Chapter 7 Remote access

Question 1

Wireless network encryption standard.

Answer 1

802.11i

Question 2

vendor-independent standard for connecting two nodes according to the port

Answer 2

802.1x

Question 3

login, access privileges, track account usage

Answer 3

AAA

Question 4

secure encryption, better than TKIP

Answer 4

AES

Question 5

IPsec; provides IP packet authentication through public keys

Answer 5

AH (authentication header)

Question 6

Kerberos; a process to initially authenticate a client

Answer 6

AS (authentication service)

Question 7

one key to encrypt, another to decrypt

Answer 7

asymmetric encryption

Question 8

rules to authenticate clients

Answer 8

authentication protocols

Question 9

Kerberos: user’s time stamp is encrypted with a session key

Answer 9

authenticator

Question 10

organization that maintains and issues certificates, part of public-key infrastructure

Answer 10

CA (certificate authority)

Question 11

random string of text to another computer to initiate authentication

Answer 11

challenge

Question 12

PPP authentication process

Answer 12

CHAP (challenge handshake authentication protocol)

Question 13

3-tenet security standard for protecting data

Answer 13

CIA triad (confidentiality, integrity, availability)

Question 14

input of 2 different data sets resulting in the same hash value

Answer 14

collision

Question 15

services shared by many organizations, but are not public

Answer 15

community cloud

Question 16

a digital document that contains verifiable information about the user and their public key

Answer 16

digital certificate

Question 17

WinServer 2008 service; automatically authenticates remote users to a Domain and to corporate networks

Answer 17

DirectAccess

Question 18

forging name server records

Answer 18

DNS spoofing

Question 19

the authenticator initiates the authentication process

Answer 19

EAP (extensible authentication protocol)

Question 20

nature of storage and services to be easily scalable on demand

Answer 20

elastic (VPN)

Question 21

security concerns while data is in transit

Answer 21

endpoint security vulnerability

Question 22

two nodes connect without help from intermediate devices directing hops for transmissions

Answer 22

end-to-end connectivity

Question 23

IPsec; a packet’s data authentication through a public key

Answer 23

ESP payload (encapsulating security payload)

Question 24

Cisco: transmits PPP data frames through VPN-tunnel packets to look like IP packets in Layer 3

Answer 24

GRE (generic routing encapsulation)

Question 25

data transformed through a particular algorithm - impossible to reverse

Answer 25

hashed data

Question 26

virtually hosted desktops on a different physical computer.

Answer 26

HVD (hosted virtual desktop)

Question 27

different data services within a cloud

Answer 27

hybrid cloud

Question 28

IPsec; negotiates the exchange and authentication of keys

Answer 28

IKE (internet key exchange)

Question 29

works with IPsec to form a secure connection

Answer 29

ISAKMP (Internet security association and key management protocol)

Question 30

Kerberos; the server issues keys to clients during initial client authentication

Answer 30

KDC (key distribution center)

Question 31

a cross-platform private key encryption service; uses key encryption to verify client identity and securely exchange information

Answer 31

Kerberos

Question 32

combination of public and private keys used to encrypt and decipher data using public key encryption

Answer 32

key pair

Question 33

a VPN protocol that encapsulates PPP data for use on VPNs

Answer 33

Layer 2 Tunneling protocol

Question 34

a 128-bit hash protocol

Answer 34

MD5

Question 35

authentication protocol over PPP that encryps usenames and passwords

Answer 35

MS-CHAP (Microsoft challenge handshake authentication protocol)

Question 36

requires two or more pieces of info for authentication

Answer 36

MFA (multifactor authentication)

Question 37

multiple customers share one storage location

Answer 37

multi-tenant

Question 38

both computers verify each other’s credentials

Answer 38

mutual authentication

Question 39

open source SSH: protocols for security and encryption

Answer 39

open SSH

Question 40

open source VPN

Answer 40

open VPN

Question 41

legacy authentication protocol; very fallible against brute force attacks

Answer 41

PAP (password authentication protocol)

Question 42

using certificates to assign users to public keys

Answer 42

PKI (public key infrastructure)

Question 43

a client’s identity is verified before the port for transmission is opened

Answer 43

port authentication

Question 44

redirecting traffic to a different port

Answer 44

port forwarding

Question 45

an upgrade to SLIP; a client connects to a server via a serial connection (dial-up/DSL); considered weak for authentication

Answer 45

PPP (point-to-point protocol)

Question 46

services on a private server within an organization

Answer 46

private cloud

Question 47

encryption using a key that only the sender and recipient know

Answer 47

private key encryption

Question 48

a tunneling protocol that encapsulates PPP data frames so they travel masked as an IP transmission

Answer 48

PTP (point-to-point)

Question 49

services provided over public transmission lines

Answer 49

public cloud

Question 50

encryption using a public key associated with the user and the client-specific key

Answer 50

public key encryption

Question 51

a source for public keys

Answer 51

public key server

Question 52

protocol for providing centralized AAA services

Answer 52

RADIUS service

Question 53

an access server wherein remote users log in, access data, and are granted provileges

Answer 53

RAS (remote access server)

Question 54

Microsoft’s RAS and VPN

Answer 54

RRAS (routing and remote access service)

Question 55

IPsec: a secured channel

Answer 55

secure channel

Question 56

Kerberos: random two copies of a new key

Answer 56

session key

Question 57

hash algorithm resistant to collisions

Answer 57

SHA (secure hash algorithm)

Question 58

one-time sign in to access multiple resources

Answer 58

SSO (single sign on)

Question 59

tunnels connect multiple sites on a WAN

Answer 59

site-to-site VPN

Question 60

predecessor to PPP; allows clients to connect to a server via serial connections

Answer 60

SLIP (serial line internet protocol)

Question 61

software is provided by subscription

Answer 61

subscription model

Question 62

the same encryption key is used at both ends

Answer 62

symmetric encryption

Question 63

Kerberos: you don’t need a new ticket to access other resources

Answer 63

TGS (ticket granting service)

Question 64

predecessor to AES, 802.11i

Answer 64

TKIP (temporal key integrity protocol)

Question 65

a virtual connection between a client and a remote network

Answer 65

VPN

Question 66

a gateway on the edge of a LAN that establishes secure connections (routers / RASs)

Answer 66

VPN gateway

Question 67

A Citrix virtualization software package

Answer 67

Xen