Domain 4: Communication and Network Security: Day 6

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What do EAP-FAST use for security?

It uses a Protected Access Credential (PAC), which acts as a pre-shared key.

Secure Shell (SSH) servers listen on what port and protocol?

TCP port 23

What provides confidentiality

AES

What network technology uses fixed-length cells to carry data?

ATM

Which endpoint security technique is the most likely to prevent a previously unknown attack from being successful?

Application Whitelisting

What is the most secure type of firewall?

Application-layer Proxy Firewall

Which of the following authentication protocols uses a three-way authentication handshake?

CHAP

What is the most secure type of EAP?

EAP-TLS

What network cable type can transmit the most data at the longest distance?

Fiber Optic

Restricting Bluetooth device discovery relies on the secrecy of what?

MAC Address

Which transmission mode is supported by both HDLC and SDLC?

Normal Response Mode (NRM)

What provides integrity

SHA-1

Which device operates at Layer 2 of the OSI model?

Switch

PEAP (Protected EAP),

This is not requiring client-side certificates.

PPP (Point-to-Point Protocol)

This protocol is based on High-Level Data Link Control (HDLC)

What do EAP-TLS uses for authentication.

Tunnel

Which protocol should be used for an audio streaming server, where some loss is acceptable?

UDP

Which wireless security protocol is also known as the RSN (Robust Security Network), and implements the full 802.11i standard?

WPA2

What is the authentication protocol in WAP

Wireless Transport Layer Security (WTLS), which is based on TLS.

What WAN Protocol has no error recovery, relying on higher-level protocols to provide reliability?

X.25

EAP-MD5

is one of the weakest forms of EAP. It offers client → server authentication only this makes it vulnerable to man-in the-middle attacks and password cracking attacks.

TLS (Transport Layer Security)

is the latest version of SSL, equivalent to SSL version 3.1

L2TP (Layer 2 Tunneling Protocol)

combines PPTP and L2F; L2TP focuses on authentication; uses IPsec to provide encryption

Encapsulating Security Protocol (ESP)

confidentiality

What are the security features do PPP have?

confidentiality, integrity, and authentication

what do security flaws do SLIP have

confidentiality, integrity, or authentication

LEAP (Lightweight Extensible Authentication Protocol)

is a Cisco-proprietary protocol released before 802.1X was finalized

SLIP (Serial Line Internet Protocol)

is a Layer 2 protocol that provides IP connectivity via asynchronous connections such as serial lines and modems

PAP (Password Authentication Protocol)

is a very weak authentication protocol. It sends the username and password in cleartext.

EAP (Extensible Authentication Protocol).

is designed to provide authentication at Layer 2; 802.1X is "Port Based Network Access Control

IPSec: Transport mode

protects the IP data (layers 4-7) only, leaving the original IP headers unprotected.

IPSec: Tunnel mode

provides confidentiality (ESP) and/or authentication (AH) to the entire original packet, including the original IP headers.

EAP-TTLS (EAP Tunneled Transport Layer Security),

simplifies EAP-TLS by dropping the client-side certificate requirement, allowing other authentication methods for client-side authentication but less secure when omitting the client-side certificate

A drawback of CHAP is that

the server stores plaintext passwords of each client. An attacker who compromises a CHAP server may be able to steal all the passwords stored on it

PPTP (Point-to-Point Tunneling Protocol)

tunnels PPP via IP. GRE(Generic Routing Encapsulation) to pass PPP via IP and and uses TCP for a control channel

EAP-TLS (EAP-Transport Layer Security)

uses PKI, requiring both server-side and client-side certificates.

CHAP (Challenge-Handshake Authentication Protocol)

uses a three-way authentication, is not susceptible to replay attacks.

EAP-FAST (EAP-Flexible Authentication via Secure Tunneling)

was designed by Cisco to replace LEAP';

Secure Sockets Layer (SSL)

was designed to protect HTTP data

Wireless Application Protocol (WAP)

was designed to provide secure Web services to handheld wireless devices such as smart phones


Ensembles d'études connexes

Bible Lit. - Old Testament / Unit 1

View Set

Macroeconomics chapters 7,8 and 10

View Set

Crossroads Chapter 4: The Napoleonic Era

View Set

Немецкие идиомы и их русские аналоги

View Set