IST 215 Final Exam

Which of the following best describes the purpose of using subnets?
Subnets divide an IP network address into multiple network addresses.
Which of the following is not a reason to use subnets on a network?
Combine different media type on to the same subnet.
Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of 127.0.0.1?
::1
Which of the following describes an IPv6 address? (Select two.)
Eight hexadecimal quartets
128-bit address
Which of the following correctly describe the most common format for expressing IPv6 addresses? (Select two.)
Hexadecimal numbers
32 numbers, grouped using colons
Which of the following are valid IPv6 addresses? Select all that apply.
141:0:0:0:15:0:0:1

6384:1319:7700:7631:446A:5511:8940:2552
Digits in a hexadecimal system range from 0-9 and A-F.

Which of the following is a valid IPv6 address?
FEC0::AB:9007
Routers operate at what level of the Open System Interconnect model?
Network layer
You’ve decided to use a subnet mask of 255.255.192.0 on the 172.17.0.0 network to create four separate subnets.
Which network IDs will be assigned to these subnets in this configuration? (Select two.)
172.17.128.0
172.17.0.0
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration.
What should you do?
Implement version 3 of SNMP.
You want to implement a protocol on your network that allows computers to find the IP address of a host from a logical name. Which protocol should you implement?
DNS
Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
ICMP
You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. Which of the following TCP/IP ports should you open on the firewall? (Select two.)
25
110
Which port number is used by SNMP?
161
Which of the following ports does FTP use to establish sessions and manage traffic?
20, 21
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2008 system using TCP
Downloading a file
IP port 21. Which of the following actions is the remote system most likely to be performing?
Downloading a file
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?
443
Which of the following network services or protocols uses TCP/IP port 22?
SSH
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
SNMP
161 TCP and UDP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
SSH
22 TCP and UDP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
TFTP
69 UDP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
SCP
22 TCP and UDP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
Telnet
23 TCP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
HTTPS
443 TCP and UDP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
HTTP
80 TCP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
FTP
20 TCP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
SMTP
25 TCP
Drag each IP port number on the left to its associated service on the right. Be aware that some port numbers may be used more than once.
POP3
110 TCP
Which two of the following lists accurately describes TCP and UDP?
TCP: connection-oriented, reliable, sequenced, high overhead
UDP: connectionless, unreliable, unsequenced, low overhead
You are an application developer creating applications for a wide variety of customers. In which two of the following situations would you select a connectionless protocol?
A company connects two networks through an expensive WAN link. The communication media is reliable, but very expensive. They want to minimize connection times.
A gaming company wants to create a networked version of its latest game. Communication speed and reducing packet overhead are more important than errorfree delivery.
You want to maintain tight security on your internal network so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
53
Your company’s network provides HTTP, HTTPS, and SSH access to remote employees. Which ports must be opened on the firewall to allow this traffic to pass?
80, 443, 22
Your network recently experienced a series of attacks aimed at the Telnet and FTP services. You have rewritten the security policy to abolish the unsecured services, and now you must secure the network using your firewall and routers. Which ports must be closed to prevent traffic directed to these two services?
23, 21
Which of the following is the main difference between a DoS attack and a DDoS attack?
The DDoS attack uses zombie computers.
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
DDoS
You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack? (Select two.)
The system will unavailable to respond to legitimate requests.
The threat agent will obtain information about open ports on the system.
You need to enumerate the devices on your network and display the configuration details of the network.
Which of the following utilities should you use?
nmap
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing?
Browsing the organization’s Website
Which type of active scan turns off all flags in a TCP header?
Null
Which of the following Denial of Service (DoS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth than the attacker?
Ping flood
In which of the following Denial of Service (DoS) attacks does the victim’s system rebuild invalid UDP packets, causing the system to crash or reboot?
Teardrop
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?
Land attack
Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet?
SYN flood
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce amplification network?
Smurf
A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?
ACK
When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what?
Land attack
A Smurf attack requires all but which of the following elements to be implemented?
Padded cell
Which of the following best describes the ping of death?
An ICMP packet that is larger than 65,536 bytes
Which of the following is the best countermeasure against man-in-the-middle attacks?
IPSec
What is modified in the most common form of spoofing on a typical IP packet?
Source address
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
Which of the following describes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server.
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
Man-in-the-middle attack
When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?
Hijacking
What is the goal of a TCP/IP hijacking attack?
Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access
Which of the following is not a protection against session hijacking?
DHCP reservations
Which of the following is the most effective protection against IP packet spoofing on a private network?
Ingress and egress filters
While using the Internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the Web server, the correct site is displayed.
Which type of attack has likely occurred?
DNS poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
ARP poisoning
What are the most common network traffic packets captured and used in a replay attack?
Authentication
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?
An unauthorized user gaining access to sensitive resources
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?
Spoofing
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information.
What kind of exploit has been used in this scenario? (Choose two. Both responses are different names for the same exploit.)
Pharming
DNS poisoning
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.
Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers? (Select two.)
Put the database server on the private network.
Put the Web server inside the DMZ.
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?
DMZ
Which of the following is likely to be located in a DMZ?
FTP server
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to protect a public Web server from attack.
Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?
Bastion or sacrificial host
Which of the following is a firewall function?
Packet filtering
Which of the following are characteristics of a circuit-level gateway? (Select two.)
Stateful
Filters based on sessions
Which of the following are characteristics of a packet filtering firewall? (Select two.)
Filters IP address and port
Stateless
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs.
Which type of firewall should you install?
Application level
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
Firewall
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?
Host based firewall
You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except for two.
What might be causing the problem?
A proxy server is blocking access to the web sites.
Which of the following functions are performed by proxies? (Select two.)
Cache web pages
Block employees from accessing certain Web sites
Which of the following are true of a circuit proxy filter firewall? (Select two.)
Operates at the Session layer.
Verifies sequencing of session packets.
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
Port number
Destination address of a packet
Source address of a packet
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
Which of the following firewall types can be a proxy between servers and clients? (Select two.)
Application layer firewall
Circuit proxy filtering firewall
You have a small network at home that is connected to the Internet. On your home network you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network.
You want to configure the server as a Web server and allow Internet hosts to contact the server to browse a personal Web site.
What should you use to allow access?
Static NAT
You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don’t want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside.
Which method of NAT translation should you implement for these 5 servers?
Static
You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of Network Address Translation (NAT) should you implement?
Dynamic
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?
169.254.0.0 – 169.254.255.255
Which of the following networking devices or services prevents the use of IPSec in most cases?
NAT
Which of the following is not a benefit of NAT?
Improving the throughput rate of traffic
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server.
VPN concentrator
A VPN is used primarily for what purpose?
Support secured communications over an untrusted network
Which VPN protocol typically employs IPSec as its data encryption mechanism?
L2TP
Which statement best describes IPSec when used in tunnel mode?
The entire data packet, including headers, is encapsulated
Which IPSec subprotocol provides data encryption?
ESP
Which of the following is not a VPN tunnel protocol?
RADIUS
Which is the best countermeasure for someone attempting to view your network traffic?
VPN
PPTP (Point to Point Tunneling Protocol) is quickly becoming obsolete because of what VPN protocol?
L2TP (Layer 2 Tunneling Protocol)
What is the primary use of tunneling?
Supporting private traffic through a public communication medium
In addition to Authentication Header (AH), IPSec is comprised of what other service?
Encapsulating Security Payload (ESP)
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization’s order database.
Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports.
Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection.
Which key steps should you take when implementing this configuration? (Select two.)
Configure the VPN connection to use IPsec.
Configure the browser to send HTTPS requests through the VPN connection.
Which of the following is a valid security measure to protect e-mail from viruses?
Use blockers on e-mail gateways
Which of the following prevents access based on website ratings and classifications?
Content filter
Prevents malicious web sites
Web threat filtering
Prevents outsided attempts access confidential information
Anti-phishing software
Identifies and disposes of infected content
Virus blockers
Prevents unwanted e-mail from reaching your network
Gateway e-mail spam blockers
Prevents visiting restricted websites
URL content filtering
You are investigating the use of Web site and URL content filtering to prevent users from visiting certain Web sites.

Which are benefits are the result of implementing this technology in your org? (Choose two)

Enforcement of the organization’s Internet usage policy

An increase in bandwidth availability

Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?
WEP, WPA Personal, and WPA2 Persona
Which of the following offers the weakest form of encryption for an 802.11 wireless network?
WEP
Which of the following features are supplied by a WPA2 on a wireless network?
Encryption
You need to secure your wireless network. Which security protocol would be the best choice?
WPA2
You need to configure a wireless network. You want to use WPA2 Enterprise. Which of the following components will be a part of your design? (select two)
AES encryption
802.1x
Which of the following locations will contribute the greatest amount of interference for a wireless access point?
near a cordless phone and near backup generators
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. What type of wireless antenna should you use on each side of the link? (select two)
High-gain and Parabolic
How does WPA2 differ from WPA?
WPA2 uses AES for encryption; WPA uses TKIP
You need to configure the wireless network card to connect to your network at work. The connection should use a user name and password for authentication with AES encryption. What should you do?
Configure the connection to use WPA2 Enterprise
Match the wireless networking security standard with its associated characteristics
WEP = Short initialization vector makes key vulnerable

WPA2 = Uses AES for encryption

WEP = Uses RC4 for encryption

WPA = Uses TKIP for encryption

WPA2 = Uses CBC-MAC for data integrity

WPA2 = Uses CCMP for key rotation

You need to add security for your wireless network. You would like to use the most secure method. Which method should you implement?
WPA2
Which of the following is used on a wireless network to identify the network name?
SSID
Which of the following are true about Wi-Fi Protected Access 2 (WPA2)? (Select two)
Uses AES for encryption
Upgrading from a network using WEP typically requires installing new hardware.
WiMAX is an implementation of which IEEE Committee?
802.16
You want to connect a laptop computer running Windows 7 to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?
Configure the connection with a preshared key and AES encryption.
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
A rogue access point
Which of the following describes marks that attackers place outside a building to identify an open wireless network?
Warchalking
The process of walking around an office building with an 802.11 signal detector is known as what?
Wardriving
Which of the following describes Bluesnarfing?
Unauthorized viewing calendar, emails, and messages on a mobile device
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
Bluejacking
Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?
Disable Bluetooth on the phone
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using?(Select two)
Bluetooth and 802.11g
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
Encryption
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack?
Sniffing
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?
Disable SSID broadcast
Which remote access authentication protocol allows for the use of smart cards for authentication?
EAP
Which of the following do switches and wireless access points use to control access through the device?
MAC Filtering
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
On a RADIUS Server
You are the wireless network admin for your org. As the size of the org has grown, you’ve decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You’ve decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the neccessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation?
The system is vulnerable because LEAP is susceptible to dictionary attacks.
You are the wireless network admin for your org. As the size of the org has grown, you’ve decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS Server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do? (Select two. Each response is part of the complete solution)
Configure the RADIUS server with a server certificate

and
Configure all wireless access points with client certificates.

Which implementation is most secure?
EAP-TLS
Which of the following features on a wireless network allows or rejects client connections based on the hardware address?
MAC address filtering
Which of the following attacks, is successful, causes a switch to function like a hub?
MAC flooding
Which is a typical goal of MAC spoofing?
Bypassing 802.1x port based security
Which protocol should you disable on the user access ports of a switch?
DTP
Which of the following switch attacks associates the attacker’s MAC address with the IP address of the victim’s devices.
ARP spoofing/poisoning
A vitual LAN can be created using which of the following?
Switch
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
Switch Port
You want to increase the security of your network by allowing only authenticated users to be able to access netowrk devices through a switch. Which of the following should you implement?
802.1x
Which of the following applications typically use 802.1x authentication?
Controlling access through a wireless access point
Controlling access through a switch
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?
VLANs
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Trunk ports
You manage a network that uses switched. In the lobby your building are three RJ-45 ports connected to a switch. You want to make sure that vistors cannot plug in their computers to the free network jacks and connect to the netowrk. However, employees who plug into those same jacks should be able to conect to the network. What feature should you configure?
Port authentication
Which of the following solutions would you implement to eliminate switching loops?
Spanning tree
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
Spanning tree
In which of the following situations would you use port security?
You want to restrict the devices that could connect through a switch port
You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You’ve had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the Internet. The library computers are in groups of four. Each group of four comptuers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do?
Configure port security on the switch
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isoluated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through thte switch, but you still need to access the network through the computer. What should you use this situation?
VLAN
Which of the following best describes the concept of a virtual LAN?
Devices on the same network logically grouped as if they were on separate networks
Your company is a small startup company that has leased office space in a building shared by other business. All business share a common network infrastructure. A single switch connects all devices in the building to the router that provides internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implmented?
VLAN
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
Spanning tree
You are concerned about protecting your network from network based attacks from the internet. Specifically you are concerned about attacks that have not yet been identified or that do not have prescribed protections. Which type of device should you use?
Anomaly based IDS
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
Signature based
You have just installed a new network based IDS system that uses signature recognition. What should you do on a regular basis?
Update the signature files
Whatis the most common form of host based IDS that employs signature or pattern matching detection methods?
Anti-virus software
You have configured a NIDS to monitor network traffic. Which of the following describes an attack that is not detected by a NIDS device?
False negative
Which of the following describes a false positive when using an IPS device?
Legitimate traffic being flagged as malicious
You want to create a collection of computers on your network that appear to have valuable data, but are really computers configured with fake datathat could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the methods of attack that are being deployed. What should you implement?
Honeynet
A honey pot is used for what purpose?
To delay intruders in order to gather auditing data
An active IDS system often performs which of the following actions?
Update filters to block suspect traffic
Perform reverse lookups to identify an intruder
If maintaining confidentiality is of the utmost importance to your organiation, what is the best response when an intruder is detected on your network?
Disconnect the intruder
A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of
common attack?
Buffer overflow
Which type of attack is the act of exploiting a software program’s free acceptance of input in order to execute
arbitrary code on a target?
Buffer overflow
Having poor software development practices and failing to program input validation checks during development of
custom software can result in a system vulnerable to which type of attack?
Buffer overflow
Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or
gather personal information?
XSS
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data
than the input variable is designed to handle?
Buffer overflow
What is the most common attack waged against Web servers?
Buffer overflow
You have been getting a lot of phishing e-mails sent from the domain kenyan.msn.pl. Links withint these e-mails open new browser windows at youneedit.com.pl. You want to make sure that these emails never reach your inbox, but that e-mails from other senders are not affected. What should you do?
Add kenyan.msn.pl to the e-mail black list
Which type of malicious activity can be described as numerous unwanted and unsolicted e-mail messages sent to a wide range of victims?
Spamming
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario?
Spam
Which of the following mechanisms can you use to add encryption to e-mail?
PGP

S/MIME

You want to use a protocol for encrypting e-mails that uses a PKI with X.509 certificates. Which methods should you choose?
S/MIME
Users in your organization receive e-mail messages informing them that suspicious activity has been detected on their bank account. They are directed to click a link in the e-mail to verify their online banking user name and password. The URL in the link is the .ru toplevel DNS domain. What kind of attack has occurred?
Phishing
What is the default encryption algorithm use by SSH (secure shell) to protect data traffic between a client and the controlled server?
IDEA
As network administrator you are asked to recommend a secure method of transferring data between hosts on a network. Which of the following protocols would you recommend? (select two)
SFTP, SCP
Which of the following network layer protocols provides authentication and encryption services of IP based network traffic?
IPSec
SSL (secure Sockets Layer) operates at which layer of the OSI model?
Session
Which of the following protocols can be used to securely manage a network device from a remote connection?
SSH
Which of the following is a secure alternative to FTP that uses SSL for encryption?
FTPS
Which of the following protocols are often added to other protocol to provide secure transmission of data? (select two)
TLS, SSL
SFTP uses which mechanism to provide security for authentication and data transfer?
SSH
When using SSL authentication, what does the client verify first when checking a server’s identity?
The current date and time must fall within the server’s certificate validity period
IPsec is implemented through two separate protocols. What are these protocols called? (select two)
AH, ESP
You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure that others cannot see your credit card number on the Internet?
SSL
Which protocol is used for securely browsing a Web site?
HTTPS
What is the primary function of the IKE protocol used with IPsec?
Create a security association between communication partners
Which protocol does HTTPS use to offer greater security in Web transactions?
SSL
Which of the following protocols can TLS use for key exchange? (select two)
Diffie-Hellman, RSA
How many keys are used with asymmetric or public key cryptography
Two
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to the verify the integrity of the transmission
Sender’s public key
Which of the following are characteristics of ECC (Select two.)
Asymmetric encryption, Uses a finite set of values within an algebraic field.
Which of the following algorithms are used in asymmetric encryption (Select two.)
Diffie-Hellman, RSA
Which of the following generates the key pair used in asymmetric cryptography?
CSP
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature
Mary’s private key
Mary wants to send a message to Sam so the only Sam can read it. Which key would be used to encrypt the message
Sam’s public key
What is the purpose of key escrow
To provide a means to recover from a lost private key
Which of the following is an entity that accepts and validates information contained within a request for certificate
Registration authority
What is a PKI
A hierarchy of computers for issuing certificates
What is the most obvious means of providing non-repudiation in a cryptography system
Digital signatures
Which of the following items are contained in a digital certificate?
Validity period, public key
Which of the following is a direct protection of integrity
Digital signature
Which of the following conditions does not result in a certificate being added to the certificate revocation list
Certificate expiration
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted
Identify data and a certification request to the registration authority (RA)
Which of the following is the best countermeasure for man-in-the-middle attacks
Public Key Infrastructure (PKI)
When a sender encrypts a message using their own private key, what security service is being provided to the recipient
Non-repudiation
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server
Obtain a certificate from a public PKI
Which of the following technologies is based upon SSL (Secure Socket Layer)
TLS (Transport Layer Security)
What for of cryptography is not scalable as a stand-alone system for use in very large and every expanding environments where data is frequently exchanged between different communication partners?
Symmetric cryptography