Lesson 11: Implementing Secure Network Protocols
An organization routinely communicates directly to a partner company via a domain name. The domain name now leads to a fraudulent site for all users. Systems administrators find incorrect host records in DNS. What do the administrators believe to be the root cause?
An attacker masquerades as an authoritative name server.
An authoritative server for a zone creates an RRset signed with a Zone Signing Key. Another server requests a secure record exchange and the authoritative server returns the package along with the public key. Evaluate the scenario to determine what the authoritative server is demonstrating in this situation.
DNS Security Extension
An attacker modifies the HOSTS file on a workstation to redirect traffic. Consider the types of attacks and deduce which type of attack has likely occurred.
DNS client cache poisoning
When a company attempts to re-register their domain name, they find that an attacker has supplied false credentials to the domain registrar and redirected their host records to a different IP address. What type of attack has occurred?
Domain hijacking
A system administrator is setting up a new Simple Mail Transfer Protocol (SMTP) configuration. Make recommendations for how the administrator should configure the ports. (Select all that apply.)
Port 25 should be used for message relay. Port 465 should be used for message submission over implicit TLS.
A system administrator uses a Graphical User Interface (GUI) remote administration tool over TCP port 3389 to manage a server operating Windows 2016. Evaluate the types of remote administration tools to conclude which protocol the administrator is using.
Remote Desktop
A system administrator needs secure remote access into a Linux server. Evaluate the types of remote administration to recommend which protocol should be used in this situation.
Secure Shell (SSH)
If an administrator in an exchange server needs to send digitally signed and encrypted messages, what messaging implementation will best suit the administrator's needs?
Secure/Multipurpose Internet Mail Extensions (S/MIME)
A security engineer encrypted traffic between a client and a server. Which security protocol does the engineer configure if an ephemeral key agreement is used?
TLS 1.3
Transport layer security (TLS) version 1.3 improves upon a vulnerability in TLS1.2. Which statement correctly describes a remedy for this vulnerability?
TLS version 1.3 removes the ability to downgrade to weaker encryption ciphers and earlier versions of transport layer security.
A system administrator needs to implement a secure remote administration protocol and would like more information on Telnet. Evaluate and select the features of Telnet that the administrator should consider to accomplish this task. (Select all that apply.)
Telnet does not support direct file transfer. Telnet uses TCP port 23.
Analyze the methods for authentication to a Secure Shell (SSH) and determine which statement best summarizes the host-based authentication method.
The client submits a Ticket Granting Ticket (TGT) that is obtained when the user logged onto the workstation.
A technician is configuring Internet Protocol Security (IPSec) for communications over a Virtual Private Network (VPN). Evaluate the features of available modes and recommend the best option for implementation.
Tunnel mode because the whole IP packet is encrypted, and a new IP header is added.
A system administrator is configuring a new Dynamic Host Configuration Protocol (DHCP) server. Analyze the types of attacks DHCP servers are prone to and determine which steps the system administrator should take to protect the server. (Select all that apply.)
Use scanning and intrusion detection to pick up suspicious activity. Enable logging and review the logs for suspicious events. Disable unused ports and perform regular physical inspections to look for unauthorized devices.