Chat with AI
Deck 5: Network Authentication and Remote Access Using Vpn
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
Play
Full screen (f)
Deck 5: Network Authentication and Remote Access Using Vpn
1
A ____ is an automatic phone-dialing program that dials every phone number in a configured range and checks to see if a person, answering machine, or modem answers.
A) dictionary attack
C) brute force attack
B) rainbow attack
D) war dialer
A) dictionary attack
C) brute force attack
B) rainbow attack
D) war dialer
D
2
The growth and widespread use of the Internet has been coupled with the use of encryption technology to produce a solution for specific types of private communication channels: ____.
A) TACACS+
C) split tunneling
B) virtual private networks (VPNs)
D) multifactor authentication
A) TACACS+
C) split tunneling
B) virtual private networks (VPNs)
D) multifactor authentication
B
3
Which centralized authentication method uses UDP?
A) TACACS+
C) Kerberos
B) RADIUS
D) MD5
A) TACACS+
C) Kerberos
B) RADIUS
D) MD5
B
4
Biometrics (retinal scans, fingerprints, and the like) are mainly used for ____ by large security-minded entities such as banking institutions and credit card centers for regulating access to sensitive information, but biometrics are also gaining ground in the general corporate world.
A) authentication
C) accountability
B) auditing
D) authorization
A) authentication
C) accountability
B) auditing
D) authorization
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
A bank's automated teller machine (ATM), which restricts authorized users to simple account queries, transfers, deposits, and withdrawals is an example of ____ access control.
A) content-dependent
C) temporal (time-based) isolation
B) constrained user interface
D) classified
A) content-dependent
C) temporal (time-based) isolation
B) constrained user interface
D) classified
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
A ____ is one in which the computer system enforces the controls without the input or intervention of the system or data owner.
A) role based control
C) mandatory access control (MAC)
B) network access control (NAC)
D) discretionary access control (DAC)
A) role based control
C) mandatory access control (MAC)
B) network access control (NAC)
D) discretionary access control (DAC)
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
Client authentication is similar to user authentication but with the addition of ____.
A) integrated authorization
C) usage limits
B) file restrictions
D) multifactor authentication
A) integrated authorization
C) usage limits
B) file restrictions
D) multifactor authentication
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
Which access control principle is most frequently associated with data classification?
A) Least privilege
C) Role based controls
B) Need to know
D) Separation of duties
A) Least privilege
C) Role based controls
B) Need to know
D) Separation of duties
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Which level in the U.S. military data classification scheme applies to any information or material the unauthorized disclosure of which reasonably could be expected to cause damage to the national security?
A) Secret data
C) Sensitive but unclassified (SBU) data
B) Confidential data
D) Top secret data
A) Secret data
C) Sensitive but unclassified (SBU) data
B) Confidential data
D) Top secret data
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
Which access control principle restricts users to having access appropriate to the level required for their assigned duties?
A) Least privilege
C) Role based controls
B) Need to know
D) Separation of duties
A) Least privilege
C) Role based controls
B) Need to know
D) Separation of duties
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
Which centralized authentication method is the latest and strongest version of a set of authentication protocols developed by Cisco Systems?
A) TACACS+
C) Kerberos
B) RADIUS
D) MD5
A) TACACS+
C) Kerberos
B) RADIUS
D) MD5
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Which access control process documents the activities of the authenticated individual and systems?
A) Identification
C) Auditing
B) Authorization
D) Accountability
A) Identification
C) Auditing
B) Authorization
D) Accountability
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Most personal computer operating systems use the mandatory access control (MAC) model.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
A(n) ____ is a list of authorization rights attached to an object - in other words, who can access that device or application and what can they do with it.
A) access control list (ACL)
C) security association (SA) table
B) rainbow table
D) state table
A) access control list (ACL)
C) security association (SA) table
B) rainbow table
D) state table
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Separation of duties reduces the chance of an individual violating information security policy and breaching the confidentiality, integrity, and availability of information.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
A ____ attack is time-intensive, so they are rarely aimed at the target system in general.
A) dictionary
C) brute-force
B) war dialer
D) rainbow
A) dictionary
C) brute-force
B) war dialer
D) rainbow
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
PPTP provides stronger protection than L2TP.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
In order to implement MAC, a strict user and data classification scheme is required.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
Which authentication method is used when you want a client to be authenticated for each session?
A) User authentication
C) Client authentication
B) Session authentication
D) Centralized authentication
A) User authentication
C) Client authentication
B) Session authentication
D) Centralized authentication
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Today, the widespread acceptance of IPSec with the IKE system means that proprietary protocols are used far more often.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A hardware device specially designed to terminate VPNs and join multiple LANs.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A hardware device specially designed to terminate VPNs and join multiple LANs.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Generally less expensive than hardware systems, and they tend to scale better on fast-growing networks.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Generally less expensive than hardware systems, and they tend to scale better on fast-growing networks.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Used when a dial-up user needs to establish a VPN connection with your network.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Used when a dial-up user needs to establish a VPN connection with your network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Rapidly becoming the protocol of choice for VPN connections of all sorts and should be used when the other protocols are not acceptable.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Rapidly becoming the protocol of choice for VPN connections of all sorts and should be used when the other protocols are not acceptable.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
Which term refers to two connections over a VPN line?
A) High speed Internet connection
C) Dual tunneling
B) Cross-over communication
D) Split tunneling
A) High speed Internet connection
C) Dual tunneling
B) Cross-over communication
D) Split tunneling
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
The generally accepted definition of ____________________ refers to guessing, breaking, and/or stealing passwords to gain access to a system or application.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Used when a dial-up user has an old system that doesn't support L2TP and needs to use PPP to establish a VPN connection to your network.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Used when a dial-up user has an old system that doesn't support L2TP and needs to use PPP to establish a VPN connection to your network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Links two or more networks.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Links two or more networks.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
A TCP/IP ____________________ is a channel or pathway over a packet network used by the VPN.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
A(n) ____________________ is basically an internal network restricted to employees within the organization, also using Internet technologies.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
IPSec ____ use a complex set of security protocols to protect information, including Internet Key Exchange (IKE), which provides for the exchange of security keys between the machines in the VPN.
A) endpoints
C) tunnels
B) access points
D) concentrators
A) endpoints
C) tunnels
B) access points
D) concentrators
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Each participant in the VPN has an approved relationship, called a security association (SA), with every other participant.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
Each participant in the VPN has an approved relationship, called a security association (SA), with every other participant.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A single VPN router contains records of all SAs in the VPN.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A single VPN router contains records of all SAs in the VPN.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Match each item with a statement below.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A network accessible to remote users who need dial-in access.
a.Site-to-site VPN
f.PPTP
b.Client-to-site VPN
g.L2TP
c.VPN appliance
h.Mesh configuration
d.Software VPN
i.Hub-and-spoke configuration
e.IPSec/IKE
A network accessible to remote users who need dial-in access.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Some VPNs use the term ____ to describe everything in the protected network behind the gateway.
A) safe house
C) encapsulation
B) encryption domain
D) tunnel
A) safe house
C) encapsulation
B) encryption domain
D) tunnel
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Point-to-Point Protocol (PPP) over Secure Sockets Layer (SSL) and Point-to-Point Protocol (PPP) over Secure Shell (SSH) are two ____-based methods for creating VPNs.
A) Microsoft
C) UNIX
B) IBM
D) Linux
A) Microsoft
C) UNIX
B) IBM
D) Linux
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
____ are hardware devices or software modules that perform encryption to secure data, perform authentication to make sure the host requesting the data is an approved user of the VPN, and perform encapsulation to protect the integrity of the information being sent.
A) Endpoints
C) Concentrators
B) Access points
D) Tunnels
A) Endpoints
C) Concentrators
B) Access points
D) Tunnels
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
____________________ is the process by which a computer system recognizes a user's identity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
____________________ is the act of confirming the identity or user account.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
VPNs protect packets by performing IP ____, the process of enclosing a packet within another one that has different IP source and destination information.
A) tiering
C) encryption
B) tunneling
D) encapsulation
A) tiering
C) encryption
B) tunneling
D) encapsulation
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
Describe the two IPSec modes of operation.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Briefly describe multifactor authentication.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
Describe the drawbacks of using a VPN.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Describe the L2TP Layer 2 Tunneling Protocol (L2TP).
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Describe how rule-based access controls can be implemented in the DAC model.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Why is it important to rename a system default account?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Describe how challenge-response passwords work.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Describe how session authentication works.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What is the advantage of using a hardware VPN appliance?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
List and briefly describe the six functional characteristic categories that can be used to categorize access controls.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
