Certification Review Practice Exam D
Which of the following user authentication technologies uses digital certificates and a certificate authority (CA)?
PKI
Which of the following approaches to wireless LAN (WLAN) security requires a matching string of characters to be configured on a WLAN client and a WLAN access point (AP)?
Pre-shared key
Which of the following remote access security technologies is a UDP-based protocol used to communicate with an AAA server and does not encrypt an entire authentication packet, but only encrypts the password?
RADIUS
Which of the following user authentication technologies is used by Microsoft Windows® clients to remotely access a Microsoft Windows® network?
RAS
Which of the following wireless LAN (WLAN) security threats is also known as an "evil twin?"
Rogue access point
Which of the following allows a user to authenticate only once in order to gain access to multiple systems, without requiring the user to independently authenticate with each system?
SSO
What is the name of the physical security device that is credit card sized and allows a user to authenticate onto a network?
Smart card
Which of the following security attacks uses Internet Control Message Protocol (ICMP) traffic with the intended victim's spoofed source IP, directed to a subnet, to flood a target system with Ping replies?
Smurk attack
Which of the following security attacks occurs when an attacker convinces someone to voluntarily provide information (for example, username and password credentials) to the attacker?
Social engineering attack
Which of the following remote access security technologies is a TCP-based protocol used to communicate with an AAA server and encrypts an entire authentication packet, rather than just the password?
TACACS+
Which of the following requires two types of authentication (but no more) from a user seeking admission to a network?
TFA
What is a common reason for disabling SSID broadcast in a wireless LAN (WLAN)?
To better conceal the SSID of a WLAN
Which of the following security threats is a program that appears to be for one purpose (for example, a game), but secretly performs another task (for example, collecting a list of contacts from an end-user's e-mail program)?
Trojan horse
What type of physical security utilizes a fingerprint or facial recognition to verify identity?
Biometrics
Which of the following security attacks occurs when an attacker exploits a known vulnerability in an application (for example, an error in an application that allowed that application to write to an area of memory dedicated to a different application), which could cause another application to crash?
Buffer overflow attack
Which IEEE standard, supported on some Ethernet switches, requires a user to authenticate themselves before gaining access to the rest of the network?
802.1X
Which of the following approaches to wireless LAN (WLAN) security involves the use of an authentication server?
802.1X
Which of the following security attacks occurs when an attacker compromises multiple systems, and those compromised systems, called "zombies," are instructed by the attacker to simultaneously launch an attack against a target system, exhausting that target system's resources?
DDoS attack
A firewall might use what configuration option to prevent users on the Internet from initiating sessions with devices inside a corporate network, while still allowing users on the Internet to initiate sessions with publicly available corporate servers (for example, an e-mail server or a web server)?
DMZ
Which of the following approaches to wireless LAN (WLAN) security helps conceal the existence of a WLAN?
Disabling SSID broadcast
Which of the following security attacks occurs when an attacker sends a target system a flood of data or requests that consume the target system's resources?
DoS attack
Which of the following security attacks occurs when an attacker sends the target system a flood of data or requests that consume the target system's resources?
DoS attack
Which of the following specifies how authentication is performed by IEEE 802.1X?
EAP
Which of the following security attacks leverages the PORT command?
FTP bounce attack
Which of the following is a system designed to appear as an attractive attack target?
Honeypot
Which of the following remote access security technologies is a client-server authentication protocol and uses the concept of a trusted third party (that is, a Key Distribution Center) that hands out tickets that are used instead of a username and password combination?
Kerberos
What is the name of the physical security device that's commonly grouped with keys and can be used to gain access to a network or a physical location?
Key fob
Which of the following security threats is a program that runs in the background of a computer and keeps a record of what a user types on their keyboard?
Keylogger
Which of the following approaches to wireless LAN (WLAN) security restricts access to a WLAN based on a computer's wireless interface card?
MAC address filtering
Which of the following user authentication protocols added two-way authentication to an earlier version of the protocol?
MS-CHAP
Which of the following security attacks occurs when an attacker causes traffic flowing between two devices on a network to flow through the attacker's device?
Man-in-the-middle attack
Which of the following requires two or more types of authentication from a user seeking admission to a network?
Multifactor authentication
Which of the following approaches to wireless LAN (WLAN) security uses RC4 as its encryption algorithm?
WEP
Which of the following wireless LAN (WLAN) security threats involves mathematical algorithms that can determine a pre-shared key value?
WEP and WPA security cracking
Which two of the following are common wireless security standards?
WEP; WPA
Which of the following approaches to wireless LAN (WLAN) security uses TKIP for encryption?
WPA
Which of the following approaches to wireless LAN (WLAN) security requires users to authenticate against an authentication server's database, rather than a client being configured with a PSK?
WPA Enterprise
Which of the following approaches to wireless LAN (WLAN) security uses AES for encryption?
WPA2
Which of the following wireless LAN (WLAN) security threats involves performing reconnaissance to identify open wireless access points (APs) that could potentially become targets of future attacks?
War driving
Which of the following wireless LAN (WLAN) security threats involves a user writing a symbol in a public place, letting other users know about the existence of a WLAN, and possibly information about how to access that WLAN?
Warchalking
