Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Advanced Network Security > Lesson 12 > Flashcards

Lesson 12 Flashcards

1
Q

Cisco ASA acts as an _______ and authenticates users based on the RADIUS server’s response .

A

NAS (client)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

By default , RADIUS only supports __________

A

Authentication & Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

There are two ways to configure RADIUS authorization:

A
  • The RADIUS server returns the name of an ACL that is defined locally on the firewall.
  • The RADIUS server returns the contents of a downloadable ACL defined on the RADIUS server itself .
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

RADIUS encrypts only _______

A

User password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You can use ___________ to secure RADIUS traffic unless you are on a secure network

A

IPSEC or VPN tunnels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

RSA SecurID (SDI) allows for the use of ____________

A

one - time passwords (OTP).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Cisco ASA communicates with Active Directory and/or a Kerberos server via __________

A

UDP port 88.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AAA Server Group

A

fw1(config )# aaa - server pumpkin protocol tacacs +

fw1(config )# aaa - server pumpkin ( dmz ) host 10.100.2.3 lemmein timeout 15

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The security appliance will intercept ____________requests when you use the aaa authentication command.

A user must first authenticate with one of these services before the ASA allows other traffic requiring authentication

A

FTP , Telnet HTTP , and HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Specifies that all outbound http connections going anywhere must be authenticated by the server group called SERVERS1.

A

aaa authentication include http outbound 0 0 SERVERS1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Example of a configuration to authenticate users from 10.10.0.1 through 10.10.0.254 using the RADIUS1 group with the host 10.10.0.88 not needing authentication :

A

fw1(config )# aaa authentication include any outbound 0 0 RADIUS1
fw1(config )# aaa authentication exclude outbound 10.10.0.88 255.255.255.255 0 0 RADIUS1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

ACL statements with _______ parameters specify that the matching traffic must be authenticated ; statements with _______ parameters specify that the matching traffic is exempt from authentication .

A

permit

deny

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The firewall uses the _______ service as an authentication method for any service other than HTTP, FTP, or Telnet

A

virtual telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

To see a list of all users currently authenticated by your security appliance, issue the command:

To clear out a cached entry, use the command:

A

show uauth

clear uauth user - id

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Configure Virtual HTTP

A

fw1( config )# virtual http [ warning ]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

enables accounting on all TCP connections through the firewall

A

fw1(config)# aaa accounting include any inside 0 0 0 0 TAC1

Advanced Network Security (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions