M5 & M6-FORMATIVE

True

A Certificate Revocation is a private key compromised. Group of answer choices False True

Implement Kerberos

A company is deploying a file-sharing protocol access a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication, and support SSO and smart card logons. Which of the following would BEST accomplish this task? Group of answer choices Use MSCHAP authentication Implement Kerberos Store credentials in LDAP Use NTLM authentication

Account lockout

A network administrator is brute forcing accounts through a web interface. Which of the following would provide the BEST defense from an account password being discovered?

Certificate Revocation

A sort of blacklist that instructs the RADIUS not to authenticate those certificates Group of answer choices Certificate Revocation Certificate Validation Certificate Issuance Certificate Renewal

User account

A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using? Group of answer choices Guest account User account Service account Shared account

Certificate Life Cycle

An entity can be a person, a device, or even just a few lines of code Group of answer choices Certificate Issuance Certificate Life Cycle Certificate Enrollment Certificate Validation

Certificate Revocation

Certificates contain a termination date that's indicated when they are first issued in this period

True

Create passwords with at least eight characters. Group of answer choices True False

Private Key Replacement Process

Destroy original key. Group of answer choices Private Key Protection Methods Private Key Restoration Methods Private Key Replacement Process None of the above

None of the above

Encrypt data with new key. Group of answer choices Private Key Protection Methods Private Key Replacement Process Private Key Restoration Methods None of the above

Once they agree on an encryption level, the client generates a session key, encrypts it, and sends it with the public key from the server.

Encryption in SSL Enrollment Process means

False

Every time the certificate is used to authenticate, the RADIUS server checks with the CA to confirm that the certificate is still valid and hasn't expired or been revoked.

Strong password

Ik4wLhung$4paTn4 is a Group of answer choices Weak password Strong password Maybe None of the above

Certificate Life Cycle

In these, shorter life cycles permit for reestablishment of more secure certificates.

Certificate Validation

In this stage, a substance can be an individual, a gadget, or indeed fair some lines of code Group of answer choices Certificate Validation Certificate Enrollment Certificate Issuance Certificate Life Cycle

Certificate Validation

In this stage, a substance submits a request for a certificate to the Certificate Authority (CA).

Encryption

In this stage, once they agree on an encryption level, the client generates a session key, encrypts it, and sends it with the public key from the server.

Negotiation

In this stage, the server and client then negotiate an encryption level. Group of answer choices Response Request Encryption Negotiation

Response

In this stage, the server responds by sending its digital certificate and public key to the client.

True

Instead of automatically being shunted to a CRL, some CA's have settings that renew certificates upon expiration date, though typically they re-verify identity. At this time, you can choose whether to generate a new key pair - effectively making it a totally new certificate. Group of answer choices True False

Digital certificate

It certifies the ownership of a open key by the named subject of the certificate.

Key Management

It concerns keys at the client level, either between clients or systems.

Key Management

It concerns keys at the user level, either between users or systems. Group of answer choices Key Management Certificate Authority Private Key Public Key

Account management

It controls the benefits and capacities of an application. Group of answer choices Shared account Service accounts Account management User account

TOTP

It could be a brief passcode produced by a calculation that uses the current time of day as one of its verification components Group of answer choices TACACS HOTP SAML TOTP

Privileged account

It exists in many forms across the enterprise environment and they pose significant security risks if not protected, managed and monitored. Group of answer choices Account policy Account lockout Privileged account Federated identity

Privileged accounts

It frequently avoids the establishment of modern applications, changes to worldwide settings or rules, and limits other capacities or records, centering on core commerce usefulness Group of answer choices User account Service accounts Shared account Privileged accounts

LDAP

It gives the communication dialect that applications utilize to communicate with other directory services servers Group of answer choices LDAPS LDAP Directory Services Active Directory

Anonymous authentication

It grants client anonymous status to LDAP.

Key Management

It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols. Group of answer choices Key Management Certificate Authority Private Key Public Key

Key Management

It incorporates cryptographic protocol plan, key servers, client strategies, and other significant protocols Group of answer choices Private Key Public Key Certificate Authority Key Management

Public CA

It is a certificate authority that provides services to the general public. Group of answer choices Root CA Public CA Intermediate CA Private CA

Account Policy

It is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization.

Account policy

It is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization. Group of answer choices Account policy Federated identity Account lockout Privileged account

Group Policy

It is a feature of the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. Group of answer choices Group Policy Complex password Account lockout Credential Management

PGP

It is a freeware email encryption system that uses symmetrical and asymmetrical encryption. Group of answer choices RADIUS PAP PGP CHAP

None of the above

It is a method to delete from insecure media Group of answer choices Private Key Protection Methods Private Key Replacement Process Private Key Restoration Methods None of the above

Private Key Restoration Methods

It is a method to require restoration password. Group of answer choices Private Key Protection Methods Private Key Restoration Methods Private Key Replacement Process None of the above

None of the above

It is a method to use key escrow. Group of answer choices Private Key Replacement Process None of the above Private Key Restoration Methods Private Key Protection Methods

Certificate Renewal

It is a renewal process upholds security and accessibility. Group of answer choices OCSP Certificate Trust Chain Certificate Renewal Key Escrow

Certificate authentication

It is a scheme that uses a public key cryptography and digital certificate to authenticate a user.

CA

It is a substance that issues computerized certificates.

PKI

It is a system consisting of hardware, software, policies, and procedures that create, manage, distribute, use, store, and revoke digital certificates. Group of answer choices PKI Certificate authentication Digital certificate CA

TOTP

It is an OTP creation calculation based on occasion synchronization, and the client and verification server share the mystery key K. Group of answer choices HOTP TACACS SAML TOTP

Digital certificate

It is an electronic document that contains an identity such as a user or organization and a corresponding public key Group of answer choices CA Certificate authentication Digital certificate PKI

Digital certificate

It is an electronic record that contains a character such as a client or organization and a comparing open key Group of answer choices Digital certificate PKI Certificate authentication CA

CA

It is an entity that issues digital certificates. Group of answer choices Certificate authentication CA Digital certificate PKI

Credential Management

It is an established form of software that is used for issuing and managing credentials as part of public key infrastructure (PKI). Group of answer choices Credential Management Account lockout Complex password Group Policy

Root CA

It is an important part of creating a robust and secure intranet Group of answer choices Public CA Intermediate CA Root CA Private CA

SAML

It is an open standard that permits identity providers (IdP) to pass authorization qualifications to service suppliers. Group of answer choices OTP RADIUS TACACS SAML

OTP

It is considered more secure since the secret word keeps on changing, meaning that it isn't defenseless against replay assaults Group of answer choices SAML OTP TACACS RADIUS

Digital certificate

It is like a driver's license or passport that contains a user's photograph and thumbprint, so that there is no doubt about the user's identity. Group of answer choices Digital certificate CA Certificate authentication PKI

User account

It is often used by teams that share similar functions - known as group-based access - or by casual users that need access to a system in a limited capacity. Group of answer choices Service accounts User account Privileged accounts Shared account

Account management

It is one of the foremost imperative viewpoints of an organization's security pose Group of answer choices Shared account Account management User account Service accounts

Shared account

It is one that can be utilized by more than one allotted client.

Shared account

It is one that can be utilized by more than one assigned user. Group of answer choices Service accounts Shared account User account Privileged accounts

PKI

It is that it uses a pair of keys to achieve the underlying security service. The key pair comprises of private key and public key. Group of answer choices PKI CA Digital certificate Certificate authentication

CA

It is the authority responsible for issuing SSL certificates publicly trusted by web browsers. Group of answer choices CA Certificate authentication Digital certificate PKI

RADIUS

It is the connect between the verification of a user's personality and the authorization to utilize a service. Group of answer choices TACACS OTP SAML RADIUS

Layer 2 Tunneling Protocol (L2TP)

It is the industry standard when setting up secure tunnels. Group of answer choices Point-to-Point Tunneling Protocol (PPTP) Tunneling Kerberos Layer 2 Tunneling Protocol (L2TP)

Credential Management

It is the set of practices that an organization uses to issue, track, update, and revoke credentials for identities within their context. Group of answer choices Account lockout Complex password Credential Management Group Policy

Certificate Revocation

It is the solution on Private key that had been compromised Group of answer choices Certificate Revocation List Certificate Chain Certificate Trust Chain Certificate Revocation

Certificate authentication

It is the utilize of a Digital Certificate to recognize a client, machine, or gadget before giving access to a asset, network, application, etc.

Directory Services

It is used for locating, managing, and administering common items and network resources, such as volumes, folders, files, printers, users, groups, devices, telephone numbers, and other objects.

Digital certificate

It is utilized to demonstrate a person's character; it can be utilized for verification. Group of answer choices Digital certificate PKI CA Certificate authentication

Certificate Trust Chain

It lacks encryption. Group of answer choices Certificate Renewal Key Escrow OCSP Certificate Trust Chain

LDAPS

It makes use of port 636.

Kerberos

It makes use of port 88.

Directory Services

It maps the network names of network resources to network addresses and define a naming structure for networks.

RADIUS

It may be a farther convention utilized to connect with a server in systems. Group of answer choices RADIUS SAML TACACS OTP

Privileged accounts

It often prevents the installation of new applications, changes to global settings or rules, and limits other functions or files, focusing on core business functionality. Group of answer choices Shared account Privileged accounts User account Service accounts

Account lockout

It prevents the user from logging onto the network for a period even if the correct password is entered. Group of answer choices Privileged account Federated identity Account policy Account lockout

Active Directory

It provides Single-Sign On (SSO) and works well in the office and over VPN. Group of answer choices Active Directory Directory Services LDAPS LDAP

Privileged accounts

It provides a nice balance between complete system-wide permission and fine-tuned privileges based on the exact needs of the software by granting access, permissions, and rights in a completely custom fashion. Group of answer choices Shared account User account Privileged accounts Service accounts

LDAP

It provides the communication language that applications use to communicate with other directory services servers.

certificate enrollment

It refers to the process by which a user requests a digital certificate. Group of answer choices Online root CAs certificate release Offline root CAs certificate enrollment

Key backup

It restores from backup media. Group of answer choices None of the above Private Key Replacement Process Private Key Protection Methods Key backup

OCSP

It sends response with certificate's status. Group of answer choices Certificate Renewal OCSP Key Escrow Certificate Trust Chain

LDAP

It stores the users, passwords, and computer accounts, and share that information with other entities on the network.

Active Directory

It supports both Kerberos and LDAP - Microsoft AD is by far the most common directory services system in use today. Group of answer choices Directory Services Active Directory LDAP LDAPS

Kerberos

It was accepted by Microsoft as the chosen authentication protocol for Windows 2000 and Active Directory domains that followed. Group of answer choices Layer 2 Tunneling Protocol (L2TP) Point-to-Point Tunneling Protocol (PPTP) Kerberos Tunneling

TOTP

It will only be valid for a predefined time interval. Group of answer choices TOTP HOTP TACACS SAML

Tunneling

Its protocol is one that encloses in its datagram another complete data packet that uses a different communications protocol. Group of answer choices Point-to-Point Tunneling Protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) Tunneling Kerberos

Weak password

Johnnysoccer is a

Weak password

June111998 is a Group of answer choices None of the above Maybe Strong password Weak password

Strong password

K4T2ic9O is a Group of answer choices Weak password Strong password

Light Directory Access Protocol

LDAP stands for Group of answer choices Leader Development Action Plan Legal Deposit Advisory Panel Light Directory Access Protocol Lightweight Data Access Protocol

Certificate Life Cycle

Longer life cycles provide assailants an advantage in these stages. Group of answer choices Certificate Enrollment Certificate Life Cycle Certificate Validation Certificate Issuance

Strong password

Luv2sw!m is a Group of answer choices Strong password Weak password

Private Key Replacement Process

Obtain new key pair. Group of answer choices Private Key Restoration Methods Private Key Protection Methods None of the above Private Key Replacement Process

Public Key

PK stands for:

Private Key

PK stands for: Group of answer choices Public Kiosk Private King Pirate Key Private Key

Certificate Assemble

PKI Components except:

Weak password

Password is a

The client requests a session with the server.

Request in SSL Enrollment Process means

The server responds by sending its digital certificate and public key to the client.

Response in SSL Enrollment Process means

False

Telling your password to your parents is a good practice on security

Certificate Validation

The RADIUS server checks with the CA to confirm that the certificate is still valid and hasn't expired been revoked.

Privileged accounts

The applications only have access to specific functions and data based on their function and needs.

Public CA

These are companies that have garnered the trust of the public at large.

HOTP

These are gadgets that produce passwords based on a non-repeating one-way work.

Directory Services

These are software systems that store, organize and give get to directory information in order to bind together network assets. Group of answer choices Directory Services LDAP LDAPS Access control

Private CA

These are the best option if you only need to issue a limited number of certificates.

Group Policy Object

These are used for centralized management and configuration of the Active Directory environment.

Intermediate CA

They issue most certificates.

Digital certificate

This allows others to rely upon signatures or assertions made by the private key that corresponds to the public key that is certified. Group of answer choices Certificate authentication Digital certificate CA PKI

Key Management

This contrasts with key scheduling, which typically refers to the internal handling of keys within the operation of a cipher. Group of answer choices Public Key Key Management Certificate Authority Private Key

HSM

This device protects and manages digital keys and serves as the groundwork for building a secure enterprise PKI infrastructure. Group of answer choices CRL PKI Certificate Store HSM

Account Policy

This functionality is different than a group policy in Windows systems, which allows for an administrator to maintain consistent configuration and security settings set as group policy objects that activate when users log in. Group of answer choices Credential management Password complexity Account Policy Passwords

Certificate authentication

This permits others to depend upon marks or statements made by the private key that corresponds to the open key that's certified. Group of answer choices CA Digital certificate PKI Certificate authentication

False

Use any private information in your password. Group of answer choices False True

False

Use your street address as a password

SAML

Which of the following allows an application to securely authenticate a user by receiving credentials from a web domain?

SAML

Which of the following is commonly used for federated identity management across multiple organizations?

Short password

Which option is not a good trait for your password?

Short password

Which option is not a good trait for your password? Group of answer choices Long password Short password Different symbols within the password. No personal information

Private Key Protection Methods

it is a procedure never transmit on network. Group of answer choices Private Key Replacement Process Private Key Restoration Methods None of the above Private Key Protection Methods