Usbn - SiSTEM Keamanan Jaringan

The correct answer is A. Configuring the Firewall and Proxy system correctly on the router/server gateway. This is the most effective way to secure a LAN network connected to the internet. A firewall acts as a barrier between the LAN and the external network, monitoring and controlling incoming and outgoing network traffic. It can block unauthorized access and filter out potentially harmful data. A proxy server can enhance security by acting as an intermediary between the LAN and the internet, filtering and caching web content, and providing an additional layer of protection.

Firewall pada pengamanan jaringan bertujuan untuk membatasi akses jaringan bagi user. Firewall berfungsi sebagai filter yang dapat mengontrol lalu lintas data yang masuk dan keluar dari jaringan. Dengan membatasi akses jaringan, firewall dapat melindungi jaringan dari serangan yang tidak diinginkan dan mencegah pengguna yang tidak berwenang untuk mengakses sumber daya jaringan.

The correct answer is A. Penyedia data dan koneksi dengan cabang lain. In a network, a computer functioning as a database server is responsible for providing data and establishing connections with other branches or locations. It serves as a central repository for storing and managing data, allowing other computers on the network to access and retrieve information as needed. Additionally, it facilitates communication and data exchange between different branches or locations of an organization.

To ensure security and access rights, systems often require a user ID in addition to a password. A user ID is a unique identifier assigned to each user, allowing the system to differentiate between different users and grant appropriate access privileges. By requesting a user ID, the system can verify the identity of the user and determine their level of authorization. This helps prevent unauthorized access and protects sensitive information.

The correct answer is C because it uses the correct syntax and options for configuring a Linux server to perform NAT and act as an internet gateway. The "-t nat" option specifies the nat table, which is used for network address translation. The "-A POSTROUTING" option appends a rule to the POSTROUTING chain, which is used for packets that are being forwarded and leaving the server. The "-o eth0" option specifies the outgoing interface, and the "-j MASQUERADE" option tells iptables to perform network address translation on the packets.

The action of Agus stealing Alex's internet banking account and transferring money to his own account involves a threat to both confidentiality and integrity. Confidentiality is compromised because Agus gains unauthorized access to Alex's account and can view sensitive information. Integrity is compromised because Agus manipulates the account by transferring money to his own account without Alex's permission, causing unauthorized changes to the account's data. Therefore, the correct answer is "Confidentiality and Integrity."

The correct answer is C because it provides a valid IP address range (192.168.50.1-30) with a corresponding subnet mask (255.255.255.192) that allows for 30 client computers. The gateway (192.168.50.40) is also within the same network range, ensuring proper communication between the clients and other devices on the network.

The given script is using the "mysql_connect" statement to establish a connection between PHP and the MySQL server. This statement is used to create a connection object that allows PHP to interact with the MySQL database. Therefore, option B is the correct answer as it accurately describes the purpose of the "mysql_connect" statement in the given script.

The correct answer is C. Intrusion Detection System. Intrusion Detection System refers to the process of detecting unauthorized access or malicious activities in a network. It helps in identifying and responding to potential security breaches, thus ensuring the security of the network. The other options such as Blayteam, Anti spayware, Oneways, and Deteksi Sistem are not relevant or accurate terms for network security detection.

A firewall is a system or group of systems that controls access to security between a secure internal network and an untrusted network such as the internet. It acts as a barrier, monitoring and filtering incoming and outgoing network traffic based on predetermined security rules. This helps prevent unauthorized access, malicious attacks, and the spread of malware or viruses from the untrusted network to the internal network.

The correct answer is the File permission system. This security mechanism ensures that the folder storing files is set to read-only status, preventing any unauthorized modifications or deletions. By setting appropriate file permissions, the system can control access to the folder and ensure that only authorized users have the necessary privileges to make changes. This helps enforce the security policy stated in the question. Folder backup system, file encryption application, and automatic antivirus update are not directly related to enforcing read-only status on the folder.

The correct answer is B. Kesalahan pemograman install software. This answer suggests that the security issue in the network is caused by programming errors during the installation of software. These errors could potentially create vulnerabilities that can be exploited by attackers to gain unauthorized access or compromise the network's security.

HTTPS (Hypertext Transfer Protocol Secure) adalah protokol yang digunakan untuk mengamankan komunikasi antara server dan browser. Cara kerja HTTPS adalah dengan menggunakan enkripsi untuk melindungi informasi yang dikirimkan dari server ke pengguna. Enkripsi ini menggunakan teknik kriptografi yang membuat data tidak dapat dibaca oleh pihak yang tidak berwenang. Dengan demikian, HTTPS membantu menjaga kerahasiaan dan keutuhan data yang dikirimkan melalui jaringan.

Spam refers to the unwanted and unsolicited messages that are sent in bulk to email addresses. These messages are typically promotional in nature and are sent without the consent or desire of the recipient. Therefore, the usage of electronic devices to send such messages without the recipient's consent is referred to as spam.

The correct answer is "Crackers". Crackers refer to individuals or groups who attempt to gain unauthorized access to computer systems or networks with malicious intent. They pose a threat to the security and integrity of data and can cause significant damage to systems, steal sensitive information, or disrupt operations. Therefore, crackers are considered a threat component in the context of computer security.

Physical Access Control refers to the measures taken to prevent unauthorized physical access to a network or system. This can include physical barriers such as locks, security guards, and surveillance cameras, as well as access control systems like key cards or biometric scanners. By implementing physical access control, organizations can ensure that only authorized individuals are able to physically access their network infrastructure, reducing the risk of unauthorized access, theft, or damage to the system.

The given statement describes the percentage of correctly transmitted traffic on a system, including transmission errors related to network application usage and the network itself. Accuracy refers to the correctness or precision of the transmitted data, making it the most suitable definition for the given statement.

Shared permission refers to the access control settings that determine the level of access granted to a file or folder when it is accessed from another computer or network. It allows multiple users or computers to access and modify the file or folder simultaneously, while also providing options to restrict or limit certain actions. This ensures that only authorized individuals or systems can access and manipulate the file or folder, maintaining security and preventing unauthorized access or modifications.

The correct answer is "Confidentiality." Requiring employees to change their passwords regularly helps to maintain the confidentiality of sensitive information within the system. By regularly changing passwords, the risk of unauthorized access to confidential data is reduced, ensuring that only authorized individuals can access and view sensitive information.

The correct answer is integrity. In this scenario, the text message is a deceptive one, pretending to be from a cellular communication company and claiming that Alex has won a contest. This is an example of a breach of integrity, as the message is misleading and manipulative. Integrity refers to the trustworthiness and accuracy of information, and in this case, the message is intentionally deceptive, compromising the integrity of the communication.

The given answer states that the risk to the security and integrity of the data is smaller when using a web-based database system. This means that web-based databases are considered to have a higher level of security and data integrity compared to other types of database systems. This is because web-based databases often have built-in security measures such as encryption, authentication, and access control, which help protect the data from unauthorized access, modification, or loss.

The given answer is the correct one because it goes against the principle of designing a security system to control security control systems from multiple network devices. This can lead to a lack of centralized control and coordination, making it difficult to effectively manage and secure the network. It is important to have a centralized control system to ensure proper monitoring and enforcement of security policies across the network.

The correct answer is C. Menyediakan autentikasi user jaringan (Providing network user authentication). In logical access control, the network security administrator's role is to ensure that only authorized users are granted access to the network. This is done through the process of authentication, where users are required to provide credentials such as usernames and passwords to prove their identity before gaining access to the network. By providing network user authentication, the administrator can verify the identity of users and prevent unauthorized access to the network.

The correct answer is C. Autentikasi Firewall. Autentikasi refers to the process of verifying the identity of a user or device. While authentication is an important aspect of network security, it is not a type of firewall. The other options, including Packet Filtering Firewall, Dual homed Gateway Firewall, Sreened Host Firewall, and Sreened Subnet Firewall, are all types of firewalls that provide different levels of protection and security for a network.

The correct answer is E. Enkripsi. Enkripsi is the process of converting or encoding information into a specific form so that it cannot be understood by unauthorized parties. It is a method used to protect sensitive data and ensure its confidentiality.

Authentication is the correct answer because it refers to the process of verifying the identity of a user or entity. In this scenario, the user needs to input the correct PIN number to prove their identity and gain access to their account.

Encryption is the security mechanism used to prevent network sniffing threats. It involves converting plaintext data into ciphertext using an encryption algorithm and a secret key. This ensures that even if an attacker intercepts the network traffic, they cannot understand the information without the key to decrypt it. Encryption provides confidentiality and protects sensitive data from being accessed or understood by unauthorized individuals.

The given options are all related to network security, except for option E, SUID. SUID stands for Set User ID, which is a permission that allows a user to execute a program with the privileges of the program's owner. This is not directly related to network security, but rather a permission setting in Unix-like operating systems. Therefore, the correct answer is E. SUID.

A sniffer is a network security tool used to capture and analyze network traffic. It allows network administrators to monitor and analyze the data packets flowing through a network, which helps in detecting any suspicious activities or identifying potential security threats. By capturing and analyzing network traffic, a sniffer can provide valuable insights into the network's security vulnerabilities and help in implementing appropriate measures to protect against unauthorized access or data breaches.

Sertifikat digital adalah metode autentikasi yang memungkinkan proses autentikasi terjadi tanpa intervensi pengguna. Sertifikat digital menggunakan kunci publik dan kunci privat untuk memverifikasi identitas pengguna dan memastikan bahwa komunikasi aman antara dua pihak. Dengan menggunakan sertifikat digital, proses autentikasi dapat dilakukan secara otomatis dan tanpa perlu campur tangan pengguna.

The correct answer is Internet because jaringan antarsitus refers to the network of interconnected computer networks, which is commonly known as the Internet. The other options (blog, Spam, email, wan) are all specific components or activities that can be found within the Internet, but they do not encompass the entire network itself.

The given answer, "Memberikan userid dan password kepada orang yang paling kita percayai" (Giving userid and password to the person we trust the most), is not a valid effort to mitigate risk in a network system. Sharing sensitive login credentials with someone, even if they are trusted, increases the vulnerability of the system and can lead to unauthorized access or misuse of information. Therefore, this option does not help in addressing or reducing risk in the network system.

The correct answer is "Availability". Email-bombing is a method of attack where a large number of emails are sent to the victim's email address, causing their email server to become overwhelmed and unavailable. The purpose of this action is to disrupt the availability of the victim's email service.

A stateful firewall combines the advantages offered by packet-filtering firewall, NAT firewall, Circuit-Level firewall, and Proxy firewall into one system. It is capable of monitoring the state of network connections and keeping track of the context of each connection. This allows the firewall to make more informed decisions about which packets to allow or block based on the connection's current state. Stateful firewalls provide better security and control over network traffic compared to other types of firewalls.

Firewall melakukan tindakan "filtering" dengan melewatkan atau memblokir paket data sesuai dengan tujuannya. Tindakan ini dilakukan untuk mengontrol lalu lintas data yang masuk dan keluar dari jaringan, sehingga dapat melindungi jaringan dari ancaman yang tidak diinginkan.

The given correct answer is E. Personal Firewall. This is because Symantec Norton Personal Firewall and Keri O Personal are mentioned as examples, which implies that they fall under the category of personal firewalls. Personal firewalls are designed to protect individual computers from unauthorized access and malicious activities, providing security at the user's personal level.

The correct answer is E. Proxy. A proxy server acts as an intermediary between a client computer and the internet, allowing the client to make indirect network connections to other servers. It helps to improve security and privacy by hiding the client's IP address and filtering out malicious or unwanted traffic. It also helps to improve performance by caching frequently accessed web pages and reducing the load on the client's network.

After a user successfully passes the login stage, the operating system will apply security restrictions to the user based on their security scheme. This process is known as authorization, where the system grants or denies access to specific resources or actions based on the user's privileges and permissions. Identification is the process of identifying the user, authentication is the process of verifying the user's identity, and accountability is the process of tracking and logging user actions. Therefore, the correct answer is authorization.

Performing encryption on an email and adding a digital signature before sending it enhances both confidentiality and integrity. Encryption ensures that only the intended recipient can access the content of the email, maintaining confidentiality. The digital signature ensures that the email has not been tampered with during transmission, ensuring integrity. Therefore, both options (a) and (b) are correct.

The case of Jack being caught by the police for hacking into the company's server and the detailed log system providing evidence of his actions demonstrates that the aspect of accountability in the security protection of the company's system is sufficient. Accountability refers to the ability to trace and assign responsibility for actions taken within a system. In this case, the log system allows for tracking and identifying Jack's activities, making him accountable for his actions.

Packet filter firewalls operate at a higher level in the seven-layer OSI reference model. They examine individual packets of data and make decisions based on information such as source and destination IP addresses, port numbers, and protocol types. This allows them to filter and block specific packets based on predefined rules. Packet filter firewalls are considered less secure compared to other types of firewalls because they do not inspect the contents of the packets, making them more susceptible to certain types of attacks.

The given options are IPX/SPX, PDU, TCP/IP, and UDP. The correct answer is PDU. PDU stands for Protocol Data Unit, which is a term used to refer to the data that is being transmitted over a network. It is not a network protocol itself but rather a concept that is used to describe the data being sent. The other options, IPX/SPX, TCP/IP, and UDP, are all network protocols that are used for communication between devices in a network.

The given options discuss various factors that can be used as benchmarks for measuring the maximum usage of a network. However, the option "Perbandingan keefektifan dari komputer yang sedang menjalankan program aplikasi yang banyak di-download dari Internet" (Comparison of the effectiveness of a computer running multiple applications downloaded from the Internet) does not directly relate to measuring the maximum usage of a network. Therefore, it is the exception among the given options.

A rootkit is a type of malicious software that is capable of hiding its presence within an operating system, making it difficult for users to realize that their computer is at risk. Unlike viruses, shareware, and spyware, rootkits are specifically designed to remain undetected and can give attackers unauthorized access to a system. They can manipulate system functions, disable security measures, and even control the entire operating system. Therefore, rootkits pose a significant threat to the security and privacy of a computer system.

One action that the System Access Control takes to encourage users to maintain the security of their system is by recommending updating antivirus every time the user is connected to the internet. This is because antivirus software helps protect the system from various malware and viruses that can be encountered while browsing the internet. Regularly updating the antivirus ensures that the system has the latest virus definitions and security patches, enhancing its ability to detect and prevent potential threats.