What is a small file containing verified users identification information and public key known as

At what layer of the OSI model does the IPSec encryption protocol operate?​ a. ​Transport layer b. ​Application layer c. ​Network layer

d. ​Physical layer

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.​True

False

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models.True

False

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?​ a. ​VPN transport b. ​VPN gateway c. ​VPN proxy

d. ​VPN server

Digital certificates are issued by organizations known as what term?​ a. ​certification registrars b. ​certification authorities c. ​identity verifiers

d. ​certificate exchanges

b. ​certification authorities

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? a. ​IaaS b. ​XaaS c. ​PaaS

d. ​SaaS

The combination of a public key and a private key are known by what term below? a. ​key team b. ​key set c. ​key pair

d. ​key tie

PPP can support several types of Network layer protocols that might use the connection.​True

False

What option below is not an encryption algorithm method that is used by SSH? a. ​Kerberos b. ​SHA-2 c. ​RSA

d. ​DES

What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers? a. ​MS-CHAPv2 b. ​EAP c. ​MS-CHAP

d. ​TKIP

What protocol below is a Microsoft proprietary protocol first available in Windows Vista?​ a. ​PPTP b. ​L2TP c. ​SSTP

d. ​TTLS

Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP.True

False

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.​True

False

A SecurID key chain fob from RSA security generates a password that changes how often? a. ​every 30 seconds b. ​every 70 seconds c. ​every 20 seconds

d. ​every 60 seconds

How often should administrators and network users be required to change their password? a. 90 days b. 60 days c. ​120 days

d. ​180 days

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?​ a. ​128 bit b. ​256 bit c. ​512 bit

d. ​160 bit

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?​ a. ​Kerberos b. ​AES c. ​EAP

d. ​TKIP

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?​ a. priority​ b. ​encryption c. ​FCS

d. ​FEC

An enterprise-wide VPN can include elements of both the client-to-site and site-to-site models. (A) True (B) False

After L2TP establishing a VPN tunnel, GRE is used to transmit L2TP data frames through the tunnel.​ (A) True

(B) False

The MD5 hashing algorithm is not susceptible to the possibility of hash collisions.​ (A) True

(B) False

PPP can support several types of Network layer protocols that might use the connection.​ (A) True

(B) False

​Windows, UNIX, Linux, and Mac OS clients are all capable of connecting to a VPN using PPTP. (A) True

(B) False

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?​ (A) IaaS​(B) ​PaaS (C) ​SaaS

(D) ​XaaS

​What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices? (A) ​IaaS (B) ​SaaS (C) ​XaaS

(D) ​PaaS

​Which of the following is NOT an encryption algorithm used by SSH? (A) ​SHA-2 (B) ​DES (C) ​RSA

(D) ​Kerberos

​The SSH service listens on what TCP port? (A) ​20 (B) ​21 C) ​22

(D) ​23

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, andused a hash of what length?​ (A) ​128 bit B) ​160 bit (C) ​256 bit

(D) ​512 bit

​What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers? (A) ​MS-CHAP (B) ​MS-CHAPv2 (C) ​EAP

(D) ​TKIP

When using public and private keys to connect to an SSH server, where must your public key be placed before you can connect?​ (A) ​In an authorization file under your home directory on your computer. (B) ​In an authorization file on the host where the SSH server is. C) ​In the /etc/ssh/keys folder.

(D) ​In the /var/run/ssh/public folder.

What security principle provides proof of delivery and proof of the sender's identity?​ (A) ​utility (B) ​integrity (C) ​availability

(D) ​non-repudiation

​The combination of a public key and a private key are known by what term below?(A) ​key set (B) ​key team (C) ​key pair

D) ​key tie

Digital certificates are issued by organizations known as what term?​ (A) ​certification authorities (B) ​certification registrars (C) ​identity verifiers

(D) ​certificate exchanges

​What security encryption protocol requires regular re-establishment of a connection and can be used with any type of TCP/IP transmission? (A) ​L2TP (B) ​TLS (C) ​IPsec

(D) ​SSL

At what layer of the OSI model does the IPsec encryption protocol operate?​ (A) ​Physical layer (B) ​Network layer (C) ​Transport layer

(D) ​Application layer

The PPP headers and trailers used to create a PPP frame that encapsulates Network layer packets vary between 8 and 10 bytes in size due to what field?​ (A) priority​(B) ​FCS C) ​FEC

(D) ​encryption

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?​ (A) ​VPN proxy (B) ​VPN server (C) ​VPN transport

(D) ​VPN gateway

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?​ (A) ​VMware vSphere B) ​Oracle VirtualBox C) ​Parallels

(D) ​Citrix Xen

What protocol below is a Microsoft proprietary protocol first available in Windows Vista?​ (A) ​L2TP (B) ​PPTP (C) ​TTLS (

D) ​SSTP

What authentication protocol sends authentication information in cleartext without encryption?​(A) ​PAP B) ​MS-CHAP(C) ​MS-CHAPv2

D) ​EAP

​How often should administrators and network users be required to change their password? (A) 60 days (B) 90 days (C) ​120 days

(D) ​180 days

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?​ (A) ​Kerberos (B) ​TKIP (C) ​AES

(D) ​EAP

A SecurID key chain fob from RSA security generates a password that changes how often? (A) ​every 20 seconds(B) ​every 30 seconds (C) ​every 60 seconds

(D) ​every 70 seconds

The _________________ cloud service model provides virtual environments online that can be tailored to the needs of developers.

Answer : Platform as a Service (PaaS)

A _________________ is a service that is shared between multiple organizations, but not available publicly.​

A variant of TLS is ___________________, which provides authentication like SSL/TLS, but does not require a certificate for each user.​

Answer : Tunneled Transport Layer Security (TTLS)

In Kerberos, a temporary set of credentials that a client uses to prove that its identity has been validated is known as a _____________.

When PPP is used over an Ethernet network, it is known as ________________.​Answer : PPPoE Answer : Point to Point over Ethernet

Answer : PPPoE Answer : Point to Point over Ethernet

In which cloud computing service model are hardware services provided virtually, including network infrastructure devices such as virtual servers?

Answer: IaaS (Infrastructure as a Service)

Which of the following cloud deployment models would the Internet be considered as an example? a. Community b. Private c. Public

d. Hybrid

A ______ is a virtual connection between a client and a remote network, two remote networks, or two remote hosts over the Internet, to remotely provide network resources.

Answer: virtual private network or VPN

Which remote access protocol is an earlier protocol that does not support encryption, can carry only IP packets, and works strictly on serial connections?

Answer: SLIP or Serial Line Internet Protocol

Most VPN tunneling protocols operate at the _____ layer to encapsulate the VPN frame into a Network packet.

Because public key encryption requires the use of two different keys, it is also known as _____ encryption.

Which of the following terms best describe a small file containing verified identification information about the user and the user’s public key? a. certificate authority b. private key c. digital certificate

d. cipher

Which type of protocol allows the client and server to introduce themselves to each other and establish terms for how they will exchange data? a. tunnelingb. handshake c. VPN

d. file transfer

SSH provides little security for establishing a connection and no security for transmitting data.

Which cloud computing service model gives software developers access to multiple operating systems for testing? A. IaaS B. PaaS C. SaaS

D. XaaS

What service in Windows Server 2012 R2 authenticates remote users and computers to the Windows domain and its corporate network resources? A. Active Directory B. Group Policy C. DirectAccess

D. RAS (Remote Access Service)

Which remote access protocol is used over an Ethernet network? A. PPPoE B. RAS C. PPP

D. SLIP

Which encryption protocol does GRE use to increase the security of its transmissions? A. SSL B. SFTP C. IPsec

D. SSH

Which tunneling protocol is accepted and used by multiple vendors? A. SSL VPN B. L2TP C. SSL

D. SSH

A hacker runs a program that tries numerous character combinations until it stumbles on the correct combination and cracks the key. What offensive strategy is this program using? A. Brute force attack B. Zero-day exploit C. CIA triad

D. Endpoint security vulnerability

Answer: A. Brute force attack

What is the minimum acceptable key size for today’s security standards? A. 8 bytes B. 128 bits C. 256 bits

D. 512 bits

In public key encryption, which key is used to decrypt the message? A. Session key B. Private key C. Public key

D. Network key

What feature must be configured on a router to redirect traffic from an insecure port to a secure one? A. AAA (authentication, authorization, and accounting) B. Mutual authentication C. TGS (Ticket-Granting Service)

D. Port forwarding

Answer: D. Port forwarding

Which of the following is NOT one of the three AAA services provided by RADIUS and TACACS+? A. Authentication B. Authorization C. Access control

D. Accounting

Answer: C. Access control

Organizations with common interests, such as regulatory requirements, performance
requirements, or data access, might share resources in a __________________.

All types of remote access techniques require some type of ________________, which
accepts a remote connection and grants privileges to the network’s resources.

Answer: remote access server (RAS)

Which Transport layer protocol does PPTP use? Which Transport layer protocol does L2TP
use?

What unique VPN connection characteristic is provided by the conjunction of RRAS and
DirectAccess?

Answer: RRAS and DirectAccess together enable always-on remote connections.

What are the two primary encryption techniques used by VPNs today?

When surfing online, you get some strange data on an apparently secure Web site, and you realize you need to check the legitimacy of the site. What kind of organization issues digital

certificates?

Answer: Certificate authority (CA)

Which two protocols are available to create secure transmissions for HTTP sessions?

____________________ is used for confidentiality while ___________________ is used for
integrity and authentication.

Answer: Encryption, hashing

EAPoL is primarily used with what kind of transmission?

What kind of ticket is held by Kerberos’ TGS?

Answer: Ticket-granting ticket (TGT)

What does RAS stand for?a. Remote authentication service b. Remote access server c. Remote accounting service

d. Remote addressing server

Which of the following best describes a modem’s function?a. To encapsulate Data Link layer protocols as Network layer protocols before transmitting data over the PSTNb. To separate data into frames as it is transmitted from the computer to the PSTN, and then strip data from frames as it is received from the PSTNc. To encrypt data as it is transmitted from the computer to the PSTN, and then decrypt data as it is received from the PSTN

d. To convert a source computer’s digital pulses into analog signals for the PSTN, and then convert analog signals back into digital pulses for the destination computer

d. To convert a source computer’s digital pulses into analog signals for the PSTN, and then convert analog signals back into digital pulses for the destination computer

What is another common term for Public Switched Telephone Network?a. Plain old telephone service b. Basic rate telephone service c. Limited access telephone service

d. Transcontinental public telephone service

a. Plain old telephone service

Which of the following types of dial-up connections would result in the best performance from the client’s perspective?a. A PPP dial-up connection to an RRAS server that allowed the client to launch an application from the RRAS server b. A PPTP dial-up connection to an RRAS server that allowed the client to launch an application from another server on the LAN c. A SLIP dial-up connection to an RRAS server that allowed the client to log on to an application server on the LAN and run an application from that application server

d. A PPTP dial-up connection to an RRAS server that allowed the client to log on to a Citrix terminal server and use ICA to run an application

d. A PPTP dial-up connection to an RRAS server that allowed the client to log on to a Citrix terminal server and use ICA to run an application

Why do most remote clients (for example, those that dial in to an RRAS server) use DHCP and not static IP addressing?a. Because using DHCP allows more efficient use of a limited number of IP addresses b. Because using DHCP ensures that the client is authorized to access the network c. Because using DHCP ensures that the client is assigned a valid IP address

d. Because using DHCP allows the client to use the same IP address each time he or she dials in to the LAN

c. Because using DHCP ensures that the client is assigned a valid IP address

What does the “T” in PPTP stand for?a. Tunneling b. Transmission c. Transport

d. Telecommunications

What is one reason an organization might employ a VPN rather than simply allow users to dial directly in to their remote access server?a. VPNs always provide better performance than direct-dial connections.b. VPNs allow more users to connect to the LAN simultaneously.c. VPNs are less expensive for connecting a large number of remote users.

d. VPNs prevent the need for firewalls between access servers and the Internet.

c. VPNs are less expensive for connecting a large number of remote users.

In this lab, you connected a workstation to a server using a VPN. Which of the following is true about the VPN connection you created in this lab?a. It uses physical IP addresses. b. It uses virtual IP addresses on the workstation end. c. It uses virtual IP addresses on both ends.

d. It requires a modem for connection

c. It uses virtual IP addresses on both ends.

Which of the following transmission methods is most apt to be used by VPN clients?a. PSTN b. T-1 c. frame relay

d. SONET

What is the most common public network used with VPNs?a. ARPANET What is the most common public network used with VPNs?a. ARPANET b. The Internet c. NetBEUI d. AppleTalk c. NetBEUI

d. AppleTalk

Which of the following are reasons you might implement Terminal Services instead of a remote access server? (Choose all that apply.)a. No modems required with Terminal Servicesb. Central configuration and control of applications on the Terminal Serverc. No modems required on clients

d. No need to configure security on the Terminal Server

a. No modems required with Terminal Services

What is the difference between configuring a Windows Server 2012 R2 computer to accept Remote Desktop Connection and configuring it to run Terminal Services?a. Remote Desktop Connection requires additional licensing. b. Terminal Services requires each client to have a modem. c. Terminal Services allows no more than two simultaneous connections.

d. Terminal Services allows more than two simultaneous connections

d. Terminal Services allows more than two simultaneous connections

What is one way a network administrator can effectively troubleshoot a user’s problem in a Terminal Services session that can’t be done with a remote access server?a. By speaking with the user over the phone b. By examining the Terminal Server’s error logs c. By taking over the user’s session temporarily

d. By rebooting the server

c. By taking over the user’s session temporarily

Which of the following is a potential disadvantage of Terminal Services?a. It requires additional licensing. b. It requires the client to be running Windows 8.1 c. It requires the client to have a high-speed connection such as a T-1.

d. It requires the server to have a minimum of 1 GB of RAM.

a. It requires additional licensing.