M5 & M6-FORMATIVE
True
A Certificate Revocation is a private key compromised. Group of answer choices False True
Implement Kerberos
A company is deploying a file-sharing protocol access a network and needs to select a protocol for authenticating clients. Management requests that the service be configured in the most secure way possible. The protocol must also be capable of mutual authentication, and support SSO and smart card logons. Which of the following would BEST accomplish this task? Group of answer choices Use MSCHAP authentication Implement Kerberos Store credentials in LDAP Use NTLM authentication
Account lockout
A network administrator is brute forcing accounts through a web interface. Which of the following would provide the BEST defense from an account password being discovered?
Certificate Revocation
A sort of blacklist that instructs the RADIUS not to authenticate those certificates Group of answer choices Certificate Revocation Certificate Validation Certificate Issuance Certificate Renewal
User account
A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using? Group of answer choices Guest account User account Service account Shared account
Certificate Life Cycle
An entity can be a person, a device, or even just a few lines of code Group of answer choices Certificate Issuance Certificate Life Cycle Certificate Enrollment Certificate Validation
Certificate Revocation
Certificates contain a termination date that's indicated when they are first issued in this period
True
Create passwords with at least eight characters. Group of answer choices True False
Private Key Replacement Process
Destroy original key. Group of answer choices Private Key Protection Methods Private Key Restoration Methods Private Key Replacement Process None of the above
None of the above
Encrypt data with new key. Group of answer choices Private Key Protection Methods Private Key Replacement Process Private Key Restoration Methods None of the above
Once they agree on an encryption level, the client generates a session key, encrypts it, and sends it with the public key from the server.
Encryption in SSL Enrollment Process means
False
Every time the certificate is used to authenticate, the RADIUS server checks with the CA to confirm that the certificate is still valid and hasn't expired or been revoked.
Strong password
Ik4wLhung$4paTn4 is a Group of answer choices Weak password Strong password Maybe None of the above
Certificate Life Cycle
In these, shorter life cycles permit for reestablishment of more secure certificates.
Certificate Validation
In this stage, a substance can be an individual, a gadget, or indeed fair some lines of code Group of answer choices Certificate Validation Certificate Enrollment Certificate Issuance Certificate Life Cycle
Certificate Validation
In this stage, a substance submits a request for a certificate to the Certificate Authority (CA).
Encryption
In this stage, once they agree on an encryption level, the client generates a session key, encrypts it, and sends it with the public key from the server.
Negotiation
In this stage, the server and client then negotiate an encryption level. Group of answer choices Response Request Encryption Negotiation
Response
In this stage, the server responds by sending its digital certificate and public key to the client.
True
Instead of automatically being shunted to a CRL, some CA's have settings that renew certificates upon expiration date, though typically they re-verify identity. At this time, you can choose whether to generate a new key pair - effectively making it a totally new certificate. Group of answer choices True False
Digital certificate
It certifies the ownership of a open key by the named subject of the certificate.
Key Management
It concerns keys at the client level, either between clients or systems.
Key Management
It concerns keys at the user level, either between users or systems. Group of answer choices Key Management Certificate Authority Private Key Public Key
Account management
It controls the benefits and capacities of an application. Group of answer choices Shared account Service accounts Account management User account
TOTP
It could be a brief passcode produced by a calculation that uses the current time of day as one of its verification components Group of answer choices TACACS HOTP SAML TOTP
Privileged account
It exists in many forms across the enterprise environment and they pose significant security risks if not protected, managed and monitored. Group of answer choices Account policy Account lockout Privileged account Federated identity
Privileged accounts
It frequently avoids the establishment of modern applications, changes to worldwide settings or rules, and limits other capacities or records, centering on core commerce usefulness Group of answer choices User account Service accounts Shared account Privileged accounts
LDAP
It gives the communication dialect that applications utilize to communicate with other directory services servers Group of answer choices LDAPS LDAP Directory Services Active Directory
Anonymous authentication
It grants client anonymous status to LDAP.
Key Management
It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols. Group of answer choices Key Management Certificate Authority Private Key Public Key
Key Management
It incorporates cryptographic protocol plan, key servers, client strategies, and other significant protocols Group of answer choices Private Key Public Key Certificate Authority Key Management
Public CA
It is a certificate authority that provides services to the general public. Group of answer choices Root CA Public CA Intermediate CA Private CA
Account Policy
It is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization.
Account policy
It is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization. Group of answer choices Account policy Federated identity Account lockout Privileged account
Group Policy
It is a feature of the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. Group of answer choices Group Policy Complex password Account lockout Credential Management
PGP
It is a freeware email encryption system that uses symmetrical and asymmetrical encryption. Group of answer choices RADIUS PAP PGP CHAP
None of the above
It is a method to delete from insecure media Group of answer choices Private Key Protection Methods Private Key Replacement Process Private Key Restoration Methods None of the above
Private Key Restoration Methods
It is a method to require restoration password. Group of answer choices Private Key Protection Methods Private Key Restoration Methods Private Key Replacement Process None of the above
None of the above
It is a method to use key escrow. Group of answer choices Private Key Replacement Process None of the above Private Key Restoration Methods Private Key Protection Methods
Certificate Renewal
It is a renewal process upholds security and accessibility. Group of answer choices OCSP Certificate Trust Chain Certificate Renewal Key Escrow
Certificate authentication
It is a scheme that uses a public key cryptography and digital certificate to authenticate a user.
CA
It is a substance that issues computerized certificates.
PKI
It is a system consisting of hardware, software, policies, and procedures that create, manage, distribute, use, store, and revoke digital certificates. Group of answer choices PKI Certificate authentication Digital certificate CA
TOTP
It is an OTP creation calculation based on occasion synchronization, and the client and verification server share the mystery key K. Group of answer choices HOTP TACACS SAML TOTP
Digital certificate
It is an electronic document that contains an identity such as a user or organization and a corresponding public key Group of answer choices CA Certificate authentication Digital certificate PKI
Digital certificate
It is an electronic record that contains a character such as a client or organization and a comparing open key Group of answer choices Digital certificate PKI Certificate authentication CA
CA
It is an entity that issues digital certificates. Group of answer choices Certificate authentication CA Digital certificate PKI
Credential Management
It is an established form of software that is used for issuing and managing credentials as part of public key infrastructure (PKI). Group of answer choices Credential Management Account lockout Complex password Group Policy
Root CA
It is an important part of creating a robust and secure intranet Group of answer choices Public CA Intermediate CA Root CA Private CA
SAML
It is an open standard that permits identity providers (IdP) to pass authorization qualifications to service suppliers. Group of answer choices OTP RADIUS TACACS SAML
OTP
It is considered more secure since the secret word keeps on changing, meaning that it isn't defenseless against replay assaults Group of answer choices SAML OTP TACACS RADIUS
Digital certificate
It is like a driver's license or passport that contains a user's photograph and thumbprint, so that there is no doubt about the user's identity. Group of answer choices Digital certificate CA Certificate authentication PKI
User account
It is often used by teams that share similar functions - known as group-based access - or by casual users that need access to a system in a limited capacity. Group of answer choices Service accounts User account Privileged accounts Shared account
Account management
It is one of the foremost imperative viewpoints of an organization's security pose Group of answer choices Shared account Account management User account Service accounts
Shared account
It is one that can be utilized by more than one allotted client.
Shared account
It is one that can be utilized by more than one assigned user. Group of answer choices Service accounts Shared account User account Privileged accounts
PKI
It is that it uses a pair of keys to achieve the underlying security service. The key pair comprises of private key and public key. Group of answer choices PKI CA Digital certificate Certificate authentication
CA
It is the authority responsible for issuing SSL certificates publicly trusted by web browsers. Group of answer choices CA Certificate authentication Digital certificate PKI
RADIUS
It is the connect between the verification of a user's personality and the authorization to utilize a service. Group of answer choices TACACS OTP SAML RADIUS
Layer 2 Tunneling Protocol (L2TP)
It is the industry standard when setting up secure tunnels. Group of answer choices Point-to-Point Tunneling Protocol (PPTP) Tunneling Kerberos Layer 2 Tunneling Protocol (L2TP)
Credential Management
It is the set of practices that an organization uses to issue, track, update, and revoke credentials for identities within their context. Group of answer choices Account lockout Complex password Credential Management Group Policy
Certificate Revocation
It is the solution on Private key that had been compromised Group of answer choices Certificate Revocation List Certificate Chain Certificate Trust Chain Certificate Revocation
Certificate authentication
It is the utilize of a Digital Certificate to recognize a client, machine, or gadget before giving access to a asset, network, application, etc.
Directory Services
It is used for locating, managing, and administering common items and network resources, such as volumes, folders, files, printers, users, groups, devices, telephone numbers, and other objects.
Digital certificate
It is utilized to demonstrate a person's character; it can be utilized for verification. Group of answer choices Digital certificate PKI CA Certificate authentication
Certificate Trust Chain
It lacks encryption. Group of answer choices Certificate Renewal Key Escrow OCSP Certificate Trust Chain
LDAPS
It makes use of port 636.
Kerberos
It makes use of port 88.
Directory Services
It maps the network names of network resources to network addresses and define a naming structure for networks.
RADIUS
It may be a farther convention utilized to connect with a server in systems. Group of answer choices RADIUS SAML TACACS OTP
Privileged accounts
It often prevents the installation of new applications, changes to global settings or rules, and limits other functions or files, focusing on core business functionality. Group of answer choices Shared account Privileged accounts User account Service accounts
Account lockout
It prevents the user from logging onto the network for a period even if the correct password is entered. Group of answer choices Privileged account Federated identity Account policy Account lockout
Active Directory
It provides Single-Sign On (SSO) and works well in the office and over VPN. Group of answer choices Active Directory Directory Services LDAPS LDAP
Privileged accounts
It provides a nice balance between complete system-wide permission and fine-tuned privileges based on the exact needs of the software by granting access, permissions, and rights in a completely custom fashion. Group of answer choices Shared account User account Privileged accounts Service accounts
LDAP
It provides the communication language that applications use to communicate with other directory services servers.
certificate enrollment
It refers to the process by which a user requests a digital certificate. Group of answer choices Online root CAs certificate release Offline root CAs certificate enrollment
Key backup
It restores from backup media. Group of answer choices None of the above Private Key Replacement Process Private Key Protection Methods Key backup
OCSP
It sends response with certificate's status. Group of answer choices Certificate Renewal OCSP Key Escrow Certificate Trust Chain
LDAP
It stores the users, passwords, and computer accounts, and share that information with other entities on the network.
Active Directory
It supports both Kerberos and LDAP - Microsoft AD is by far the most common directory services system in use today. Group of answer choices Directory Services Active Directory LDAP LDAPS
Kerberos
It was accepted by Microsoft as the chosen authentication protocol for Windows 2000 and Active Directory domains that followed. Group of answer choices Layer 2 Tunneling Protocol (L2TP) Point-to-Point Tunneling Protocol (PPTP) Kerberos Tunneling
TOTP
It will only be valid for a predefined time interval. Group of answer choices TOTP HOTP TACACS SAML
Tunneling
Its protocol is one that encloses in its datagram another complete data packet that uses a different communications protocol. Group of answer choices Point-to-Point Tunneling Protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) Tunneling Kerberos
Weak password
Johnnysoccer is a
Weak password
June111998 is a Group of answer choices None of the above Maybe Strong password Weak password
Strong password
K4T2ic9O is a Group of answer choices Weak password Strong password
Light Directory Access Protocol
LDAP stands for Group of answer choices Leader Development Action Plan Legal Deposit Advisory Panel Light Directory Access Protocol Lightweight Data Access Protocol
Certificate Life Cycle
Longer life cycles provide assailants an advantage in these stages. Group of answer choices Certificate Enrollment Certificate Life Cycle Certificate Validation Certificate Issuance
Strong password
Luv2sw!m is a Group of answer choices Strong password Weak password
Private Key Replacement Process
Obtain new key pair. Group of answer choices Private Key Restoration Methods Private Key Protection Methods None of the above Private Key Replacement Process
Public Key
PK stands for:
Private Key
PK stands for: Group of answer choices Public Kiosk Private King Pirate Key Private Key
Certificate Assemble
PKI Components except:
Weak password
Password is a
The client requests a session with the server.
Request in SSL Enrollment Process means
The server responds by sending its digital certificate and public key to the client.
Response in SSL Enrollment Process means
False
Telling your password to your parents is a good practice on security
Certificate Validation
The RADIUS server checks with the CA to confirm that the certificate is still valid and hasn't expired been revoked.
Privileged accounts
The applications only have access to specific functions and data based on their function and needs.
Public CA
These are companies that have garnered the trust of the public at large.
HOTP
These are gadgets that produce passwords based on a non-repeating one-way work.
Directory Services
These are software systems that store, organize and give get to directory information in order to bind together network assets. Group of answer choices Directory Services LDAP LDAPS Access control
Private CA
These are the best option if you only need to issue a limited number of certificates.
Group Policy Object
These are used for centralized management and configuration of the Active Directory environment.
Intermediate CA
They issue most certificates.
Digital certificate
This allows others to rely upon signatures or assertions made by the private key that corresponds to the public key that is certified. Group of answer choices Certificate authentication Digital certificate CA PKI
Key Management
This contrasts with key scheduling, which typically refers to the internal handling of keys within the operation of a cipher. Group of answer choices Public Key Key Management Certificate Authority Private Key
HSM
This device protects and manages digital keys and serves as the groundwork for building a secure enterprise PKI infrastructure. Group of answer choices CRL PKI Certificate Store HSM
Account Policy
This functionality is different than a group policy in Windows systems, which allows for an administrator to maintain consistent configuration and security settings set as group policy objects that activate when users log in. Group of answer choices Credential management Password complexity Account Policy Passwords
Certificate authentication
This permits others to depend upon marks or statements made by the private key that corresponds to the open key that's certified. Group of answer choices CA Digital certificate PKI Certificate authentication
False
Use any private information in your password. Group of answer choices False True
False
Use your street address as a password
SAML
Which of the following allows an application to securely authenticate a user by receiving credentials from a web domain?
SAML
Which of the following is commonly used for federated identity management across multiple organizations?
Short password
Which option is not a good trait for your password?
Short password
Which option is not a good trait for your password? Group of answer choices Long password Short password Different symbols within the password. No personal information
Private Key Protection Methods
it is a procedure never transmit on network. Group of answer choices Private Key Replacement Process Private Key Restoration Methods None of the above Private Key Protection Methods
