Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
1 CH 5
Most of your client’s sales force have been told that they should no longer report to the office on a daily basis. From now on, they’re to spend the majority of their time on the road calling on customers. Each member of the sales force has been issued a laptop computer and told to connect to the network nightly through a remote connection. Which of the following protocols is widely used today as a transport protocol for remote Internet connections? |
1
A) SMTP B) PPP C) PPTP D) L2TP |
1 B
PPP can pass multiple protocols and is widely used today as a transport protocol for remote connections. |
|
|
2 CH 5
Which protocol is unsuitable for WAN VPN connections? |
2
A) PPP B) PPTP C) L2TP D) IPSec |
2 A
PPP provides no security, and all activities are unsecure. PPP is primarily intended for remote connections and should never be used for VPN connections. |
|
|
3 CH 5
You’ve been given notice that you’ll soon be transferred to another site. Before you leave, you’re to audit the network and document everything in use and the reason why it’s in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn’t a tunneling protocol but is probably used at your site by tunneling protocols for network security? |
3
A) IPSec B) PPTP C) L2TP D) L2F |
3 A
IPSec provides network security for tunneling protocols. IPSec can be used with many different protocols besides TCP/IP, and it has two modes of security. |
|
|
4 CH 5
The present method of requiring access to be strictly defined on every object is proving too cumbersome for your environment. The edict has come down from upper management that access requirements should be reduced slightly. Which access model allows users some flexibility for information-sharing purposes? |
4
A) DAC B) MAC C) RBAC D) MLAC |
4 A
DAC allows some flexibility in information-sharing capabilities within the network. |
|
|
5 CH 5
A newly hired junior administrator will assume your position temporarily while you attend a conference. You’re trying to explain the basics of security to her in as short a period of time as possible. Which of the following best describes an ACL? |
5
A) ACLs provide individual access control to resources. B) ACLs aren’t used in modern systems. C) The ACL process is dynamic in nature. D) ACLs are used to authenticate users. |
5 A
Access control lists allow individual and highly controllable access to resources in a network. An ACL can also be used to exclude a particular system, IP address, or user. |
|
|
6 CH 5
LDAP is an example of which of the following? |
6
A) Directory access protocol B) IDS C) Tiered model application development environment D) File server |
6 A
Lightweight Directory Access Protocol (LDAP) is a directory access protocol used to publish information about users. This is the computer equivalent of a phone book. |
|
|
7 CH 5
Upper management has suddenly become concerned about security. As the senior network administrator, you are asked to suggest changes that should be implemented. Which of the following access methods should you recommend if the method is to be one that is primarily based on preestablished access and can’t be changed by users? |
7
A) MAC B) DAC C) RBAC D) Kerberos |
7 A
Mandatory Access Control (MAC) is oriented toward preestablished access. This access is typically established by network administrators and can’t be changed by users. |
|
|
8 CH 5
Your office administrator is being trained to perform server backups. Which authentication method would be ideal for this situation? |
8
A) MAC B) DAC C) RBAC D) Security tokens |
8 C
Role-Based Access Control (RBAC) allows specific people to be assigned to specific roles with specific privileges. A backup operator would need administrative privileges to back up a server. This privilege would be limited to the role and wouldn’t be present during the employee’s normal job functions. |
|
|
9 CH 5
You’ve been assigned to mentor a junior administrator and bring him up to speed quickly. The topic you’re currently explaining is authentication. Which method uses a KDC to accomplish authentication for users, programs, or systems? |
9
A) CHAP B) Kerberos C) Biometrics D) Smart cards |
9 B
Kerberos uses a key distribution center (KDC) to authenticate a principal. The KDC provides a credential that can be used by all Kerberos-enabled servers and applications. |
|
|
10 CH 5
After a careful risk analysis, the value of your company’s data has been increased. Accordingly, you’re expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon? |
10
A) Multifactor B) Biometrics C) Smart card D) Kerberos |
10 A
A multifactor authentication method uses two or more processes for logon. A two-factor method might use smart cards and biometrics for logon. |
|
|
11 CH 5
You’re the administrator for Mercury Technical. Due to several expansions, the network has grown exponentially in size within the past two years. Which of the following is a popular method for breaking a network into smaller private networks that can coexist on the same wiring and yet be unaware of each other? |
11
A) VLAN B) NAT C) MAC D) Security zone |
11 A
Virtual local area networks (VLANs) break a large network into smaller networks. These networks can coexist on the same wiring and be unaware of each other. A router or other routing-type device would be needed to connect these VLANs. |
|
|
12 CH 5
Which technology allows a connection to be made between two networks using a secure protocol? |
12
A) Tunneling B) VLAN C) Internet D) Extranet |
12 A
Tunneling allows a network to make a secure connection to another network through the Internet or other network. Tunnels are usually secure and present themselves as extensions of both networks. |
|
|
13 CH 5
Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data you work with, it’s imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session? |
13
A) Tokens B) Certificate C) Smart card D) Kerberos |
13 A
Tokens are created when a user or system successfully authenticates. The token is destroyed when the session is over. |
|
|
14 CH 5
Which of the following is the term used whenever two or more parties authenticate each other? |
14
A) SSO B) Multifactor authentication C) Mutual authentication D) Tunneling |
14 C
Whenever two or more parties authenticate each other, this is known as mutual authentication. |
|
|
15 CH 5
Which of the following security areas encompasses network access control (NAC)? |
15
A) Physical security B) Operational security C) Management security D) Triad security |
15 B
Operational security issues include network access control (NAC), authentication, and security topologies after the network installation is complete. |
|
|
16 CH 5
You have added a new child domain to your network. As a result of this, the child has adopted all the trust relationships with other domains in the forest that existed for its parent domain. What is responsible for this? |
16
A) LDAP access B) XML access C) Fuzzing access D) Transitive access |
16 D
Transitive access exists between the domains and creates this relationship. |
|
|
17 CH 5
What is invoked when a person claims they are the user but cannot be authenticated—such as when they lose their password? |
17
A) Identity proofing B) Social engineering C) Directory traversal D) Cross-site requesting |
17 A
Identity proofing is invoked when a person claims they are the user but cannot be authenticated, such as when they lose their password. |
|
|
18 CH 5
Which of the following is a client-server-oriented environment that operates in a manner similar to RADIUS? |
18
A) HMS B) TACACS C) TPM D) ACK |
18 B
Terminal Access Controller Access-Control System (TACACS) is a client-server-oriented environment, and it operates in a manner similar to how RADIUS operates. |
|
|
19 CH 5
What is implied at the end of each access control list? |
19
A) Least privilege B) Separation of duties C) Implicit deny D) Explicit allow |
19 C
An implicit deny clause is implied at the end of each ACL, and it means that if the proviso in question has not been explicitly granted, then it is denied. |
|
|
20 CH 5
Which of the following is a type of smart card issued by the Department of Defense as a general identification/authentication card for military personnel, contractors, and non-DoD employees? |
20
A) PIV B) POV C) DLP D) CAC |
20 D
One type of smart card is the Common Access Card (CAC). These cards are issued by the Department of Defense as a general identification/authentication card for military personnel, contractors, and non-DoD employees. |
