4.2 Security Architecture and Tool Sets Flashcards

1
Q

what is the top-most level of the LDAP hierarchy?

A

root

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is the primary function of LDAP?

A

lightweight directory access protocol (LDAP) controls client access to directories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what are flood guards?

A

devices that protect denial of service (DoS) attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what does the acronym RADIUS denote?

A

remote authentication dial-in user service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what are the two types of eye scans?

A

iris scans and retinal scans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

which type of authentication is accomplished by authenticating both the client and server sides of a concentration through the encrypted exchange of credentials?

A

mutual authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what does the acronym TACACS denote?

A

terminal access controller access control system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

which function does a single sign-on (SSO) system provide?

A

it allows a user to present authentication credentials once and gain access to all computers within the SSO system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is the purpose of federated identity management?

A

it allows single sign-on (SSO) between companies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what does the acronym KDC denote?

A

key distribution center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

which authentication protocol uses UDP: TACACS+ or RADIUS?

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

which security-server application and protocol implements authentication and authorization of users from a central server over TCP?

A

terminal access controller access control system plus (TACACS+)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

which authentication protocol is an open standard: TACACS+ or RADIUS?

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

which authentication system includes clients, servers, and a key distribution center (KDC)?

A

kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

which authentication protocol separates authentication and authorization: TACACS+ or RADIUS?

A

TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

which Cisco implementation is similar to a RADIUS implementation?

A

TACACS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

what are the two components of the kerberos key distribution center?

A

authentication server (AS) and ticket-granting server (TGS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

which access control model is based on the data’s owner implementing and administering access control?

A

discretionary access control (DAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

which eye scan measures the pattern of blood vessels at the back of the eye?

A

retinal scan

20
Q

scanning fingerprints is an example of which authentication technique

A

biometrics

21
Q

using role-based access control (RBAC), which entities are assigned roles?

A

users or subjects

22
Q

which kerberos component holds all users’ and services’ cryptographic keys and generates tickets?

A

key distribution center (KDC)

23
Q

who has the responsibility for configuring access rights in discretionary access control (DAC)?

A

the data owner or data custodian

24
Q

what is the most important biometric system characteristic?

25
which type of attack can turn a switch into a hub?
MAC flooding
26
what does the acronym MAC denote?
mandatory access control
27
which type of eye scan is considered more intrusive than other eye scans?
retinal scan
28
which fingerprint scan will analyze fingerprint ridge direction?
minutiae matching
29
why is password disclosure a significant security issue in a single sign-on network?
it could compromise the entire system because authentication grants access to any systems on the network to which the actual user may have permission
30
which access control model has the lowest cost?
role-based access control (RBAC)
31
what does the acronym SSO denote?
single sign-on
32
which authentication protocol encrypts the entire packet (not just the password): TACACS+ or RADIUS?
TACACS+
33
which authentication protocol uses tickets to authenticate users?
Kerberos
34
which function does RADIUS provide?
centralized authentication, authorization, and accounting for remote dial-in users
35
which security-server application and protocol implement authentication of users from a central server over UDP?
remote authentication dial-in user service (RADIUS)
36
which directory protocol does directory-enabled networking (DEN) use?
lightweight directory access protocol (LDAP)
37
which access control model uses security labels for each resource?
mandatory access control (MAC)
38
what are the two advantages of single sign-on (SSO)?
convenience and centralized administration
39
which access control model requires assigning security clearance levels to users, such as secret, top-secret, and confidential?
mandatory access control (MAC)
40
which internet protocol based on X.500 is used to access the data stored in a network directory?
lightweight directory access protocol (LDAP)
41
what is the purpose of RADIUS?
remote access dial-in user service (RADIUS) enables remote access users to log on to a network through a shared authentication database
42
which ethernet standard uses a wireless access point with a remote authentication dial-in user service (RADIUS) server to authenticate wireless users?
802.1x
43
which type of authentication combines two or more authentication methods, like something that a person knows (such as password), something that a person owns (such as a smart card), and a characteristic about the person (such as a fingerprint)?
multi-factor authentication
44
which technique is used to prevent network bridging?
network separation
45
on which standard is lightweight directory access protocol (LDAP) based?
X.500