Lesson 11 - Questions

Question 1

What vulnerabilities does a rogue DHCP server expose users to?

Question 2

Why is it vital to ensure the security of an organization’s DNS service?

Question 3

True or false? The contents of the HOSTS file are irrelevant as long as a DNS service is properly configured.

Question 4

What is DNS server cache poisoning?

Question 5

True or false? DNSSEC depends on a chain of trust from the root servers down.

Question 6

What are the advantages of SASL over LDAPS?

Question 7

What steps should you take to secure an SNMPv2 service?

Question 8

What type of attack against HTTPS aims to force the server to negotiate weak ciphers?

Question 9

A client and server have agreed on the use of the cipher suite ECDHE-ECDSA-AES256- GCM-SHA384 for a TLS session. What is the key strength of the symmetric encryption algorithm?

Question 10

What security protocol does SFTP use to protect the connection and which port does an SFTP server listen on by default?

Question 11

Which port(s) and security methods should be used by a mail client to submit messages for delivery by an SMTP server?

Question 12

When using S/MIME, which key is used to encrypt a message?

Question 13

Which protocol protects the contents of a VoIP conversation from eavesdropping?

Question 14

True or false? A TLS VPN can only provide access to web-based network resources.

Question 15

What is Microsoft’s TLS VPN solution?

Question 16

What IPSec mode would you use for data confidentiality on a private network?

Question 17

Which protocol is often used in conjunction with IPSec to provide a remote access client VPN with user authentication?

Question 18

What is the main advantage of IKEv2 over IKE v1?

Question 19

What bit of information confirms the identity of an SSH server to a client?