Network+ ch 7 - Cloud Computing and Remote Access, Chapter 7, Network+ 7th edition Ch. 7&8, Chapter 7

Brute force attack

A hacker runs a program that tries numerous character combinations until it stumbles on the correct combination and cracks the key. What offensive strategy is this program using?

Network layer

At what layer of the OSI model does the IPSec encryption protocol operate?

IRC

Botnets often make use of what chat protocol in order to receive commands?​

An authentication protocol that operates over PPP and also encrypts usernames and passwords for transmission.

CHAP Challenge Handshake Authentication

Digital certificates are issued by organizations known as what term?

Certification authorities

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?​

Citrix Xen

​certification authorities

Digital certificates are issued by organizations known as what term?​

"What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?"

EAP

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.

False

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.​ T/F

False

60 days

How often should administrators and network users be required to change their password?

One of two services in the key management phase of creating a secure IPsec connection. It negotiates the exchange of keys, including authentication of the keys. It uses UDP and usually runs on port 500

IKE Internet Key Exchange

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

IPSec

What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

IPsec

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?

IaaS

Private key

In public key encryption, which key is used to decrypt the message?

The combination of a public key and a private key are known by what term below

Key Pair

At what layer of the OSI model does the IPsec encryption protocol operate?

Network layer

At what layer of the OSI model does the IPSec encryption protocol operate?​

Network layer 4

What authentication protocol sends authentication information in cleartext without encryption?

PAP

The _________________ cloud service model provides virtual environments online that can be tailored to the needs of developers.

PAS Platform as a service

True

PPP can support several types of Network layer protocols that might use the connection.

160 bit

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?

In Kerberos, a temporary set of credentials that a client uses to prove that its identity has been validated is known as a _____________.

Ticket

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.

True

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. T?F

True

What are the three tenets of the CIA triad, and how do they provide assurances that data will be protected?

Utility - data arrives in a format that is useful to the receiver Authenticity- data received is the data that was issued by the stated sender and not forged Non-repudiation- provides proof of delivery and proof of the sender's identity

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?

VPN gateway

​PAP

What authentication protocol sends authentication information in cleartext without encryption?​

polymorphism

What characteristic of viruses make it possible for a virus to potentially change its characteristics (such as file size, and internal instructions) to avoid detection?

TKIP

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?​

Port forwarding

What feature must be configured on a router to redirect traffic from an insecure port to a secure one?

dynamic ARP inspection

What feature on some network switches can be used to detect faked arp messages?

Describe the three way handshake process as used by CHAP

the server sends the client a randomly generated string of characters. The client sends a new string inresponse to theserver while the server concatenates the users password with a challenge and created it own string.

Logic Bomb

What type of virus are dormant until a specific condition is met, such as the changing of a file or a match of the current date?​

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques

KDC (Key Distribution Center) KDC)

In Kerberos terminology, the server that issues keys to clients during initial client authentication.

KDC Key Distribution Center KDC

Which of the following is NOT an encryption algorithm used by SSH?

SHA-2

​What option below is not an encryption algorithm method that is used by SSH?

SHA-2

What two protocols below are Data Link Layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dial-up or DSL connection and modem?

SLIP

What two options below are AAA services?

TACACS+ RADIUS

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?

TKIP

​FCS

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?​

PPP can support several types of Network layer protocols that might use the connection

True

PPP can support several types of Network layer protocols that might use the connection.

True

128 bits

What is the minimum acceptable key size for today's security standards?

​non-repudiation

What security principle provides proof of delivery and proof of the sender's identity?​

​In the authorized keys file on the host where the SSH server is.

When using public and private keys to connect to an SSH server, where must your public key be placed?​

Access control

Which of the following is NOT one of the three AAA services provided by RADIUS and TACACS+?

L2TP

Which tunneling protocol is accepted and used by multiple vendors?

IaaS​

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?​

True

Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP.

Digital certificates are issued by organizations known as what term?

certification authorities

Describe how public key encryption works.​

data is encrypted using two keys, one known to the user and the other is public key associated with the user

Describe the TLS/SSL handshake process as initiated by a web client accessing ​a secure website.

it allows the client and server to introduce themselves to each other and establishes terms for how they will securely exchange data.

The combination of a public key and a private key are known by what term below?

key pair

SaaS

​What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

SHA-2

​What option below is not an encryption algorithm method that is used by SSH?

​22

​What option below is not an encryption algorithm method that is used by SSH?

EAP

​What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?

​IPSec

​What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

What two protocols below are Data Link Layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dial-up or DSL connection and modem?

SLIP, PPP

What protocol below is a Microsoft proprietary protocol first available in Windows Vista?

SSTP

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

SaaS

A service model in which applications are provided through an online user interface and are compatible with a multitude of devices and operating systems.

SaaS Software as a Service

A Layer 2 communications protocol that enables a workstation to connect to a server using a serial connection such as dial-up or DSL. It can support multiple Network layer protocols and can encrypt transmissions.

TKIP Temporal Key Integrity Protocol

An encryption key generation and management scheme used by 802.11i

TKIP Temporal Key Integrity Protocol

banner-grabbing attack

An attack in which hackers transmit bogus requests for connection to servers or applications in order to harvest useful information to guide their attack efforts is known as what option below?​

What two different types of encryption can be used by IPSec during data transfer?

Authentication Header (AH) and Encapsulating Security Payload (ESP)

False

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.

PPP can support several types of Network layer protocols that might use the connection.​ T/F

True

Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP.

True

A _________________ is a service that is shared between multiple organizations, but not available publicly.

Community Cloud

Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP. T/F

True

A variant of TLS is ___________________, which provides authentication like SSL/TLS, but does not require a certificate for each user.​

Tunneled Transport Layer Security

TKIP

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?

​What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?

EAP

In the contest of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques. In add, it also encrypts the entire IP packed for added security.

ESP Encapsulating Security Payload

What two different types of encryption can be used by IPsec during data transfer?

Encapsulating Security Payload (ESP) Authentication Header (AH)

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?

FCS

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.

False

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.​ T/F

False

A service model in which hardware services are provided virtually, including network infrastructure devices such as virtual servers.

IaaS Infrastructure as a Service

0.0.0.0​

In ACL statements, the any keyword is equivalent to using what wildcard mask below?

When using public and private keys to connect to an SSH server, where must your public key be placed before you can connect?

In an authorization file on the host where the SSH server is.

The key management phase of IPSec is reliant on which two services below?

Internet Security Association and Key Management Protocol (ISAKMP) ​Internet Key Exchange (IKE)

The key management phase of IPsec is reliant on which two services below?

Internet Security Association and Key Management Protocol (ISAKMP), Internet Key Exchange (IKE)

True

PPP can support several types of Network layer protocols that might use the connection.​

When PPP is used over an Ethernet network, it is known as ________________.​

PPoE

smurf attack​

What kind of attack involves a flood of broadcast ping messages, with the originating source address being spoofed to appear as a host on the network?

A service model in which various platforms are provide virtually, enabling developer s to build and test application within virtual, online environments tailored to the specific needs of a project.

PaaS

Virtual Wire mode

What mode setting on a firewall makes the firewall transparent to surrounding nodes as if it's just part of the wire?​

SSTP

What protocol below is a Microsoft proprietary protocol first available in Windows Vista?​

DirectAccess

What service in Windows Server 2012 R2 authenticates remote users and computers to the Windows domain and its corporate network resources?

PaaS

Which cloud computing service model gives software developers access to multiple operating systems for testing?

IPsec

Which encryption protocol does GRE use to increase the security of its transmissions?

PPPoE

Which remote access protocol is used over an Ethernet network?

metasploit

Which software below combines known scanning techniques and exploits to allow for hybrid exploits?​

Natas

Which virus below combines polymorphism and stealth techniques to create a very destructive virus?

A SecurID key chain fob from RSA security generates a password that changes how often?

every 60 seconds

How is GRE used by the PPP protocol

it encapuslates PPP frames them take on the temporary id of IP packets at layer 3

What security principle provides proof of delivery and proof of the sender's identity?

non-repudiation

What security principle provides proof of delivery and proof of the sender's identity?​

non-repudiation

When using public and private keys to connect to an SSH server, where must your public key be placed?

​In the authorized keys file on the host where the SSH server is.

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?​

160

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?

160 bit

The SSH service listens on what TCP port?

22

What two key lengths are the most popular for the SHA-2 hashing algorithm?​

256 and 512

What two key lengths are the most popular for the SHA-2 hashing algorithm?

256, 512

How often should administrators and network users be required to change their password?

60 days

True

A SOHO wireless router typically acts as a firewall and may include packet filtering options.

amplification attack

A reflective attack can be increased in intensity by combining it with what type of attack?