New version page

Securing Data Transmission and Authentication

This preview shows page 1-2 out of 5 pages.

View Full Document
View Full Document

End of preview. Want to read all 5 pages?

Upload your study docs or become a GradeBuddy member to access this document.

View Full Document
Unformatted text preview:

Lesson 9: Securing Data Transmission and AuthenticationMultiple Choice1. Where is the checksum located?a) footer of each packetb) header of each packetc) payload of each packetd) application data of each packet2. What suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data?a) IPSecb) checksumc) TCPd) UDP3. What are the IPSEC default settings for the key lifetime in minutes?a) 350b) 380c) 450d) 4804. What rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain?a) Tunnelb) Authentication exemptionc) Isolationd) Server to server5. Which rule allows you to specify one or more computers that do not need to be authenticated to pass traffic?a) Tunnelb) Authentication exemptionc) Isolationd) Server to server6. Before secure data is sent, what must occur to determine the type of traffic to be secured and how it will be secured?a) quick mode negotiationsb) quick mode messagesc) IKE main mode negotiationsd) IKE main mode messages7. IKE main mode has a default lifetime of __________ hours.a) 6b) 8c) 10d) 128. To set the Netsh IPSec context, what is the first command you enter at the command prompt?a) netshb) ipsecc) staticd) dynamic9. Which statistic represents the number of failed outbound requests that occurred to establish theSA since the IPSec service started?a) Receive Failuresb) Acquire Failuresc) Send Failuresd) Authentication Failures10. The command “set config property=ipsecloginterval value=value” can be set to what range ofvalues?a) 0  7b) 0, 1 c) 60 – 86,400d) 0, 1, 211. Which “middle-of-the-road” form of NTLM authentication was used to improve upon the security of LM Authentication?a) LMv2 Authenticationb) NTLM Authenticationc) NTLMv2 Authenticationd) None of the above12. Which type of attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic?a) data modificationb) denial of servicec) man in the middled) identity spoofing13. Which process is used to establish trust between communicating systems, after which only trusted systems can communicate with each other?a) shared cryptographyb) cryptographic checksumc) mutual authenticationd) filtered methodology14. Which default authentication method is used by IPSec policies deployed within an Active Directory domain and can only be used in an Active Directory environment?a) Kerberos v5 protocolb) PKI certificate from a Certification Authority (CA)c) preshared keyd) IPSec Authentication mode15. What allows traffic that is defined in one direction to also be defined in the opposite direction?a) manifestationb) reflectionc) mirroringd) evidencing16. The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on which type of computer? a) Windows Server 2008b) Windows Server 2003c) Windows Vistad) Windows 200017. Which field does the IPSec driver use to match the correct SA with the correct packet?a) IPSec Driver fieldb) IKE Authentication fieldc) IP Filter fieldd) SPI field18. What is used to determine encryption key material and security protection for use in protecting subsequent main mode or quick mode communications?a) quick mode negotiationsb) quick mode messagesc) main mode negotiationsd) main mode messages19. What statistic shows the total number of failed outbound quick mode SA addition requests that have been submitted by IKE to the IPSec driver since the IPSec service was last started?a) Key Addition Failuresb) Key Update Failuresc) Get SPI Failuresd) Receive Failures20. What is the default authentication protocol in an Active Directory network? a) Kerberos v5b) LM Authenticationc) NTLM Authenticationd) NTLMv2 AuthenticationTrue/False21. Each TCP/IP packet protected with IPSec contains a cryptographic checksum in the form of akeyed hash.22. Use Tunnel mode when you require packet filtering and end-to-end security.23. The Authentication Header (AH) protocol provides confidentiality and data encryption.24. For IPSec, the only exception to complete protected cipher suite negotiation is the negotiation of the cipher suite of the initial ISAKMP SA, which is sent as XML.25. To identify a specific SA for tracking purposes, a 32-bit number known as the Security Parameters Index (SPI) is used.Fill-in-the-Blank26. An IP filter can be __________, meaning that traffic defined in one direction will also be defined in the opposite direction.27. Quick mode messages are __________ messages that are encrypted using the ISAKMP SA.28. IKE main mode has a default lifetime of __________ hours, but this number is configurable from 5 minutes to a maximum of 48 hours.29. IPSec policy information is stored in Active Directory and cached in the local __________ ofthe computer to which it applies.30. You can configure __________ policies to extend existing Active Directory–based or local IPSec policies, override Active Directory–based or local IPSec policies, and enhance security during computer startup.31. You can use the IP Security Policy Management console or the __________ command-line utility to manage an Active Directory–based policy.32. __________ are the source IP address or range of addresses from which inbound traffic will be permitted.33. A(n) __________ firewall is so named because it can track and maintain information based on the status of a particular connection.34. A(n) __________ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directorydomain.35. A(n) __________ is a value contained in a received IKE message that is used to help identifythe corresponding main mode SA.Short Answer36. Previous versions of Windows supported what type of rule in IPSec, which was activated by default for all policies?37. The Windows Firewall is enabled by default on all new installations of Windows Server 2008. How can it be managed? 38. What standard defines a mechanism to establish SAs?39. Which Diffie-Hellman process does not prevent a man-in-the-middle attack, in which a malicious user between the negotiating peers performs two Diffie-Hellman exchanges, one with each peer?40. What does Windows Server 2008 IPSec also support, which


Loading Unlocking...
Login

Join to view Securing Data Transmission and Authentication and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Securing Data Transmission and Authentication and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?