Printed from www.StudyDroid.com

Review Ch. 9 -- Cloned from: Review Ch. 9
alymurm

Front Back

The _____ was configured in Windows 2000, Windows Server 2003, and Windows XP IPSec policies to ensure that the computer responds to requests for secure


Default Response Rule


A(n) _____ attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic.


Indentity Spoofing


The strongest form of NT LAN Manager authentication is _____.


NTLMv2


IPSec _____ is used to provide end-to-end security, in which both hosts support IPSec using the same authentication protocols.


Transport Mode


A(n) ______ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain.


Isolation Rule


Microsoft Network Monitor is an example of a real-world _____ .


Packet Sniffer


The Windows Firewall with Advanced Security MMC snap-in allows you to integrate IPSec into the Windows Firewall by configuring one or more _____.


Connection Security Rules


The default _____ for IPSec connections in an Active Directory environment is the Kerberos v5 protocol.


Authentication Protocol


Each Windows Firewall exception can be configured with a specific _____ to control which computers the local computer will accept connections from.


Scope


A(n) _____ must occur before secure traffic can be sent, in order to determine the type of traffic to be secured and how it will be secured


Quick Mode Negotiation


This is used to provide gateway-to-gateway protection for site-to-site communications that cross the Internet (or other public networks).
a. Transport mode
b. Quick mode
c. Main mode
d. Tunnel mode



D


Windows Server 2003 supports the following feature, which is used to determine new keying material through a new Diffie-Hellman exchange on a regular basis:
a. Dynamic rekeying
b. Dynamic mode
c. Dynamic association
d. Dynamic policy


A


The following protocol provides confidentiality (in addition to authentication, integrity, and anti-replay) for the IP payload:
a. Encapsulating Security Payload(ESP)
b. Authentication header (AH)
c. NTLMv2
d. LM


A


This suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data.
a. ESP
b. IKE
c. IPSec
d. NTLM


C


The following is a value contained in a received IKE message that is used to help identify the corresponding main mode SA:
a. cookie
b. cache
c. exception
d. ISAKMP


A


This Connection Security Rule allows you to specify one or more computers that do not need to be authenticated in order to pass traffic.
a. Isolation
b. Server-to-Server
c. Tunnel
d. Authentication exemption


D


You can configure the Windows Firewall to allow one or more inbound connections based on any of the following that you configure:
a. Exemption
b. Isolation
c. Exception
d. Tunnel


C


An IP Filter in which traffic that is defined in one direction will also be defined in the opposite direction is said to be:
a. Symmetrical
b. Mirrored
c. Asymmetrical
d. Exempted


B


The following NTLM Authentication type is disabled by default in Windows Server 2003 and Windows Server 2008 servers; it should not be used in a production environment as it is weak and can be easily hacked by malicious users:
a. NTLMv2 authentication
b. NTLM authentication
c. LM authentication
d. Kerberos v5 authentication


C


This is a mathematical value that is used to provide an integrity check for a TCP or UDP packet.
a. Checksum
b. Header
c. Hash
d. Cipher Suite


A


T or F:
Each TCP/IP packet protected with IPSec contains a cryptographic checksum in the form of a keyed hash.


TRUE


T or F:
Use Tunnel mode when you require packet filtering and end-to-end security.


FALSE


The Authentication Header (AH) protocol provides confidentiality and data encryption.


FALSE


T or F:
For IPSec, the only exception to complete protected cipher suite negotiation is the negotiation of the cipher suite of the initial ISAKMP SA, which is sent as XML.


FALSE



T or F:
To identify a specific SA for tracking purposes, a 32-bit number known as the Security Parameters Index (SPI) is used.


TRUE


Where is the checksum located?
a. footer of each packet
b. header of each packet
c. payload of each packet
d. application data of each packet


Header of each packet


What suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data?



IPSec


What are the IPSEC default setting for the key lifetime in minutes?
a. 350
b. 380
c. 450
d. 480


480


What rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory Domain?
a. tunnel
b. authentication exemption
c. Isolation
d. Server to server


Isolation


Which rule allows you to specify one or more computers that do not need to be authenticated to pass traffic?


Authentication exemption


Before secure data is sent, what must occur to determine the type of traffic to be secured and how it will be secured?


quick mode negotiations


IKE main mode has a default lifetime of ______ hours.


8


To set the Netsh IPSec context, what is the first command you enter at the command prompt?


netsh


Which statistics represents the number of failed outbound requests that occurred to establish the SA since the IPSec service started?


Acquire Failures


The command "set config property-ipsecloginterval value=value" can be set to what range of values?


60-86,400


Which "middle-of-the-road" form of NTLM authentication was used to improve upon the security of LM Authentication?


NTLM Authentication


Which type of attack is one in which a malicious user masquerades as the legitimate sender or repcipient of network traffic?


identity spoofing


Which process is used to establish trust between communicating systems, after which only trusted systems can communicate with each other?


cutual authentication


Which default authentication method is used by IPSec policies deployed within an Active Directory domain and can only be used in an Active Directory enviroment?


Kerberos v5 protocol


What allows traffic that is defined in one direction to also be defined in the opposite direction?


mirroring


The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on which type of computer?


Windows Server 2008


Which field does the IPSec driver use to match the correct SA with the correct packet?


SPI Field


What is used to determine encryption key material and security protection for use in protecting subsequent main mode or quick mode communications.


main mode negotiations


What statistics shows the total number of failed outbound quick mode SA addition requests that have been submitted by IKE to the IPSec driver since the IPSec service was last started?


Key Addition Failures


What is the default authentication protocol in an Active Directory network?


Kerberos v5