Network+ Chapter 13

Question 1

________typically reside on routers to determine which packets are allowed to route through them based on the requesting devices’s source or destination IP.

ch 13 pg 432

Answer 1

Access Control Lists (ACLs)

Question 2

What 4 things should you do when configuring ACLs between the internet and your private network to mitigate security problems?

Ch 13 pg 433

Answer 2

Deny any address from your internal networks
Deny any local host address(127.0.0.0/8)
Deny any reserved private addresses
Deny addresses in the IP multicast address range (224.0.0.0/4)

Question 3

Define tunneling?

Ch 13 pg 434

Answer 3

Encapsulating one protocol within another to ensure that a transmission is secure.

Question 4

The Network+ exam will test your understanding of the following tunneling protocols?

Ch 13 pg 434

Answer 4

VPNs (Virtual Private Network)
SSL (Secure Socket Layer)
SSL VPN  (Secure Socket Layer Virtual Private Network)
Layer 2 Tunneling Protocol (L2TP)
Point to Point Tunneling Protocol(PPTP)
Generic Routing Encapsulation(GRE)
Internet Protocol Security (IPSec)
ISAKMP

Question 5

____________ allow remote users like telecommuters to securely access the corporate network wherever and whenever they need to.

(p. 436)

Answer 5

Host-to-Site (Remote-Access) VPN’s

Question 6

What is one of the most common reasons why users can connect to the internet and not their office?
(p. 436)

Answer 6

The users don’t have the correct VPN address and password.

Question 7

_________VPN allow an organization’s suppliers, partners, and customers to be connected to the corporate network in a limited way for business-to-business b2b communications.
(p. 436)

Answer 7

Extranet

Question 8

Who created L2TP?

p. 437

Answer 8

Internet Engineering Task Force (IETF).

Question 9

Which port does PPTP use and what is its function?

p. 438

Answer 9

PPTP is a VPN protocol that runs over port 1723 and allows encryption to be done at the Application (data) level.

Question 10

_____________is a tunneling protocol that can encapsulate many protocols inside IP tunnels. Some examples would be routing protocols such as EIGRP and OSFP and the routed protocol IPv6.

(p. 438)

Answer 10

Generic Routing Encapsulation (GRE)

Question 11

Which two modes does IPSec work in?

(p. 439).

Answer 11

transport mode and tunneling mode.

Question 12

_____________defines procedures and packet formats to establish, negotiate, modify, and delete security associations

(p. 440)

Answer 12

Internet Security Association and Key Management Protocol (ISAKMP)

Question 13

______________is a Layer 2 protocol that provides authentication, encryption, and compression services to clients logging in remotely.
(p. 446). Wiley

Answer 13

Point-to-Point Protocol (PPP)

Question 14

_____________is an extension of PPP. Its purpose is to encapsulate PPP frames within Ethernet frames.
p. 446

Answer 14

Point-to-Point Protocol over Ethernet PPPoE

Question 15

What has been the preferred method of encryption in the US since 2002 and has key lengths of 128,192,256 bits.
pg 447

Answer 15

Advanced Encryption Standard (AES)

Question 16

_______________is not a protocol but refers to the combination of hardware and software required to make a remote-access connection.

p. 445

Answer 16

Remote Access Services (RAS)

Question 17

_____________allows users to connect to a computer running Microsoft’s Remote Desktop Services, but a remote computer must have the right kind of client software installed for this to happen.

p. 446

Answer 17

Remote Desktop Protocol (RDP)

Question 18

What are 3 things you need to do when a user leaves the organization?

p. 448

Answer 18

Leave the account in place.
Delete the account.
Disable the account.

Question 19

What are some passwords formats that you should never use?

pg 451

Answer 19

The word password  Proper names
 Your pet's name
 Your spouse's name
 Your children's names
 Any word in the dictionary

Question 20

Define Multifactor authentication?

(p. 455)

Answer 20

Multifactor authentication is designed to add an additional level of security to the authentication process by verifying more than one characteristic of a user before allowing access

Question 21

What are 3 ways a user can be identified by using Multifactor authentication?

(p. 455)

Answer 21

By something they know (password)
By something they are (retinas, fingerprint, facial recognition)
By something they possess (smart card)

Question 22

______________is a system that links users to public keys and verifies a user’s identity by using a certificate authority (CA).

(p. 455)

Answer 22

Public Key Infrastructure (PKI)

Question 23

___________is a computer network authentication protocol which works on the basis of ‘tickets’ to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

p. 456

Answer 23

Kerberos,

Question 24

What are two major differences between TACACS + and RADIUS:

p. 458

Answer 24

RADIUS combines user authentication and authorization into one profile, but TACACS + separates the two.

TACACS + utilizes the connection-based TCP protocol, but RADIUS uses UDP instead.

Question 25

_______________is a protocol developed by Cisco and released as an open standard beginning in 1993.

pg 458

Answer 25

Terminal Access Controller Access-Control System Plus