rules (for example, through ACLs) that allow certain traffic between subnets, and block other types of traffic.
What constitutes computer risks?
There are a number of risks related to using computers.
1. Sometimes you might not be paying attention. You might wreck if you try to use a computer while driving.
2. Sometimes computers can make people lazy. They might put too much trust in a GPS system, for instance. So people drive off of cliffs, drive into lakes, drive through active construction zones, etc.
3. There may be health risks. Staring too long at a computer can cause eyestrain. If you don't offer proper wrist and back support, you might injure those parts of the body.
4. An irate person may harm themselves or another with a computer. A jealous boyfriend through a girlfriend's computer out the window and maimed a child playing below.
What model is used to provide a common way to describe network protocol?
Typically the OSI model is used, but the older TCP/IP model is also popular.
Is it true that non-repudiation ensures users cannot deny sending and or receiving data?
Non-repudiation only refers to the fact that a sender of a message cannot deny they sent it; since the relationship of the public/private key pairs makes it impossible to deny if they sent a message.
Non-repudiation cannot be used by either a sender or a receiver of a message to deny they ever received it; it only can be used if a message was received.
Why might you need to grant a firewall exception for file and print sharin on a public network?
Its possible that you could have to share an encrypted file
What is the use of having physical security system?
Because an advanced firewall and world class virus checking software doesn't help if someone can just walk into the office, sit down by a computer and do all the stuff the remote attacks or viruses tried and failed to.
Or in a context where a company is concerned about secret data: Stealing a laptop from an employee might work just as well as breaking in over the network. Plus if the employee has a VPN connection and has the password stored in the laptop, cracking the laptop would give you the network for free.
How does network help businesses save money?
Simple: increased user productivity. Instead of every employee having to walk to the person in charge of certain data, get the files from them on removable media, and then walk back to his own desk, the network allows files to be shared without any real effort. Changes to a file are also automatically available to everyone on the network, reducing the chance of different people having different versions of the information in question. Plus, a network allows the IT staff and management to more easily monitor what the users are doing on their computers, reducing wasted time (spent playing games, browsing the internet, etc.).
What are the three types of network security?
There are about 30 types of network security, described at the related link.
These including using firewalls, anti-virus software, encryption, using static IP addresses, using Virtual Private Network, etc.
8510.01M was signed in 2000 was written to go with DITSCAP (DoDI 5200.40 - signed in 1997), which has since been superseded by DIACAP (DODI 8510.01 - signed in 2007)
Ultimately, responsibility for ensuring the training rests with the IAM, but the IAM can, and often does, delegate the responsibility to the IAO.
C3.4.4 requires preparation of the Environment and Threat Description, which, in turn requires:
C3.4.4.2.1.8. Training. Identify the training for individuals associated with the system's operation and determine if the training is appropriate to their level and area of responsibility. This training should provide information about the security policy governing the information being processed as well as potential threats and the nature of the appropriate countermeasures.
C3.4.7 requires identifying C&A Organizations and the Resources Required, which includes:
C3.4.7.2.3. Resources and Training Requirements. Describe the training requirements, types of training, who is responsible for preparing and conducting the training, what equipment is required, and what training devices must be developed to conduct the training, if training is required. Funding for the training must be identified.
C5.1.2 discusses certifying, among other things, "security education, training, and awareness requirements".
C5.2.4.3 requires: The program manager, user representative, and ISSO should ensure that the proper security operating procedures, configuration guidance, and training is delivered with the system. Note that the term ISSO has since been replaced by IASO in current IA terminology.
C5.3.9.2 requires: "that security Rules of Behavior, a Security Awareness and Training Program, and an Incident Response Program are in place and are current."
Appendix 2, the "MINIMAL SECURITY ACTIVITY CHECKLIST" includes the questions:
Table AP2.T11.
10.(h) Do the ISSO duties include the following:
Implementing or overseeing the implementation of the Security and Training
and Awareness Program?
Table AP2.T12.
3.(o) Do employees receive periodic training in the following areas:
(1) Power shut down and start up procedures?
(2) Operation of emergency power?
(3) Operation of fire detection and alarm systems?
(4) Operation of fire suppression equipment?
(5) Building evacuation procedures?
If you examine DoDI 8500.2, you will find requirements dealing with training including:
5.9 Each IA Manager, in addition to satisfying all responsibilities of an Authorized User, shall: (5.9.2) Ensure that all IAOs and privileged users receive the necessary technical and IA training, education, and certification to carry out their IA duties.
E3.3.7. Requires that:
All DoD employees and IT users shall maintain a degree of understanding
of IA policies and doctrine commensurate with their responsibilities. They shall be capable of appropriately responding to and reporting suspicious activities and conditions, and they shall know how to protect the information and IT they access. To achieve this understanding, all DoD employees and IT users shall receive both initial and periodic refresher IA training. Required versus actual IA awareness training shall be a management review item.
E3.4.6. Information Assurance Managers (IAMs) are responsible for establishing,
implementing and maintaining the DoD information system IA program, and for
documenting the IA program through the DoD IA C&A process. The program shall include procedures for:
E3.4.6.6. Tracking compliance with the IA Controls applicable to the DoD information system and reporting IA management review items, such as C&A status, compliance with personnel security requirements, compliance with training and education requirements, and compliance with CTOs, IAVAs, and other directed solutions.
Within the controls of 8500.2, you will find the following controls:
VIIR-1 Incident Response Planning
An incident response plan exists that identifies the responsible CND Service Provider in accordance with DoD Instruction O-8530.2, defines reportable incidents, outlines a standard operating procedure for incident response to include INFOCON, provides for user training, and establishes an incident response team. The plan is exercised at least annually.
VIIR-2 Incident Response Planning
An incident response plan exists that identifies the responsible CND Service Provider in accordance with DoD Instruction O-8530.2, defines reportable incidents, outlines a standard operating procedure for incident response to include INFOCON, provides for user training, and establishes an incident response team. The plan is exercised at least every 6 months.
PETN-1 Environmental Control Training
Employees receive initial and periodic training in the operation of environmental controls.
PRTN-1 Information Assurance Training
A program is implemented to ensure that upon arrival and periodically thereafter, all personnel receive training and familiarization to perform their assigned IA responsibilities, to include familiarization with their prescribed roles in all IA- related plans such as incident response, configuration management and COOP or disaster recovery.
Templates for validation of the controls by system validators include the following instructions:
For PRRB-1:
1. A set of rules that describe the IA operations of the DoD information system and clearly delineate IA responsibilities and expected behavior of all personnel shall be in place.
2. The rules shall include the consequences of inconsistent behavior or non-compliance.
3. Signed acknowledgement of the rules shall be a condition of access.
4. Training or reminder of the IA operations rules and code of conduct shall be performed on an annual basis, or as frequently as in accordance with DoD policy.
For PRTN-1
1. A set of rules that describe the IA operations of the DoD information system and clearly delineate IA responsibilities and expected behavior of all personnel shall be in place.
2. The rules shall include the consequences of inconsistent behavior or non-compliance.
3. Signed acknowledgment of the rules shall be a condition of access.
4. Training or reminder of the IA operations rules and code of conduct shall be performed on an annual basis, or as frequently as in accordance with DoD policy.
Where can a company go to learn more about network security products?
There are a number of options for one to find information about network vulnerability. The site Network World has some valuable information as does the Javvin website.
What does a workgroup switch of a network do?
The Switch by paying attention to the traffic that comes across it, it can "learn" where particular addresses are. For example, if it sees traffic from machine A coming in on port 2, it now knows that machine A is connected to that port and that traffic tomachine A needs to only be sent to that port and not any of the others. The net result of using a switch over a hub is that most of the network traffic only goes where it needs to rather than to every port. On busy networks this can make the network significantly faster.
Where do you find sound drivers for Toshiba Satellite L310 notebook?
You can find them on Toshiba's support site. The L310 is sold primarily in Asian markets, so you have to use the Asian site, not the usual American one. You can find a link to the drivers for the sound card below.
What transmission speed does 100-Mbps or Fast Ethernet support?
Ethernet supports speeds as low as 10 Mbps and as high as 1 Gbps. There are new initiatives to support 10 Gbps in the near future.
How can you prevent computer theft?
One can protect their PC from hackers by installing comprehensive anti-virus software programs such as AVG, Norton or Kaspersky. One should also try to find difficult to guess passwords and change them frequently, and use different passwords for different accounts.
RFC 1918 is Address Allocation for Private Internets The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) We will refer to the first block as "24-bit block", the second as "20-bit block", and to the third as "16-bit" block. Note that (in pre-CIDR notation) the first block is nothing but a single class A network number, while the second block is a set of 16 contiguous class B network numbers, and third block is a set of 256 contiguous class C network numbers.
What are the vulnerabilities in the network?
Every network is different; the only way to find out the vulnerabilities in a given network is to initiate an audit of the network. One piece of that is risk assessment, and from that you develop a vulnerability matrix.
What is the meaning of asymmetric encryption?
Asymmetric Encryption is a form of Encryption where keys come in pairs. What one key encrypts, only the other can decrypt.
Frequently (but not necessarily), the keys are interchangeable, in the sense that if key A encrypts a message, then B can decrypt it, and if key B encrypts a message, then key A can decrypt it. While common, this property is not essential to asymmetric encryption.
Asymmetric Encryption is also known as Public Key Cryptography, since users typically create a matching key pair, and make one public while keeping the other secret.
Users can "sign" messages by encrypting them with their private keys. This is effective since any message recipient can verify that the user's public key can decrypt the message, and thus prove that the user's secret key was used to encrypt it. If the user's secret key is, in fact, secret, then it follows that the user, and not some impostor, really sent the message.
Users can send secret messages by encrypting a message with the recipient's public key. In this case, only the intended recipient can decrypt the message, since only that user should have access to the required secret key.
The key to successful use of Asymmetric Encryption is a Key Management system, which implements a Public Key Infrastructure. Without this, it is difficult to establish the reliability of public keys, or even to conveniently find suitable ones.
Why security in operating system is important?
Without security in a computer system you are violating the 3 tenets of security:
- Confidentiality
- Integrity
- Availability
What is the strongest password?
No 5 - Combine partial 2 or 3 or even 4 unrelated words together (mix uppercase and lowercase)
User can combine 2 words together like "Diamond", "Blog","Security" to become "DiamBloSecu"
No 4 - Combine word with number and (mix uppercase and lowercase)
User can combine your name and your handphone number together, like your name "Scotfield", handphone is "01255447689″, then your password will become "Scotfield01255447689″, this is my favourite password to use also, because it is consider strong and easy to remember password.
No 3 Replace Word with number and symbol randomly. (mix uppercase and lowercase)
Good example is Microsoft suggest strongest password P@ssw0rd, it replace a with @ symbol and o with 0 (Zero), This will need some creative to think of it.
No 2 Mix Word and number together randomly. (mix uppercase and lowercase)
Let said, "Scotfield" and "01255447689″, if we mix randomly to become "S012cot5544fie76ld89″, frankly… i do not think is it possible to crack it..but it very hard to remember also.
No1 Mix meanless Word, number and symbol randomly, and at least 15 length. (mix uppercase and lowercase)
Strongest password equals to hardest remember password, for example
E7r9t8@Q#h%Hy+M
er…. if possible please do not create above strongest password, because this is really very hard to remember
------------------------
I think that most difficult password that I could retrieve was (combination of Alpha numerics):
"A4714GusToE19lAPT@0pmaMsUch&INe" I would suggest don't use this password because this is extremely difficult to remember. It will take more than two hundred years of computation by a high-speed super computer.
