Quiz 2 Review (p7)
Which of the following is a type of virtual private network (VPN) architecture that places a firewall in front of the VPN to protect it from Internet-based attacks as well as a firewall behind the VPN to protect the internal network?
DMZ architecture
Which of the following is one of the most common and easily exploited vulnerabilities on any hardware network device?
Default password
Which elements do digital certificate contain that can be used to increase the reliability of authenticity and nonrepudiation?
Digital certificates use a public key and private key pair signed by a trusted third party.
Which of the following is a core Internet Protocol Security (IPSec) protocol that provides encryption only, both encryption and integrity protection, or integrity protection only in all but the oldest IPSec implementations?
Encapsulating Security Payload (ESP)
Which Internet Protocol Security (IPSec) core component negotiates, creates, and manages security associations?
Internet Key Exchange (IKE)
Which layer of the OSI model is the Data Link Layer?
Layer 2
Which of the following is an advantage of Secure Sockets Layer/Transport Layer Security (SSL/TLS) virtual private networks (VPNs) versus Internet Protocol Security (IPSec) VPNs?
No NAT problems
Which of the following best describes a technology with the least inherent security risks and is less likely to reveal information a user did NOT intend to share?
Onion routing
Which component of a virtual private network (VPN) policy describes the parameters for employee use of the VPN, including consequences for not following the policy?
Scope/binding nature statement
Which of the following is a protocol that replaces the use of telnet and rlogin to log in to a shell on a remote host?
Secure Shell (SSH)
Which of the following is the protocol used with HTTPS for encrypting communications to and from websites?
Secure Sockets Layer/Transport Layer Security (SSL/TLS)
Which of the following is an encryption method that is very fast and is based on a single, shared key?
Symmetric
Which of the following is a virtual private network (VPN) encryption encapsulation method best suited for linking individual computers together, even though it does not encrypt the original IP header?
Transport
Which of the following is a protocol that supports Advanced Encryption Standard (AES) with 128, 192, and 256 keys?
Transport Layer Security (TLS)
Whereas a virtual private network (VPN) encrypts pieces of data, a firewall protects the internal network from outside threats.
True
Whereas privacy is the ability of a network or system user to remain unknown, anonymity is keeping information about a network or system user from disclosure.
True
Which of the following is the most common vulnerability on any hardware device, including hardware-based virtual private networks (VPNs)?
Weak default password
Which of the following can perform authentication to provide integrity protection for the outermost IP header?
Authentication Header (AH)
Which of the following provides integrity protection for packet headers and data and can optionally provide replay protection and access protection?
Authentication Header (AH)
Which of the following establishes what a user can and cannot do relative to a virtual private network (VPN)?
Authorization