Sec+ | Certification | 17
X.500
A series of computer networking standards used for implementing directory services is known as: 802.11x X.500 802.1X X.25
STP
A type of twisted-pair cabling equipped with an additional protective cover that allows for reducing signal interference from outside sources and provides protection against eavesdropping is known as: UTP Coax STP Twinax
Federation
An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is known as: AAA framework Multifactor authentication Group-based access control Federation
SSO
An authentication subsystem in which a single set of authentication credentials provides access to multiple systems within a single organization is referred to as: NAC SSO RBAC DAC
Kerberos
Assigning a unique encrypted key, called a ticket, to each user that logs on to the network is a characteristic feature of: SAML TOTP RADIUS Kerberos
True
Authentication process can be based on different categories of authentication factors, including unique physical traits of each individual such as fingerprints ("something you are"), physical tokens such as smart cards ("something you have"), or user names and passwords ("something you know"). Additional factors might include geolocation ("somewhere you are"), or user-specific activity patterns, such as for example keyboard typing style ("something you do"). Multifactor authentication systems require implementation of authentication factors from two or more different categories. True False
True
Challenge Handshake Authentication Protocol (CHAP) is a remote access authentication protocol that periodically re-authenticates client at random intervals to prevent session hijacking. True False
-Is also known as disk striping -Decreases reliability (failure of any disk in the array destroys the entire array) -Is suitable for systems where performance has higher priority than fault tolerance
Hardware-based RAID Level 0: (Select 3 answers) -Is also known as disk striping -Decreases reliability (failure of any disk in the array destroys the entire array) -Is also referred to as disk mirroring -Offers less volume capacity in comparison to RAID 1 -Requires at least 3 drives to implement -Is suitable for systems where performance has higher priority than fault tolerance
-Requires at least 2 drives to implement -Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) -Is also referred to as disk mirroring
Hardware-based RAID Level 1: (Select 3 answers) -Requires at least 2 drives to implement -Is also known as disk striping -Offers improved performance in comparison to RAID 0 -Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) -Is also referred to as disk mirroring
Accounting
In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called: Authentication Authorization Accounting
Replay attacks
In the Kerberos-based authentication process, the purpose of the client's timestamp is to provide countermeasure against: Replay attacks Dictionary attacks Birthday attacks Downgrade attacks
True
Setting up hot and cold aisles in a server room allows for more efficient management of air flow. True False
True
The term "Mantrap" refers to a physical security access control system used to prevent unauthorized users from gaining access to restricted areas by following another person. An example mantrap could be a two-door entrance point connected to a guard station wherein a person entering mantrap from the outside remains locked inside until he/she provides authentication token required to unlock the inner door. True False
-Encrypts the entire payload of the access-request packet -Primarily used for device administration -Separates authentication and authorization
What are the characteristics of TACACS+? (Select 3 answers) Encrypts only the password in the access-request packet Combines authentication and authorization Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication and authorization Primarily used for network access
LDAPS
Which of the answers listed below refers to a TLS-based directory access protocol? PPTP NTLM Kerberos LDAPS Your answer to this question is incorrect.
PAP
Which of the answers listed below refers to an obsolete authentication protocol that sends passwords in cleartext? PAP CHAP EAP MS-CHAP
Authorization
Which of the answers listed below refers to the process of granting or denying access to resources? Authentication Authorization Accounting
Physical security control type Provides protection against RFI Provides protection against EMI
Which of the following answers refer(s) to the characteristic feature(s) of Faraday cage? (Select all that apply) Physical security control type Provides protection against RFI Technical security control type Provides protection against EMI
MS-CHAPv2
Which of the following answers refers the latest Microsoft-proprietary implementation of the Challenge Handshake Authentication Protocol (CHAP)? MS-CHAPv1 MS-CHAPv2 MS-CHAPv3 MS-CHAPv4
TACACS+
Which of the following answers refers to a RADIUS alternative developed by Cisco? TACACS Kerberos SAML TACACS+
Password and biometric scan
Which of the following examples meets the requirement of multifactor authentication? Password and biometric scan Username and PIN Smart card and identification badge Iris and fingerprint scan
RAID 0
Which of the following solutions would not decrease the risk of server downtime? RAID 5 Load balancer RAID 0 Failover cluster RAID 1 Backup generator
Air gap
Which of the physical security control types listed below provides isolation from external computer networks? Air gap Protected cabling Network segmentation Hardware firewall
Authentication
Which part of the AAA security architecture deals with the verification of the identity of a person or process? Authentication Authorization Accounting
NTP
Which protocol ensures the reliability of the Kerberos authentication process? EAP NTP IPsec RTP