Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
50 Cards in this Set
- Front
- Back
|
A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?
a. 53 b. 389 c. 443 d. 636 |
d. 636
|
|
|
Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?
a. TACACS b. RAS c. RADIUS d. Kerberos |
d. Kerberos
|
|
|
Which of the following would be the MOST secure choice to implement for authenticating remote connections?
a. LDAP b. 802.1x c. RAS d. RADIUS |
d. RADIUS
|
|
|
Which of the following is the BEST way to reduce the number of accounts a user must maintain?
a. Kerberos b. CHAP c. SSO d. MD5 |
c. SSO
|
|
|
Which of the following can be used as a means for dual-factor authentication?
a. RAS and username/password b. RADIUS and L2TP c. LDAP and WPA d. Iris scan and proximity card |
d. Iris scan and proximity card
|
|
|
During the implementation of LDAP, which of the following will typically be changed within the organizations software programs?
a. IP addresses b. Authentication credentials c. Non-repudiation policy d. Network protocol |
b. Authentication credentials
|
|
|
Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?
a. Two-factor authentication b. Single sign-on c. Smart card d. Biometrics |
b. Single sign-on
|
|
|
Kerberos uses which of the following trusted entities to issue tickets?
a. Ticket Granting System b. Certificate Authority c. Internet Key Exchange d. Key Distribution Center |
d. Key Distribution Center
|
|
|
Users do not want to enter credentials to each server or application to conduct their normal work. Which of the following type of strategies will resolve this issue?
a. Smart card b. Two-factor authentication c. Biometrics d. SSO |
d. SSO
|
|
|
The RAS logs on a server show 100 errors in a two minute time period from an attempt to access an account. The error log shows unknown username or password. Which of the following is this an example of?
a. The local firewall is blocking GRE packets. b. An unauthorized attempt to access the server. c. The end users ISP is having issues with packet loss. d. One of the users forgot their password and kept trying to login. |
b. An unauthorized attempt to access the server.
|
|
|
Which of the following allows for the highest level of security at time of login?
a. Single sign-on b. Two-factor authentication c. One-factor authentication d. NTLMv2 |
b. Two-factor authentication
|
|
|
Which of the following BEST describes the differences between RADIUS and TACACS?
a. TACACS separates authentication, authorization and auditing capabilities. b. TACACS is a remote access authentication service. c. RADIUS is a remote access authentication service. d. RADIUS separates authentication, authorization and auditing capabilities. |
a. TACACS separates authentication, authorization and auditing capabilities.
|
|
|
Which of the following BEST describes the differences between RADIUS and TACACS?
a. RADIUS encrypts client-server negotiation dialog. b. RADIUS is a remote access authentication service. c. TACACS encrypts client-server negotiation dialog. d. TACACS is a remote access authentication service. |
c. TACACS encrypts client-server negotiation dialog.
|
|
|
Which of the following authentication mechanisms performs better in a secure environment?
a. RADIUS because it is a remote access authentication service. b. TACACS because it encrypts client-server negotiation dialogs. c. RADIUS because it encrypts client-server passwords. d. TACACS because it is a remote access authentication service. |
b. TACACS because it encrypts client-server negotiation dialogs.
|
|
|
A single sign-on requires which of the following?
a. Multifactor authentication b. One-factor authentication c. A trust model between workstations d. A unified trust model |
d. A unified trust model
|
|
|
A user wants to implement very tight security controls for technicians that seek to enter the users datacenter. Which of the following solutions offers the BEST security controls?
a. Combination locks and key locks b. Smartcard and proximity readers c. Magnetic lock and pin d. Biometric reader and smartcard |
d. Biometric reader and smartcard
|
|
|
The use of a physical token, PIN and a password during authentication is an example of which of the following?
a. Two-factor authentication b. Kerberos authentication c. EAP authentication d. Three-factor authentication |
a. Two-factor authentication
|
|
|
Which of the following is an example of two-factor authentication for an information system?
a. ATM card and PIN b. Username and password c. Retina and fingerprint scanner d. Photo ID and PIN |
a. ATM card and PIN
|
|
|
To combat transaction fraud, a bank has implemented a requirement that all bank customers enter a different, unique code to confirm every transaction. Which of the following is the MOST effective method to accomplish this?
a. ATM PIN code b. Elliptic curve c. One-time password d. Digital certificate |
c. One-time password
|
|
|
Validating the users claimed identity is called which of the following?
a. Authentication b. Identification c. Verification d. Validation |
a. Authentication
|
|
|
Which of the following authentication models uses a KDC?
a. CHAP b. PKI c. PGP d. Kerberos |
d. Kerberos
|
|
|
Which of the following authentication models uses a time stamp to prevent the risks associated with a replay attack?
a. Two-factor authentication b. RADIUS c. LDAP d. Kerberos |
d. Kerberos
|
|
|
Identification is a critical component of the authentication process because it is:
a. used to confirm the privileges of a user. b. when the user is verified. c. when the user is authorized. d. used to prevent authorized access. |
b. when the user is verified.
|
|
|
Identity proofing occurs during which phase of identification and authentication?
a. Testing b. Verification c. Authentication d. Identification |
d. Identification
|
|
|
A security administrator has been asked to deploy a biometric authentication system in a corporation. Which of the following devices is the MOST reliable and has the lowest cross over error rate?
a. Iris scanner b. Handprint scanner c. Retina scanner d. Fingerprint scanner |
c. Retina scanner
|
|
|
To increase the security of the network authentication process, an administrator decides to implement three-factor authentication. Which of the following authentication combinations is a three-factor system?
a. A PKI enabled smart card, strong password and 12-digit PIN b. A retina scanner, PKI enabled smart card and a six-digit PIN c. A fingerprint scanner, PKI enabled smart card and badge proximity reader d. An Iris scanner, a user generated pass phrase and a palm reader |
b. A retina scanner, PKI enabled smart card and a six-digit PIN
|
|
|
Which of the following is the MOST common logical access control method?
a. Access control lists b. Usernames and password c. Multifactor authentication d. Security ID badges |
b. Usernames and password
|
|
|
The method of controlling how and when users can connect in from home is called which of the following?
a. Remote access policy b. Terminal access control c. Virtual Private Networking (VPN) d. Remote authentication |
a. Remote access policy
|
|
|
Which of the following is the main limitation with biometric devices?
a. The false rejection rate b. They are expensive and complex c. They can be easily fooled or bypassed d. The error human factor |
b. They are expensive and complex
|
|
|
When using a single sign-on method, which of the following could adversely impact the entire network?
a. Workstation b. Biometrics c. Web server d. Authentication server |
d. Authentication server
|
|
|
RADIUS uses all of the following authentication protocols EXCEPT:
a. PAP. b. CHAP. c. EAP. d. L2TP. |
d. L2TP.
|
|
|
Users should be able to access their email and several secure applications from any workstation on the network. Additionally, the administrator has implemented an authentication system requiring the use of a username, password, and a company issued smart card. Which of the following is this an example of?
a. Three factor authentication b. SSO c. ACL d. Least privilege |
b. SSO
|
|
|
Both the client and the server authenticate before exchanging data. This is an example of:
a. biometrics. b. multifactor authentication. c. mutual authentication. d. SSO. |
c. mutual authentication.
|
|
|
A ticket granting server is an important concept in which of the following authentication models?
a. PAP b. RADIUS c. Kerberos d. CHAP |
c. Kerberos
|
|
|
Which of the following is an example of two-factor authentication?
a. User ID and password b. Smart card and PIN c. Fingerprint reader and iris scanner d. Smart card and ID badge |
b. Smart card and PIN
|
|
|
Which of the following describes an encrypted connection across public communication lines?
a. TACACS b. VPN c. EAP d. CHAP |
b. VPN
|
|
|
Which of the following would refer to a key fob with a periodically changing number that is used as part of the authentication process?
a. Installation key b. Biometric device c. Hardware lock d. Physical token |
d. Physical token
|
|
|
Which of the following is the MOST common method of one-factor authentication?
a. Smart card and a PIN b. Physical token and a password c. Fingerprint reader d. User ID and password |
d. User ID and password
|
|
|
Which of the following is a drawback of using PAP authentication?
a. PAP only authenticates between same vendor servers. b. PAP requires that both workstations mutually authenticate. c. PAP changes its initialization vector with each packet. d. PAP sends all passwords across the network as clear text. |
d. PAP sends all passwords across the network as clear text.
|
|
|
Which of the following requires the server to periodically request authentication from the client?
a. EAP b. CHAP c. WPA2 d. RAS |
b. CHAP
|
|
|
A biometric fingerprint scanner is an example of which of the following?
a. Two-factor authentication b. SSO c. Three-factor authentication d. Single-factor authentication |
d. Single-factor authentication
|
|
|
A user ID, PIN, and a palm scan are all required to authenticate a system. Which of the following is this an example of?
a. SSO b. Two-factor authentication c. Single-factor authentication d. Three-factor authentication |
b. Two-factor authentication
|
|
|
Which of the following security steps must a user complete before access is given to the network?
a. Authentication and password b. Identification and authentication c. Identification and authorization d. Authentication and authorization |
b. Identification and authentication
|
|
|
Which of the following biometric authentication devices also carries significant privacy implications due to personal health information that can be discovered during the authentication process?
a. Iris scanner b. Fingerprint scanner c. Retina scanner d. Facial recognition |
c. Retina scanner
|
|
|
An administrator has already implemented two-factor authentication and now wishes to install a third authentication factor. If the existing authentication system uses strong passwords and PKI tokens which of the following would provide a third factor?
a. Pass phrases b. Elliptic curve c. Fingerprint scanner d. Six digit PINs |
c. Fingerprint scanner
|
|
|
A biometric authentication system consists of all of the following components EXCEPT:
a. reader. b. credential store. c. hardware token. d. supplicant. |
c. hardware token.
|
|
|
Which of the following is an example of remote authentication?
a. A user on a campus area network (CAN) connects to a server in another building and enters a username and password pair. b. A user in one building logs on to the network by entering a username and password into a host in the same building. c. A user on a metropolitan area network (MAN) accesses a host by entering a username and password pair while not connected to the LAN. d. A user in one city logs onto a network by connecting to a domain server in another city. |
d. A user in one city logs onto a network by connecting to a domain server in another city.
|
|
|
Which of the following is a three-factor authentication system?
a. Username, password, token and iris scanner b. Password, passphrase, PIN and iris scanner c. PIN, palm recognition scanner and passphrase d. Username, PIN and fingerprint reader |
a. Username, password, token and iris scanner
|
|
|
Which of the following is a drawback of using PAP authentication?
a. PAP only authenticates between same vendor servers. b. PAP requires that both workstations mutually authenticate. c. PAP changes its initialization vector with each packet. d. PAP sends all passwords across the network as clear text. |
d. PAP sends all passwords across the network as clear text.
|
|
|
A biometric fingerprint scanner is an example of which of the following?
a. Two-factor authentication b. SSO c. Three-factor authentication d. Single-factor authentication |
d. Single-factor authentication
|
