CHAPTER 1 Fundamentals of Network Security
1. C 2. E 3. A 4. B 5. C 6. E 7. D 8. B 9. B 10. A 11. A 12. E 13. B and C 14. D 15. E 16. B 17. D 18. C 19. E 20. E
CHAPTER 2 Firewall Fundamentals
1. B 2. C 3. A 4. E 5. D 6. B 7. C 8. B 9. A 10. E 11. E 12. E 13. D 14. A 15. D 16. D 17. B 18. C 19. D 20. B 21. C 22. A 23. E
CHAPTER 3 VPN Fundamentals
1. D 2. B 3. E 4. A 5. B 6. C 7. A 8. E 9. A 10. C 11. D 12. D 13. D 14. D 15. A 16. B 17. A 18. B 19. A 20. D 21. C 22. C 23. B 24. A 25. D
CHAPTER 4 Network Security Threats and Issues
1. C 2. A 3. D 4. E 5. C 6. D 7. E 8. C 9. B 10. E 11. A 12. A 13. C 14. B 15. D 16. D 17. C 18. E 19. A 20. C
CHAPTER 5 Network Security Implementation
1. C 2. E 3. C 4. A 5. A 6. D 7. D 8. C 9. B 10. A 11. E 12. B 13. D 14. A 15. D 16. C 17. B 18. D 19. C 20. A
CHAPTER 6 Network Security Management
1. D 2. B 3. E 4. C 5. D 6. A 7. E 8. E 9. A 10. E 11. D 12. B 13. C 14. C 15. E 16. E 17. B 18. E 19. A 20. D
CHAPTER 7 Exploring the Depths of Firewalls
1. B 2. A 3. D 4. C 5. E 6. D 7. E 8. D 9. B 10. C 11. C 12. wirespeed 13. A 14. C 15. E 16. E 17. C 18. C 19. C 20. E
CHAPTER 8 Firewall Deployment Considerations
1. B 2. E 3. D 4. B 5. A 6. D 7. B 8. C 9. D 10. B 11. E 12. D 13. C 14. A 15. D 16. D 17. B 18. D 19. A 20. B
CHAPTER 9 Firewall Management and Security Concerns
1. B 2. E 3. D 4. B 5. B 6. A 7. C 8. B 9. D 10. E 11. A 12. C 13. C 14. C 15. B 16. A 17. B 18. D 19. B 20. D
CHAPTER 10 Using Common Firewalls
1. A, C, and E 2. D 3. B and D 4. B 5. A 6. inbound, outbound 7. B 8. A, C, and E 9. C 10. B 11. A 12. B 13. A, C, D, and E 14. D 15. A, B, C, D, and E (all) 16. outside 17. port forwarding 18. A 19. B 20. throughput
CHAPTER 11 VPN Management
1. E 2. C 3. Three of the following: Denial of service attack, missing patches, backdoor attack, unpublished vulnerability in the code, weak client security, weak authentication, weak encryption key selection, social engineering 4. SSL, IPSec 5. A and D 6. anonymity 7. C and E 8. VPN policy 9. B, C, and D 10. A, B, and D 11. privacy 12. patch/update 13. B 14. two-factor or token/biometric 15. redundant 16. C and D 17. B 18. A, B, and D 19. A and C 20. circuits
CHAPTER 12 VPN Technologies
1. B and D 2. C and E 3. 3DES 4. SSL and IPSec 5. A and B 6. network address translation (NAT) 7. C and D 8. platform independent 9. B, C, and D 10. B and D 11. request for comments (RFC) 12. virtualization 13. A, B, and E 14. L2F and PPTP 15. SSH 16. A, C, and E 17. B, C, and F 18. A, B, D, and E 19. A and D 20. Secure Sockets Layer
CHAPTER 13 Firewall Implementation
1. C 2. B 3. A 4. B 5. C 6. D 7. B 8. B 9. E 10. True 11. A 12. C 13. B 14. B 15. False 16. D 17. C
CHAPTER 14 Real-World VPNs
1. A and D 2. B 3. B 4. Secure Socket Layer (SSL) 5. E 6. False 7. D 8. B 9. B 10. A 11. C 12. A 13. A 14. A 15. B 16. B 17. B 18. B
CHAPTER 15 Perspectives, Resources, and the Future
1. B and E 2. A, C, and D 3. honeypots and honeynets 4. anti-forensics 5. A and D 6. steganogrophy 7. E 8. biometrics 9. B, C, and D 10. A and D 11. IDS or IPS 12. IPS 13. B, D, and E 14. compliance 15. governance 16. C 17. B 18. A, B, and D 19. A and C 20. padded cell
3DES |
triple data encryption standard |
ACD |
automatic call distributor |
AES |
Advanced Encryption Standard |
ANSI |
American National Standards Institute |
AP |
access point |
API |
application programming interface |
B2B |
business to business |
B2C |
business to consumer |
BBB |
Better Business Bureau |
BCP |
business continuity planning |
C2C |
consumer to consumer |
CA |
certificate authority |
CAP |
Certification and Accreditation Professional |
CAUCE |
Coalition Against Unsolicited Commercial Email |
CCC |
CERT Coordination Center |
CCNA |
Cisco Certified Network Associate |
CERT |
Computer Emergency Response Team |
CFE |
Certified Fraud Examiner |
CISA |
Certified Information Systems Auditor |
CISM |
Certified Information Security Manager |
CISSP |
Certified Information System Security Professional |
CMIP |
Common Management Information Protocol |
COPPA |
Children’s Online Privacy Protection |
CRC |
cyclic redundancy check |
CSI |
Computer Security Institute |
CTI |
Computer Telephony Integration |
DBMS |
database management system |
DDoS |
distributed denial of service |
DES |
Data Encryption Standard |
DMZ |
demilitarized zone |
DoS |
denial of service |
DPI |
deep packet inspection |
DRP |
disaster recovery plan |
DSL |
digital subscriber line |
DSS |
Digital Signature Standard |
DSU |
data service unit |
EDI |
Electronic Data Interchange |
EIDE |
Enhanced IDE |
FACTA |
Fair and Accurate Credit Transactions Act |
FAR |
false acceptance rate |
FBI |
Federal Bureau of Investigation |
FDIC |
Federal Deposit Insurance Corporation |
FEP |
front-end processor |
FRCP |
Federal Rules of Civil Procedure |
FRR |
false rejection rate |
FTC |
Federal Trade Commission |
FTP |
file transfer protocol |
GIAC |
Global Information Assurance Certification |
GLBA |
Gramm-Leach-Bliley Act |
HIDS |
host-based intrusion detection system |
HIPAA |
Health Insurance Portability and Accountability Act |
HIPS |
host-based intrusion prevention system |
HTTP |
hypertext transfer protocol |
HTTPS |
HTTP over Secure Socket Layer |
HTML |
hypertext markup language |
IAB |
Internet Activities Board |
IDEA |
International Data Encryption Algorithm |
IDPS |
intrusion detection and prevention |
IDS |
intrusion detection system |
Institute of Electrical and Electronics Engineers |
|
IETF |
Internet Engineering Task Force |
InfoSec |
information security |
IPS |
intrusion prevention system |
IPSec |
IP Security |
IPv4 |
Internet protocol version 4 |
IPv6 |
Internet protocol version 6 |
IRS |
Internal Revenue Service |
(ISC)2 |
International Information System Security Certification Consortium |
ISO |
International Organization for Standardization |
ISP |
Internet service provider |
ISS |
Internet security systems |
ITRC |
Identity Theft Resource Center |
IVR |
interactive voice response |
LAN |
local area network |
MAN |
metropolitan area network |
MD5 |
Message Digest 5 |
modem |
modulator demodulator |
NFIC |
National Fraud Information Center |
NIDS |
network intrusion detection system |
NIPS |
network intrusion prevention system |
NIST |
National Institute of Standards and Technology |
NMS |
network management system |
OS |
operating system |
OSI |
open system interconnection |
PBX |
private branch exchange |
PCI |
Payment Card Industry |
PGP |
Pretty Good Privacy |
PKI |
public key infrastructure |
RAID |
redundant array of independent disks |
RFC |
Request for Comments |
RSA |
Rivest, Shamir, and Adleman (algorithm) |
SAN |
storage area network |
SANCP |
Security Analyst Network Connection Profiler |
SANS |
SysAdmin, Audit, Network, Security |
SAP |
service access point |
SCSI |
small computer system interface |
SET |
Secure electronic transaction |
SGC |
server-gated cryptography |
SHA |
Secure Hash Algorithm |
S-HTTP |
secure HTTP |
SLA |
service level agreement |
SMFA |
specific management functional area |
SNMP |
Simple Network Management Protocol |
SOX |
Sarbanes-Oxley Act of 2002 (also Sarbox) |
SSA |
Social Security Administration |
SSCP |
Systems Security Certified Practitioner |
SSL |
Secure Sockets Layer |
SSO |
single system sign-on |
STP |
shielded twisted cable |
TCP/IP |
Transmission Control Protocol/Internet Protocol |
TCSEC |
Trusted Computer System Evaluation Criteria |
TFTP |
Trivial File Transfer Protocol |
TNI |
Trusted Network Interpretation |
UDP |
User Datagram Protocol |
UPS |
uninterruptible power supply |
UTP |
unshielded twisted cable |
VLAN |
virtual local area network |
VOIP |
Voice over Internet Protocol |
VPN |
virtual private network |
WAN |
wide area network |
WLAN |
wireless local area network |
WNIC |
wireless network interface card |
W3C |
World Wide Web Consortium |
WWW |
World Wide Web |