Download Network Security N10-008: Questions and Answers and more Exams Computer Science in PDF only on Docsity!
Network Security N10-008 Questions and Answers
Which of the following are terms for an area of an enterprise network, separated by firewalls, which contains servers that must be accessible both from the Internet and from the internal network? (Choose all that apply.) A. Intranet B. DMZ C. EGP D. Stateless network E. Perimeter network F. Screened subnet - answerB, E, F. Servers that must be accessible both from the internal network and from the Internet are typically located in an area of the enterprise called a screened subnet, a perimeter network, or a demilitarized zone (DMZ). This area is separated from both the Internet and the internal network by firewalls, which prevents unauthorized Internet users from accessing the internal network. Intranet is another term for the internal network. Edge Gateway Protocol (EGP) is a type of routing protocol, and stateless is a type of firewall; neither apply to this definition. Which of the following authentication protocols do Windows networks use for Active Directory Domain Services (AD DS) authentication of internal clients? A. RADIUS B. WPA C. Kerberos D. EAP-TLS - answerC. Windows networks that use AD DS authenticate clients using the Kerberos protocol, in part because it never transmits passwords over the network, even in encrypted form. Remote Authentication Dial-In User Service (RADIUS) is an authentication, authorization, and accounting service for remote users connecting to a network. Windows does not use it for internal clients. WiFi Protected Access 2 (WPA2) is a security protocol used by wireless Local Area
Network (LAN networks. It is not used for AD DS authentication. Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) is a remote authentication protocol that AD DS networks do not use for internal clients. Which of the following are examples of multifactor authentication? (Choose all that apply.) A. A system that uses an external RADIUS server for authentication B. A system that requires two passwords for authentication C. A system that requires a smartcard and a PIN for authentication D. A system that requires a password and a retinal scan for authentication - answerC, D. Multifactor authentication combines two or more authentication methods and reduces the likelihood that an intruder would be able to successfully impersonate a user during the authentication process. A password and a retinal scan is an example of a multifactor authentication system. A smartcard and a PIN, which is the equivalent of a password, is an example of multifactor authentication because it requires users to supply something they know and something they have. Multifactor authentication refers to the proofs of identity a system requires, not the number of servers used to implement the system. Therefore, the use of a Remote Authentication Dial-In User Service (RADIUS) server is not an example of multifactor authentication. A system that requires two passwords is not an example of multifactor authentication, because an attacker can compromise one password as easily as two. A multifactor authentication system requires two different forms of authentication Which of the following protocols can you use to authenticate Windows remote access users with smartcards? A. EAP B. MS-CHAPv C. CHAP D. PAP - answerA. The Extensible Authentication Protocol (EAP) is the only Windows remote authentication protocol that supports the use of authentication methods other than passwords, such as smartcards. MS-CHAPv2 is a strong remote access authentication protocol, but it supports password authentication only. Users cannot use smartcards. The Challenge Handshake Authentication Protocol (CHAP) is a relatively weak authentication protocol that does not support the use of smartcards. The Password Authentication
Which of the following statements best defines multifactor user authentication? A. Verification of a user's identity on all of a network's resources using a single sign-on B. Verification of a user's identity using two or more types of credentials C. Verification of a user's identity on two devices at once D. Verification of a user's membership in two or more security groups - answerB. Multifactor authentication combines two or more authentication methods, requiring a user to supply multiple credentials. This reduces the likelihood that an intruder would be able to successfully impersonate a user during the authentication process. The term multifactor does not refer to the number of resources, devices, or groups with which the user is associated. Which of the following services are methods of tracking a user's activities on a network? (Choose all that apply.) A. Authentication B. Authorization C. Accounting D. Auditing - answerC, D. Accounting and auditing are both methods of tracking and recording a user's activities on a network, such as when a user logged on and how long they remained connected. Authentication is the confirmation of a user's identity, and authorization defines the type of access granted to authenticated users. When a user supplies a password to log on to a server, which of the following actions is the user performing? A. Authentication B. Authorization C. Accounting D. Auditing - answerA. Authentication is the process of confirming a user's identity. Passwords are one of the authentication factors commonly used by network devices. Authorization defines the type of access granted to authenticated users. Accounting and auditing are both methods of tracking and recording a user's activities on a network, such
as when a user logged on and how long they remained connected.
off-hours logons that indicate an intrusion. Auditing does not record the passwords specified during authentications, so it cannot identify patterns of unsuccessful guesses.
When a user swipes a smartcard through a reader to log on to a laptop computer, which of the following actions is the user performing? A. Authentication B. Authorization C. Accounting D. Auditing - answerA. Authentication is the process of confirming a user's identity. Smartcards are one of the authentication factors commonly used by network devices. Authorization defines the type of access granted to authenticated users. Accounting and auditing are both methods of tracking and recording a user's activities on a network, such as when a user logged on and how long they remained connected. Combining elements like something you know, something you have, and something you are to provide access to a secured network resource is a definition of which of the following types of authentication? A. Multifactor B. Multisegment C. Multimetric D. Multifiltered - answerA. Multifactor authentication combines two or more authentication methods and reduces the likelihood that an intruder would be able to successfully impersonate a user during the authentication process. A password (something you know) and a retinal scan (something you are) is an example of a multifactor authentication system. A smartcard and a PIN, which is the equivalent of a password, is another example of multifactor authentication because it requires users to supply something they know and something they have. Multisegment, multimetric, and multifiltered are not applicable terms in this context. Which of the following terms describes a system that prevents computers from logging on to a network unless they have the latest updates and antimalware software installed? A. NAC
D. TKIP-RC4 - answerA. Network Access Control (NAC) is a mechanism that defines standards of equipment and configuration that systems must meet before they can connect to the network. Lightweight Directory Access Protocol (LDAP) provides communication between directory service entities. Remote Authentication Dial-In User Service (RADIUS) is an authentication, authorization, and accounting service for remote users connecting to a network. Temporal Key Integrity Protocol (TKIP) with the RC4 cipher is an encryption protocol used on wireless networks running the WiFi Protected Access (WPA) security protocol. Which of the following describes the primary difference between Single Sign-On (SSO) and same sign-on? A. SSO enables users to access different resources with one set of credentials, whereas same sign-on requires users to have multiple credential sets. B. SSO credentials consist of one username and one password, whereas same sign-on credentials consist of one username and multiple passwords. C. SSO requires the user to supply credentials only once, whereas with same sign-on, the user must supply the credentials repeatedly. D. SSO requires multifactor authentication, such as a password and a smartcard, whereas same sign-on requires only a password for authentication. - answerC. SSO uses one set of credentials and requires the user to supply them only once to gain access to multiple resources. Same sign-on also uses a single set of credentials, with one password, but the user must perform individual logons for each resource. Neither SSO nor same sign-on calls for multifactor authentication. Which of the following is the best description of biometrics? A. Something you know B. Something you have C. Something you are D. Something you do - answerC. Biometrics is a type of authentication factor that uses a physical characteristic that uniquely identifies an individual, such as a fingerprint or a retinal pattern. Biometrics is therefore best described as something you are, as opposed to something you know, something you have, or something you do
Which of the following authentication factors is an example of something you have? A. A fingerprint
something you have would be a smartcard, and an example of something you do would be a finger gesture
Your new smartphone enables you to configure the lock screen with a picture of your husband, on which you draw eyes, nose, and a mouth with your finger to unlock the phone. This is an example of which of the following authentication factors? A. Something you have B. Something you know C. Something you are D. Something you do - answerD. The act of drawing on the screen with your finger is a gesture, which is an example of something you do. A PIN or a password is something you know; a thumbprint, or any other biometric factor, is something you are; and a smartcard is an example of something you have Which of the following authentication factors is an example of something you do? A. A fingerprint B. A smartcard C. A password D. A finger gesture - answerD. Something you do refers to a physical action performed by a user, such as a finger gesture, which helps to confirm his or her identity. This type of authentication is often used as part of a multifactor authentication procedure because a gesture or other action can be imitated. A fingerprint would be considered something you are, a password is something you know, and a smartcard is something you have. Which of the following authentication factors is an example of something you know? A. A fingerprint B. A smartcard C. A password D. A finger gesture - answerC. Something you know refers to information you supply during the authentication process, such as a password or PIN. This is the most common type of authentication factor because it cannot be lost or stolen unless the user violates security policies. A fingerprint would be considered something you are, a finger gesture is something you do, and a smartcard is something you have.
server, which is typically a Remote Authentication Dial-In User Service (RADIUS) implementation that verifies the supplicant's identity. There is no party to the transaction called an authorizing agent.
In an 802.1X transaction, what is the function of the supplicant? A. The supplicant is the service that issues certificates to clients attempting to connect to the network. B. The supplicant is the service that verifies the credentials of the client attempting to access the network. C. The supplicant is the network device to which the client is attempting to connect. D. The supplicant is the client user or computer attempting to connect to the network. - answerD. An 802.1X transaction involves three parties: the supplicant, which is the client attempting to connect to the network; the authenticator, which is a switch or access point to which the supplicant is requesting access; and the authentication server, which is typically a Remote Authentication Dial-In User Service (RADIUS) implementation that verifies the supplicant's identity. The supplicant is not involved in issuing certificates. In an 802.1X transaction, what is the function of the authenticator? A. The authenticator is the service that issues certificates to clients attempting to connect to the network. B. The authenticator is the service that verifies the credentials of the client attempting to access the network. C. The authenticator is the network device to which the client is attempting to connect. D. The authenticator is the client user or computer attempting to connect to the network. - answerC. An 802.1X transaction involves three parties: the supplicant, which is the client attempting to connect to the network; the authenticator, which is a switch or access point to which the supplicant is requesting access; and the authentication server, which is typically a Remote Authentication Dial-In User Service (RADIUS) implementation that verifies the supplicant's identity. The authenticator is not involved in issuing certificates. An 802.1X transaction involves three roles: the supplicant, the authenticator, and the authentication server. Of the three, which role typically takes the form of a RADIUS implementation? A. The supplicant B. The authenticator
D. None of the above - answerC. The authentication server role is typically performed by a Remote Authentication Dial-In User Service (RADIUS) server. In an 802.1X transaction, the supplicant is the client attempting to connect to the network, the authenticator is a switch or access point to which the supplicant is requesting access, and the authentication server verifies the client's identity Which of the following are standards that define combined Authentication, Authorization, and Accounting (AAA) services? (Choose all that apply.) A. 802.1X B. RADIUS C. TACACS+ D. LDAP - answerB, C. Remote Authentication Dial-In User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) are both services that provide networks with AAA. 802.1X provides only authentication, and Lightweight Directory Access Protocol (LDAP) provides communication between directory service entities. Which of the following standards was originally designed to provide Authentication, Authorization, and Accounting (AAA) services for dial-up network connections? A. RADIUS B. TACACS+ C. Kerberos D. LDAP - answerA. Remote Authentication Dial-In User Service (RADIUS) was originally conceived to provide AAA services for Internet Service Providers (ISPs), which at one time ran networks with hundreds of modems providing dial-up access to subscribers. Terminal Access Controller Access Control System Plus (TACACS+) is a protocol that was designed to provide AAA services for networks with many routers and switches, but not for dial-up connections. Kerberos and Lightweight Directory Access Protocol (LDAP) are not AAA services. Which of the following statements about RADIUS and TACACS+ are correct?
A. By default, RADIUS uses UDP, and TACACS+ uses TCP. B. By default, RADIUS uses TCP, and TACACS+ uses UDP. C. By default, both RADIUS and TACACS+ use TCP.
