Network+ Guide to Networks 7th ed. Quiz Ch. 7

What two different types of encryption can be used by IPSec during data transfer??

?Authentication Header (AH), ?Encapsulating Security Payload (ESP)

?A SecurID key chain fob from RSA security generates a password that changes how often?

?every 60 seconds

The combination of a public key and a private key are known by what term below?

key pair

What security principle provides proof of delivery and proof of the sender's identity??

non-repudiation

When PPP is used over an Ethernet network, it is known as __________?

PPPoE

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length??

160 bit

PPP can support several types of Network layer protocols that might use the connection.?

True

?What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers?

EAP

Describe how public key encryption works.?

A public key encryption is encrypted data by two keys. One key is only known by the user, called a private key, and the other key is public, which is associated with the user. A user key can be obtained by asking, or obtained from a third-party source lik

Digital certificates are issued by organizations known as what term??

?certification authorities

A ___________ is a service that is shared between multiple organizations, but not available publicly.?

community cloud

The _________ cloud service model provides virtual environments online that can be tailored to the needs of developers.

Platform as a Service (PaaS)

Describe the three way handshake process as used by CHAP.?

Challenge - the server sends the client a random generated string of characters. Response - the client adds its password to challenge and encrypts the new string of characters. Accepts/Rejects - the server compares the encrypted string of characters it re

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.

True

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites??

?VPN gateway

What authentication protocol sends authentication information in cleartext without encryption??

?PAP

One of two services in the key management phase of creating a secure IPsec connection. It negotiates the exchange of keys, including authentication of the keys. It uses UDP and usually runs on port 500.?

?IKE (Internet Key Exchange)

An encryption key generation and management scheme used by 802.11i.?

TKIP (Temporal Key Integrity Protocol)

A service model in which various platforms are provided virtually, enabling developers to build and test applications within virtual, online environments tailored to the specific needs of a project.?

PaaS (Platform as a Service)?

In Kerberos terminology, the server that issues keys to clients during initial client authentication.?

KDC (Key Distribution Center) KDC)

A service model in which applications are provided through an online user interface and are compatible with a multitude of devices and operating systems.?

SaaS (Software as a Service)

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques. In addition, it also encrypts the entire IP packet for added security.

?ESP (Encapsulating Security Payload)

A Layer 2 communications protocol that enables a workstation to connect to a server using a serial connection such as dial-up or DSL. It can support multiple Network layer protocols and can encrypt transmissions.?

PPP (Point to Point Protocol)?

In the context of IPsec, a type of encryption that provides authentication of the IP packet's data payload through public key techniques.?

?AH (Authentication Header)

A service model in which hardware services are provided virtually, including network infrastructure devices such as virtual servers.?

?IaaS (Infrastructure as a Service)

An authentication protocol that operates over PPP and also encrypts usernames and passwords for transmission?

CHAP (Challenge Handshake Authentication Protocol)?

What two protocols below are Data Link Layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dial-up or DSL connection and modem?

?SLIP, ?PPP

Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP.

True

?The SSH service listens on what TCP port?

22

?What option below is not an encryption algorithm method that is used by SSH?

?SHA-2

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol??

?TKIP

?How often should administrators and network users be required to change their password?

60 days

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?

SaaS

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.?

False

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments??

?Citrix Xen

?In Kerberos, a temporary set of credentials that a client uses to prove that its identity has been validated is known as a __________.

ticket

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers??

IaaS

What two key lengths are the most popular for the SHA-2 hashing algorithm??

256, 512

The key management phase of IPSec is reliant on which two services below?

?Internet Key Exchange (IKE), ?Internet Security Association and Key Management Protocol (ISAKMP)

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.?

False

What protocol below is a Microsoft proprietary protocol first available in Windows Vista??

SSTP

What two options below are AAA services??

?RADIUS, ?TACACS+

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field??

?FCS

?What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission?

?IPSec

When using public and private keys to connect to an SSH server, where must your public key be placed??

?In the authorized keys file on the host where the SSH server is.

A variant of TLS is __________, which provides authentication like SSL/TLS, but does not require a certificate for each user.?

Tunneled Transport Layer Security (TTLS)

At what layer of the OSI model does the IPSec encryption protocol operate??

?Network layer