Professional Documents
Culture Documents
TRUE/FALSE
1. Sniffer software turns the NIC on its host computer into a virtual listening ear, capturing the network
traffic that goes across that NIC on a particular network segment.
ANS: T
REF: 96
REF: 97
REF: 98
REF: 98
5. The public key/private key method uses an encryption algorithm developed by Joan Daemen and
Vincent Rijmen.
ANS: F
REF: 99
6. The original version of DES used a 56-bit encryption key combined with 8-bit parity.
ANS: T
REF: 102
REF: 103
8. The purpose of EFS is to protect folder and file contents on a hard disk, in case a hard disk is stolen
from a server or workstation, or a portable computer is lost or stolen.
ANS: T
REF: 105
9. CFS can be used for remote file access through the NFS used by Netware systems.
ANS: F
REF: 107
10. Session authentication works by giving each frame or packet an identification or sequence number.
ANS: T
REF: 109
MODIFIED TRUE/FALSE
1. A random generator starts with a base or seed number and generates the same sequence of random
numbers time after time. _________________________
ANS: F, pseudorandom
REF: 109
2. When a network consists of Windows 2000 or later operating systems, Kerberos is the preferred logon
authentication method. _________________________
ANS: T
REF: 110
3. Today, Kerberos is the most commonly used form of security for communications and transactions
over the Web. _________________________
ANS: F, SSL
REF: 113
4. TLS uses private-key symmetric data encryption and the TLS Handshake Protocol for secure
communications. _________________________
ANS: T
REF: 114
5. When an SSL communication session begins between two computers, the computers first exchange
certificates to authenticate the receiver and sender. _________________________
ANS: F
IPSec
IP Secutiry
REF: 117
6. In TCP/IP communications using IPv4, the authentication header is placed after the traditional IP
header field in a packet and before the TCP (or UDP) field. _________________________
ANS: T
REF: 118
REF: 100
10. Message Digest 4 takes the original data and adds padded spaces until the length of the data section is
456 bytes. _________________________
ANS: T
REF: 100
MULTIPLE CHOICE
1. _____ is the use of a secret code or other means to disguise data that is stored on a computer or
transported across a network.
a. Encryption
c. Hashing
b. Authentication
d. Ciphering
ANS: A
REF: 96
2. Which of the following sniffer application can be used in Windows-based operating systems?
a. The Sniffer
d. Both a and b
b. windump
e. a, b, and c
c. Sniffit
ANS: D
REF: 96
REF: 100
4. Which version of hashing algorithm takes 8-bit (one-byte) chunks and creates an encrypted message
that is padded until its length can be divided by 16?
a. MD2
c. MD5
b. MD4
d. SHA-1
ANS: A
REF: 100
5. Which version of hashing algorithm uses a mathematical formula to reduce a message to 160 bits and
then hashes a digital signature to go with the message?
a. MD2
c. MD5
b. MD4
d. SHA-1
ANS: D
REF: 101
REF: 104
REF: 104
b. DES
ANS: B
d. PAM
REF: 104
9. What type of encryption is used for remote connections into Windows 2000 Server and Windows
Server 2003?
a. DES
c. PPTP
b. PPP
d. MPPE
ANS: D
REF: 104
10. What is the RSA key size used by MPPE when it is configured for strongest encryption?
a. 40 bits
c. 128 bits
b. 54 bits
d. 254 bits
ANS: C
REF: 105
11. What command can be used from the command prompt window to configure EFS?
a. hash
c. msconfig
b. efsconfig
d. cipher
ANS: D
REF: 105
12. Which of the following cipher command-line parameters decrypts the contents of the specified folder
and sets the folder so that any files added to the folder are not encrypted?
a. /?
c. /d
b. /e
d. /n
ANS: A
REF: 106
13. Which of the following cipher command-line parameters provides the account employing cipher with a
new encryption key?
a. /n
c. /k
b. /u
d. /x
ANS: C
REF: 106
14. Which of the following cipher command-line parameters copies encryption key and certificate data to
a file that is encrypted for use by the cipher user?
a. /?
c. /e
b. /k
d. /x
ANS: D
REF: 106
15. Which of the following encryption techniques is employed in UNIX/Linux systems to enable
encryption in file systems, using DES, 3DES, and other encryption techniques?
a. RSA
c. CFS
b. PAM
d. AES
ANS: C
REF: 108
16. _____ authentication works by giving each frame or packet an identification or sequence number. This
ensures the accuracy of ongoing communications and the authenticity of the communications source.
a. Network
c. System
b. Session
d. Frame
ANS: B
REF: 109
17. When following the ISO _____ format, a digital certificate includes a basic set of encrypted
information.
a. X10
c. X.509
b. X.502
d. X 802.3
ANS: C
REF: 109
18. Which of the following operating systems recognizes the original NTLM logon authentication?
a. Windows 3.11
d. Both a and b
b. Windows 95
e. a, b, and c
c. Windows Server 2003
ANS: E
REF: 110
19. What needs to be installed in order for Windows 95 and Windows 98 to use NTLM v2?
a. Service pack 1
c. NTLM v2 client install
b. Directory Service Client
d. Nothing
ANS: B
REF: 111
c. ISA
d. RADIUS
REF: 113
REF: 114
22. What authentication method was designed using SSL as a model and is supported by the IETF as an
Internet standard for secure communications?
a. EAP
c. TLS
b. SSL+
d. IPSec
ANS: C
REF: 114
23. What does SSH use to authenticate a communications session that uses passwords?
a. Digital certificates
d. Both a and b
b. RSA
e. Both a and c
c. EAP
ANS: D
REF: 114
REF: 114
25. Which authentication method authenticates by using tickets to verify client and server
communications, and employs private-key encryption?
a. Digital certificates
c. Kerberos
d. Security Token
REF: 116
26. Which authentication method is used on networks and in remote communications, typically employing
Remote Authentication Dial-in User Servers and is compatible with many encryption methods?
a. SSL
c. EAP
b. Kerberos
d. TLS
ANS: C
REF: 116
27. Which authentication method is a physical device that enables the generation of a unique password
each time a user logs on to a server or network?
a. SSH
c. Digital certificate
b. Security token
d. Session
ANS: B
REF: 116
28. Which authentication method employs a unique set of digital information or a digital signature with a
communication or a file as a means to verify the source and uses public-key asymmetrical encryption?
a. SSL
c. Digital certificates
b. TLS
d. Kerberos
ANS: C
REF: 116
29. Which authentication method is used in Internet and network communications, and employs a
handshaking protocol for authentication plus RSA for encryption?
a. EAP
c. SSH
b. TLS
d. SSL
ANS: D
REF: 116
30. _____ is a set of IP-based secure communications and encryption standards created by the IETF, and
was developed to provide secure network communications.
a. SSL
c. PPTP
b. IPSec
d. LDAP
ANS: B
REF: 117
REF: 116
REF: 118
REF: 106
34. Which option in the figure above turns Kerberos encryption on and off?
a. Enforce user logon restrictions
b. Maximum lifetime for a service ticket
c. Maximum lifetime for user ticket renewal
d. Maximum tolerance for computer clock synchronization
ANS: A
REF: 112
35. If getting users to log off when they go home at night is a problem, which option should you modify in
the figure above?
a. Enforce user logon restrictions
b. Maximum lifetime for a service ticket
c. Maximum lifetime for a user ticket
d. Maximum lifetime for user ticket renewal
ANS: C
REF: 112
YES/NO
1. Is MD4 incorporated into Microsoft's MS-CHAP v2 hashing algorithm?
ANS: N
REF: 101
2. Did the original version of DES use a 56-bit encryption key combined with 8-bit parity?
ANS: Y
REF: 102
3. Are user passwords in Red Hat Linux encrypted using 3DES and stored in the /etc/passwd file?
ANS: N
REF: 102
4. Is the maximum size of the private key in AES 256 bits in length?
ANS: Y
REF: 103
5. Was AES originally developed for the U.S. National Security Agency?
ANS: N
REF: 104
6. Does Microsoft's MPPE use a 40-bit RSA encryption key for its basic encryption?
ANS: Y
REF: 105
7. Does the Encrypting File System (EFS) employ public- and private-key asymmetrical encryption and a
trapdoor function to manipulate prime numbers?
ANS: N
REF: 108
8. In session authentication, is each packet given a sequence number when it is constructed at the source
computer?
ANS: Y
REF: 109
9. Was SSH developed by Netscape to provide authentication security for TCP/IP applications such as
FTP and Telnet?
ANS: N
REF: 113
10. Does each security token have a unique identification number built into it, so that the authentication
server can verify the security token before issuing a password?
ANS: Y
REF: 116
COMPLETION
1. ____________________ authenticates by using tickets to verify client and server communications,
and employs private-key encryption.
ANS: Kerberos
REF: 116
2. ____________________ authentication method is an application-independent form of authentication
that is modeled after SSL and uses RSA encryption.
ANS:
TLS
Transport Layer Security
REF: 116
3. When Windows 2000 Server or Windows Server 2003 is contacted by a client using IPSec configured
in the Client (____________________) role, it will respond by using IPSec communication.
ANS: Respond Only
REF: 117
4. The ____________________ field in the AH uses a special counter to activate anti-replay so that the
receiver can determine if it has already received a packet.
ANS: Sequence Number
REF: 119
5. The ____________________ field in the ESP is used in the same way as in the AH, to store the
Integrity Check Value.
ANS: Authentication Data
REF: 120
6. Deploying _________________________ with NAT can interfere with the security established by
IPSec.
ANS:
AH
Authentication Header
REF: 120
7. In a(n) ____________________ attack every character combination is used in an attempt to determine
the password of an account.
D
G
A
H
E
I
B
REF:
REF:
REF:
REF:
REF:
REF:
REF:
123
123
122
123
123
123
122
8. ANS: J
9. ANS: F
10. ANS: C
REF: 124
REF: 123
REF: 122
SHORT ANSWER
1. List eight different encryption techniques that are designed to help protect stored or transmitted data.
ANS:
Any eight of the following:
1. Stream cipher and block cipher
2. Secret key
3. Public key
4. Hashing
5. Data Encryption Standard (DES)
6. Advanced Encryption Standard (AES)
7. RSA encryption
8. Pluggable authentication modules (PAMs)
9. Microsoft Point-to-Point Encryption (MPPE)
10. Encrypting File System (EFS)
11. Cryptographic File System (CFS)
REF: 97
2. List the four hashing algorithms typically used.
ANS:
1. Message Digest 2
2. Message Digest 4
3. Message Digest 5
4. Secure Hash Algorithm 1
REF: 100
3. List and provide the key lengths for the three different flavors of RSA used by MPPE.
ANS:
1. Basic encryption, which uses a 40-bit key
2. Strong encryption, which uses a 56-bit key
3. Strongest encryption, which uses a 128-bit key
REF: 105
4. List six of the common authentication methods in use today.
ANS:
Any six of the following:
1. Session authentication
2. Digital certificates
3. NT LAN Manager
4. Kerberos
5. Extensible Authentication Protocol (EAP)
6. Secure Sockets Layer (SSL)