CH10 - Course Quiz

Question 1

Which term refers to a cipher’s underlying mathematical formula?

algorithm
encryption
authentication
hash

Answer 1

algorithm

Question 2

Which term refers to an encrypted link between SSH processes on two separate computers?

PKI
SSH Tunnel
802.1x
Kerberos

Answer 2

SSH Tunnel

Question 3

Which term means to scramble, mix up, or change data in such a way that bad guys cannot read it but the intended recipient of the data can descramble it?

authentication
encryption
authorization
nonrepudiation

Answer 3

encryption

Question 4

Which term refers to a standardized type of file that includes a public key and the digital signature of a trusted third party?

hash
certificate
encryption
password

Answer 4

certificate

Question 5

When performing a binary XOR (eXclusive OR) calculation with a plaintext value of 0 and a key value of 0, what is the result?

0
1
2
4

Answer 5

0

Question 6

Which protocol is the tool that programs use to query and change a database used by the Network?

LDAP
EAP
Kerberos
NTP

Answer 6

LDAP (Lightweight Directory Access Protocol)

Question 7

Which term refers to the result of running plaintext through cipher algorithm using a Key?

key pair
digital signature
plaintext
ciphertext

Answer 7

ciphertext

Question 8

LDAP uses TCP and UDP Ports 389 by default?

True
False

Answer 8

True

Question 9

Which authentication method is commonly used for more-secure Wireless Networks?

PPP
EAP-PSK
EAP-TLS
LEAP

Answer 9

EAP-TLS

Question 10

The Network Time Protocol (NTP) does one thing: it gives you the current time?

True
False

Answer 10

True

Question 11

You won’t get an HTTPS connection without a good ________ exchange?

hash
token
certificate
ticket

Answer 11

certificate

Question 12

Authorization means to verify that whoever accesses the data is the person you want accessing the data?

True
False

Answer 12

False

Question 13

Symmetric-Key Encryption has one serious weakness: anyone who gets a hold of the key can encrypt or decrypt data with it?

True
False

Answer 13

True

Question 14

Which term is used for data that hasn’t been encrypted yet?

ciphertext
cleartext
cipher
hash

Answer 14

cleartext (Or Plaintext)

Question 15

Which authentication protocol is used in TCP/IP network where many clients all connect to a single authenticating server with no point-to-point involved?

MS-CHAP
PPP
TACACS+
Kerberos

Answer 15

Kerberos

Question 16

Define Authorization and describe the classic scheme that Windows uses for Authorization?

Answer 16

Defines what an Authenticated person “CAN DO” once they are IN.
Windows uses Rights/Permission based Roles to user accounts.

Question 17

Define Authentication and provide an example of the most classic form of Authentication?

Answer 17

What does it take for a user to “Get In”?
What do you “Need to Get In?
Examples are Usernames/Passwords, others could be Smartcards, Tokens, Biometrics and more.

Question 18

Describe the concept of Nonrepudiation with TCP/IP and provide an example?

Answer 18

Ensures that no party can deny that he/she took a specific action.
Example is Digital Signatures.

Question 19

Define Port Authentication?

Answer 19

Port Authentication is the concept of allowing remote user Authentication to a particular point of entry (A Port) to another Network.
AAA = Authentication, Authorization, Accounting is designed for the idea of Port Authentication.

Question 20

How do modern Web Browsers indicate if the Web Page is Secure?

Answer 20

1. The address begins with https://

2. Before the Address Bar there’s a Lock Icon.

Question 21

When applying the binary math ____________ calculation, a cleartext value of 0 combined with a key value of 1 equals 1, as does a cleartext value of 1 combined with a key value of 0?

Answer 21

XOR (eXclusive OR)

Question 22

A Windows domain is a group of computers that defers all Authentication to a ___________, a special computer running some version of Windows Server (with the appropriate role installed)?

Answer 22

domain controller

Question 23

Mircosoft adopted ________ as the Authentication Protocol for all Windows Networks using a domain controller?

Answer 23

Kerberos

Question 24

__________ defines what an Authenticated person “Can Do” with data?

Answer 24

Authorization

Question 25

CHAP relies on __________ based on a shared secret, usually a password that both ends of the connection know?

Answer 25

hashes

Question 26

What causes the most common problems with HTTPS Connections?

PKI
revoked certificates
bad certificates
bad URLs

Answer 26

bad certificates

Question 27

Which port does Kerberos authentication protocol use?

22
23
53
88

Answer 27

88

Question 28

_______ defines a newer series of protection applications that combine the features of what traditionally was done by separate applications?

RADIUS
Network Access Control (NAC)
Network Attached Storage (NAS)
Network Access Server (NAS)

Answer 28

Network Access Control (NAC)

Question 29

Which enables secure data transfers between two hosts and thus might have replaced FTP?

Secure Copy Protocol (SCP)
Telnet
HTTPS
Kerberos

Answer 29

Secure Copy Protocol (SCP)

Question 30

Most modern operating systems use Digital Signatures to verify installed programs come from their registered developers?

True
False

Answer 30

True

Question 31

Which term desribes a mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length?

authentication
encryption
hash
nonrepudiation

Answer 31

hash

Question 32

Which protocol offers a method for querying the state of certain Network devices?

SFTP
NTP
SNMP
SCP

Answer 32

SNMP (Simple Network Management Protocol)

Question 33

Which standard offers authentication, authorization, and accounting?

Terminal Access Control Access Control System Plus (TACACS+)
Data Encryption Standard (DES)
MS-CHAP
Network Access Servers (NAS)

Answer 33

Terminal Access Control Access Control System Plus (TACACS+)

Question 34

Which is the best RADIUS Server chocie for UNIX/Linux?

Data Encryption Standard
Rivest Cipher
FreeRADIUS
Internet Authentication Service

Answer 34

FreeRADIUS

Question 35

Describe the Mandatory Access Control (MAC) Security Model?

Answer 35

Every resource is assigned a label that defines its security level.
If the user lacks that security level, he or she does not get access.

Question 36

What are the two modes of Internet Protocol Security (IPSec) and the differences between them?

Answer 36

Transport Mode - Only the actual Payload of the IP Packet is Encrypted.
Tunnel Mode - The entire IP Packet is Encrypted and is encapsulated inside another IP Packet at an endpoint.

Question 37

What two elements must be known to decrypt data?

Answer 37

Algorithm

Key

Question 38

When using Public/Private Keys for Authentication, after the initial steps of generating the Keys and sending the appropriate Key to the Server, what happens after you connect to the server?

Answer 38

Your client generates a signature using its Private Key and sends it to the Server.
The Server then checks the signature with its copy of the Public Key, and if everything checks out, you will be Authenticated to the Server.

Question 39

Describe Lightweight Directory Access Protocol (LDAP) and explain how it is used by Windows Active Directory?

Answer 39

LDAP is used to query and change a database used by the Network.

These are databases that track aspects of Networks - such as Users Logged into the Network, active DHCP Clients, or the location of all printers in the Local Network.

Active Directory is one of the most complex and most used, in part because of the power of Single Sign-On and Network information.

LDAP can talk to Active Directory and other directory service provides to query and modify items.

Question 40

Every Web Browser today uses _________ for HTTPS - secured Web Sites?

Answer 40

TLS (Transport Layer Security)

Question 41

When you connect to a Server, your client generates a __________ using its Private Key and sends it to the Server?

Answer 41

signature

Question 42

Of the Three - PAP, CHAP, and MS-CHAP, ___________ is the most current and common Authentication method for the few using dial-up connections?

Answer 42

MS-CHAPv2

Question 43

When a _____________ comes in from an HTTPS Web Site, your computer checks the expiration date to verify it is still valid and checks the Web Sites URL to make sure it’s the same as the site you are on?

Answer 43

certificate

Question 44

An example of a ___________ is a simple Cipher that takes the letters of the alphabet and transposes them?

Answer 44

Ceasar Cipher or Substituion

Question 45

The SSH File Transfer Protocol (SFTP) is designed to run over an FTP Session?

True
False

Answer 45

False

Question 46

_________ is a type of dedicated File Server used in many Networks?

RADIUS
Network Access Control (NAC)
Network Attached Storage (NAS)
Network Access Server (NAS)

Answer 46

Network Attached Storage (NAS)

Question 47

When performing a binary XOR (eXclusive OR) calculation with a plaintext value of 1 and a key value of 1, what is the result?

0
1
2
4

Answer 47

0

Question 48

You have to use public-key infrastructure (PKI) to use Certificates?

True
False

Answer 48

False

Question 49

In Network Security, nonrepudiation is typically enabled by a combination of encrypting and hashing?

True
False

Answer 49

True

Question 50

Which Protocol was developed as a secure replacement for Telnet?

Telnet II
Secure Shell (SSH)
AES
IPSec

Answer 50

Secure Shell (SSH)

Question 51

Which is the oldest ACL Access Method?

Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Role-Based Access Control (RBAC)
Public-Key Cryptography

Answer 51

Mandatory Access Control (MAC)

Question 52

Encryption is a process that guarantees that the data received is the same as originally sent?

True
False

Answer 52

False

Question 53

Which term refers to any Encryption that uses different keys for Encryption and Decryption?

Advanced Encryption Standard (AES)
Data Encryption Standard (DES)
Symmetric-Key Encyrption
Asymmetric-Key Encryption

Answer 53

Asymmetric-Key Encryption

Question 54

Define Hash?

Answer 54

Mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length.

Question 55

Once a remote user is Authenticated to a particular point-of-entry (a Port) on another Network, describe a few types of actions that user may be allowed through Authorization?

Answer 55

Once Authenticated, Authorization determines what you can or cannot do on the Network.
Might only be allowed a certain amount of bandwidth, or be limited to working only certain times of day, or be limited to using only a certain set of Apps, among many other things.

Question 56

Explain the connection between Role-Based Access Control (RBAC) and groups?

Answer 56

Defines a user’s access to a resource based on the roles the user plays in the network environment.
This leads to the idea of creating groups. A group in most networks is nothing more than a name that has clearly defined access to different resources.

Question 57

A _________ is a clearly defined list of permissions that specifies what an Authenticated user may perform on a shared resource?

Answer 57

Access Control List (ACL)

Question 58

The public-key cryptography keys generated at the same time and designed to work together are called __________?

Answer 58

key pair

Question 59

A __________ is a general term for a way to encrypt data?

Answer 59

cipher

Question 60

SSH servers can use a number of ____________ algorithms such as RSA or ECDSA?

Answer 60

public-key