CHAPTER 3 - SECURITY THROUGH AUTHENTICATION AND ENCRYPTION

TRUE/FALSE
1. Sniffer software turns the NIC on its host computer into a virtual listening ear, capturing the network
traffic that goes across that NIC on a particular network segment.
ANS: T

REF: 96

2. The ethereal sniffer software only functions on Linux/UNIX computers.

ANS: F

REF: 97

3. In stream cipher, a specific key size is used for encryption.

ANS: F

REF: 98

4. A secret key is used to both encrypt and decrypt data.

ANS: T

REF: 98

5. The public key/private key method uses an encryption algorithm developed by Joan Daemen and
Vincent Rijmen.
ANS: F

REF: 99

6. The original version of DES used a 56-bit encryption key combined with 8-bit parity.
ANS: T

REF: 102

7. Triple DES is a standard adopted by the U.S. government to replace AES.

ANS: F

REF: 103

8. The purpose of EFS is to protect folder and file contents on a hard disk, in case a hard disk is stolen
from a server or workstation, or a portable computer is lost or stolen.
ANS: T

REF: 105

9. CFS can be used for remote file access through the NFS used by Netware systems.
ANS: F

REF: 107

10. Session authentication works by giving each frame or packet an identification or sequence number.
ANS: T

REF: 109

MODIFIED TRUE/FALSE
1. A random generator starts with a base or seed number and generates the same sequence of random
numbers time after time. _________________________

ANS: F, pseudorandom
REF: 109
2. When a network consists of Windows 2000 or later operating systems, Kerberos is the preferred logon
authentication method. _________________________
ANS: T

REF: 110

3. Today, Kerberos is the most commonly used form of security for communications and transactions
over the Web. _________________________
ANS: F, SSL
REF: 113
4. TLS uses private-key symmetric data encryption and the TLS Handshake Protocol for secure
communications. _________________________
ANS: T

REF: 114

5. When an SSL communication session begins between two computers, the computers first exchange
certificates to authenticate the receiver and sender. _________________________
ANS: F
IPSec
IP Secutiry
REF: 117
6. In TCP/IP communications using IPv4, the authentication header is placed after the traditional IP
header field in a packet and before the TCP (or UDP) field. _________________________
ANS: T

REF: 118

7. Authentication makes data unintelligible to everyone except its intended recipients.

_________________________
ANS: F, Encryption
REF: 96
8. Secret key encryption uses a public key and a private key. _________________________
ANS: F, Public key
REF: 98
9. When the hashing method of encryption is used, each password has a unique digital signature.
_________________________
ANS: T

REF: 100

10. Message Digest 4 takes the original data and adds padded spaces until the length of the data section is
456 bytes. _________________________
ANS: T

REF: 100

MULTIPLE CHOICE
1. _____ is the use of a secret code or other means to disguise data that is stored on a computer or
transported across a network.
a. Encryption
c. Hashing
b. Authentication
d. Ciphering
ANS: A

REF: 96

2. Which of the following sniffer application can be used in Windows-based operating systems?
a. The Sniffer
d. Both a and b
b. windump
e. a, b, and c
c. Sniffit
ANS: D

REF: 96

3. What encryption method is often used to create a digital signature?

a. Secret key
c. DES
b. Hashing
d. CFS
ANS: B

REF: 100

4. Which version of hashing algorithm takes 8-bit (one-byte) chunks and creates an encrypted message
that is padded until its length can be divided by 16?
a. MD2
c. MD5
b. MD4
d. SHA-1
ANS: A

REF: 100

5. Which version of hashing algorithm uses a mathematical formula to reduce a message to 160 bits and
then hashes a digital signature to go with the message?
a. MD2
c. MD5
b. MD4
d. SHA-1
ANS: D

REF: 101

6. When was the RSA encryption method created?

a. 1967
c. 1987
b. 1977
d. 1997
ANS: B

REF: 104

7. Which of the following encryption algorithms is considered to be the most secure?

a. MD5
c. RSA
b. DES
d. 3DES
ANS: C

REF: 104

8. What encryption method does Red Hat Linux use by default?

a. RSA
c. DES3

b. DES
ANS: B

d. PAM
REF: 104

9. What type of encryption is used for remote connections into Windows 2000 Server and Windows
Server 2003?
a. DES
c. PPTP
b. PPP
d. MPPE
ANS: D

REF: 104

10. What is the RSA key size used by MPPE when it is configured for strongest encryption?
a. 40 bits
c. 128 bits
b. 54 bits
d. 254 bits
ANS: C

REF: 105

11. What command can be used from the command prompt window to configure EFS?
a. hash
c. msconfig
b. efsconfig
d. cipher
ANS: D

REF: 105

12. Which of the following cipher command-line parameters decrypts the contents of the specified folder
and sets the folder so that any files added to the folder are not encrypted?
a. /?
c. /d
b. /e
d. /n
ANS: A

REF: 106

13. Which of the following cipher command-line parameters provides the account employing cipher with a
new encryption key?
a. /n
c. /k
b. /u
d. /x
ANS: C

REF: 106

14. Which of the following cipher command-line parameters copies encryption key and certificate data to
a file that is encrypted for use by the cipher user?
a. /?
c. /e
b. /k
d. /x
ANS: D

REF: 106

15. Which of the following encryption techniques is employed in UNIX/Linux systems to enable
encryption in file systems, using DES, 3DES, and other encryption techniques?
a. RSA
c. CFS
b. PAM
d. AES
ANS: C

REF: 108

16. _____ authentication works by giving each frame or packet an identification or sequence number. This
ensures the accuracy of ongoing communications and the authenticity of the communications source.
a. Network
c. System
b. Session
d. Frame
ANS: B

REF: 109

17. When following the ISO _____ format, a digital certificate includes a basic set of encrypted
information.
a. X10
c. X.509
b. X.502
d. X 802.3
ANS: C

REF: 109

18. Which of the following operating systems recognizes the original NTLM logon authentication?
a. Windows 3.11
d. Both a and b
b. Windows 95
e. a, b, and c
c. Windows Server 2003
ANS: E

REF: 110

19. What needs to be installed in order for Windows 95 and Windows 98 to use NTLM v2?
a. Service pack 1
c. NTLM v2 client install
b. Directory Service Client
d. Nothing
ANS: B

REF: 111

20. _____ is an authenticating server for EAP.

a. IAS
b. IIS
ANS: D

c. ISA
d. RADIUS

REF: 113

21. What size of keys can be used with SSL authentication?

a. 40 bit only
c. 40 bit, 56 bit, and 128 bit
b. 40 bit and 128 bit
d. 40 bit and 56 bit
ANS: C

REF: 114

22. What authentication method was designed using SSL as a model and is supported by the IETF as an
Internet standard for secure communications?
a. EAP
c. TLS
b. SSL+
d. IPSec
ANS: C

REF: 114

23. What does SSH use to authenticate a communications session that uses passwords?
a. Digital certificates
d. Both a and b
b. RSA
e. Both a and c
c. EAP
ANS: D

REF: 114

24. Why is SSH particularly suited to UNIX/Linux systems?

a. It uses native code
c. It is based on the UNIX kernel
b. It uses pipes
d. None of the above
ANS: B

REF: 114

25. Which authentication method authenticates by using tickets to verify client and server
communications, and employs private-key encryption?
a. Digital certificates
c. Kerberos

b. Secure Sockets Layer

ANS: C

d. Security Token

REF: 116

26. Which authentication method is used on networks and in remote communications, typically employing
Remote Authentication Dial-in User Servers and is compatible with many encryption methods?
a. SSL
c. EAP
b. Kerberos
d. TLS
ANS: C

REF: 116

27. Which authentication method is a physical device that enables the generation of a unique password
each time a user logs on to a server or network?
a. SSH
c. Digital certificate
b. Security token
d. Session
ANS: B

REF: 116

28. Which authentication method employs a unique set of digital information or a digital signature with a
communication or a file as a means to verify the source and uses public-key asymmetrical encryption?
a. SSL
c. Digital certificates
b. TLS
d. Kerberos
ANS: C

REF: 116

29. Which authentication method is used in Internet and network communications, and employs a
handshaking protocol for authentication plus RSA for encryption?
a. EAP
c. SSH
b. TLS
d. SSL
ANS: D

REF: 116

30. _____ is a set of IP-based secure communications and encryption standards created by the IETF, and
was developed to provide secure network communications.
a. SSL
c. PPTP
b. IPSec
d. LDAP
ANS: B

REF: 117

31. At what TCP/IP layer does IPSec secure communications?

a. Transport
c. Network
b. Application
d. Physical
ANS: C

REF: 116

32. With which version(s) of IP is IPSec compatible?

a. IPv4
d. Both a and c
b. IPv5
e. Both a and b
c. IPv6
ANS: E

REF: 118

33. What form of encryption is being enabled in the figure above?

a. EFS
c. DES
b. MPPE
d. CFS
ANS: A

REF: 106

34. Which option in the figure above turns Kerberos encryption on and off?
a. Enforce user logon restrictions
b. Maximum lifetime for a service ticket
c. Maximum lifetime for user ticket renewal
d. Maximum tolerance for computer clock synchronization
ANS: A

REF: 112

35. If getting users to log off when they go home at night is a problem, which option should you modify in
the figure above?
a. Enforce user logon restrictions
b. Maximum lifetime for a service ticket
c. Maximum lifetime for a user ticket
d. Maximum lifetime for user ticket renewal
ANS: C

REF: 112

YES/NO
1. Is MD4 incorporated into Microsoft's MS-CHAP v2 hashing algorithm?
ANS: N

REF: 101

2. Did the original version of DES use a 56-bit encryption key combined with 8-bit parity?
ANS: Y

REF: 102

3. Are user passwords in Red Hat Linux encrypted using 3DES and stored in the /etc/passwd file?
ANS: N

REF: 102

4. Is the maximum size of the private key in AES 256 bits in length?
ANS: Y

REF: 103

5. Was AES originally developed for the U.S. National Security Agency?
ANS: N

REF: 104

6. Does Microsoft's MPPE use a 40-bit RSA encryption key for its basic encryption?
ANS: Y

REF: 105

7. Does the Encrypting File System (EFS) employ public- and private-key asymmetrical encryption and a
trapdoor function to manipulate prime numbers?
ANS: N

REF: 108

8. In session authentication, is each packet given a sequence number when it is constructed at the source
computer?
ANS: Y

REF: 109

9. Was SSH developed by Netscape to provide authentication security for TCP/IP applications such as
FTP and Telnet?
ANS: N

REF: 113

10. Does each security token have a unique identification number built into it, so that the authentication
server can verify the security token before issuing a password?

ANS: Y

REF: 116

COMPLETION
1. ____________________ authenticates by using tickets to verify client and server communications,
and employs private-key encryption.
ANS: Kerberos
REF: 116
2. ____________________ authentication method is an application-independent form of authentication
that is modeled after SSL and uses RSA encryption.
ANS:
TLS
Transport Layer Security
REF: 116
3. When Windows 2000 Server or Windows Server 2003 is contacted by a client using IPSec configured
in the Client (____________________) role, it will respond by using IPSec communication.
ANS: Respond Only
REF: 117
4. The ____________________ field in the AH uses a special counter to activate anti-replay so that the
receiver can determine if it has already received a packet.
ANS: Sequence Number
REF: 119
5. The ____________________ field in the ESP is used in the same way as in the AH, to store the
Integrity Check Value.
ANS: Authentication Data
REF: 120
6. Deploying _________________________ with NAT can interfere with the security established by
IPSec.
ANS:
AH
Authentication Header
REF: 120
7. In a(n) ____________________ attack every character combination is used in an attempt to determine
the password of an account.

ANS: brute force

REF: 120
8. ____________________ is the science of creating secret messages.
ANS: cryptography
REF: 97
9. The DES, AES, and MPPE encryption methods are all forms of the ____________________
encryption method, but use different block sizes, key sizes, and algorithms.
ANS: block cipher
REF: 98
10. ____________________ encryption can work well on a computer for files that are only accessed by an
authorized account, but it is difficult to achieve secrecy over a network using this method.
ANS: Secret key
REF: 98
MATCHING
Match the following terms to the appropriate definitions.
a. AES
f. NTLM
b. CFS
g. PAM
c. EFS
h. PPP
d. EAP
i. PPTP
e. MPPE
j. SSH
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
1.
2.
3.
4.
5.
6.
7.

A multipurpose authentication method

A module that can be installed in Linux without rewriting existing system code
Adopted by the U.S. government to replace DES and 3DES
Communications protocol that supports TCP/IP, NetBEUI, and IPX/SPX
Used by Microsoft for remote communications over PPP or PPTP
Communications protocol that enables Internet connections to VPNs
Enables Linux and UNIX disk file systems and NFS files to be encrypted
Authentication developed for UNIX/Linux to provide authentication security
Logon authentication compatible with all Windows operating systems
Enables a user to encrypt the contents of a folder or a file
ANS:
ANS:
ANS:
ANS:
ANS:
ANS:
ANS:

D
G
A
H
E
I
B

REF:
REF:
REF:
REF:
REF:
REF:
REF:

123
123
122
123
123
123
122

8. ANS: J
9. ANS: F
10. ANS: C

REF: 124
REF: 123
REF: 122

SHORT ANSWER
1. List eight different encryption techniques that are designed to help protect stored or transmitted data.
ANS:
Any eight of the following:
1. Stream cipher and block cipher
2. Secret key
3. Public key
4. Hashing
5. Data Encryption Standard (DES)
6. Advanced Encryption Standard (AES)
7. RSA encryption
8. Pluggable authentication modules (PAMs)
9. Microsoft Point-to-Point Encryption (MPPE)
10. Encrypting File System (EFS)
11. Cryptographic File System (CFS)
REF: 97
2. List the four hashing algorithms typically used.
ANS:
1. Message Digest 2
2. Message Digest 4
3. Message Digest 5
4. Secure Hash Algorithm 1
REF: 100
3. List and provide the key lengths for the three different flavors of RSA used by MPPE.
ANS:
1. Basic encryption, which uses a 40-bit key
2. Strong encryption, which uses a 56-bit key
3. Strongest encryption, which uses a 128-bit key
REF: 105
4. List six of the common authentication methods in use today.
ANS:
Any six of the following:
1. Session authentication
2. Digital certificates
3. NT LAN Manager
4. Kerberos
5. Extensible Authentication Protocol (EAP)
6. Secure Sockets Layer (SSL)

7. Transport Layer Security (TLS)

8. Secure Shell (SSH)
9. Security token
REF: 108
5. When following the ISO X.509 format, what basic set of encrypted information does a digital
certificate include?
ANS:
1. Version: Version of the X.509 standard used for the certificate
2. Certificate serial number: A unique number that applies only to the current certificate
3. Signature algorithm identifier: Indicates the algorithm used for encryption
4. Name of the issuer: Name or identification of the certificate authority or entity that created the
certificate
5. Validity period: Amount of time the certificate can be used
6. Subject name: The distinguished name of the issuer
7. Subject public key information: Specifies the public key and the algorithm used with it
REF: 109
6. List six applications that can be used with SSL.
ANS:
1. E-commerce
2. HTTP
3. HTTPS
4. FTP
5. SMTP
6. NNTP
REF: 113
7. In Windows 2000 and Windows 2003, a computer that is configured to use IPSec communication can
function in three roles. What are they?
ANS:
1. Client (Respond Only): When Windows 2000 Server or Windows Server 2003 is contacted by a
client using IPSec, it will respond by using IPSec communication.
2. Server (Request Security): When Windows 2000 Server or Windows Server 2003 is first contacted,
or when it initiates a communication, it will use IPSec by default. If the responding client does not
support IPSec, Windows Server 2003 will switch to the clear mode, which does not employ IPSec.
3. Secure Server (Require Security): Windows 2000 Server or Windows Server 2003 will only
respond using IPSec communication, which means that communication via any account and with any
client is secured through strict IPSec enforcement.
REF: 117
8. List the six specific fields in the AH.
ANS:
1. Next header
2. Payload length
3. Reserved

4. Security Parameter Index (SPI)

5. Sequence number
6. Authentication Data
REF: 119
9. Which seven specific fields are contained in the ESP?
ANS:
1. Security Parameter Index (SPI)
2. Sequence number
3. Payload data
4. Padding
5. Pad length
6. Next header
7. Authentication data
REF: 119
10. List five common types of attacks on encryption and authentication.
ANS:
1. Brute force
2. Accessing password information in the operating system
3. Simple password guessing
4. Weak keys
5. Encryption algorithm attacks
REF: 120