1. What is managements role with regard to information security policies and
Management must make policies the basis for all information security planning,
design, and deployment. Policy should never contradict law.
2. What are the di
1. You run a machine shop that houses many electrical machines, fans, and an air conditioning
unit. All of these devices can contribute to which of the following that must be taken into
consideration when designing a LAN? (Choose all that apply.
What is the security that addresses the issues needed to protect items, objects, or areas? Physical Security
What is the security that addresses the protection of individuals or groups authorized to access an organization?
A _topology_ is the geometric association of components of a network in
relation to each other.
_Networks_ can be categorized by components, size, layout or topology, or
The _Data Link (DLL)_ layer is the primary networking suppo
Common vulnerabilities fall into two broad classes, which are _Defects in software or
firmware, Weaknesses in processes and procedures_?
_Port Scanners_ are tools used by both attackers and defenders to identify
(or fingerprint) the comput
True or False: An effective security policy should state how the company would respond to breaches of
A(n) _acceptable use policy_ that tells employees what constitutes acceptable use of company resources
should be part of a
True or False: Dropping all packets that use the IP header source routing feature is a common rule for
packet filtering. FALSE
_Time to Live (TTL)_ is an 8-bit value that identifies the maximum time a packet can remain in the
The most common term for software that can scan the data portion of an IP packet and act on it is a(n)
True or False: Proxy servers and packet filters are identical in how they work at the Application layer.
True or False: Firewalls should process rules in top-to-bottom order, so the first rules should cover the most
basic types of traffic. TRUE
True or False: A restrictive approach will have fewer rules than a connectivity-based approach. FAL
Encryption turns ordinary information into encoded _ciphertext_ to preserve the authenticity, integrity,
and privacy of the information.
_Nonrepudiation_ is the ability to prevent one participant in an electronic transaction from denying t
_Authentication_ is the act of identifying users and providing network services to them based on their
A plastic card with an embedded microchip that can store data about the owner is referred to as a(n)
Chapter 11 Answers
A VPN can have two _endpoints_ or terminators.
When using the _transport_ method of data encryption, the host encrypts traffic when it is generated; the
data part of packets is encrypted, but not the headers.
If your VPN's _aut
1. _Disaster Recovery Planning_ entails the preparation for and recovery from
a disaster, whether natural or human-made.
2. _Business Impact Analysis (BIA)_ is the first phase in the CP process and
provides the CP team with information about
1. Which common security system is an IDPS most like? In what ways are
these systems similar?
It is similar to a burglar alarm in that it detects a violation and activates an
alarm. They can be configured to alert an external security organizat
1. What is the primary goal of digital forensics?
to be admitted as evidence in a court of law, or used to support
administrative action through the use of sound investigation and analysis
techniques to identify, collect, preserve,