Chapter 4 Access Control, Authentication, and Authorization

Question 1

What does TACACS stand for?

Answer 1

Terminal Access Controller Access-Control System

Question 2

TACACS is ___ -oriented environment

Answer 2

Client/Server

Question 3

The most current version of TACACS is ___

Answer 3

TACACS +

Question 4

A ____ allows you to create groups of users and systems and segment them on the network.

Answer 4

VLAN

Virtual Local Area Network

Question 5

IPSec provides _______

Answer 5

secure authentication and encryption of data and headers

Question 6

PPP doesn’t provide ___

Answer 6

Data security

Question 7

A __ connection allows remote users to log on to the network and have access as though they were local users on the network

Answer 7

Point to point protocol (PPP)

Question 8

___ works by encapsulating the network traffic in a protocol called ____. Authentication is handled by the ____

Answer 8

PPP/Network Control Protocol (NCP) / Link Control Protocol (LCP)

Question 9

You should use ___ when you want to improve network security by implementing a single service to authenticate users who connect remotely to the network.

Answer 9

RADIUS

Question 10

The major difficulty with a single-server RADIUS environment is

Answer 10

Is that the entire network may refuse connections if the server malfunctions.

Question 11

____ Is a standardized directory access protocol that allows queries to be made of directories.

Answer 11

Lightweight Access Directory Protocol

Question 12

LDAP operates at port ___

Answer 12

389

Question 13

With secure LDAP (LDAPS) all LDAP communications are encrypted with ___ and port ___ is used.

Answer 13

SSL/TLS Port 636 is used.

Question 14

Kerberos authentication uses a _____

Answer 14

Key distribution Center (KDC)

Question 15

The ticket granted in Kerberos is valid up to __ hours

Answer 15

10

Question 16

What is TGT?

Answer 16

Ticket Granting Ticket

Question 17

What is SSO

Answer 17

Single Sign On

Question 18

What are the four primary methods of access controls?

Answer 18

MAC (Mandatory Access Control)
DAC(Discretionary Access Control)
Role-based Access Control (RBAC)
Rule-Based Access Control (RBAC)

Question 19

___ Means that any given user (or system) is given the minimum privileges necc

Answer 19

Least Privileges

Question 20

___ is a process to determine whether a users access level is still appropriate.

Answer 20

Access Review

Question 21

___ implies an ongoing audit of what resources a user actually actually accesses.

Answer 21

Continuous Monitoring

Question 22

A ___ card itself usually contains a small amount of memory that can be used to store permissions and access information

Answer 22

Smart card

Question 23

_ is a protection feature built into many firewalls that allows the administrator to tweak the tolerance for unanswered attacks.

Answer 23

Flood Guard

Question 24

A ___ makes it possible to lessen the likelihood of a successful DoS attack.

Answer 24

Flood Guard

Question 25

_ is a feature that works in layer 2 switching configs and is intended to prevent broadcast loops.

Answer 25

Loop Protection

Question 26

___ occurs when a device has more than one network adapter card installed and the opportunity presents itself for a user on one of the networks to which the device is attached to jump to the other.

Answer 26

Network Bridging

Question 27

To prevent Network Bridging, you can configure workstations to do ____

Answer 27

Disable unused connections

Question 28

___ is crucial to identifying problems that occur related to security

Answer 28

Log analysis

Question 29

What is a TOS?

Answer 29

A trusted operating system is any operating system that meets the governments requirements for security.

Question 30

__ is primarily used when the user wants assurance that the system will operate correctly but threats to security aren't viewed as serious.

Answer 30

EAL 1

Question 31

___ requires product developers to use good design practices. Security isn't considered a high priority.

Answer 31

EAL 2

Question 32

requires conscientious development efforts to provide moderate levels of security.

Answer 32

EAL 3

Question 33

requires positive engineering based on good commercial developments practices. It is anticipated that ____ will be the common benchmark for commercial systems.

Answer 33

EAL 4