Zast 1.Kol

The correct answer is "Ko sme, sta, i sa cim da radi" which translates to "Who can, what, and with what to do". This answer aligns with the general concept of access control in computer networks, which involves determining the permissions and restrictions for users or entities accessing system resources. It encompasses the idea of specifying who is allowed to perform certain actions, what actions they can perform, and what resources they can access or manipulate.

Softverski filteri paketa omogućavaju ograničavanje paketa koje računar može i primati i slati. To znači da se kroz ove filtere može kontrolisati protok podataka tako da se određeni paketi mogu blokirati ili dozvoliti, kako za dolazne tako i za odlazne pakete. Ova funkcionalnost omogućava korisnicima da kontrolišu i upravljaju mrežnim saobraćajem na svom računaru.

The correct answer suggests that it is possible to break the cipher algorithms used in computer telecommunications, but it would take an irrational amount of time. This implies that the algorithms are secure and resistant to attacks, but not completely invulnerable. Breaking them would require an impractical amount of time and resources.

The given correct answer states that cryptography forms an important security foundation in modern computer networks. This means that cryptography plays a crucial role in ensuring the security and protection of data during transmission over networks. It is used to encrypt and decrypt data, authenticate users, and ensure the confidentiality, integrity, and authenticity of information. Cryptography is essential in preventing unauthorized access, data breaches, and other security threats in computer networks.

The ticket system is a method that allows users to access a specific resource only once. When a user requests access to the resource, they are issued a unique ticket. This ticket grants them access to the resource but can only be used once. Once the ticket is used, it becomes invalid, preventing the user from accessing the resource again. This ensures that only one-time access is granted to the user.

The correct answer is "Izvidjanje". In the first phase of a cyber attack, known as reconnaissance, the attacker gathers information about the target system or network. This includes identifying potential vulnerabilities, mapping the network, and collecting data on the target's infrastructure, systems, and users. This information is crucial for the attacker to plan and execute a successful attack.

The correct answer is "Mogu koristiti i za jedan i za vise sistema." This means that napadi izvidjanja can be used for both one system and multiple systems.

The correct answer is "Da napadacu pruze informacije o sistemu koji napada." The role of reconnaissance attacks is to provide the attacker with information about the system they are targeting. This information can include details about vulnerabilities, weak points in the system's defenses, and potential entry points for an attack. By gathering this information, the attacker can better plan and execute their attack, increasing their chances of success.

The correct answer is "I mrezni segmenti i pojedinacni racunari" which means "Both network segments and individual computers can be protected". This suggests that both the network as a whole and individual computers within the network can be safeguarded using filtering techniques.

The filter packet in the Linux operating system has the ability to work in both stateful and stateless modes. This means that it can keep track of the state of network connections and make decisions based on that information, as well as filter packets based on predefined rules without considering the state of the connection.

The given content appears to be a log file entry from an SSH server. It includes information about failed authentication attempts from a user named "cp6" with the IP address 82.117.206.61. This suggests that the content represents an excerpt from a log file, which is commonly used to record system events and activities. Therefore, the correct answer is "Izvod iz 'log' fajla."

The given correct answer is "Visefaktorska autentifikacija" which translates to "Multifactor authentication" in English. This type of authentication involves using multiple categories of data, such as tokens or biometric information, along with an additional verification step like entering a secret password. It enhances the security of the authentication process by requiring multiple factors to confirm the user's identity.

The correct answer is "Prisluskivanje, odnosno snimanje saobracaja" which translates to "Eavesdropping, or recording traffic." In this situation, the attacker acts as a mediator in communication, intercepting and recording the traffic that passes through their computer. This allows them to listen in on conversations or gather sensitive information without the knowledge of the parties involved.

The correct answer is "Napad na krajnje korisnike" (Attack on end users). This is because the attacker is sending emails pretending to be an administrator, which indicates that the attack is targeting the end users of the system. The goal of such an attack could be to deceive the users into providing sensitive information or performing certain actions that could compromise their security.

A napadac koji nije u stanju da sam pronadje propuste u racunarskim sistemima vec koristi rezultate ozbiljnih pojedinaca i grupa koji se bave racunarskom bezbednoscu naziva se "Lejmer".

The correct answer is "Unos lozinke." This is because the question is asking for the first step in authentication using secret knowledge, and entering a password is a common method of authentication that relies on secret knowledge. Comparing fingerprints and using personalized smart cards are alternative methods of authentication, but they are not mentioned as the first step in the question. Therefore, entering a password is the most appropriate answer.

The correct answer is "Postoji vec preko jedne decenije" (It has been existing for over a decade). This suggests that the packet filter feature has been a part of the Linux operating system for more than ten years.

A person who has advanced knowledge of information technology and whose behavior is not inherently malicious is called a hacker.

Autorizacija je proces utvrđivanja prava korisnika za izvođenje zahtevanih akcija nad određenim objektima. To znači da se tokom autorizacije proverava da li korisnik ima odgovarajuće privilegije i dozvole za pristup određenim resursima ili obavljanje određenih akcija. Autentifikacija se odnosi na proveru identiteta korisnika, logovanje se odnosi na prijavljivanje na sistem, dok autorizacija određuje šta korisnik može da radi nakon prijavljivanja.

The popular CAPTCHA systems are used for recognizing robots. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It is a security measure designed to distinguish between human users and automated bots. By presenting users with a challenge that is easy for humans to solve but difficult for bots, CAPTCHA helps prevent automated attacks and ensures the security and integrity of online systems.

A person who possesses high knowledge of information technology but uses it for their own benefit, usually material, by causing harm to others is called a "kreker".

The correct answer is "Dostupnost". This is because Denial of Service (DoS) attacks target the availability of computer systems and networks. These attacks aim to overwhelm the resources of a system or network, making it inaccessible to legitimate users. The goal is to disrupt the normal functioning of the targeted system or network by flooding it with excessive traffic or exploiting vulnerabilities. Therefore, the correct answer is "Dostupnost" which translates to "Availability" in English.

Autorizacija se odnosi na proces utvrđivanja i postovanja prava i ograničenja koje korisnik ima u radu sa određenim objektima računarskog sistema ili mreže. Ova funkcionalnost omogućava kontrolu pristupa i određivanje dozvola korisnika na osnovu njihovih identiteta i uloga. Autentifikacija se odnosi na proces potvrđivanja identiteta korisnika, dok prijavljivanje na sistem i logovanje se odnose na aktivnosti koje korisnik obavlja kako bi pristupio računarskom sistemu ili mreži.

A demilitarized zone (DMZ) is a security networking concept where a specific part of a private network is extended or exposed to a public network in order to provide access to it. In a DMZ, the exposed network is typically isolated from the internal network and serves as a buffer zone between the public and private networks. This allows for controlled access to a specific part of the private network from the public network while maintaining security.

The given statement describes the attacker using automated agents to search for websites based on software such as Joomla or WordPress. This activity is known as "Napade izvidjanja" or reconnaissance attacks. In these attacks, the attacker gathers information about the target system or network, such as identifying vulnerabilities or weaknesses, which can be used for further exploitation.

Microsoft has been offering packet filtering functionality in their server operating systems starting from Windows 2003. This means that users can use this feature to filter and control the flow of network packets based on specific criteria such as source IP address, destination IP address, port number, etc. It is important to note that this feature may not be available in earlier versions of Windows, such as Windows 2000 or Windows NT 4.

The action of verifying identity confirms or challenges the claimed and actual identity of the person accessing a system or object. This process ensures that the person is who they say they are, preventing unauthorized access and potential security breaches.

The correct answer states that both the "drop" and "reject" actions in the packet filter of a Linux OS discard the packet. However, the difference is that the "reject" action does not send a notification to the sender, while the "drop" action simply discards the packet without any notification.

The concept of "spoon feeding" is used to relieve the application server from the burden of handling slow clients. This means that instead of the server waiting for the slow client to process the data it receives, it sends the data in smaller chunks, allowing the server to handle other requests more efficiently. By doing so, the application server is able to distribute its resources more effectively and avoid being overwhelmed by slow clients.

The correct answer states that the use of packet filters requires proper configuration to enhance security. This implies that simply enabling packet filters is not enough to ensure a high level of security. It suggests that additional security measures, such as IDS/IPS systems, should be added to complement the packet filters. Without proper configuration and additional security systems, the use of packet filters may not make much sense in terms of enhancing security.

In demilitarized zones, servers with services that require access from an external network are typically placed. Demilitarized zones are network segments that are isolated from the internal network and the external network, providing an additional layer of security. By placing servers with services that need external access in the demilitarized zone, organizations can control and monitor the traffic to and from these servers, ensuring that only authorized access is allowed and minimizing the risk of unauthorized access to sensitive information.

Dubinsko izviđanje je proces otkrivanja detalja softvera (OS, serverski softver) na određenom sistemu. Ova metoda istražuje i analizira softver do najmanjih detalja, pružajući dublje uvide u njegovu strukturu, funkcionalnost i performanse. Horizontalno izviđanje se odnosi na istraživanje različitih aspekata softvera na istom nivou, dok vertikalno izviđanje se odnosi na istraživanje različitih nivoa softvera (npr. aplikacijski, operativni sistem, hardver).

Kriptoanaliza je mogućnost napada na zaštićene mrežne komunikacije. Kriptoanaliza se odnosi na proučavanje i analizu kriptografskih algoritama i sistema kako bi se otkrile slabosti i pronašli načini za dešifrovanje ili narušavanje sigurnosti komunikacije. Kriptoanalitičari koriste različite tehnike, kao što su brute force napadi, analiza frekvencije ili diferencijalna kriptoanaliza, kako bi probili zaštitu i pristupili tajnim informacijama. Steganografija se odnosi na skrivanje poruka unutar drugih medija, dok kriptografija se odnosi na šifrovanje poruka kako bi se osigurala njihova povjerljivost.

This question is asking about the layer of the OSI model on which a packet filter that makes decisions based on source and destination IP addresses operates. The correct answer is the 3rd layer of the OSI model, which is the network layer. This layer is responsible for routing and forwarding IP packets, and it is where IP addresses are used to determine the source and destination of the packets.

The correct answer includes network devices (end and intermediate), end users, and communication channels. These are the primary targets for attacks in computer networks. Network devices, such as routers and switches, can be targeted to gain unauthorized access or control over the network. End users are targeted through social engineering or phishing attacks to gain access to their credentials or sensitive information. Communication channels, such as wired or wireless connections, can be exploited to intercept or manipulate data. By targeting these components, attackers can compromise the security and integrity of the network.

The order of packet filter rules can indeed have an impact on its performance. However, this is true only for software packet filters, not hardware ones. Additionally, the performance is affected only if the packet filter is implemented in the OS kernel, not in the user space.

A proxy server is used to hide the true source of network communication. It acts as an intermediary between the client and the destination server, forwarding requests from the client to the server and returning the server's responses to the client. By doing so, the proxy server masks the client's IP address and other identifying information, making it difficult for the destination server to determine the true source of the communication. This can be useful for maintaining privacy, bypassing censorship, or accessing restricted content.

By blocking TCP packets originating from the external network that only have the SYN flag enabled, we are defending ourselves against the establishment of connections from the external network. This means that any attempts to initiate a connection from outside will be blocked, providing a measure of protection against unauthorized access or potential security threats.

In ideal communication channels, periodic resynchronization is done for security reasons. This means that regular resynchronization is necessary to ensure the security and integrity of the communication. By periodically resynchronizing, any potential security breaches or unauthorized access can be detected and prevented. This helps to maintain the confidentiality and privacy of the communication, ensuring that only authorized parties have access to the transmitted information.

The given question is asking about the type of attack that involves disabling the communication channel. This type of attack is known as a "Denial of Service" (DoS) attack, which aims to disrupt or disable the availability of a system or network. It does not directly impact the integrity or confidentiality of the data, but rather makes the system or network inaccessible to legitimate users. Therefore, the correct answer is "Dostupnost" (Availability).

Log files contain important information about system activities and events, including potential security breaches. Storing log files on a dedicated or specialized computer, known as a "namenskom racunaru," ensures that they are kept separate from other services and processes. This segregation helps to protect the integrity and confidentiality of the log files, reducing the risk of unauthorized access or tampering.

Filteri paketa su sistemi koji omogućavaju kontrolu mrežne komunikacije na osnovu određenih kriterijuma. Oni omogućavaju da se određene vrste komunikacije dozvole, dok se druge zabrane. Na taj način, filteri paketa štite mrežu od neželjenog sadržaja ili napada, omogućavajući samo odobrenu komunikaciju da prođe kroz njih.

The correct answer is "Uporedjivanje otiska prstiju" (Comparing fingerprints). This method of authentication is considered to be a reliable and secure way to verify a person's identity. Fingerprints are unique to each individual, making it difficult for someone else to impersonate them. By comparing the fingerprint provided with the one stored in the system, the authentication process can determine if the person is who they claim to be. This method is commonly used in various applications, including access control systems and mobile devices.

The increase in risk in computer networks is a direct result of the migration of values from the real world to the digital world. This means that as more and more aspects of our lives become digital, such as financial transactions, personal information, and communication, the potential risks and vulnerabilities in computer networks also increase. This can include threats such as hacking, data breaches, identity theft, and cyber attacks.

This filter operates at the 7th layer of the OSI model, which is the application layer. The application layer is responsible for providing network services to applications and is where protocols like HTTP operate. By filtering at this layer, the filter can specifically target and block or allow HTTP requests with the GET method, while ignoring requests with the POST method.

Proksi serveri su mrežni uređaji, bilo hardverski ili softverski, koji omogućavaju posredan pristup ostalim računarima ili resursima u mreži. Oni rade kao posrednici između korisnika i ciljnih servera, čuvajući privatnost korisnika i poboljšavajući performanse pristupa resursima. Koriste se za filtriranje, keširanje i optimizaciju mrežnog saobraćaja, kao i za zaštitu mreže od potencijalnih napada. Demilitarizovani hostovi i aplikacioni serveri su takođe mrežni uređaji, ali nemaju istu funkcionalnost kao proksi serveri.

The correct answer is "point-to-point". Point-to-point is a system of protection where all incoming data, which is usually multiplexed and comes from different sources of information, is protected by a single device. In this system, data is transmitted directly between two endpoints without any intermediate devices or nodes. This ensures a dedicated and secure connection between the sender and receiver, making it an effective method for protecting data.

The correct answer includes various phases of attack in computer networks. These phases include planning and simulating the attack, removing traces, reconnaissance, achieving attack objectives, and executing the attack. These phases are essential for an attacker to successfully compromise a system or network. Additionally, the phases of evaluating the effectiveness of the chosen protective configuration, system recovery, detecting active or completed attacks, and determining and mitigating damage caused by the attack are also included in the correct answer.

The given correct answer states that the result will be "Odobravanje svih komunikacija pod TCP protkolom, osim na portu 80" which translates to "Allowing all communications under the TCP protocol, except on port 80". This means that the first command in the filter is blocking any communication on port 80, while the second command is allowing all other TCP communications.

Filter paketa koji svoje odluke zasniva i na tome da li paket pripada već uspostavljenoj vezi ili ne, funkcioniše najmanje na 4. sloju OSI modela. Na 4. sloju OSI modela, koji je sloj transporta, vrši se segmentacija i reasembliranje podataka, kao i kontrola toka i provera grešaka. Filteri na ovom sloju mogu da proveravaju da li paket pripada već uspostavljenoj vezi, što je deo funkcionalnosti transportnog sloja.