d. Theft of equipment

7. c. Even with wireless local-area networks (WLANs), message interception is possible, the system can go down, thus making it unavailable, and equipment can be stolen. However, the wireless LAN is more reliable than the wired LAN due to lack of wiring problems. Cable cuts and wire jams are the most common problems with the wired LANs. Therefore, system unreliability is not a threat for wireless LANs. This is because of the overlapping coverage of wireless access points (APs) provides some level of network redundancy from an end user standpoint; that is, if one AP goes down, the other one’s wireless coverage may make the reliability failure seem minimal.

8. Wireless local-area networks (LANs) have greater risks than wired LANs in which of the following areas?

a. Masquerading and modification/substitution

b. Modification/substitution of messages and theft of equipment

c. Eavesdropping and masquerading

d. Eavesdropping and theft of equipment

8. b. In wireless LANs, the stronger node could block the weaker one, substitute its own messages, and even acknowledge responses from other nodes. Similarly, theft of equipment is a major risk in wireless LANs due to their portability. When equipment moves around, things can easily become missing. Eavesdropping and masquerading are common to both the wired and wireless LANs. Eavesdropping is an unauthorized interception of information. Masquerading is an attempt to gain access to a computer system by posing as an authorized user.

9. The World Wide Web (WWW) can be protected against the risk of eavesdropping in an economical and convenient manner through the use of which of the following?

a. Link and document encryption

b. Secure sockets layer and secure HTTP

c. Link encryption and secure socket layer

d. Document encryption and secure HTTP

9. b. The risk of eavesdropping occurs on the Internet in at least two ways: traffic analysis and stealing of sensitive information such as credit card numbers. Secure sockets layer (SSL) provides an encrypted TCP/IP pathway between two hosts on the Internet. SSL can be used to encrypt any TCP/IP, such as HTTP, TELNET, or FTP. SSL can use a variety of public key and token-based systems for exchanging a session key. SHTTP (secure HTTP) is an encryption system designed for HTTP and works only with HTTP.

Link encryption provides encryption for all traffic, but it can be performed only with prior arrangement. It is expensive. Document encryption is cumbersome because it requires the documents to be encrypted before they are placed on the server, and they must be decrypted when they are received. Link and document encryption can use either TCP/IP or other protocols.

10. An effective way to run a World Wide Web (WWW) service is not by:

a. Disabling automatic directory listings

b. Placing the standalone WWW computer outside the firewall in the DMZ

c. Implementing encryption

d. Relying on third-party providers

10. d. Important security features of WWW include (i) disabling automatic directory listings for names and addresses, (ii) placing the standalone, stripped-down WWW computer outside the firewall in the demilitarized zone (DMZ), and (iii) providing encryption when sensitive or personal information is transmitted or stored. There is a potential risk posed by dependence on a limited number of third-party providers in terms of performance and availability of service.

11. For Web services, which of the following uses binary tokens for authentication, digital signatures for integrity, and content-level encryption for confidentiality?

a. Web service interoperability (WS-I)

b. Web services security (WS-Security)

c. Web services description languages (WSDL)

d. Web-Oriented architecture (WOA)

11. b. The Web service is a software component or system designed to support an interoperable machine or application-oriented interaction over a network. The Web service has an interface described in a machine-processable format (specifically WSDL). Other systems interact with the Web service in a manner prescribed by its description using simple object access protocol (SOAP) messages, typically conveyed using hypertext transfer protocol (HTTP) with an extensible markup language (XML) serialization with other Web-related standards. Web services security (WS-Security) is a mechanism for incorporating security information into SOAP messages. WS-Security uses binary tokens for authentication, digital signatures for integrity, and content-level encryption for confidentiality.

The other three choices do not provide the same security services as the WS-Security. The Web service interoperability (WS-I) basic profile is a set of standards and clarifications to standards that vendors must follow for basic interoperability with SOAP products. The Web services description language (WSDL) is an XML format for describing network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information. WSDL complements the universal description, discovery, and integration (UDDI) standard by providing a uniform way of describing the abstract interface and protocol bindings and deployment details of arbitrary network services. The Web-oriented architecture (WOA) is a set of Web protocols (e.g., HTTP and plain XML) to provide dynamic, scalable, and interoperable Web services.

12. Radio frequency identification technologies rely on which of the following to ensure security?

a. Defense-in-depth strategy

b. Defense-in-breadth strategy

c. Defense-in-time strategy

d. Defense-in-technology strategy

12. b. Radio frequency identification (RFID) technologies are used in supply chain systems which, in turn, use defense-in-breadth strategy for ensuring security. Defense-in-depth strategy considers layered defenses to make security stronger. Defense-in-time strategy considers different time zones in the world where information systems operate. Defense-in-technology strategy deals with making technology less complicated and more secure.

13. Which of the following is not an example of race condition attacks?

a Symbolic links

b. Object-oriented

c. Deadlock

d. Core-file manipulation

13. c. Allowing exclusive access to a dedicated input/output device (e.g., printer, plotter, and disk) in response to a user request can lead to a deadlock situation in the absence of spooling. Deadlocks are not related to race condition attacks because the latter is called timing attacks. A symbolic link (symlink) is a file that points to another file. Often, there are programs that can change the permissions granted to a file. If these programs run with privileged permission, a user could strategically create symlinks to trick these programs into modifying or listing critical system files. Symlink attacks are often coupled with race condition attacks.

Symbolic links are links on UNIX, MINIX, and LINUX systems that point from one file to another file. A symlink vulnerability is exploited by making a symbolic link from a file an attacker does have access to a file to which the attacker does not have access. Symlinks do not exist on Windows systems, so symlink attacks cannot be performed against programs or files on those systems. MINIX is a variation of UNIX and is small in size. A major difference between MINIX and UNIX is the editor where the former is faster and the latter is slower.