2A

Question 1

What does NAC stand for?

Answer 1

Network Access Control

Question 2

___ is a wired and wireless network security solution that allows
control of access based on predefined conditions that systems must meet prior to being granted access to a network.

Answer 2

NAC

Question 3

Any system not meeting NAC conditions may be directed to a ___ ___ that allows the user to become compliant and then gain access to the main network. The restricted network does not grant access to network resources.

Answer 3

restricted network

Question 4

What are the four types of NAC?

Answer 4

1. Agent-Based NAC
2. Agentless-Based NAC
3. Dissolvable Agent
4. Permanent Agent

Question 5

___ ____ ____ utilizes software installed on clients which authenticates the client to the NAC for scanning before allowing network access.

Answer 5

Agent-based NAC

Question 6

____ ____ does not require agent software to be installed on a client. The authentication server will perform any required checks.

Answer 6

Agentless NAC

Question 7

NAC agents can be ____, thereby continuously monitoring the system it’s installed on, or they can be dissolvable.

Answer 7

permanent

Question 8

___ agents are installed on the device when it attempts to connect to the network. After scanning the device for compliance, the ___ NAC will either remove itself immediately, or it may remain on the device until the device disconnects from the network.

Answer 8

Dissolvable agents

Question 9

Secured system access requires individuals to identify themselves and for a system to verify that they are who they say they are. This verification process is called ___.

Answer 9

authentication

Question 10

What are the five different kinds of authentication factors?

Answer 10

1. Something you know
2. Something you have
3. Something you are
4. Somewhere you are
5. Something you do

Question 11

The following describes which kind of authentication factor?

Users must know something to prove their identity. Examples include passwords and personal identification numbers (PINs). This is the most common authentication factor.

Answer 11

Something you know

Question 12

The following describes which kind of authentication factor?

Relies on users possessing physical objects prior to being granted access. Examples include swipe cards, physical tokens and codes sent to mobile phones via text message.

Answer 12

Something you have

Question 13

The following describes which kind of authentication factor?

Based on a user’s physical characteristic, such as fingerprints, voice, retina, or facial recognition. A biometrics system is required for this factor.

Answer 13

Something you are

Question 14

The following describes which kind of authentication factor?

Based upon a user’s location, determined by the global positioning system (GPS) or Internet protocol (IP) address.

Answer 14

Somewhere you are

Question 15

The following describes which kind of authentication factor?

Based on user habits like typing patterns, the user’s natural signature, or the way they walk (gait).

Answer 15

Something you do

Question 16

Combining more than one authentication factor is even more secure than single-factor authentication. ___ ___ uses two or more factors, such as something you have (token) + something you know (password).

Answer 16

Multifactor authentication

Question 17

It is important to know that combining multiple things within the same factor category is ___ multifactor authentication. For example, a username + password scheme is still based on two
kinds of something you know.

Answer 17

is NOT

Question 18

Traditionally, every server throughout a network requires a separate logon and authentication process. With ___ ___ ___, users authenticate once onto a network, and are granted access to
multiple systems without needing to provide additional credentials.

Answer 18

single sign-on (SSO)

Question 19

SSO has advantages for both users and administrators. For users, the advantage is that they don’t have to…?

Answer 19

remember credentials for multiple systems

Question 20

SSO has advantages for both users and administrators. For administrators, the advantage is that they don’t have to…?

Answer 20

manage multiple logon credentials for every user for each server

Question 21

However, the drawback to SSO is that if an account is compromised, a hacker can now…?

Answer 21

access multiple servers rather than just one

Question 22

What are the three types of Network Security Enforcement?

Answer 22

1. Host Health Checks
2. Wireless Terms of Usage
3. 802.1x

Question 23

The following describes which kind of Network Security Enforcement?

NAC can scan a system attempting to connect to the network for operating system updates, antivirus software and virus definitions, and it can determine whether a host-based firewall is installed and running.

Answer 23

Host Health Check

Question 24

The following describes which kind of Network Security Enforcement?

NAC may require users connecting to a wireless network to accept terms of usage before permitting them access.

Answer 24

Wireless Terms of Usage

Question 25

The following describes which kind of Network Security Enforcement?

A popular authentication protocol for hardening a network to ensure that anyone who connects to the network provides valid credentials before the network connection is allowed. An Institute of Electrical and Electronics Engineers (IEEE) standard ____-compliant switch can be configured in conjunction with an authentication service to ensure connecting clients are authenticated before permitting network access.

Answer 25

802.1x