Kuis Lesson/Domain 2: Access Control - Keamanan Sistem dan Jaringan Komputer
-
Upload
fx-eko-budi-kristanto -
Category
Documents
-
view
230 -
download
4
description
Transcript of Kuis Lesson/Domain 2: Access Control - Keamanan Sistem dan Jaringan Komputer
Paper Network Security
WLAN Security
WLAN hadir di tengah-tengah kita memberikan beberapa keleihan yang tidak dimiliki oleh
jaringan kabel. Di antaranya memungkinkan pergerakan komputer dalam area jangkauan sinyal,
namun tetap tersambung dengan jaringan sehingga sangat mendukung berbagai aktivitas yang
memerlukan mobilitas. Di balik kelebihannnya, WLAN memiliki kelemahan terutama terkait
keamanannya. Diperlukan beberapa langkah untuk mengatasi masalah tersebut sehingga WLAN
tetap dapat dinikmati kelebihannya.
1. Serangan Terhadap WLAN
Jaringan berbasis gelombang radio bersifat terbuka, artinya semua orang yang berada dalam
jangkauannya dapat berupaya untuk terhubung ke dalam jaringan meskipun sebenarnya tidak
berhak. Dikenal istilah wardriving (wireless footprinting) yang menyatakan aktivitas untuk
memperoleh informasi terkait suatu WLAN dan kemudian berupaya untuk mengaksesnya.
Kebanyakan adalah untuk mendapatkan akses internet gratis. Namun ada yang melakukannya
karena rasa ingin tahu, mencoba-coba hingga ada yang memang berniat jahat. Tools yang
dipakai antara lain: NetStumbler, Kismet, Dstumbler, StumbVerter, GPSMap, JiGLE,
Prism2dump, Tcpdump, Ethereal, AiroPeek NX, AirSnort, WLAN-Tools dan lain-lain.
Kelemahan yang ada pada WLAN antara lain adalah:
a. Kelemahan konfigurasi
Berbagai fasilitas disediakan oleh vendor perangkat untuk mempermudah konfigurasi, termasuk default konfigurasi yang bisa dipakai membuat WLAN dengan sedikit atau tanpa melakukan konfigurasi. Perangkat yang dibiarkan memakai konfigurasi default dari vendor, akan sangat mudah diserang karena informasi terkait konfigurasi tersebut sangat mudah ditemukan di internet seperti SSID, IP address yang dipakai, remote manajemen, DHCP enable, kanal frekuensi, user/password administrator perangkat.
b. Kelemahan enkripsi
WEP (Wired Equivalent Privacy) yang dipakai sebagai standar keamanan wireless
sebelumnya, saat ini dapat dengan mudah dipecahkan dengan tools yang bisa dicari
internet yang mampu memecahkan algoritma key-scheduling RC4, yang dipakai dalam
Which of the following is an example of an ultimate data owner?
Keamanan Sistem dan Jaringan Komputer
Lesson/Domain 2: Access control
Dosen : Hadi Syahrial, M.Kom
Nama : Fransiscus Xaverius Eko Budi Kristanto NIM : 1111600126 Kelas : XA MAGISTER ILMU KOMPUTER UNIVERSITAS BUDI LUHUR JAKARTA 2012
Quiz 2
Quiz Lesson/Domain 2: Access control 2012
1
Quiz Lesson/Domain 2: Access control
1. Brute-force attacks are used most often against which types of access control? (Choose two.)
A. Biometrics B. Passwords C. Cognitive passwords D. Cryptographic keys
Answer: B. Passwords and D. Cryptographic keys
2. Passwords are one of many types of authentication mechanisms. Which is not true of a password?
A. Can be automatically created by a password generator B. Rely heavily on the discipline of the user and the administrator C. Is the most insecure of access controls D. Is moderately used
Answer: D. Is moderately used
3. A single sign-on technology that offers symmetric and asymmetry keys for encryption and uses privileged attribute certificates for authentication is called ___________.
A. Thin clients B. SESAME C. Kerberos D. Cryptographic keys E. Directory Services
Answer: B. SESAME
4. Which of the following biometric methods obtain the patterns and colors around a person’s pupil?
A. Iris scan B. Palm scan C. Retina pattern D. Fingerprint
Answer: A. Iris scan
5. Security labels are used in what type of model?
A. Role-based access control model B. Mandatory access control model C. Discretionary access control model
Quiz Lesson/Domain 2: Access control 2012
2
D. Military access control model
Answer: B. Mandatory access control model
6. Companies have different ways of coming up with passwords to be used for authentication. Which of the following best describes a password advisor?
A. A potential attack using a dictionary program B. An automated system that creates long-stringed passwords for use, which are difficult
to remember C. A list of questions for the user to answer D. A program that provides users with passwords that are easy to remember and difficult
to crack
Answer: D. A program that provides users with passwords that are easy to remember and difficult to crack
7. Which of the following centralized access control protocols would a security professional choose if his or her network consisted of multiple protocols and had users connecting via wireless and wired transmissions?
A. RADIUS B. TACACS+ C. Diameter D. Kerberos
Answer: C. Diameter
8. Passwords are one of the most sought-after items by attackers because of the level of access they can provide. Which of the following is the least effective when trying to protect against password attacks?
A. Ensure six characters are used B. Do not allow passwords to be shown in cleartext C. Use dictionary attack tools to identify weaknesses D. Implement encryption and hashing algorithms
Answer: A. Ensure six characters are used
9. There are security issues when a company allows users to have too many rights and permissions. Allowing a user the absolute minimum rights necessary when accessing a network is referred to as what?
A. Separation of duties B. Least privilege C. Full disclosure
Quiz Lesson/Domain 2: Access control 2012
3
D. Discretionary access control
Answer: B. Least privilege
10. Which of the following access control types is considered a “soft” measure at protecting an organization as a whole?
A. Preventive – Administrative B. Preventive – Physical C. Predictive D. Corrective
Answer: A. Preventive - Administrative
11. Which of the following best describes Extended TACACS (XTACACS)?
A. An Internet standard B. Combines authentication and authorization C. Separates authentication, authorization, and auditing processes D. Has three-factor user authentication
Answer: C. Separates authentication, authorization, and auditing processes
12. Katie is an IT administrator who needs to set up an access control system that designates users’ permission to control some files but keeps database and network resource permissions in the hands of the IT organization. What type of access control administration would she employ?
A. Hybrid B. Decentralized C. Centralized D. Security labels
Answer: A. Hybrid
13. Guard dogs and closed-circuit television would be examples of what type of access control?
A. Recovery B. Corrective C. Preventive – Technical D. Preventive – Physical
Answer: D. Preventive – Physical
Quiz Lesson/Domain 2: Access control 2012
4
14. There are several different types of single sign-on technologies. Which is the simplest technology?
A. Kerberos B. Scripting C. SESAME D. KDC
Answer: B. Scripting
15. A dynamic password is another name for what authentication mechanism?
A. Cognitive password B. Smart card C. Passphrase D. One-time password
Answer: D. One-time password