Name: Galano, Andrew A.

Date: October 14, 2022

Section: ITC 103-102I Fundamentals of IT

WW3: Finals Assignment #1 - M5U1

1) Which property of secure information is compromised by snooping?

● It compromises Confidentiality, any information from any company or
organization that should only be disclosed to authorized personnel that has
access to it, no one else but them.

2) An attacker has used a rogue access point to intercept traffic passing between
wireless clients and the wired network segment. What type of attack is this?
● An attacker will have to be in the middle of both clients and the server network
itself. By accessing the access point, he becomes the “Man-in-the-middle” (MitM)
to compromised both the users and the server they were connecting to.

3) What type of access mechanism is MOST vulnerable to a replay attack?

● The attacker can exploit the software token to try finding the right match of
username and password until it is correct. The attacker, then, has access to
sensitive information by the time it was too late.

4) Which specific attack uses a botnet to threaten availability?

● Distributed Denial of Service (DDoS) takes advantage of bot nets to disrupt
services to the clients, while stealing data and other sensitive information that is
valuable to the attacker.

5) What does AAA stand for?

● They stand for: A - Authentication, A - Authorization, and A - Accounting

6) Why should a security policy instruct users not to reveal their password to technical
support staff?
 ● Users are vulnerable to social engineering attacks, in which the support staff can
be suspicious and less trusted to withhold such sensitive information, thus it can
be exploited for nefarious reasons beyond just stealing user information.

7) How might someone masquerade as someone else when using email or Instant
Messaging?
● If someone left their device unattended and not logged out, the impersonator can
instantly access his/her account without the user’s presence and attentiveness to
secure his/her account from outsiders. That is why it is important to log out from
your account first before leaving.

8) In considering availability concerns, what use might a lockable faceplate on a

server-class computer be?
● The faceplate serves as an armor of the system unit to protect it from natural
disasters and outages that can damage the hardware and server data it was
storing.

9) What are the three main areas where redundancy should be provisioned?
● Data/Storage, Network Links, and Power.

10) Why is prioritization a critical task for disaster recovery?

● In case of an outage, attack, or disaster, services would have to be restored in
order, for the business and IT operations to operate normally without faults in the
system.