Upgrade to remove ads
Lesson 12: Implementing Secure Network Access Protocols
Terms in this set (23)
True or false? The contents of the HOSTS file are irrelevant as long as a DNS service is properly configured.
False (The contents of the HOSTS file are written to the DNS cache on startup. However, it is possible to edit the registry to prioritize DNS over HOSTS)
True or false? DNSSEC depends on a chain of trust from the root servers down.
Which attack corrupts the records of a DNS server to point traffic destined for a legitimate domain to a malicious IP address?
B) DNS spoofing
C) DNS server cache poisoning
D) DNS kiting
What steps should you take to secure an SNMPv2 service? (Choose all that apply)
A) Rewrite the registry to prioritize SNMP over HOSTS
B) Configure strong community names
C) Disable trap operations
D) Use ACLs to restrict access to known hosts
(You would rewrite the registry to prioritize DNS over HOSTS, not SNMP; SNMP traps inform management systems of notable events and should be left configured)
What port does DNS use?
What port does SNMP use?
What port does SNMP trap use?
True or false? A TLS VPN can only provide access to web-based network resources.
False (a Transport Layer Security VPN uses TLS to encapsulate the private network data and tunnel it over the network; the private network data could be frames or IP-level packets and is not constrained by application-layer protocol type)
What is Microsoft's TLS VPN solution?
B) Remote Desktop Protocol
C) SecureSocket Tunneling Protocol
What IPSec mode would you use for data confidentiality on a private network? (Select all that apply)
A) Authentication Header (AH)
B) Encapsulation Security Payload (ESP)
C) Tunnel mode
D) Transport mode
B, C (Transport mode with ESP; tunnel mode encrypts the IP header information, but this is unnecessary on a private network. AH provides message authentication and integrity but not confidentiality.)
Which protocol is often used in conjunction with IPSec to provide a remote access client VPN with user authentication?
True or False: AH encrypts both the payload and header, while ESP only encrypts the header.
False (ESP encrypts both the payload and header, while AH only encrypts the header)
What bit of information confirms the identity of an SSH server to a client?
A) Server's name
B) Server's private key
C) Server's public key
D) Server's certificate
Evaluate the features of Dynamic Host Configuration Protocol (DHCP) to conclude which statements are accurate. (Select two)
A) DHCP is more prone to configuration errors than static address configurations due to DHCP requiring manual entry of IP addresses and subnet mask.
B) DHCP should be configured with a minimum of two servers on the network for fault tolerance with overlapping scopes.
C) DHCP provides an automatic method for network address allocation to include optional parameters such as the default gateway.
D) Windows DHCP servers in an Active Directory environment automatically log any traffic detected from unauthorized DHCP servers.
Evaluate the protocols found within the Internet Protocol Security (IPSec) protocol suite and select the option that best explains the Internet Key Exchange (IKE) protocol.
A) The protocol that provides confidentiality and authentication by encrypting the packet.
B) The protocol that performs a cryptographic hash on the packet plus a shared secret key.
C) The protocol that handles authentication, uses UDP port 500, and negotiations take place over two phases.
D) The protocol that works over tunnel layer 2 frames or in routed mode to forward IP packets.
A company is battling an outside entity kiting a domain. Compare types of cybersquatting to determine what is most likely occurring in this scenario.
A) An attacker supplies false credentials to the domain registrar when re-registering an existing domain name owned by a legitimate company.
B) An attacker has registered a domain with a very similar name to the company, and is using the domain to exploit customers.
C) An attacker registers a domain to test how much traffic it generates within the grace period before deciding to continue the registration.
D) An attacker registers a domain name for four days, then deletes and re-registers the same domain, repeating this process for a period of six months.
A customer responds to an email advertisement that appears to link to mystore.com. The customer logs into the website with their username and password. The website has the same homepage the customer is familiar with, but it is actually a page set up by an attacker to gain credentials. Although the customer's computer is inaccessible, the attacker can capture the customer's credentials from this bogus website to log into mystore.com and shop using the customer's saved credit card on file. Compare types of attacks to conclude which type of attack has occurred in this scenario.
A) Denial of Service (DoS)
B) DNS client cache poisoning
Analyze the methods for authentication to a Secure Shell (SSH) and determine which statement best summarizes the host-based authentication method.
A) The user's private key is configured with a passphrase that must be input to access the key.
B) The client submits credentials that are verified by the SSH server using RADIUS.
C) The client submits a Ticket Granting Ticket (TGT) that is obtained when the user logged onto the workstation.
D) The client sends a request for authentication and the server generates a challenge with the public key.
An authoritative server for a zone creates a RRset signed with a Zone Signing Key. Another server requests a secure record exchange and the authoritative server returns the package along with the public key. Evaluate the scenario to determine what is being demonstrated in this situation.
A) Domain Name System (DNS)
B) DNS Security Extension
C) DNS Footprinting
D) Dynamic Host Configuration Protocol (DHCP)
A remote access server is being brought online. Analyze the features and proper configurations of this type of server to determine which steps the technician should take to complete the task. (Select two)
A) Set policy restrictions to only allow particular users or groups and allow those users continuous access.
B) Gather documentation to include users of the service and obtain authorization to run from the network manager.
C) Set policy restrictions to include restricting access to particular users and only permit users to a clearly defined part of the network.
D) Set policy restrictions to particular groups built within AD and give the groups full network access so they will be able to perform their job remotely.
A system administrator needs to implement a secure remote administration protocol and would like more information on Telnet. Evaluate and select the features of Telnet that should be considered to accomplish this task. (Select two)
A) Telnet does not support direct file transfer.
B) Telnet uses TCP port 23.
C) Telnet is a secure option.
D) Telnet uses encryption to send passwords.
Analyze the functions and characteristics of Internet Protocol Security (IPSec) to determine which option best explains IPSec.
A) A protocol that works at the network layer and is used to secure data as it travels across the network.
B) A protocol that works in TAP mode to tunnel layer 2 frames or in TUN mode to forward IP packets.
C) A protocol that works by tunneling PPP layer 2 frames over a TLS session.
D) A protocol that performs a cryptographic hash on the packet plus a shared secret key.
A system administrator needs secure remote access into a Linux server. Evaluate the types of remote administration to recommend which protocol should be used in this situation.
B) Secure Shell (SSH)
C) Remote Desktop Protocol (RDP)
OTHER SETS BY THIS CREATOR
Lesson 16: Explaining Organizational Security Conc…
Lesson 15: Summarizing Secure Application Developm…
Lesson 14: Explaining Risk Management and Distaste…
Lesson 13: Implementing Secure Network Applications
OTHER QUIZLET SETS
ECON 200 Exam 1 UNL
Biology 1407 Quiz 8
NRB 132 Week 9 Genitourinary Disorders [Assessment]
Ch. 6- Quiz Review