CH10 - Course Quiz Flashcards
Which term refers to a cipher’s underlying mathematical formula?
algorithm
encryption
authentication
hash
algorithm
Which term refers to an encrypted link between SSH processes on two separate computers?
PKI
SSH Tunnel
802.1x
Kerberos
SSH Tunnel
Which term means to scramble, mix up, or change data in such a way that bad guys cannot read it but the intended recipient of the data can descramble it?
authentication
encryption
authorization
nonrepudiation
encryption
Which term refers to a standardized type of file that includes a public key and the digital signature of a trusted third party?
hash
certificate
encryption
password
certificate
When performing a binary XOR (eXclusive OR) calculation with a plaintext value of 0 and a key value of 0, what is the result?
0
1
2
4
0
Which protocol is the tool that programs use to query and change a database used by the Network?
LDAP
EAP
Kerberos
NTP
LDAP (Lightweight Directory Access Protocol)
Which term refers to the result of running plaintext through cipher algorithm using a Key?
key pair
digital signature
plaintext
ciphertext
ciphertext
LDAP uses TCP and UDP Ports 389 by default?
True
False
True
Which authentication method is commonly used for more-secure Wireless Networks?
PPP
EAP-PSK
EAP-TLS
LEAP
EAP-TLS
The Network Time Protocol (NTP) does one thing: it gives you the current time?
True
False
True
You won’t get an HTTPS connection without a good ________ exchange?
hash
token
certificate
ticket
certificate
Authorization means to verify that whoever accesses the data is the person you want accessing the data?
True
False
False
Symmetric-Key Encryption has one serious weakness: anyone who gets a hold of the key can encrypt or decrypt data with it?
True
False
True
Which term is used for data that hasn’t been encrypted yet?
ciphertext
cleartext
cipher
hash
cleartext (Or Plaintext)
Which authentication protocol is used in TCP/IP network where many clients all connect to a single authenticating server with no point-to-point involved?
MS-CHAP
PPP
TACACS+
Kerberos
Kerberos
Define Authorization and describe the classic scheme that Windows uses for Authorization?
Defines what an Authenticated person “CAN DO” once they are IN.
Windows uses Rights/Permission based Roles to user accounts.
Define Authentication and provide an example of the most classic form of Authentication?
What does it take for a user to “Get In”?
What do you “Need to Get In?
Examples are Usernames/Passwords, others could be Smartcards, Tokens, Biometrics and more.
Describe the concept of Nonrepudiation with TCP/IP and provide an example?
Ensures that no party can deny that he/she took a specific action.
Example is Digital Signatures.
Define Port Authentication?
Port Authentication is the concept of allowing remote user Authentication to a particular point of entry (A Port) to another Network.
AAA = Authentication, Authorization, Accounting is designed for the idea of Port Authentication.
How do modern Web Browsers indicate if the Web Page is Secure?
- The address begins with https://
2. Before the Address Bar there’s a Lock Icon.
When applying the binary math ____________ calculation, a cleartext value of 0 combined with a key value of 1 equals 1, as does a cleartext value of 1 combined with a key value of 0?
XOR (eXclusive OR)
A Windows domain is a group of computers that defers all Authentication to a ___________, a special computer running some version of Windows Server (with the appropriate role installed)?
domain controller
Mircosoft adopted ________ as the Authentication Protocol for all Windows Networks using a domain controller?
Kerberos
__________ defines what an Authenticated person “Can Do” with data?
Authorization
CHAP relies on __________ based on a shared secret, usually a password that both ends of the connection know?
hashes
What causes the most common problems with HTTPS Connections?
PKI
revoked certificates
bad certificates
bad URLs
bad certificates
Which port does Kerberos authentication protocol use?
22
23
53
88
88
_______ defines a newer series of protection applications that combine the features of what traditionally was done by separate applications?
RADIUS
Network Access Control (NAC)
Network Attached Storage (NAS)
Network Access Server (NAS)
Network Access Control (NAC)
Which enables secure data transfers between two hosts and thus might have replaced FTP?
Secure Copy Protocol (SCP)
Telnet
HTTPS
Kerberos
Secure Copy Protocol (SCP)
Most modern operating systems use Digital Signatures to verify installed programs come from their registered developers?
True
False
True
Which term desribes a mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length?
authentication
encryption
hash
nonrepudiation
hash
Which protocol offers a method for querying the state of certain Network devices?
SFTP
NTP
SNMP
SCP
SNMP (Simple Network Management Protocol)
Which standard offers authentication, authorization, and accounting?
Terminal Access Control Access Control System Plus (TACACS+)
Data Encryption Standard (DES)
MS-CHAP
Network Access Servers (NAS)
Terminal Access Control Access Control System Plus (TACACS+)
Which is the best RADIUS Server chocie for UNIX/Linux?
Data Encryption Standard
Rivest Cipher
FreeRADIUS
Internet Authentication Service
FreeRADIUS
Describe the Mandatory Access Control (MAC) Security Model?
Every resource is assigned a label that defines its security level.
If the user lacks that security level, he or she does not get access.
What are the two modes of Internet Protocol Security (IPSec) and the differences between them?
Transport Mode - Only the actual Payload of the IP Packet is Encrypted.
Tunnel Mode - The entire IP Packet is Encrypted and is encapsulated inside another IP Packet at an endpoint.
What two elements must be known to decrypt data?
Algorithm
Key
When using Public/Private Keys for Authentication, after the initial steps of generating the Keys and sending the appropriate Key to the Server, what happens after you connect to the server?
Your client generates a signature using its Private Key and sends it to the Server.
The Server then checks the signature with its copy of the Public Key, and if everything checks out, you will be Authenticated to the Server.
Describe Lightweight Directory Access Protocol (LDAP) and explain how it is used by Windows Active Directory?
LDAP is used to query and change a database used by the Network.
These are databases that track aspects of Networks - such as Users Logged into the Network, active DHCP Clients, or the location of all printers in the Local Network.
Active Directory is one of the most complex and most used, in part because of the power of Single Sign-On and Network information.
LDAP can talk to Active Directory and other directory service provides to query and modify items.
Every Web Browser today uses _________ for HTTPS - secured Web Sites?
TLS (Transport Layer Security)
When you connect to a Server, your client generates a __________ using its Private Key and sends it to the Server?
signature
Of the Three - PAP, CHAP, and MS-CHAP, ___________ is the most current and common Authentication method for the few using dial-up connections?
MS-CHAPv2
When a _____________ comes in from an HTTPS Web Site, your computer checks the expiration date to verify it is still valid and checks the Web Sites URL to make sure it’s the same as the site you are on?
certificate
An example of a ___________ is a simple Cipher that takes the letters of the alphabet and transposes them?
Ceasar Cipher or Substituion
The SSH File Transfer Protocol (SFTP) is designed to run over an FTP Session?
True
False
False
_________ is a type of dedicated File Server used in many Networks?
RADIUS
Network Access Control (NAC)
Network Attached Storage (NAS)
Network Access Server (NAS)
Network Attached Storage (NAS)
When performing a binary XOR (eXclusive OR) calculation with a plaintext value of 1 and a key value of 1, what is the result?
0
1
2
4
0
You have to use public-key infrastructure (PKI) to use Certificates?
True
False
False
In Network Security, nonrepudiation is typically enabled by a combination of encrypting and hashing?
True
False
True
Which Protocol was developed as a secure replacement for Telnet?
Telnet II
Secure Shell (SSH)
AES
IPSec
Secure Shell (SSH)
Which is the oldest ACL Access Method?
Mandatory Access Control (MAC)
Discretionary Access Control (DAC)
Role-Based Access Control (RBAC)
Public-Key Cryptography
Mandatory Access Control (MAC)
Encryption is a process that guarantees that the data received is the same as originally sent?
True
False
False
Which term refers to any Encryption that uses different keys for Encryption and Decryption?
Advanced Encryption Standard (AES)
Data Encryption Standard (DES)
Symmetric-Key Encyrption
Asymmetric-Key Encryption
Asymmetric-Key Encryption
Define Hash?
Mathematical function that you run on a string of binary digits of any length that results in a value of some fixed length.
Once a remote user is Authenticated to a particular point-of-entry (a Port) on another Network, describe a few types of actions that user may be allowed through Authorization?
Once Authenticated, Authorization determines what you can or cannot do on the Network.
Might only be allowed a certain amount of bandwidth, or be limited to working only certain times of day, or be limited to using only a certain set of Apps, among many other things.
Explain the connection between Role-Based Access Control (RBAC) and groups?
Defines a user’s access to a resource based on the roles the user plays in the network environment.
This leads to the idea of creating groups. A group in most networks is nothing more than a name that has clearly defined access to different resources.
A _________ is a clearly defined list of permissions that specifies what an Authenticated user may perform on a shared resource?
Access Control List (ACL)
The public-key cryptography keys generated at the same time and designed to work together are called __________?
key pair
A __________ is a general term for a way to encrypt data?
cipher
SSH servers can use a number of ____________ algorithms such as RSA or ECDSA?
public-key
