Chapter 15
T/F Telnet is a secure remote access protocol that uses terminal.
True
Which VPN topology is also known as the "telecommuter" model, allowing home-workers and employees working in the field to connect to the corporate network? a.) Client-to-site b.) Host-to-host c.) Site-to-site d.) TLS
a.) Client-to-site
For remote access VPNs, a combination of IPSec with what protocol is most often used? a.) L2TP b.) PPTP c.) TLS d.) PPP
a.) L2TP
What remote management method runs over over User Datagram Protocol (UDP) port 69? a.) Trivial File Transfer Protocol (TFTP) b.) File Transfer Protocol (FTP) over Secure Sockets Layer (SSL) c.) Secure File Transfer Protocol (SFTP) d.) Passive File Transfer Protocol (FTP)
a.) Trivial File Transfer Protocol (TFTP)
What are the three main topologies for implementing a VPN? Select three. a.) site-to-site b.) client-to-site c.) host-to-host d.0 site-to-host
a.) site-to-site b.) client-to-site c.) host-to-host
What IPSec protocol provides confidentiality and authentication by encrypting the packet, rather than simply calculating an HMAC? a.) Tunnel b.) ESP c.) Transport d.) AH
b.) ESP
Which authentication method involves the use of tickets for authentication? a.) Username/password b.) Kerberos protocol c.) Host-based authentication d.) Public key authentication
b.) Kerberos protocol
Access requests are processed by a Remote Desktop Protocol (RDP) client machine, versus the server. What is the network using? a.) Kerberos b.) Remote Credential Guard c.) Network Level Authentication (NLA) d.) RDP Restricted Admin (RDPRA)
b.) Remote Credential Guard
Which of the following use SSH? a.) FTPS b.) SFTP c.) SMTP d.) STP
b.) SFTP
What type of VPN requires a remote access server listening on port 443 and creates an encrypted tunnel for the user to submit authentication credentials, normally processed by a RADIUS server? a.) Dynamic Multipoint VPN (DMVPN) b.) TLS VPN c.) Host-to-Host VPN d.) Point-to-Point Tunneling Protocol
b.) TLS VPN
IPSec can be used in one of two modes, _____________ mode, where the whole IP packet is encrypted and a new IP header added, and ___________ mode, where the IP header for each packet is not encrypted, just the data. a.) transport; AH b.) tunnel; transport c.) tunnel; ESP d.) transport; tunnel
b.) tunnel; transport
What port does FTPS use? a.) 389 b.) 53 c.) 990 d.) 23
c.) 990
A system administrator is responsible for 25 servers at a remote location. The administrator learns of a network outage; it does not have any network connectivity. The administrator uses remote access to troubleshoot the server and to review the logs. Analyze remote management methods and determine which of the following the system administrator used. a.) Virtual Network Computing (VNC) b.) Remote Desktop Protocol (RDP) c.) Lights-Out Management (LOM) d.) Trivial File Transfer Protocol (TFTP)
c.) Lights-Out Management (LOM)
The use of a console port on a switch or router to segment network traffic is considered to be what type of connection? a.) Virtual terminal b.) Remote connection c.) Out-of-band d.) In-band
c.) Out-of-band
Which of the following is false about RDP? a.) It uses port 3389 b.) It provides GUI remote access to Windows hosts c.) Supports multiple connection instances. d.) The session can be encrypted
c.) Supports multiple connection instances.
The Internet Key Exchange (IKE) protocol is the part of the IPSec protocol suite that handles authentication and key exchange. As is enters phase 1 of its process, which of the following will take place? a.) The Aggressive Mode will transmit 4 messages. b.) The hosts will establish which ciphers and key sizes to use. c.) The Diffie-Hellman algorithm will create a secure channel. d.) The Main Mode will transmit three messages.
c.) The Diffie-Hellman algorithm will create a secure channel.
Which of the following allows IPSec-based VPNs to be set up dynamically according to traffic requirements and demand? a.) GPO b.) ESP c.) IKEv2 d.) DMVPN
d.) DMVPN
What type of attack is RDP Remote Credential Guard designed to protect against? a.) Brute Force b.) DDoS c.) Air gap d.) Pass-the-Hash (PtH)
d.) Pass-the-Hash (PtH)
You have been tasked with administrative duties on one of your network's prominent web servers, which happens to run over a Linux OS. You'll have to connect to the server remotely; what is the BEST way of securely doing so? a.) Remote Desktop Protocol (RDP) b.) Virtual Network Computing (VNC) c.) Telnet d.) Secure Shell (SSH)
d.) Secure Shell (SSH)
Which of the following is true about Telnet? a.) Provides a GUI connection to the host. b.) Uses port 22 c.) Telnet encrypts all data d.) The port should be disabled on systems,
d.) The port should be disabled on systems,