Term
The process of scrambling, mixing up or changing data in a way that makes it unreadable to anyone but the owner or intended recipient. (pg. 354)
A. Authentication
B. Nonrepudiation
C. Encryption
D. Ciphering |
|
Definition
C. The encrypted data is scrambled and unscrambled with cryptographic keys.
Authentication verifies that the right person is accessing the data.
Nonrepudiation traces actions back to specific users.
A cipher is a way to encrypt data, but not necessarily the process. |
|
|
Term
The process that guarantees that the data received is the same as originally sent. (pg. 354)
A. Encryption
B. Authentication
C. Algorithm
D. Integrity |
|
Definition
D. Integrity is designed to cover situations in which someone intercepts your data on-the-fly and makes changes.
Encryption makes data unreadable to unintended viewers.
An algorithm is the mathematical formula that underlies the cipher. |
|
|
Term
Not being able to deny having taken a specific action. (pg. 354)
A. Event tracking
B. Integrity
C. Activity monitoring
D. Nonrepudiation |
|
Definition
D. Non repudiation
Integrity guarantees that the data received is the same as originally sent.
Event tracking and activity monitoring are concepts that exist, but weren't the specific terms that applied. |
|
|
Term
When it comes to TCP/IP security, ___ combine encryption, integrity, non-repudiation, authentication and authorization to create complete security solutions in a way that makes sense for their specific purpose. (pg. 354)
A. Anti-malware applications
B. Protocols
C. Security suites
D. Policies |
|
Definition
B. Protocols
Anti-malware apps and security suites may have features to help secure TCP/IP but are usually designed for an entire OS.
Policies is almost a synonym for protocols, but the latter is the more commonly used term. |
|
|
Term
What is the difference between cleartext, plaintext and ciphertext? (pg. 355)
|
|
Definition
Cleartext is data that hasn't yet been encrypted. Plaintext is any data that passes through a cipher, even if it has already been encrypted. Running it through a cipher algorithm using a key generates the encrypted ciphertext. |
|
|
Term
Any encryption that uses the same key for both encryption and decryption is called ___ encryption. Any encryption that uses different keys for encryption and decryption is called ____ encryption. (pg. 358)
A. uniform, diverse
B. symmetric, asymmetric
C. unicode, multicode
D. static, dynamic |
|
Definition
B. Symmetric and asymmetric encryption |
|
|
Term
A method of cryptography that uses two different keys. (pg. 359)
A. stream cipher
B. checksum
C. AES
D. public-key |
|
Definition
D. Public-key cryptography uses a public-key for encryption and a private key for decryption. This key pair is generated at the same time and is designed to work together.
Stream cipher and AES (Advanced Encryption Standard) are both symmetric-key encryption methods.
A checksum is an error-detection method that enables the receiver to detect the corruption of network packets. |
|
|
Term
A mathematical function ran on a string of binary digits of any length that results in a value of some fixed length. (pg. 361)
A. message digest
B. stream cipher
C. hash
D. checksum |
|
Definition
C. A cryptographic hash function will always be the same length no matter how long or short the input and is a irreversible, meaning the original data from the hash can't be recreated.
A message digest and checksum are the same thing: the fixed-length value created from the hash after its run.
A stream cipher is a form of symmetric encryption in which each bit is encrypted one at a time on the fly. |
|
|
Term
A digitally signed electronic document issued by a trusted third party attesting to the identity of the holder of a specific cryptographic public key. (pg. 366)
A. Key Distribution Center
B. certificate
C. digital signature
D. Access Control List |
|
Definition
B. A certificate includes a public key, some info about the file, and the digital signature of the trusted third party.
The other options are either a system in Kerberos (Key Distribution Center), secure part of message (digital signature) or list (Access Control List). Their names hint that they aren't documents. |
|
|
Term
The system for creating and distributing digital certificates issued by trusted third parties such as Let's Encrypt, Go Daddy, or Sectigo. (pg. 370)
A. digital authority
B. DigiCert
C. public-key authority
D. certificate authority |
|
Definition
C. A public-key authority is a hierarchy that consists of a root certificate authority (CA), with intermediate CAs between the root and the issued certificates.
DigiCert is a well-known CA that can act as the root and issue certificates. |
|
|
Term
The ACL access model where every resource is assigned a label that defines its security level. (pg. 372)
A. MAC
B. TCAC
C. DAC
D. RBAC |
|
Definition
A. If the user lacks the security level in a mandatory access control (MAC) security model, he or she does not get access.
DAC and RBAC are also ACL access models, but TCAC is not. |
|
|
Term
The ACL access model that defines a user's access to a resource based on the roles the user plays in the network environment. (pg. 372)
A. Mandatory Access Control (MAC)
B. User account control (UAC)
C. Discretionary access control (DAC)
D. Role-based access control (RBAC) |
|
Definition
D. RBAC leads to the idea of placing user accounts into various security groups that have clearly defined access to different resources on a network.
MAC and DAC are also ACL models, but UAC is specifically a Windows security feature used within a specific device. |
|
|
Term
___ protocol enables two devices to connect, authenticate with a username and password, and negotiate the network protocol the devices will use. (pg. 373)
A. Ad-hoc
B. Challenge Handshake Authentication (CHAP)
C. Point-to-Point (PPP)
D. Peer-to-Peer (P2P) |
|
Definition
A. PPP handles authentication for point-to-point connections.
P2P is a networking architecture that distributes tasks or workloads between different nodes on a network, made popular in file sharing sites and services.
An ad hoc network is a temporary LAN.
CHAP is a protocol that PPP uses to securely establish a connection between two devices. |
|
|
Term
The AAA philosophy is designed for the idea of port authentication - the concept of allowing remote users authentication to a port on another network. What are the three As? (pg. 376-377)
A. Authorization
B. Authenticaton
C. Access
D.Accounting |
|
Definition
A., B. and D.
Authentication - a computer tring to connect to the network must present some form of credential for access to the network.
Authorization - once authenticated, the computer determines what it can or can't do on the network.
Accounting - the authenticating server should log events, such as logins, session action, and so on. |
|
|
Term
The AAA standard that was created to support ISPs with hundreds if not thousands of modems in hundreds of computers to connect to a single central database. (pg. 377)
A. TACACS+
B. NAS
C. RADIUS
D. Kerberos |
|
Definition
C. RADIUS (Remote Authentication Dial-In User Service) consists of three devices: the RADIUS server, a number of network access servers (NASs), and a group of systems that connect to the network in some way.
TACACS+ is a AAA protocol developed to support a network with many routers and switches.
Kerberos is an authentication protocol for TCP/IP networks with many clients all connected to a single authentication server. |
|
|
Term
The protocol developed by Cisco to support AAA in a network with many routers and switches. (pg. 378)
A. RADIUS
B. KDC
C. NAS
D. TACACS+ |
|
Definition
D. Terminal Access Controller Access Control System Plus (TACACS+) is very similar to RADIUS in function, but uses TCP port 49 by default and seperates authorization, authentication and accounting into different parts.
TACACS+ uses PPP hashes like RADIUS, but can also use Kerberos as part of the authentication scheme. |
|
|
Term
An authentication protocol for TCP/IP networks with many clients all connected to a single authenticating server. (pg. 378)
A. TACACS+
B. RADIUS
C. Kerberos
D. PPP |
|
Definition
C. Kerberos has no connection to PPP; whereas the latter is about connecting two devices, the former is about having many clients all connected to a single authenticating server.
RADIUS and TACACS+ are protocols that PPP use. |
|
|
Term
The Kerberos___ service supplies both session tickets and session keys in an Active Directory domain. (pg. 379)
A. Ticket-Granting Ticket (TGT)
B. Key Distribution Center (KDC)
C. Ticket-Granting Service (TGS)
D. Authentication Server (AS) |
|
Definition
B. The AS, TGT and TGS are components that the KDC relies on. KDC is installed on the domain controller in Windows Server environments. |
|
|
Term
When a client logs onto the domain, it sends a request that includes a hash of the username and password to the (1)___. The (2)___ compares the results of that hash to its own hash, and should they match, sends a (3)___ and a timestamp. The client is now authenticated but not yet authorized.
The client then sends the timestamped (4)___ to the (5)___ for authorization. The (6)___ sends a timestamped service ticket back to the client. This token is the key that the client uses to access any single resource on the entire domain. (pg. 379)
A. Ticket-Granting Ticket
B. Ticket-Granting Service
C. Authentication Server
D. Key Distribution Center |
|
Definition
(1) and (2) = Authentication Server
(3) and (4)= Ticket-Granting Ticket
(5) and (6) = Ticket-Granting Service |
|
|
Term
The ability to log in only one time and use the same token to access any allowed resource on an entire network. (pg. 380)
A. Secure Shell (SSH)
B. Account manager
C. Single sign-on (SSO)
D. Directory Server Authentication |
|
Definition
C. With SSO, a single authentication provides access to multiple applications by passing the authentication token seamlessly to configured applications.
Directory Server Authentication refers to systems requiring authentication for each application but using the same credentials from a directory server.
SSH is a secure protocol replacement for Telnet.
Account managers are useful applications for keeping up with usernames and passwords, but they aren't built for using the same token across an entire network.
|
|
|
Term
An encrypted connection between two endpoints. (pg. 384)
A. Tunnel
B. Session
C. PPP
D. TLS |
|
Definition
A. Any packet that enters the encrypted tunnel, including a packet with unencrypted data, is automatically encrypted, goes through the tunnel, and is decrypted on the other end.
A session is the logical stream of data flowing between two programs and being communicated over a network. That data might not be encrypted.
PPP refers to Point-to-Point Protocol, which enables two devices to connect, authenticate and negotiate the network protocol they will use.
Transport Layer Security is a protocol that is most heavily used in securing Web pages. |
|
|
Term
True or false:
Security standards that include both authentication and encryption are often weaker than security standards that offer one or the other and work with other standards. (pg. 385) |
|
Definition
False. Some of the most popular standards on the Internet today, like SSL/TLS, HTTPS and LDAP, offer excellent security while combing authentication and encryption. |
|
|
Term
Every Web browser today uses ___ for HTTPS-secured Web sites. (pg. 385)
A. TLS
B. IETF
C. IPsec
D. SSL |
|
Definition
A. The Transport Layer Security (TLS) protocol was designed as an upgrade to SSL. SSL is limited to HTTP, FTP, SMTP and a few older TCP applications. TLS has no such restritions and is used in securing VoIP and VPNs as well.
Secure Sockets Layer (SSL) is a standard that requires a server with a certificate to create a secure encrypted tunnel between the server and client.
Internet Protocol Security (IPsec) is an authentication and encryption protocol suite that works at the Network layer. The Internet Engineering Task Force (IETF) oversees the IPsec protocol suite, managing updates and revisions. |
|
|
Term
The IPsec protocol works in two different modes:
In ___ mode, only the actual payload of the IP packet is encrypted: the destination and source IP address and other IP header information are still readable.
In ___ mode, the entire IP packet is encrypted and is encapsulated inside another IP packet at an endpoint. (pg. 386)
A. Secure
B. Express
C. Transport
D. Tunnel |
|
Definition
C. and D. Transport mode and Tunnel mode
The Authentication Header protocol of IPsec handles authentication and data integrity, but provides no encryption. Encapsulating Security Payload (ESP) encypts the TCP segment, thus providing confidentiality as well as integrity and authentication.
[image] |
|
|
Term
The protocol that enables secure data transfers between two hosts and thus might have replaced FTP. (pg. 389)
A. Simple Network Management Protocol (SNMP)
B. Secure Copy Protocol (SCP)
C. Secure Shell (SSH)
D. SSH File Transfer Protocol (SFTP) |
|
Definition
B. SCP works well but lacks features such as a directory listing. SCP still exists, especially with the well-known UNIX scp command-line utility.
SNMP is for acquiring information about a device.
SSH is a secure replacement protocol for Telnet, and SFTP is designed to bring FTP-style file transfer and management to it. |
|
|
Term
Protocol designed to bring secure, full-featured FTP style file transfer and management to SSH. (pg. 389)
A. SFTP
B.SNMP
C. SCP
D. LDAP |
|
Definition
A. Although SSH File Transfer Protocol (SFTP) and FTP have similar names and perform the same job of transferring files, the way in which they do that job differs greatly.
Simple Network Management Protocol (SNMP) is for acquiring information about a device.
Secure Copy Protocol (SCP) is a more secure replacement for FTP.
Lightweight Directory Access Protocol (LDAP) is for use with databases like Active Directory. |
|
|
Term
Protocol for querying the state of network devices, collecting information such as CPU usage, network utilization and firewall hits. (pg. 390)
A. Transport Layer Security (TLS)
B. Simple Network Management Protocol (SNMP)
C. Network Time Protocol (NTP)
D. Lightweight Directory Access Protocol (LDAP) |
|
Definition
B. SNMP uses special client programs called agents to collect network information from an Management Information Base, SNMP's version of a server.
TLS works at the Transport layer of the OSI model, not the Network layer.
NTP does exactly one thing: gives you the current time.
LDAP works with network databases. |
|
|
Term
A protocol used to query and change a database used by the network. (pg. 391)
A. SSL
B. HTTPS
C. LDAP
D. SNMP |
|
Definition
C. Lightweight Directory Access Protocol (LDAP) databases track aspects of networks, such as users logged into the network, currently active DHCP clients, or the location of all the printers in the local network.
Secure Socket Layer (SSL) is a browser protocol that allows a client to request certificates from servers.
Hypertext Transfer Protocol Secure (HTTPS) is a secure form of HTTP, both of which are used for network file transfers.
Simple Network Management Protocol (SNMP) is used to gather information on network devices. |
|
|
Term
A static VLAN assigns VLANs to ___. (pg. 405)
A. ports
B. MAC addresses
C. IP addresses
D. trunks |
|
Definition
A. Static VLANs are based on ports and are the most common type of VLAN.
Dynamic VLANs are based on MAC addresses, but are never used these days.
VLANs aren't assigned to IP addresses and trunks. |
|
|
Term
Which of the following is the trunking protocol used in today's VLANs? (pg.
A. 802.1z
B. 802.1Q
C. 802.1t
D. 802.1X |
|
Definition
B. The 802.1Q standard is almost universal for VLAN trunking.
802.1X is the protocol for port authentication. |
|
|
Term
What are the benefits of caching on a Web proxy? (Select two)
A. virus detection
B. response time
C. authentication
D. tracking |
|
Definition
A. and B. Cached Web pages can be sent to clients quickly. The contents can also be checked for viruses. |
|
|