Network Admin Security Exam 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Phase _________ of the Handshake Protocol establishes security capabilities. 3 1 2 4

1

The handshake is complete and the client and server may begin to exchange application layer data after the server sends its finished message in phase _________ of the Handshake Protocol.

4

The MPDU exchange for distributing pairwise keys is known as the _________ which the STA and SP use to confirm the existence of the PMK, to verify the selection of the cipher suite, and to derive a fresh PTK for data sessions.

4-way handshake

The master session key is also known as the __________ key. GTK AAA MIC STA

AAA

_________ attacks include impersonating another user, altering messages in transit between client and server and altering information on a Web site. Psuedo Passive Active Shell

Active

The _________ is used to convey SSL-related alerts to the peer entity. Alert Protocol Handshake Protocol Change Cipher Spec Protocol SSL Record Protocol

Alert Protocol

The __________ is used to convey WTLS-related alerts to the peer entity. Counter Mode MAC Protocol Cipher Spec Protocol Alert Protocol WAP Protocol

Alert Protocol

Three higher-layer protocols defined as part of SSL and used in the management of SSL exchanges are: The Handshake Protocol, The Change Cipher Spec Protocol, and the __________ .

Alert Protocol

The __________ approach is vulnerable to man-in-the-middle attacks. Fixed Diffie-Hellman Fortezza Anonymous Diffie-Hellman Ephemeral Diffie-Hellman

Anonymous Diffie-Hellman

At any point in an IKE exchange the sender may include a _________ payload to request the certificate of the other communicating entity.

Certificate Request

_________ require a client write MAC secret, a server write MAC secret, a client write key, a server write key, a client write IV, and a server write IV, which are generated from the master secret in that order.

CipherSpecs

With each element of the list defining both a key exchange algorithm and a CipherSpec, the list that contains the combination of cryptographic algorithms supported by the client in decreasing order of preference is the __________ . Random CipherSuite Session ID Version

CipherSuite

E-banking, personal banking, e-commerce server, software validation and membership-based online services all fall into the VeriSign Digital ID _________ .

Class 3

The ________ MIME field is a text description of the object with the body which is useful when the object is not readable as in the case of audio data. Content-Transfer-Encoding Content-Description Content-Type Content-ID

Content-Description

The __________ field is used to identify MIME entities uniquely in multiple contexts. Content-Transfer- Encoding Content-ID Content-Description Content-Type

Content-ID

The __________ MIME field describes the data contained in the body with sufficient detail that the receiving user agent can pick an appropriate agent or mechanism to represent the data to the user or otherwise deal with the data in an appropriate manner.

Content-Type

__________ is the primary service used by stations to exchange MPDUs when the MPDUs must traverse the DS to get from a station in one BSS to a station in another BSS.

Distribution

The _________ is used to ensure the confidentiality of the GTK and other key material in the 4-Way Handshake. MIC key EAPOL-KEK EAPOL-KCK TK

EAPOL-KEK

_________ consists of an encapsulating header and trailer used to provide encryption or combined encryption/authentication. The current specification is RFC 4303. IPsec ISA ESP SPI

ESP

Please list at least four main IP security problems

Eavsdropping, Modification of packets in transit, Identity spoofing, and Denial of service.

Authentication makes use of the _________ message authentication code.

HMAC

__________ refers to the combination of HTTP and SSL to implement secure communication between a Web browser and a Web server.

HTTPS

The _________ Protocol allows the server and client to authenticate each other and to negotiate an encryption and MAC algorithm along with cryptographic keys to be used to protect data sent in an SSL Record.

Handshake

An SSL session is an association between a client and a server and is created by the ___________ .

Handshake Protocol

The most complex part of SSL is the __________ . Handshake Protocol Alert Protocol SSL Record Protocol Change Cipher Spec Protocol

Handshake Protocol

__________ specifies security standards for IEEE 802.11 LANs including authentication, data integrity, data confidentiality, and key management.

IEEE 802.11i

_________ defines a number of techniques for key management. KEP IKE SKE KMP

IKE

IPsec provides security services at the ________ layer by enabling a system to select required security protocols, determine the algorithms to use for the services and put in place any cryptographic keys required to provide the requested services.

IP

__________ provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. ISA IKE IAB IPsec

IPsec

The selectors that determine a Security Policy Database are: Name, Local and Remote Ports, Next Layer Protocol, Remote IP Address, and _________ .

Local IP Address

__________ allows the client to set up a "hijacker" process that will intercept selected application-level traffic and redirect it from an unsecured TCP connection to a secure SSH tunnel.

Local forwarding

Video content will be identified as _________ type. MPEG JPEG GIF BMP

MPEG

The __________ is the information that is delivered as a unit between MAC users. MSDU DS BSS MPDU

MSDU

The _________ accepts the message submitted by a Message User Agent and enforces the policies of the hosting domain and the requirements of Internet standards. Mail Submission Agent Mail Delivery Agent Message Transfer Agent Message Store

Mail Submission Agent

Typically housed in the user's computer, a _________ is referred to as a client e-mail program or a local network e-mail server. Message User Agent Mail Submission Agent Message Store Message Transfer Agent

Message User Agent

_________ identifies the type of data contained in the payload data field by identifying the first header in that payload. Security Parameters Index Sequence Header Payload Data Next Header

Next Header

The __________ payload contains either error or status information associated with this SA or this SA negotiation. Nonce Configuration Notify Encrypted

Notify

Please explain how PGP realizes confidentiality and authentication

PGP realizes confidentiality with this process: First the sender forms 128 bit random session key, then the sender encrypts the message with the session key, then the sender encrypts the key with the receivers public key, the receiver then decrypts and recovers the session key, and last the receiver decrypts the message with the session key. PGP realizes authentication with the following process: first the sender creates the message, then the sender generates a SHA hash value, then the sender signs the hash value with the private key: RSA, then the receiver decrypts and recovers the hash code, and last the receiver verifies the received message hash.

The PMK is used to generate the _________ which consists of three keys to be used for communication between a STA and AP after they have been mutually authenticated. PTK AAA Key GTK PSK

PTK

_________ attacks include eavesdropping on network traffic between browser and server and gaining access to information on a Web site that is supposed to be restricted.

Passive

MIME is an extension to the ________ framework that is intended to address some of the problems and limitations of the use of SMTP. RFC 821 RFC 3852 RFC 5322 RFC 4871

RFC 5322

The purpose of the discovery phase in the ___________ is for a STA and an AP to recognize each other, agree on a set of security capabilities, and establish an association for future communication using those security capabilities. WPA TKIP RSN WAE

RSN

A value chosen by the responder to identify a unique IKE SA is a _________ . Flag Initiator SPI Responder Cookie Message ID

Responder Cookie

__________ is an Internet standard approach to e-mail security that incorporates the same functionality as PGP. MIME DKIM S/MIME HTTPS

S/MIME

A _________ is a one way relationship between a sender and a receiver that affords security services to the traffic carried on it. SA SAD SPD SPI

SA

S/MIME cryptographic algorithms use __________ to specify requirement level. SHOULD and CAN SHOULD and MUST SHOULD and MIGHT CAN and MUST

SHOULD and MUST

The means by which IP traffic is related to specific SAs is the _________ . SPI SAD TRS SPD

SPD

The key management mechanism that is used to distribute keys is coupled to the authentication and privacy mechanisms only by way of the _________ . SPI ESP SPD IAB

SPI

Three standardized schemes that are becoming increasingly important as part of Web commerce and that focus on security at the transport layer are: SSL/TLS, HTTPS, and _________.

SSH

_________ is organized as three protocols that typically run on top of TCP for secure network communications and are designed to be relatively simple and inexpensive to implement. SSL SSH TLS SSI

SSH

_________ provides secure, remote logon and other secure client/server facilities. SSH HTTPS TLS SLP

SSH

Please explain what is SSH and explain how to realize secure remote login with username password with SSH

SSH provides secure remote login. First, the client generates a session key with the username/password. Then the client sends a remote login request with the session key encryption to the server. Then the server generates a session key with the users name and password. Then the server sends acknowledgement information encrypted with the session key to the client. Last, the communication begins.

__________ provides confidentiality using symmetric encryption and message integrity using a message authentication code.

SSL/TLS

The _________ takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit in a TCP segment.

SSl Record Protocol

Defined as a Proposed Internet Standard in RFC 2246, _________ is an IETF standardization initiative whose goal is to produce an Internet standard version of SSL. SSH SHA-1 CCSP TLS

TLS

The SSL Internet standard version is called _________ . SSH SLP HTTP TLS

TLS

Please list the main functions of S/MIME

The main functions of S/MIME include: enveloped data, signed data, clear signed data, and signed and enveloped data.

Please list the main protocols in Email server

The main protocols in the Email server are: SMTP(Simple Mail Transfer Protocol), MIME protocol, POP(Post Office Protocol), and IMAP(Internet Message Access Protocol).

Please list the two main IPSec Modes

The two main IPSec modes include transport mode which is traffic from host to host, or host to gateway and tunnel mode which is traffic from gateway to gateway, or from host to gateway.

please explain the main work process for wireless authentication protocol such as WEP and WPA.

The work process begins with a probe request being sent from the client to the access point. The access point then sends a probe response back to the client. Then the client sends an authentication request to the access point. The access point then sends a response back to the client. After this communication, the client will have access to the wireless.

please explain the work process of SSL and HTTPS. Especially, please explain their difference.

The work process of SSL starts with the handshaking protocol and is followed by the record process. The handshaking protocol begins with the client sending a message to the server and the server responding. Then the server sends its certificate to the client along with a request for the clients certificate. Then the client sends its certificate to the server. The record process starts with the client generating a symmetric key, then encrypting the symmetric key with the server certificate, and then the digital signature is generated. The server then gets the symmetric key, the message, and compares the two to verify the hash value. HTTPS begins with the user generating a session key. Then the server sends the public key certificate to the client. Then the client sends the server the sessions key encrypted with the public key certificate. After that the server acknowledges the communication. Then the client sens the username and password to the server encrypted with the session key. Then the server sends the response service. After that the client sends request service encrypted with the session key. Lastely the server sends response service encrypted with the session key. The difference between SSL and HTTPS is unlike SSL, HTTPS client does not have a certificate.

The _________ payload allows peers to identify packet flows for processing by IPsec services. Traffic Selector Extensible Authentication Protocol Vendor ID Configuration

Traffic Selector

_________ mode is used when one or both ends of an SA are a security gateway, such as a firewall or router that implements IPsec.

Tunnel

Please explain what is VPN

VPN stands for Virtual Private Network. VPN uses a public infastructure (Internet) to provide remote offices or individuals with secure access to their organizations network. Virtual makes your other office or individual to be a part of your network. Private means the original packets are encrypted, the encrypted payload is then encapsulated inside of another packet. This encapsulation process is often referred to as tunneling.

_________ is a standard to provide mobile users of wireless phones and other wireless terminals access to telephony and information services including the Internet and the Web. WAP WPA WEP WML

WAP

Please explain what is WAP

WAP stands for Wireless Application Protocol. This protocol is a universal, open standard developed to provide mobile wireless users access to telephony and information services.

_________ was designed to describe content and format for presenting data on devices with limited bandwidth, limited screen size, and limited user input capability and to work with telephone keypads, styluses, and other input devices common to mobile, wireless communication. WAP WPA WAE WML

WML

WAP security is primarily provided by the __________ which provides security services between the mobile device and the WAP gateway to the Internet. TKIP CCMP MSDU WTLS

WTLS

The term used for certified 802.11b products is ___________ . WEP WPA Wi-Fi WAP

Wi-Fi

A Pseudorandom Function takes as input: an identifying label a secret value all of the above a seed value

all of the above

The _________ type refers to other kinds of data, typically either uninterpreted binary data or information to be processed by a mail-based application.

application

The __________ mechanism assures that a received packet was in fact transmitted by the party identified as the source in the packet header and assures that the packet has not been altered in transit. key management security authentication confidentiality

authentication

The _________ transfer encoding, also known as radix-64 encoding, is a common one for encoding arbitrary binary data in such a way as to be invulnerable to the processing by mail-transport programs.

base64

The specification of a protocol along with the chosen key length is known as a __________ . cipher suite distribution system RSN extended service

cipher suite

The symmetric encryption key for data encrypted by the client and decrypted by the server is a _________ . server write key master key client write key sequence key

client write key

IPsec encompasses three functional areas: authentication, key management, and __________ .

confidentiality

The _________ facility enables communicating nodes to encrypt messages to prevent eavesdropping by third parties. security key management authentication confidentiality

confidentiality

Two important SSL concepts are the SSL session and the SSL _________ .

connection

The __________ function is the logical function that determines when a station operating within a BSS is permitted to transmit and may be able to receive PDUs.

coordination

A WML _________ is similar to an HTML page in that it is identified by a URL and is the unit of content transmission. page card deck unit

deck

A _________ is formed by taking the message digest of the content to be signed and then encrypting that with the private key of the signer, which is then encoded using base64 encoding.

digital signature

PGP provides authentication through the use of _________ . digital signatures radix-64 symmetric block encryption asymmetric block encryption

digital signatures

Three different authentication methods can be used with IKE key determination: Public key encryption, symmetric key encryption, and _________ .

digital signatures

The WAP Programming Model is based on three elements: the client, the original server, and the _________ .

gateway

Computed by PGP, a _________ field indicates the extent to which PGP will trust that this is a valid public key for this user; the higher the level of trust, the stronger the binding of this user ID to this key.

key legitimacy

The __________ facility is concerned with the secure exchange of keys.

key management

The __________ enables the recipient to determine if the correct public key was used to decrypt the message digest for authentication. timestamp key ID of the sender's public key leading two octets of message digest filename

leading two octets of message digest

The __________ layer keeps track of which frames have been successfully received and retransmits unsuccessful frames. physical layer transmission media access control logical link control

logical link control

The function of the __________ is to on transmission assemble data into a frame, on reception disassemble frame and perform address recognition and error detection, and govern access to the LAN transmission medium. transmission layer media access control layer logical layer physical layer

media access control layer

The __________ subtype is used when the different parts are independent but are to be transmitted together. They should be presented to the receiver in the order that they appear in the mail message. multipart/alternative multipart/mixed multipart/digest multipart/parallel

multipart/mixed

For the __________ subtype the order of the parts is not significant. multipart/digest multipart/alternative multipart/parallel multipart/mixed

multipart/parallel

IKE key determination employs __________ to ensure against replay attacks. groups flags nonces cookies

nonces

Forming a hierarchy beginning with a master key from which other keys are derived dynamically and used for a limited period of time, __________ are used for communication between a pair of devices typically between a STA and an AP.

pairwise keys

PGP makes use of four types of keys: public keys, private keys, one-time session keys, and ___________ symmetric keys.

passphrase-based

The layer of the IEEE 802 reference model that includes such functions as encoding/decoding of signals and bit transmission/reception is the _________ . physical layer media access layer logical link layer control layer

physical layer

A signature is created by taking the hash of a message and encrypting it with the sender's _________ .

private key

The _________ transfer encoding is useful when the data consists largely of octets that correspond to printable ASCII characters.

quoted-printable

PGP provides compression using the __________ algorithm. radix-64 symmetric block MIME digital signature

radix-64

To provide transparency for e-mail applications, an encrypted message may be converted to an ASCII string using _________ conversion.

radix-64

A __________ attack is one in which an attacker obtains a copy of an authenticated packet and later transmits it to the intended destination.

replay

The MPDU authentication phase consists of three phases. They are: connect to AS, EAP exchange and _________ .

secure key delivery

The final message in phase 2, and one that is always required, is the ___________ message, which is sent by the server to indicate the end of the server hello and associated messages. server_done no_certificate finished goodbye

server_done

An arbitrary byte sequence chosen by the server to identify an active or resumable session state is a _________ . cipher spec compression session identifier peer certificate

session identifier

Authentication applied to all of the packet except for the IP header is _________ . transport mode association mode security mode tunnel mode

transport mode

The key legitimacy field, the signature trust field and the owner trust field are each contained in a structure referred to as a ___________ .

trust flag byte

Authentication applied to the entire original IP packet is _________ . transport mode security mode tunnel mode cipher mode

tunnel mode

Key IDs are critical to the operation of PGP and __________ key IDs are included in any PGP message that provides both confidentiality and authentication. six two three four

two


Ensembles d'études connexes

Chapter 5: Data and Knowledge Management

View Set

The Natural Rate of Interest and Zero Lower Bound

View Set

SmartBook Chapter 3: Digital Marketing: Online, Social, and Mobile

View Set

Illinois Permit Test study guide

View Set

CPT Certification Test {Section 5}

View Set

Duty to Disclose: Segment 3: Natural Hazards Disclosure

View Set

Peds PrepU Chapter 1:The Nurse's Role in a Changing Maternal-Child Health Care Environment

View Set