1. (p. 295) This term means to scramble, to mix up, to change data in such a way that the wrong people can't read it, but so the right people can unscramble it.
A. authentication
B. authorization
C. encryption
D. nonrepudiation
A. authentication
B. authorization
C. encryption
D. nonrepudiation
2. (p. 295) Which of the following terms refers to the process that guarantees that data remains as originally sent, and that it came from an appropriate source?
A. authentication
B. authorization
C. encryption
D. nonrepudiation
A. authentication
B. authorization
C. encryption
D. nonrepudiation
3. (p. 296) Which of the following is a term used for a way to encrypt data?
A. cipher
B. authentication
C. encryption
D. hash
A. cipher
B. authentication
C. encryption
D. hash
4. (p. 297) Which of the following is the result of running cleartext through an algorithm using a key?
A. key pair
B. plaintext
C. digital signature
D. ciphertext
A. key pair
B. plaintext
C. digital signature
D. ciphertext
5. (p. 299) Which of the following is the block cipher used by most TCP/IP applications that use that type of cipher?
A. Rivest Cipher 4 (RC4)
B. Advanced Encryption Standard (AES)
C. Data Encryption Standard (DES)
D. Rivest Shamir Aleman (RSA)
A. Rivest Cipher 4 (RC4)
B. Advanced Encryption Standard (AES)
C. Data Encryption Standard (DES)
D. Rivest Shamir Aleman (RSA)
6. (p. 300) What is the most popular form of e-mail encryption?
A. Data Encryption Standard (DES)
B. block encryption
C. asymmetric-key algorithm
D. public-key cryptography
A. Data Encryption Standard (DES)
B. block encryption
C. asymmetric-key algorithm
D. public-key cryptography
7. (p. 302) This is a mathematical function that creates a checksum, and which is used by most forms of nonrepudiation.
A. authentication
B. hash
C. encryption
D. nonrepudiation
A. authentication
B. hash
C. encryption
D. nonrepudiation
8. (p. 304) This nonrepudiation tool contains the digital signature of a third party guaranteeing the identity of the person who is passing out this digital tool.
A. hash
B. encryption
C. certificate
D. password
A. hash
B. encryption
C. certificate
D. password
9. (p. 306) What organization is a very popular certificate authority?
A. Microsoft
B. VeriSign
C. eBay
D. PKI
A. Microsoft
B. VeriSign
C. eBay
D. PKI
10. (p. 298) Which type of algorithm is used when two different keys are used in encryption?
A. symmetric-key
B. PKI
C. keyless
D. asymmetric-key
A. symmetric-key
B. PKI
C. keyless
D. asymmetric-key
11. (p. 298) What is the oldest of the TCP/IP symmetric-key algorithms?
A. Data Encryption Standard (DES)
B. Advanced Encryption Standard (AES)
C. Rivest Cipher 4(RC4)
D. public-key cryptography
A. Data Encryption Standard (DES)
B. Advanced Encryption Standard (AES)
C. Rivest Cipher 4(RC4)
D. public-key cryptography
12. (p. 302) Which of the following is an authentication and encryption protocol that works at the Network layer of the OSI seven-layer model?
A. IPSec
B. Secure Sockets Layer (SSL)
C. MS-CHAP
D. Transport Layer Security (TLS)
A. IPSec
B. Secure Sockets Layer (SSL)
C. MS-CHAP
D. Transport Layer Security (TLS)
13. (p. 321) What is a potential problem a browser looks for after it receives a certificate from a secure HTTP site? (Select all that apply.)
A. invalid certificate
B. deleted certificate
C. revoked certificate
D. disconnected certificate
E. both A and C
A. invalid certificate
B. deleted certificate
C. revoked certificate
D. disconnected certificate
E. both A and C
14. (p. 317) Which of the following was developed as a secure replacement for Telnet?
A. Telnet II
B. Secure Shell (SSH)
C. AES
D. IPSec
A. Telnet II
B. Secure Shell (SSH)
C. AES
D. IPSec
15. (p. 320) Which of the following is true of the Transport mode of IPSec?
A. Only the actual payload of an IP packet is encrypted.
B. MS-CHAP authentication occurs.
C. The entire packet, including the header, is encrypted.
D. It uses the EAP-TLS protocol.
A. Only the actual payload of an IP packet is encrypted.
B. MS-CHAP authentication occurs.
C. The entire packet, including the header, is encrypted.
D. It uses the EAP-TLS protocol.
16. (p. 312) Which of the following is a standard that offers authentication, authorization, and accounting? (Select all that apply.)
A. Terminal Access Control Access Control System Plus (TACACS+)
B. Remote Authentication Dial-in User Service (RADIUS)
C. Network Access Servers (NASs)
D. MS-CHAP
E. Both A and B
A. Terminal Access Control Access Control System Plus (TACACS+)
B. Remote Authentication Dial-in User Service (RADIUS)
C. Network Access Servers (NASs)
D. MS-CHAP
E. Both A and B
17. (p. 313) This authentication protocol is used in a TCP/IP network where many clients all connect to a single authenticating server with no point-to-point involved.
A. MS-CHAP
B. TACACS+
C. PPP
D. Kerberos
A. MS-CHAP
B. TACACS+
C. PPP
D. Kerberos
18. (p. 310) Which of the following is the most common authentication method for dial-up connections?
A. PPP
B. MS-CHAP
C. AAA
D. RADIUS
A. PPP
B. MS-CHAP
C. AAA
D. RADIUS
19. (p. 314) This is the most popular form of authentication used in wireless networks today.
A. PPP
B. EAP-PSK (Personal Shared Key)
C. EAP-TLS
D. LEAP
A. PPP
B. EAP-PSK (Personal Shared Key)
C. EAP-TLS
D. LEAP
20. (p. 315) Which of the following is a port-authentication network access control standard that forces devices to go through a full AAA process to get past the gateway to a network?
A. EAP
B. KDC
C. 802.1X
D. RADIUS
A. EAP
B. KDC
C. 802.1X
D. RADIUS
21. (p. 318) This is an encrypted link between two programs (or endpoints) on two separate computers.
A. PKI
B. tunnel
C. 802.1X
D. Kerberos
A. PKI
B. tunnel
C. 802.1X
D. Kerberos
22. (p. 321) Which of the following is an SSH-enabled program?
A. Secure Copy Protocol (SCP)
B. HTTPS
C. Telnet
D. Kerberos
A. Secure Copy Protocol (SCP)
B. HTTPS
C. Telnet
D. Kerberos
23. (p. 299) This cipher will probably be the only streaming symmetric-key algorithm you see.
A. Advanced Encryption Standard (AES)
B. Data Encryption Standard
C. Rivest Cipher 4 (RC4)
D. Caesar cipher
A. Advanced Encryption Standard (AES)
B. Data Encryption Standard
C. Rivest Cipher 4 (RC4)
D. Caesar cipher
24. (p. 322) This protocol offers a method for querying the state of certain network devices.
A. SFTP
B. SNMP
C. NTP
D. SCP
A. SFTP
B. SNMP
C. NTP
D. SCP
25. (p. 321) What causes the most common problems with HTTPS?
A. PKI
B. bad certificates
C. revoked certificates
D. bad URLs
A. PKI
B. bad certificates
C. revoked certificates
D. bad URLs
26. (p. 303) This cryptographic hash comes in two versions, but is not the most popular cryptographic hash.
A. MD5
B. CRAM-MD5
C. RSA
D. Secure Hash Algorithm (SHA)
A. MD5
B. CRAM-MD5
C. RSA
D. Secure Hash Algorithm (SHA)
27. (p. 313) In a Microsoft domain using Kerberos authentication, after a client has been authenticated and received a TGT, the client presents this to a Ticket-Granting Service to receive something that allows authorization to resources for up to 8 hours. What is a common name for this last item?
A. timestamp
B. password
C. token
D. smart card
A. timestamp
B. password
C. token
D. smart card
28. (p. 314) What is Extensible Authentication Protocol (EAP) if it is not a protocol?
A. authentication rule
B. wrapper
C. token
D. ticket
A. authentication rule
B. wrapper
C. token
D. ticket
29. (p. 315) This proprietary EAP authentication is used almost exclusively by Cisco on their wireless products.
A. LEAP
B. EAP-MS-CHAPv2
C. EAP-TLS
D. EAP-PSK
A. LEAP
B. EAP-MS-CHAPv2
C. EAP-TLS
D. EAP-PSK
30. (p. 316) 802.1X combines RADIUS-style AAA with which of the following to make a complete authentication solution?
A. PPP
B. MS-CHAP
C. EAP
D. TLS
A. PPP
B. MS-CHAP
C. EAP
D. TLS
31. (p. 302) Which of the following layers of the OSI model does NOT offer any commonly used encryption methods or technologies?
A. Layer 1
B. Layer 7
C. Layer 3
D. Layer 2
A. Layer 1
B. Layer 7
C. Layer 3
D. Layer 2
32. (p. 313) Which of the following ports does the Kerberos authentication protocol use?
A. 22
B. 23
C. 88
D. 53
A. 22
B. 23
C. 88
D. 53
33. (p. 295) Which of the following terms describes what rights, privileges, permissions, and actions a person has or can take with respect to a resource or system?
A. auditing
B. accounting
C. authentication
D. authorization
A. auditing
B. accounting
C. authentication
D. authorization
34. (p. 314) Which of the following technologies is not a true protocol, but enables the use of different authentication methods?
A. EAP
B. 802.1X
C. PPP
D. IPsec
A. EAP
B. 802.1X
C. PPP
D. IPsec
35. (p. 323) Which of the following protocols is used to query directory services databases?
A. LDAP
B. Kerberos
C. EAP
D. NTP
A. LDAP
B. Kerberos
C. EAP
D. NTP
No comments:
Post a Comment