Sophos Fundamentals.

Question 1

What are the objectives of the sophos fundamentals?

Answer 1

Cryptography, network protocols and communication, Microsoft Active Directory and Security threats

Question 2

what is covered in the cryptography module

Answer 2

encryption overview, key length and complexity, symmetric cryptography and key transfer. Asymmetric cryptography, hash functions, digital signatures and digital certificates.

Question 3

what is the earliest known encryption algorithm?

Answer 3

Ceasar cipher. Replaces letters in plain text ‘n’ places up and down the alphabet.

Question 4

Symmetric encryption uses how many keys?

Answer 4

One

Question 5

Asymmetric encryption uses how many keys?

Answer 5

Two - Public and Private Key

Question 6

What does a hash function do?

Answer 6

Calculates a fixed length string from the information in the file

Question 7

Mbps

Answer 7

millions of bits per second

Question 8

Gbps

Answer 8

billions of bits per second

Question 9

Half Duplex

Answer 9

allows communication both directions but only one direction at a time.

Question 10

Full Duplex

Answer 10

allows commmunication in both directions at the same time

Question 11

Auto

Answer 11

allows devices to match their setting to the network

Question 12

Describe Active Directory capabilities

Answer 12

• Centralised system administration
• Storage of network objects such as users, groups and computers
• Management of permissions on resources.

Question 13

SSO

Answer 13

Single sign on

Question 14

LDAP distinguished names. Lightweight Directory Access Protocol.

Answer 14

• DC Domain component
• OU Organizational unit
• CN Container eg Users & Computers
• CN Common name e.g. computer name or user login name

Question 15

ldap examples

Answer 15

cn=workstation,OU=desktops,OU=sophos computers,DC=sophos,DC=virtual

Question 16

LDAP and LDAPS

Answer 16

LDAP Uses TCP port 389, LDAPS (Secure) uses TCP port 636

Global catalogue uses 3268 for LDAP and 3269 for LDAPS

Question 17

How are clients identified in LDAP

Answer 17

using a process known as bind, if no bind is used then client is treated as anonymous, Simple auth sends the name and pasword in clear-text. LDAPS should be used to encrypt bind operations.

Question 18

What authentication protocol does Acticve Directory use?

Answer 18

the Kerberos Authentication Protocol. The user requestes an encrypted ticket from the Key Distribution Center, this ticket is present when access is requested to other resources, uses TCP and UDP port 88.

Question 19

Authentication methods:

Answer 19

Something you know eg password or pin
Something you have e.g smart card
Something you are e.g. a fingerprint

Question 20

mulifactor authentication

Answer 20

users two or more methods to authenticate.