Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network+ > Certmaster Explaining Common Security Concepts > Flashcards

Certmaster Explaining Common Security Concepts Flashcards

1
Q

An administrator needs to perform maintenance on routers and switches and is authenticating to them over TCP port 49. What protocol is the administrator using?

A.TACACS+
B.RADIUS
C.EAP
D.IEEE 802.1X Port-based NAC

A

a

The administrator is using TACACS+ which is a protocol used in authenticating administrative access to routers and switches and uses TCP over port 49.

Remote Authentication Dial-in User Service (RADIUS) is a protocol used for client device access over switches, wireless networks, and VPNs, and typically uses UDP ports 1812 and 1813.

Extensible Authentication Protocol (EAP) provides a framework for deploying multiple types of authentication protocols and technologies and allows lots of different authentication methods.

The IEEE 802.1X Port-based Network Access Control (NAC) protocol provides the means of using an EAP method when a device connects to an Ethernet switch port, wireless access point, or VPN gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An organization is using Lightweight Directory Access Protocol (LDAP) to update the directory database. The administrator insists that steps to ensure access to the directory has already been completed and is secure. What authentication methods will the administrator disable? (Select all that apply.)

A.SASL
B.Simple bind
C.No authentication
D.LDAPS

A

B, C

Since the administrator insists on secure access, the administrator will disable a simple bind in which the client must supply its distinguished name (DN) and password, but these are plaintext.

Since the administrator insists on secure access, the administrator will disable no authentication, which grants anonymous access to the directory, on the server.

In Simple Authentication and Security Layer (SASL), the client and server negotiate the use of a supported authentication mechanism, such as Kerberos. This is the preferred mechanism for Microsoft’s Active Directory (AD) implementation of LDAP.

In LDAP Secure (LDAPS), the administrator installs the server with a digital certificate which it uses to set up a secure tunnel for the user credential exchange. LDAPS uses port 636.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An organization that issues public keys should obtain a digital certificate. What does the digital certificate contain? (Select all that apply.)

A.Information on the certificate’s guarantor
B.Information about the subject
C.Public key infrastructure
D.The subject’s public key

A

A, B, D

The validity of the certificate is guaranteed by a certificate authority (CA) and the certificate will contain information about the certificate’s issuer or guarantor.

A digital certificate will contain information about the subject. The CA digitally signs the certificate to prove that it was issued to the subject by a particular CA.

Under PKI, anyone issuing public keys should obtain a digital certificate and the digital certificate is essentially a wrapper for a subject’s (or end entity’s) public key.

Public key infrastructure (PKI) aims to prove that the owners of public keys are who they say they are and, under PKI, anyone issuing public keys should obtain a digital certificate.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A security company is working with a new customer and is describing different kinds of attacks they have discovered through research. What form of threat research does this represent?

A.Behavioral threat research
B.Reputational threat intelligence
C.Threat data
D.Threat assessment

A

A

This represents behavioral threat research, which is a narrative commentary describing examples of attacks and the tactics, techniques, and procedures (TTPs) gathered through primary research sources.

Reputational threat intelligence consists of lists of IP addresses and domains associated with malicious behavior, plus signatures of known file-based malware.

Threat data is computer data that can correlate events observed on a customer’s own networks and logs with known TTP and threat actor indicators.

Threat assessment is not a form of threat research, it is the process of identifying threat sources and profiling the types and capabilities of threat actors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An organization has identified that they must be able to continually process customer payments and pay employee salaries to keep the business running even in the event of a service disruption as mission essential functions. What assessment involves identifying critical systems and assets that support mission essential functions?

A.Risk assessment
B.Posture assessment
C.Process assessment
D.Business impact analysis

A

C

The organization used a process assessment which involves identifying critical systems and assets that support mission essential functions.

Risk assessment is a subset of risk management where an organization evaluates its systems and procedures for risk factors. Separate assessments can perform an initial evaluation and ongoing monitoring of threats, vulnerabilities, and security posture.

A posture assessment is the overall status of risk management and shows which risk response options the organization can identify and prioritize.

Business impact analysis (BIA) is the process of assessing what losses might occur for a range of threat scenarios.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Network+ (38 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions