Week 7
Which of the following algorithms are used in symmetric encryption? (Select two.) A) Blowfish B) ECC C) Diffie-Hellman D) RSA E) 3DES
A) Blowfish & C) Diffie-Hellman
Which of the following authentication protocols transmits passwords in cleartext and, therefore, is considered too unsecure for modern networks? A) PAP B) EAP C) RADIUS D) CHAP
A) PAP
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system? A) Ticket B) Voucher C) Coupon D) Hashkey
A) Ticket
Your LDAP directory-services solution uses simple authentication. What should you always do when using simple authentication?
Add SASL and use TLS
Your computer system is a participant in an asymmetric cryptography system. You've crafted a message to be sent to another user. Before transmission, you hash the message and then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. Which protection does the private key-signing activity of this process provide? A) Availability B) Integrity C) Confidentiality D) Non-Repudiation
B) Integrity
What is the most obvious means of providing non-repudiation in a cryptography system?
Digital signatures
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?
Mary's private key
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
Mutual authentications
Cryptographic systems provide which of the following security services? (Select two.)
Non-repudiation, Confidentiality
Which of the following ports are used with TACACS?
Port 49
Which of the following are differences between RADIUS and TACACS+?
RADIUS uses TCP; TACACS+ uses UDP.
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)
RADIUS, TACACS+
Which of the following can be classified as a stream cipher?
RC4
You often travel away from the office. While traveling, you would like to use your laptop computer to connect directly to a server in your office and access files. You want the connection to be as secure as possible. Which type of connection do you need?
Remote access
What does a remote access server use for authorization?
Remote access policies
kerberos to protect LDAP authentication. Which authentication mode should you choose?
SASL
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?
Sender's public key
Which of the following is a direct integrity protection? a. Digital signature b. Asymmetric encryption c. Symmetric encryption d. Digital envelope
a. Digital signature
What is mutual authentication? a. The use of two or more authentication factors. b. A process by which each party in an online communication verifies the identity of the other party. c. Deploying CHAP and EAP on remote access connections. d. Using a certificate authority (CA) to issue certificates.
b. A process by which each party in an online communication verifies the identity of the other party.
Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt? a. Collision attack b. Dictionary attack c. Downgrade attack d. Birthday attack
b. Dictionary attack
A manager has told you she is concerned about her employees writing their passwords for websites, network files, and database resources on sticky notes. Your office runs exclusively in a Windows environment. Which tool could you use to prevent this behavior? a. Local Users and Groups b. Key Management Service c. Credential Manager d. Computer Management
c. Credential Manager
Which of the following algorithms are used in asymmetric encryption? (Select two.) a. Blowfish b. AES c. Diffie-Hellman d. Twofish e. RSA
c. Diffie-Hellman e. RSA
You are attempting to delete the temp group but are unable to. Which of the following is the MOST likely cause? a. Groups cannot be deleted. b. The secondary group of an existing user cannot be deleted. c. The primary group of an existing user cannot be deleted. d. All users have already been deleted.
c. The primary group of an existing user cannot be deleted.
What is the main function of a TPM hardware chip?
generate and store cryptographic keys
You have a group named Research on your system that needs a new password because a member of the group has left the company. Which of the following commands should you use?
gpasswd research
You are the administrator for a small company, and you need to add a new group of users to the system. The group's name is sales. Which command accomplishes this task?
groupadd sales
You have a group named temp_sales on your system. The group is no longer needed, so you should remove it. Which of the following commands should you use?
groupdel temp_sales
You want to see which primary and secondary groups the dredford user belongs to. Enter the command you would use to display group memberships for dredford.
groups dredford
Which of the following commands is used to change the current group ID during a login session?
newgrp
Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
private keys
Which of the following commands removes a user from all secondary group memberships?
usermod -G ""
Which of the following commands assigns a user to a primary group?
usermod -g
You want to deploy SSL to protect authentication traffic with your LDAP-based directory service. Which port does this action use?
636
Which ports does LDAP use by default? (Select two.)
636 389
When a sender encrypts a message using their own private key, which security service is being provided to the recipient? A) Availability B) Integrity C) Confidentiality D) Non-Repudiation
D) Non-Repudiation
Which of the following encryption mechanisms offers the least security because of weak keys?
DES
You have downloaded a file from the internet. You generate a hash and check it against the original file's hash to ensure the file has not been changed. Which information security goal is this an example of?
Integrity
Which term means a cryptography mechanism that hides secret communications within various forms of data?
Steganography
Which form of cryptography is best suited for bulk encryption because it is so fast?
Symmetric key cryptography