Bookmark and Share

Front Back
1. This is used to provide gateway-to-gateway protection for site-to-site communications
that cross the Internet (or other public networks).
a. Transport mode
c. Main mode
b. Quick mode
d. Tunnel mode
d. Tunnel mode
2. Windows Server 2003 supports the following feature, which is used to determine new
keying material through a new Diffie-Hellman exchange on a regular basis:
a. Dynamic rekeying
c. Dynamic association
b. Dynamic mode
d. Dynamic policy
a. Dynamic rekeying
3. The following protocol provides confidentiality (in addition to authentication, integrity,
and anti-replay) for the IP payload:
a. Encapsulating Security Payload (ESP)
c. NTLMv2
b. Authentication header (AH)
d. LM
a. Encapsulating Security Payload (ESP)
4. This suite of protocols was introduced to provide a series of cryptographic algorithms
that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless
of the actual application that is sending or receiving data.
a. ESP
c. IPSec
b. IKE
c. IPSec
5. The following is a value contained in a received IKE message that is used to help identify
the corresponding main mode SA:
a. Cookie
c. Exception
b. Cache
a. Cookie
6. This Connection Security Rule allows you to specify one or more computers that do not
need to be authenticated in order to pass traffic.
a. Isolation             c. Tunnel
b. Server-to-server   d. Authentication exemption
d. Authentication exemption
7. You can configure the Windows Firewall to allow one or more inbound connections
based on any of the following that you configure:
a. Exemption     c. Exception
b. Isolation        d. Tunnel
c. Exception
8. An IP Filter in which traffic that is defined in one direction will also be defined in the
opposite direction is said to be:
a. Symmetrical    c. Asymmetrical
b. Mirrored          d. Exempted
b. Mirrored
9. The following NTLM Authentication type is disabled by default in Windows Server
2003 and Windows Server 2008 servers; it should not be used in a production environ-
ment as it is weak and can be easily hacked by malicious users:
a. NTLMv2 authentication
c. LM authentication
b. NTLM authentication 
d. Kerberos v5 authentication
c. LM authentication
10. This is a mathematical value that is used to provide an integrity check for a TCP or
UDP packet.
a. Checksum    c. Hash
b. Header        d. Cipher Suite
a. Checksum
x of y cards