Chapter 7, Network + Ch 8 RQ

Ace your homework & exams now with Quizwiz!

Brute force attack

A hacker runs a program that tries numerous character combinations until it stumbles on the correct combination and cracks the key. What offensive strategy is this program using?

What feature of windows server allows for agent-less authentication?

AD (Active Directory)

What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?

ARP performs no authentication, and so it is highly vulnerable to attacks.

Citrix Xen

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?​

Network layer

At what layer of the OSI model does the IPSec encryption protocol operate?​

what kind of vulnerability is exploited by a ping of deaths?

Buffer overflow

What are the two primary features that give proxy servers an advantage over NAT?

Content filtering and improved performance, reverse proxy.

Which type DoS attack orchestrates an attack using uninfected computers?

DDroS ( Distributed reflective DoS)

A neighbor hacks into your secured wireless network on a regular basis, but you did int give him the password. What loophole was most likely left open?

Default password was never made.

​certification authorities

Digital certificates are issued by organizations known as what term?​

What's the difference between an IDS and an IPS?

IDS (intrusion detection system) creates alerts when suspicious activity happens. IPS (intrusion Prevention system) prevents traffic from reaching the network.

Private key

In public key encryption, which key is used to decrypt the message?

What wireless attack might a potential hacker execute with a specially configured transmitter?

Jamming

At what layer of the OSI model do proxy servers operate?

Layer 7, Application Layer

What of the following features does not distinguish an NGFW from traditional firewalls?

NGFW have built-in Application Control features and are application aware, user awareness, context aware. NGFW does not use UTM

What causes most firewall failures?

Not being configured correctly

Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities?

Posture assessment

​FCS

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?​

160 bit

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?​

​PAP

What authentication protocol sends authentication information in cleartext without encryption?​

TKIP

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?​

Port forwarding

What feature must be configured on a router to redirect traffic from an insecure port to a secure one?

128 bits

What is the minimum acceptable key size for today's security standards?

SSTP

What protocol below is a Microsoft proprietary protocol first available in Windows Vista?​

​non-repudiation

What security principle provides proof of delivery and proof of the sender's identity?​

DirectAccess

What service in Windows Server 2012 R2 authenticates remote users and computers to the Windows domain and its corporate network resources?

​VPN gateway

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?​

​In the authorized keys file on the host where the SSH server is.

When using public and private keys to connect to an SSH server, where must your public key be placed?​

PaaS

Which cloud computing service model gives software developers access to multiple operating systems for testing?

IPsec

Which encryption protocol does GRE use to increase the security of its transmissions?

Access contro

Which of the following is NOT one of the three AAA services provided by RADIUS and TACACS+?

PPPoE

Which remote access protocol is used over an Ethernet network?

L2TP

Which tunneling protocol is accepted and used by multiple vendors?

IaaS​

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?​

What kinds of issues might indicate a miss-configured ACL?

Wrong people being able to log in.

What software might be installed on a device in order to authenticate it to the network?

agent

What unique characteristic of zero-day exploits make them so dangerous?

because the vulnerability is exploited before the software developer has the opportunity to provide a solution for it

What kind of virus runs in place of the computer's normal systems files?

boot-sector viruses

What kind of firewall blocks traffic based on application data contained within the packets?

content-filtering firewall

Any traffic that is not explicitly permitted in the ACL is _______, which is called the ______.

dropped, implicit deny

Regarding managing security security levels, why do network administrators create domain groups?

to assign rights that meet the needs of those groups.

What distinguishes a virus from other types of malware?

to be a virus it must replicate itself with the intent to infect more computers.

every 60 seconds

​A SecurID key chain fob from RSA security generates a password that changes how often?

60 days

​How often should administrators and network users be required to change their password?

​key pair

​The combination of a public key and a private key are known by what term below?

SaaS

​What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

SHA-2

​What option below is not an encryption algorithm method that is used by SSH?

​22

​What option below is not an encryption algorithm method that is used by SSH?

EAP

​What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?

​IPSec

​What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?


Related study sets

BUS321 CH1- Environment and Theoretical Structure of Financial Accounting

View Set