Studydroid is shutting down on January 1st, 2019



keywords:
Bookmark and Share



Front Back
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface.  This is an example of what form of attack?
  • Sniffing
  • Spoofing
  • Snooping
  • Spamming
This is an example of spoofing.  Spoofing is the act of changing or falsifying information in order to mislead or re-direct traffic.
Which type of activity changes or falsifies information in order to mislead or re-direct traffic?
  • Spamming
  • Snooping
  • Sniffing
  • Spoofing
Spoofing chages or falsifies information in order to mislead or re-direct traffic.
When the TCP/IP session state is manipulated so that a third party is able to inset alternate packets into the communication stream, what type of attack has occured?
  • Spamming
  • Hijacking
  • Masquerading
  • Replay
A hijacking attack is one where the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream.  Session hijacking has become difficult to  accomplish due to the use of time stamps and randomized packet sequencing rules employed by modern operating system.
What is the goal of a TCP/IP hijacking attack?
  • Establishing an encryption tunnel between two remote systems over an otherwise secured network
  • Destroying data
  • Preventing legitimate authorized access to a resource
  • Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access.
The goal of a TCP/IP hijacking attack is to execute commands or access resources on a system the attacker does not otherwise have authorization to access. When an attacker successfully performs TCP/IP hijacking they take over control of the hijacked communication session. Whatever access the original user had, the attacker can now exploit.  However, the attack only grants access within the confines of the hijacked session.
Which of the following is an attack that injects malicious scripts into Web pages to redirect users to take websites or gather personal information?
  • SQL injection
  • DLL injection
  • XSS 
  • Drive-by download
Cross-site scripting (XSS) is an attack that injects scripts into Web pages.  When the user views the Web page, the malicious scripts run allowing the attacker to capture information or perform other actions.
You want to allow e-commerce Web sites that you visit to keep track of your browsing history for shopping carts and other information, but want to prevent that information from being tracked by sites linked to the sites you explicitly visit.  How should you configure the browser settings?
  • Prevent ActiveX controls and Java on linked websites
  • Allow first party cookies but block third party cookies
  • Block cross-site scripting (XSS)
  • Enable the phishing filter to check all embedded links in webpages you visit.
Answer:  Allow first party cookies but block third-party cookies. Cookies are text files that are stored on a computer to save information about your perferences, browser settings and Web page perferences.  First-party cookies are cookies used by the site you are visiting;  third-party cookies are cookies placed by sites linked to the site you are visiting.
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
  • Smurf
  • Data diddling
  • Time of check/time of use (TOC/TOU)
  • Buffer overflow
A buffer overflow occurs when software code receives too much input that it was designed to handle and when the programmer of that code failed to include input validation checks.  When a buffer overflow occurs, the extra data is pushed into the execution stack and processed with security context of the system itself.  In other words, a buffer overflow attacks often allows the attacker to perform any operation on a system.
You want to prevent your browser from running JavaScript commands that are potentially harmful.  Which of the following would you restrict to accomplish this?
  • CGI
  • Client-side scripts
  • Server-side scripts
  • ActiveX
JavaScript is an example of a client-side scripting, where the client system runs the scripts that are embedded in Web pages.  When pages download, the scripts are executed.
When you browse to a webite, a pop-up window tells you that your computer has been infected with a virus.  YOu click on the window to see what the problem is.  Later, you find out that the window has installed spyware on your system.  What type of attack has occured?
  • DLL injection
  • SQL injection 
  • Trojan horse
  • Drive-by download
A drive-by download is an attack where software or malware is downloaded and installed without explicit consent from the user. 
Which of the following are subject to SQL injection attacks?
  • Web servers serving static content
  • Database servers
  • ActiveX controls
  • Browsers that allow client-side scripts
Answer:  Database servers
An SQL injection attack occurs when an attacker includes database comands within user data input fields on a form, and those commands subsequently execute on the server. The injection attack succeeds if the server does not properly validate the input to restrict entry of characters that could end and begin a database command.
Which of the following specifications identify security that can be added to wireless networks?  (Select two).
  • 802.2
  • 802.3
  • 802.5
  • 802.11i
  • 802.1x
  • 802.11a


802.11i defines security for wireless networks.  Standards described in 802.11i have been implemented in Wi-Fi Protected Acess(WPA) and Wi-Fi Protected Access2 (WPA2).  802.1x is an authentication protocol that can be used on wireless networks.  Use 802.1x on a wireless network is described in the 802.11i specifications.
  
Chapter 8
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?

  • WPA Enterprise and WPA2 Enterprise

  • WEP, WPA Personal, and WPA2 Personal

  • WEP

  • WEP, WPA Personal, WPA Enterprise, WPA2 Personal, WPA2 Enterprise

  • WPA, Personal & WPA2 Personal

Shared key authentication can be used with WEP, WPA and WPA2.  Shared key authentication used with wPA and WPA2 is often called WPA Personal or WPA2 Personal.
WPA Enterprise and WPA2 Enterprise use 802.1x for authentication uses userames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.


Chapter 8
How does WPA2 differ from WPA?

    • WPA2 cannot use preshared keys for authentication; WPA can

    • WPA2 supports 802.1x authentication; WPA does not

    • WPA2 uses AES for encryption; WPA uses TKIP.

    • WPA2 supports dynamic key rotation; WPA does not

WPA2 uses AES encryption while WPA uses TKIP.  Both WPA and WPA2 can use preshared keys or 802.1x for authentication.  Both use dynamic key rotation to protect encryption keys.

Chapter 8
You want to implement 802.1x authentication on your wireless network.  Which of the following will be required?
  • RADIUS
  • TKIP
  • WPA2
  • WPA
802.1x auhentication uses usernames and passwords, certificates, or devices such as smart cards to authenticate wireless clients.  A RADIUS server to centralize user account and authentication information. A centralized database for user authentication is required to allow wireless clients to roam between cells but authenticate using the same account information. A PKI for issuing certificates.You can use 802.1x authentication with both WPA and WPA2, and even with WEP with some devices nd operating systems.  TKIP is an encryption method used with WPA. Chapter 8
Which of the following offers the weakest form of encryption for an 802.11 wireless network?
  • WAP
  • WP2
  • WPA
  • WEP
WEP (Wired Equivalent Privacy) has the weakest encryption for 802.11 wireless networks.  WEP uses a shared key for the encryption key.  This key is easily cptured and broken.  The only encryption worse the WP is no encryption at all. WPA2 uses AES encryption and offers the strongest encryption.  WPA uses TKP encryption.  WAP is an acronym for wireless access point.  
Chapter 8
You want to connect a laptop computer running Windows 7 to a wireless network.  The wireless network uses multiple access points and WPA2-Personal.  You want to use the strongest authentication and encryption possible.  SSID broadcast has been disabled.

  • Configure the connection with a preshared key and TKIP encryption.

  • Configure the connection with a preshared key and AES encryption.

  • Configure the connection to use 802.1x authentication and AES encryption.

  • Configure the connection to use 802.1x authentication and TKIP encryption.

To connect to the wireless network using WPA2-Personal, you will need to use a preshared key for authentication.  AES encryption is supported by WPA2 and is the stongest encryption method.
WPA and WPA2 designations that include Personal or PSK use a preshared key for authentication.  Methods that include Enterprise use a RADIUS server for authentication and use 802.1x authentication with usernames and passwords.

Chapter 8
Which of the following do switches and wireless access points use to control access through the device?
  • MAC filtering
  • Session filtering
  • IP address filtering
  • Port number filtering
Both switches and wireless access points are layer 2 devices, meaning they use the MAC address for making forwarding decisions.  Both devices typically include some form of security that restricts access based on MAC address. Routers and firewalls operate at Layer 3, and can use the IP address or port number for filtering decisions.  A circuit-level gateway is a firewall that can make forwarding decisions base on the session information.
Chapter 8
You want to implement 802.1x authentication on your wireless network.  Where would you configure passwords that are used for authentication?
  • On the wireless access point
  • On a RADIUS server
  • On the wireless access point and each wireless device
  • On a certificate authority (CA)
 
802.1x authentication uses username and passwords, certificates, or devices such as smart cards to authenticate wireless clients.  Authentication requests received by the wireless access point are passed to a RADIUS server which validates the logon credentials (such as the username and password).
Chapter 8
Which of the following is an advantage of WPA over WEP?
  • Simplified administration
  • Supports client roaming
  • Dynamic keys
  • Less processor overhead
 
WPA improves upon WEP by using dynamic keys for encryption and a stronger method of encryption.  Both WPA and WEP are for wireless network security, so the biggest advantages of WPA over WEP is to improve security.  
Chapter 8

You need to secure your wireless network.  Which security protocols could you implement?  (Select two)
  • BitLocker
  • WEP
  • WPA
  • 802.11n
  • EFS
WEP, WPA and WPA2 are all security protocols for wireless networks.  Each security protocols protects the wireless data through the use of association keys and encryption protocols.   Chapter 8
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
  • Change the default SSID
  • Disable SSID broadcast
  • Implement WPA2 Personal
  • Use a form of authentication other than Open authentication
Wireless access points are tranceivers which transmit and receive information on a wireless network.  Each access point has a service set ID (SSID) which identifies the wireless network.  By default, access points broadcast the SSID to announce their presence and make it easy for clients to find and connect to the wireless network.  Turn off the SSID broadcast to keep a wireless 802.11x network from being authomatically discovered.  When SSID broadcasting is turned off, users must know the SSID to connect to the wireless network.  This helps to prevent casual attackers from connecting to the network, but any serious hacker with the right tools can still connect to the wireless network.
Chapter 8
Which of the following are typically used for encrytping data? (Select two)
  • TKIP
  • Diffie-Hellman
  • MD-5
  • AES
  • EIGamal
TKIP and AES are used for encrpting data.  TKIP is used with WPA wireless standards, while AES is used with WPA2 and other encrytpion applications. EIGamal and Diffie-Hellman are asymmentric emcrytpion methods.  They are both used for key exchange and digital signatures.  MD-5 is a hashing algorithm.
Chapter 8
On a wireless network that is employing WEP, which type of users are allowed to authenticate through the access points?
  • Users withn the 80% strength radius
  • Users wth the correct WEP key
  • Only users with remote access priveleges
  • User with proper company IDs
On a wireless network that is employing WEP (Wired Equivalent Privacy), only users with the correct WEP key are allowed to authenticate through the WAP (Wireless Application Protocol) access points.  That's the whole point of WEP, prevent unauthorized users by employing a wireless session key for access.
Chapter 8
You have a small wireless network that uses multiple access points.  The network uses WPA and broadcasts the SSID.  WPA2 is not supported by the wireless acces points.  You want to connect a laptop computer to the wireless network.  Which of the following parameters will you need to configure on the laptop?  (Select two)
  • Channel
  • TKIP encryption
  • BSSID
  • Preshared key
  • AES encryption
 
To connect to the wireless network using WPA, you will need to use a preshared key and TKIP encryption.  When using a preshared key with WPA, it is knows as WPA-PSK or WPA Personal. AES encryption is used by WPA2.  The channel is automatically detected by the client.  The Basic Service Set Identifier (BSSID) is a 48-bit value that identifies an AP in an infrastructure network or a STP in an ad hoc network.  The client automatically reads this and uses it to keep track of APs when roaming between cells.  
Chapter 8
You need to place a wireless access point in your two-story building.  While trying avoid interference, which of the following is the best location for the access point?
  • In the kitchen area
  • In the basement
  • In the top floor
  • Near the backup generators
In general, place access points higher up to avoid interference problems caused by going through building foundations.  Do not place the access point next to sources of interference such as other wireless transmitting devices (cordless phones or microwaves) or other sources of interference (motors or generators)
Chapter 8
What is the least secure place to locate the access point when creating a wireless cell?
  • In the center of the building
  • Above the 3rd floor
  • Near a window
  • In a common or community work areas
The least secure location for a wireless cell access points against a perimeter wall.  So, placement near a window would be the worst option from list of selection.
Chapter 8
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?
  • Place access points in the basement.
  • Place access points near outside walls
  • Place multiple access points in the same area.
  • Place access points above where most clients are.
When placing wireless access points:
  • Devices often get better reception from access points that are above or below.
  • If possible, place access points higher up to avoid interference problems caused by going through building foundations.
  • For security reasons, do not palace APs near outside walls
  • Placing the AP in the center of the building decreases the range of the signals available outside of the building.

Chapter 8
You need to configure a wireless network.  You want to use WPA Enterprise.  Which of the following components will be part of your design? (Select two)
  • TKIP encryption
  • AES encryption
  • WEP encryption
  • Open authentication
  • Preshared keys
  • 802.1x
Answer:  TKIP encryption,  802.1x To configure WPA Enterprise, you will need a RADIUS server to support 802.1 x authentication. WPA uses TKIP for encryption.   WPA-PSK also called WPA Personal, uses prehared keys for authentication.  WPA2supports AES encryption. 
Chapter 8
You need to add security for your wireless network.  You would like to use the most secure method.  Which method should you implement?
  • WEP
  • Kerberos
  • WPA2
  • WPA
   
Wi-Fi Protected Access 2 (WPA2) is currently the most secure wireless security specification.  WPA2 includes specifications for both encryption and authentication WPA was an earlier implementation of security specified by the 802.11i committee.  WEP was the original security method for wireless networks.  WPA is more secure than WEP, but less secure than WPA2. Kerberos is an authentication method, not a wireless security method Chapter 8
You have physically added a mireless access point to your network and installed a wireless networing card in two laptops running Windows XP.  Neither laptop can find the network and you have come to the conclusion that  you must manually confgure the wireless access point (AP).  Which of the following values uniquely identifies the network AP?
  • PS
  • SSID
  • Channel
  • WEP
The SSID (service set identifier) identifies the wireless network.  All PCs and access points in a LAN share the same SSID.
Chapter 8
RADIUS is primarily used for what purpose?
  • Managing RAID fault-tolerant drive configurations
  • Managing access to a network over a VPN
  • Controling entry gate access using proximity sensors.
  • Pre-authenticating remote clients before access to the network is granted.
RADIUS (Remote Authentication Dial-In User Service) is primarily used for pre-authenticating remote clients before access to the network is granted.  RADIUS is based on RFC 2865.  RADIUS  maintains client profiles in a centralized database.  RADIUS offloads the authentication burden for dial-in users from the normal authentication of local network clients. 
Which of the following is a characteristics of TACACS+?
  • Uses UDP ports 1812 and 1813
  • Supports only TCP/IP
  • Encrypts the entire packet, not just authentication packets.
  • Requires that authetication and authorization are combined in a single server.


TACACS+:
  • Encrypts the entire packet contents and not just authentication packets
  • Encrypts the entire contents and not just authetication packets
  • Uses TCP port 49
  • Supports more protocol suites than RADIUS


Chapter 9_3.7
Which of the following protocols can be used to centralized remote access authentication?
  • SESAME
  • Kerberos
  • TACACS
  • EAP
  • CHAP
Centralized remote access authentication protocols include:
  • RADIUS (Remote Authentication & Dial-in User Service)
  • TACACS (Terminal Access Controller Access Control System)

Chapter 9
You have a network with 3 romte access servers, a RADIUS server used for authentication and authorization, an a secund RADIUS server used for accounting. Wher should you configure remote access policies?
  • On the RADIUS server used for accounting
  • On one of the remote access servers
  • On each of th remote access servers
  • On the RADIUS server used for authentication and authorization


Remote access policies are used for authorization for remote access clients.  For larger deployments with multiple remote access servers, you can centralize the administration of remote access policies by using an AAA server (authentication, authorization, and accounting).  Configure remote  access policies on the AAA server that is used for authorization.  
Chapter 9
Which ports does LDAP use by default? (Select two)
  • 110
  • 69
  • 636
  • 161
  • 389
LDAP (Lightweight Directory Access Protocol) uses ports 389 and 636 by default  Port 636 is used for LDAP over SSL.  This is the secue form or mode of LDAP Unsecured LDAP uses port 389. Port 69 is used by TFTP.  Port 110 is used by POP3.  Port 161 is used by SNMP.  
Chapter 9
A user has just authenticated using Kerberos.  What object is issued to the user immediately following logon?
  • Client-to-server ticket
  • Digital certificate
  • Digital signature
  • Ticket granting ticket
Kerberos works as follows:
  • The client sends an authentication request to the authentication server
  • The authentication server validates the user identity and grants a ticket granting ticket (TGT).  The TGT validates the user identity and is good for a specific ticket granting server.
  • When the client needs to access a resource, it submits its TGT to the TGS.  
  • The client connects to the service server and submits the client-to-server ticket as proof of access.
  • The SS accepts the ticket and allows access.

Chapter 9
Which of the following are used when implementing Kerberos for authentication and authorization? (Select tow)
  • RADIUS or TACACS + server
  • PPPoE
  • Ticket granting server
  • Time server
  • PPP
Keberos grants tickets (also called a security token) to authenticated users and to authorized resources.  A ticket granting server (TGS) grants tickets that are valid for  specific resources on specific servers.  Kerberos requires that all servers whithin the process have synchronized clocks to validate tickets, so a centralized time server or other method for time synchronization is required.
Chapter 9
Your LDAP directory services solution uses simple authentication.  What should you always do when using simple authentication?
  • Add SASL and use TLS.
  • Use Kerberos
  • Use IPSec and certificates
  • Use SSL
Protect LDAP simple authentication by using SSL to protect authentication traffic.  LDAP simple authentication uses clear text for username and password exchange. While you can protect authentication using SASL, this requires changing the authentication mode of LDAP from simple to SASL.  When using SASL, you can use a wide range of solutions such as TLS, Kerberos, IPSec, or certificates.

Chapter 9
Which of the following are requirements to deploy Kerberos on a network? (Select two)
  • A directory service
  • Use of token devices and one-time passwords
  • A centralized database of users and passwords
  • Blocking of remote connectivity
  • Time synchronization between devices
Keberos requires that there be a centralized database of users and passwords and time synchronization. The user database is usually maintained of the KDC itself or on a separate pre=authentication server system.  Time sychronization is required to stamp a consistent expiration date within the Ticket Granting Ticket (TGT).
Chapter 9
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
  • Hashkey
  • Voucher
  • Ticket
  • Coupon
The tokens used in Kerberos authentication are know as tickets.  Thes tickets perform a number of function including notifying the network service of the user who hasbeen granted access, and authenticating the identity of the person when they attempt to use the network service.
Chapter 9
You want to use Kerberos to protect LDAP authentication.  Which authentication mode should you choose?
  • Mutual
  • EAP
  • Simple
  • SASL


Choose SASL (Simple Authentication & Security Layer) authentication mode to use Kerberos with LDAP.  SASL is extensible and lets you use a wide variety of  protection methods. LDAP authentication modes include Anonymous, Simple , and SASL.  EAP is an extensible authentication protocol for remote access, not LDAP.
Chapter 9
You want to deploy SSL to protect authentication traffic with your LDAP-based directory service.  Which port would this use?
  • 60
  • 80
  • 389
  • 443
  • 636
  • 2208
To use SSL for LDAP authentication, use port 636.
Port 80 is used to HTTP while port 443 is used for HTTPS (HTTP with SSL).  Simple LDAP authentication uses port 389.
Chapter 9
Which fo the following protocols uses port 88?
  • LDAP
  • Kerberos
  • TACACS
  • L2TP
  • PPTP
Kerberos uses port 88 TACACS uses port 49. LDAP uses TCP and UDP ports 389.  Secure LDAP uses SSL/TLS over port 636.  L2TP uses port 1701. PPTP uses port 1723.
Chapter 9
Which of the following protocols uses ports 389 and 636?
  • Kerberos
  • RDP
  • LDAP
  • L2TP
  • TACACS
LDAP uses TCP and UDP 389.  Secure LDAP uses SSL/TLS over port 636.  

Chapter 9
In what form of access control environment is access controlled by rules rather than by identity?
  • Most client-server environments
  • DAC
  • ACL
  • MAC
A MAC environment controls access based on rules rather than by identity. DAC environments use identity to control acces. ACLs are a specific example of an identity-based access control mechanism used in DAC environments.  Most client-server environments use ACLs and thus use DAC solutions.


Chapter 9_1.1
You have a system that allows the owner of a file to identify users and their permissions to the file.  Which type of access control model is implemented?
  • DAC
  • MAC
  • RBAC (based on roles)
  • RBAC (based on rules)
This is an example of a discretionary access control list (DACL) which uses the Discretionary Access Control  (DAC) model.  With DAC, individuals use ther own discretion (decisions or preferences) for assigning permissions and allowing or denying access.
Chapter 9_1.1
Which access control model manages rights and permissions based on job descriptions and responsibilities?
  • Mandatory Access Control (MAC)
  • Discretionary Access Control (DAC)
  • Task Based Access Control (TBAC)
  • Role Based Access Control (RBAC)
Role Based Access Control (RBAC) is the access control model that manages rights and permissions based on job descriptions.  RBAC focuses on job descriptions or work tasks, instead of employing user accounts to define access.  RBAC are best suited for environments that have high rate of employee turnover.  By defining access based on roles rather than individuals, it simplifies administration when granting a new person access to common activities.
Chapter 9_1.1
Which form of access control enforces security based on user indentities and allows individual users to define access controls over owned resources?
  • RBAC
  • MAC
  • DAC
  • TBAC
DAC (Discretionary Access Control) uses identities to control resources access.  Users can make their own decisions about the access to grant to other users. RBAC (job descriptions) , MAC (classifications), TBAC (work tasks) enforce security based on rules.
Chapter 9_1.1
What does the MAC method use to control access?
  • Geographic location
  • Sensitivity label
  • User accounts
  • Job descriptions
Mandatory Access Control (MAC) is based on sensitivy labels (a.k.a classifications or clearance levels).  A sensitivity label is descriptive tag that indicates haw important, valuable, volatile, or classified a resource is.  Common sensitivity labels in military computing environment are:  Top Secret, Secret, Classified, Sensitive but Unclassified, Common Sensitivy labes in private sector computing environment include Proprietary, Confidential, Private and Public.
Chapter 9_1.1
Which type of access control focuses on assigning privileges based on security clearance and data sensitivity?
  • TBAC
  • RBAC
  • DAC
  • MAC
MAC (Mandatory ccess Control) uses classifications to assign privileges based on a security clearances and data sensitivity. RBAC (Role-based Access Control) is a form of  access control that assigns privileges based on job descriptions.  New users are simply assigned a job label. TABC (Task-based Access Control) defines individual work tasks to assign privileges.  DAC (Discretionary Access Control), an administrator or owner defines user and resource access.
Chapter 9_1.1
|< < Previous x of y cards Next >|