0
Computer Network Security
Network security is any form of computer security dealing with multiple computers linked through a network. Questions about everything from firewalls to viruses to denial-of-service attacks belong here.
1,030 Questions
What type of server does a window client use to resolve host names to IP addresses?
Strictly speaking, Windows clients will use a DNS server to resolve host names to IP addresses. In a Windows environment, the DNS server is almost always a Domain Controller as well (Active Directory Integrated DNS). Windows also has another naming system called NETBIOS. Clients will use a WINS server to resolve NETBIOS names (do not confuse with host names) to IP addresses.
Short answer: DNS
What is Quorum Drive on cluster?
The quorum drive stores data that is critical to recovery after there is a communication failure between cluster nodes. It provides physical storage than can be accessed by any node of the cluster.
What different type of message snmp protocol can handle?
SNMP defines only five types of messages that are exchanged between the manager and agent.
- Fetch the value of one or more variables: the get-request operator.
- Fetch the next variable after one or more specified variables: the get-next-request operator. (We describe what we mean by "next" later in this chapter.)
- Set the value of one or more variables: the set-request operator.
- Return the value of one or more variables: the get-response operator. This is the message returned by the agent to the manager in response to the get-request, get-next-request, and set-request operators.
- Notify the manager when something happens on the agent: the trap operator.
Define the term communication channel?
In terms of an IBM mainframe, a Channel is the electronic circuitry and wiring cables that allows for the connection of peripheral equipment. Such devices as tape drives, DASD (hard drives), card readers, etc, are attached to the Mainframe via Channels. Data moves down the channel as electronic signals. The position on the channel establishes its identifying Address.
Mandatory Access Control
Answer Explanation: Mandatory Access Control is best described as a military-strength access control. Access permission is required before any form of system access is granted. All elements of a system are treated as objects. Every object is given a classification level. Classification levels are assigned based on the security required for each object. Users are called subjects. Each subject is assigned a level of privilege, known as a clearance level. Access permission is granted based on the comparison of subject clearance levels and object classification levels.
What is availability for IA security?
One of the basic themes of IA is that it is composed of three principles - which have the memorable acronym CIA. C = confidentiality: only those who should be able to see the data can see it. I = integrity: the data is only changed by those authorized to change it and is not being corrupted accidentally or intentionally. A = availability: users can access the data when they want to or need to.
Attacks against availability include denial of service (DoS) attacks which tie up resources and bog down networks to the point that legitimate users are not able to access them. Availability is also attacked by anything that causes the computer or the networks that provide access to it to crash. Availability is protected in IA through various methods including (but not limited to) redundancy, rerouting, disaster recovery plans, and contingency planning.
What cipher is rsa encryption?
In cryptography, RSA (which stands for the names of the people who first publicly described it; Rivest, Shamir, and Adleman ) is an algorithm for public-key cryptography. Clifford Cocks, a British mathematician working for the British intelligence agency GCHQ described an equivalent system in an internal document in 1973. His discovery, however, was not revealed until 1998 due to its top-secret classification, and Rivest, Shamir, and Adleman devised RSA independently of Cocks' work.
RSA uses asymmetric keys, i.e. key "pairs" for encryption and decryption. The message is converted to an integer using a padding scheme and then encrypted using modulo arithmetic and the one of the keys of the pair. It is decrypted using the same modulo arithmetic and the the other key of the pair.
What drives security system sales?
Long-term factors that drive security system sales are economic conditions, crime, sales and marketing prowess, disposable consumer income, and capital spending by businesses
The method you are referring to is called SPI - Stateful Packet Inspection. A firewall employing SPI is commonly called a stateful firewall.
How can you provide security to your system?
Depends on what system you use.
For windows you need to install an antivirus software and firewall.
You can always just get a GNU/Linux system like Linux Mint, which is secure out of the box.
In any case, you should avoid running software(programs) from untrusted sources.
How do you remove network security keys?
go to your router options on your computer and it should say remove
What is the preferred location for a spam filter on the computer?
SMTP
because SMTP handles outgoing mail while Post Office Protocol (POP or POP3) is responsible for incoming mail.
How is database security different from system security?
System security is OS level security like you have username password to logon on your system.
Database security is db level security governed by your database software.like you have different schemas that have different passwords.You can decide grants and permissions for various db objects based on these db level users.
Which would not be a reason to implement Defense in Depth?
Security dollars are invested in a single solution
What is the purpose of auditing system security settings?
the purpose of this is to find any misconfiguration
No - FISMA is not restricted to classified systems, it applies to ALL federal computer systems. FISMA is Title III of the E-Government Act of 2002, (Pub.L. 107-347)
44 U.S.C Chapter 35, Subchapter III, § 3541 (1) states that FISMA is supposed to:
provide a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and assets;
FISMA does call for special efforts to be made to secure classified systems, but the mandate to create and use standards that will secure computer systems commensurate with the value of the data they contain applies to all federal computer systems whether it be DoD, CIA, FBI, IRS, or Department of Commerce. The actual standards are contained in other documents. For example: the DoD requirements are contained in documents like DoDI 8500.2 and DCID 6/3 while the requirements for most non-DoD systems are contained in NIST publications like include FIPS 199, FIPS 200, and NIST Special Publications 800-53, 800-59, and 800-60. Additional security guidance documents are being developed including NIST Special Publications 800-37, 800-39, and 800-53A.
1 What is the defining difference between computer security and information security?
Where computer security deals with the processes applied to computer system(s), information security concerns all of the aspects regarding the system of policies and/or procedures for identifying, controlling, and protecting information from unauthorized disclosure. While often synonymous, information security is actually a superset of computer security, encompassing the fields of data security, transmission security, network security, physical security, personal security, and personnel security,
Is availability timely reliable access to data and information services for authorized users?
Not necessarily. Availability is the ability to access data when required but it says nothing about "timely", which is a vague concept.
In other words, FALSE.
What is a security keyhole on a computer?
It is used to connect a security cable. It's a hard point on the frame.
The PPTP VPN tunneling protocol is based on technology developed by Cisco?
PPTP tunneling was developed by Microsoft.
Yes, it takes up the bandwidth.
What are the Ethics and legality of packet sniffing?
Packet sniffing as a legal activity is usually defined by the corporate or company policy. Most institutions will ban the activity unless your job role requires it. Outside of a company network there is usually no restriction on packet capturing/sniffing.
Packet sniffing is also done by certain types of programs, such as IDS or IPS devices/systems.
What are the threats for operating system security?
threat is a unit of code....and a process can have ine or more threats..process is an execution of a programe
