Chapter 7 Review
Which of the following is NOT one of the three AAA services provided by RADIUS and TACACS+?
Access control
AES
Advanced Encryption Standard
A hacker runs a program that tries numerous character combinations until it stumbles on the correct combination and cracks the key. What offensive strategy is this program using?
Brute force attack
When surfing online, you get some strange data on an apparently secure Web site, and you realize you need to check the legitimacy of the site. What kind of organization issues digital certificates?
Certificate Authority
What service in Windows Server 2012 R2 authenticates remote users and computers to the Windows domain and its corporate network resources?
DirectAccess
ESP Encryption
Encapsulating Security Payload Encryption
_____ is used for confidentiality while _____is used for integrity and authentication.
Encryption, Hashes
EAP
Extensible Authentication Protocol
EAPoL
Extensible Authentication Protocol over LAN
G.R.E.
Generic Routing Encapsulation
Which encryption protocol does GRE use to increase the security of its transmissions?
I.P.sec
I.a.a.S.
Infrastructure as a Service
IETF
Internet Engineering Task Force
KDC
Key Distribution Center
MD5
Message Digest algorithm 5
MS-CHAP v2
Microsoft Challenge Handshake Authentication Protocol, version 2
MS-CHAP
Microsoft Challenge Handshake Authentication Protocol
Which remote access protocol is used over an Ethernet network?
PPPoE
PaaS
Platform as a Service
All types of remote access techniques require some type of _____ _____ _____ ____, which accepts a remote connection and grants privileges to the network's resources.
Remote Access Server (RAS)
With SSH, you can securely log on to a host, execute commands on that host, and copy files to or from that host.
SSH encrypts data exchanged throughout the session.
SaaS
Software as a Service
T.K.I.P.
Temporal Key Integrity Protocol
TGS
Ticket-Granting Service
Choosing a secure password is one of the easiest and least expensive ways to guard against unauthorized access.
Unfortunately, too many people prefer to use an easy-to-remember password.
EAPoL is primarily used with what kind of transmission?
Wireless Transmissions
What unique VPN connection characteristic is provided by the conjunction of RRAS and DirectAccess?
always on remote connections
AH
authentication header
AS
authentication service
AAA
authentication, authoriza- tion, and accounting
CIA
confidentiality, integrity, and availability
HVD
hosted virtual desktop
SSO
single sign-on
Which Transport layer protocol does PPTP use? Which Transport layer protocol does L2TP use?
PPTP uses TCP L2TP uses UDP
In public key encryption, which key is used to decrypt the message?
Private key
Which two protocols are available to create secure transmissions for HTTP sessions?
SSL & TLS
X.a.a.S.
Anything as a Service or Everything as a Service
In public key encryption, a user's public key can be obtained from a third-party source, such as a public key server.
But the encrypted message can only be decrypted with the user's private key.
TTLS
Tunneled Transport Layer Security
What are the two primary encryption techniques used by VPNs today?
I.P.sec & SSL
EAP only provides the framework for authenticating clients and servers. It does not perform encryption or authentication on its own.
Instead, it works with other encryption and authentication schemes to verify the credentials of clients and servers.
IKE
Internet Key Exchange
I.P.sec
Internet Protocol Security
ISAKMP
Internet Security Association and Key Management Protocol
Which tunneling protocol is accepted and used by multiple vendors?
L2TP
L2TP
Layer 2 Tunneling Protocol
PAP
Password Authentication Protocol
PKI
Public-key Infrastructure
RAS
Remote Access Service
RADIUS
Remote Authentication Dial-In User Service
What is the minimum acceptable key size for today's security standards?
128 bits
Organizations with common interests, such as regulatory requirements, performance requirements, or data access, might share resources in a _______ ______.
Community Cloud
Which cloud computing service model gives software developers access to multiple operating systems for testing?
Platform as a Service (PaaS)
PTP
Point to Point
PPP
Point-to-Point Protocol
PPPoE
Point-to-Point Protocol over Ethernet
PPTP
Point-to-Point Tunneling Protocol
What feature must be configured on a router to redirect traffic from an insecure port to a secure one?
Port forwarding
RRAS
Routing and Remote Access Service
SLIP is an earlier Point-to-Point Protocol that does not support encryption, can carry only IP packets, and works strictly on serial connections.
SLIP has been replaced by PPP, which can support several types of Network layer protocols and can provide weak encryption.
SHA
Secure Hash Algorithm
SSTP
Secure Socket Tunneling Protocol
SLIP
Serial Line Internet Protocol
SSL and TLS are both methods of encrypting TCP/IP transmissions en route between the client and server using public key encryption technology.
The two protocols work together and are widely known as SSL/TLS.
T.A.C.A.C.S.+
Terminal Access Controller Access Control System Plus
TGT
Ticket-Granting Ticket
What kind of ticket is held by Kerberos' TGS?
Ticket-Granting Ticket (TGT)
MFA
multifactor authentication