Chapter 7 Review

Which of the following is NOT one of the three AAA services provided by RADIUS and TACACS+?

Access control

AES

Advanced Encryption Standard

A hacker runs a program that tries numerous character combinations until it stumbles on the correct combination and cracks the key. What offensive strategy is this program using?

Brute force attack

When surfing online, you get some strange data on an apparently secure Web site, and you realize you need to check the legitimacy of the site. What kind of organization issues digital certificates?

Certificate Authority

What service in Windows Server 2012 R2 authenticates remote users and computers to the Windows domain and its corporate network resources?

DirectAccess

ESP Encryption

Encapsulating Security Payload Encryption

_____ is used for confidentiality while _____is used for integrity and authentication.

Encryption, Hashes

EAP

Extensible Authentication Protocol

EAPoL

Extensible Authentication Protocol over LAN

G.R.E.

Generic Routing Encapsulation

Which encryption protocol does GRE use to increase the security of its transmissions?

I.P.sec

I.a.a.S.

Infrastructure as a Service

IETF

Internet Engineering Task Force

KDC

Key Distribution Center

MD5

Message Digest algorithm 5

MS-CHAP v2

Microsoft Challenge Handshake Authentication Protocol, version 2

MS-CHAP

Microsoft Challenge Handshake Authentication Protocol

Which remote access protocol is used over an Ethernet network?

PPPoE

PaaS

Platform as a Service

All types of remote access techniques require some type of _____ _____ _____ ____, which accepts a remote connection and grants privileges to the network's resources.

Remote Access Server (RAS)

With SSH, you can securely log on to a host, execute commands on that host, and copy files to or from that host.

SSH encrypts data exchanged throughout the session.

SaaS

Software as a Service

T.K.I.P.

Temporal Key Integrity Protocol

TGS

Ticket-Granting Service

Choosing a secure password is one of the easiest and least expensive ways to guard against unauthorized access.

Unfortunately, too many people prefer to use an easy-to-remember password.

EAPoL is primarily used with what kind of transmission?

Wireless Transmissions

What unique VPN connection characteristic is provided by the conjunction of RRAS and DirectAccess?

always on remote connections

AH

authentication header

AS

authentication service

AAA

authentication, authoriza- tion, and accounting

CIA

confidentiality, integrity, and availability

HVD

hosted virtual desktop

SSO

single sign-on

Which Transport layer protocol does PPTP use? Which Transport layer protocol does L2TP use?

PPTP uses TCP L2TP uses UDP

In public key encryption, which key is used to decrypt the message?

Private key

Which two protocols are available to create secure transmissions for HTTP sessions?

SSL & TLS

X.a.a.S.

Anything as a Service or Everything as a Service

In public key encryption, a user's public key can be obtained from a third-party source, such as a public key server.

But the encrypted message can only be decrypted with the user's private key.

TTLS

Tunneled Transport Layer Security

What are the two primary encryption techniques used by VPNs today?

I.P.sec & SSL

EAP only provides the framework for authenticating clients and servers. It does not perform encryption or authentication on its own.

Instead, it works with other encryption and authentication schemes to verify the credentials of clients and servers.

IKE

Internet Key Exchange

I.P.sec

Internet Protocol Security

ISAKMP

Internet Security Association and Key Management Protocol

Which tunneling protocol is accepted and used by multiple vendors?

L2TP

L2TP

Layer 2 Tunneling Protocol

PAP

Password Authentication Protocol

PKI

Public-key Infrastructure

RAS

Remote Access Service

RADIUS

Remote Authentication Dial-In User Service

What is the minimum acceptable key size for today's security standards?

128 bits

Organizations with common interests, such as regulatory requirements, performance requirements, or data access, might share resources in a _______ ______.

Community Cloud

Which cloud computing service model gives software developers access to multiple operating systems for testing?

Platform as a Service (PaaS)

PTP

Point to Point

PPP

Point-to-Point Protocol

PPPoE

Point-to-Point Protocol over Ethernet

PPTP

Point-to-Point Tunneling Protocol

What feature must be configured on a router to redirect traffic from an insecure port to a secure one?

Port forwarding

RRAS

Routing and Remote Access Service

SLIP is an earlier Point-to-Point Protocol that does not support encryption, can carry only IP packets, and works strictly on serial connections.

SLIP has been replaced by PPP, which can support several types of Network layer protocols and can provide weak encryption.

SHA

Secure Hash Algorithm

SSTP

Secure Socket Tunneling Protocol

SLIP

Serial Line Internet Protocol

SSL and TLS are both methods of encrypting TCP/IP transmissions en route between the client and server using public key encryption technology.

The two protocols work together and are widely known as SSL/TLS.

T.A.C.A.C.S.+

Terminal Access Controller Access Control System Plus

TGT

Ticket-Granting Ticket

What kind of ticket is held by Kerberos' TGS?

Ticket-Granting Ticket (TGT)

MFA

multifactor authentication