Exam 2 ReviewINFS 6301 Fall 2015

Exam Information Chapters 7 – 11 & 15 and online content Structure

50 multiple choice (1.5 points each / 75 points total)

6 short answer (50 points total) 12/08/15, 6:00 – 8:00 p.m. BAS S137E

Chapters 7 & 8 What are the layers of the OSI model? What is TCP/IP? What TCP/IP protocols operate at layers 3 & 4 of the

OSI? What is the size of an IPv4 address? At what layer do routers operate? What is a VPN? What is the purpose of a flood guard? What are the different types of proxy servers?

Know the characteristics. What is BIND?

Chapters 7 & 8 What is a VLAN? What is 802.1Q? What are SNMPv1 and SNMPv2? What is an agent? What is a community string? What components of a packet do firewall rules

utilize? What is a DMZ? What is port address translation? What is network address translation? What is 802.1d?

Chapters 7 & 8 What is virtualization? What are security advantages to hosts

running virtualization? What is subnetting? What are advantages of subnetting?

Chapters 9 & 10 What is WPA2? Which encryption protocol is used with WPA2? What are the characteristics of EAP protocols

supported by WPA2? What is an evil twin AP? What is a piconet? What is a scatternet? What is 802.1x? What is AES-CCMP? How many rounds are

required with a AES-256 bit key?

Chapters 9 & 10 What services do mobile devices typically use? What are the characteristics associated with mobile

devices? What is mobile device management? What is credential management? What mobile OS requires the review and approval

of apps before making them available to the public?

What is a captive portal AP? What is bluesnarfing? What is bluejacking?

Chapters 9 & 10 What are common hardware ports found

on laptops? What is Mobile Application

Management? What is app wrapping? What is the IV when using TKIP? What types of data can a QR code

contain?

Chapters 11 & 15 What is MAC? What is DAC? What are rule-based and role-based

access control? What is an ACL? What is a baseline? What is baseline reporting? What is an attack surface?

Chapters 11 & 15 What is pen testing? What is the result of a pen test? What is a vulnerability assessment? What is a port scanner? What is UAC? What colors indicate levels of risk (highest to

lowest)? What is a Directory Information Base (DIB)? What is a Directory Information Tree (DIT)? What attacks relate to the use of LDAP? What is threat modeling? What is RADIUS? What are the steps for RADIUS authentication with 802.1x?

Chapters 11 & 15 What is vulnerability scanning? What are methods for vulnerability

scanning? What are advantages and

disadvantages of each method for vulnerability scanning?

What are honeypots and honeynets?

Support Content What is NMAP? How can NMAP be used for pen testing? What are the five characteristics of

cloud computing as defined by NIST? What are benefits of cloud computing? Describe the NIST cloud architecture.