Chapter 12

Question 1

an encapsulation protocol designed to support the transmission of IP traffic over dial-up or point-to-point links
Data Link layer

Answer 1

PPP
Point-to-Point Protocol

Question 2

this authentication protocol transmits usernames and passwords in cleartext

Answer 2

PAP - Password Authentication Protocol

Question 3

this authentication protocol uses a challenge-response and periodically reauthenticates the remote system

Answer 3

CHAP - Challenge Handshake Authentication Protocol

Question 4

an authentication framework that allows customized authentication solutions that can support smartcards, tokens, or biometrics

Answer 4

EAP - Extensible Authentication Protocol

Question 5

a legacy Cisco proprietary alternative to TKIP for WPA

Answer 5

LEAP - Lightweight Extensible Authentication Protocol

Question 6

this authentication protocol encapsulates EAP in a TLS tunnel and supports mutual authentication

Answer 6

PEAP - Protected Extensible Authentication Protocol

Question 7

a means of authenticating mobile devices using SIM cards

Answer 7

EAP-SIM
Subscriber Identity Module

Question 8

An obsolete Cisco protocol that was designed to replace LEAP

Answer 8

EAP-FAST
Flexible Authentication via Secure Tunneling

Question 9

this deprecated authentication protocol hases passwords using MD5

Answer 9

EAP-MD5

Question 10

this authentication protocol uses OTP tokens in MFA for both one-way and mutual authentication

Answer 10

EAP-POTP

Question 11

this authentication protocol is an IETF standard that is an implementation of the TLS protocol for use in protecting authentication traffic

Answer 11

EAP-TLS

Question 12

this authentication protocol creates a VPN-like tunnel between endpoints prior to authentication

Answer 12

EAP-TTLS

Question 13

formal name for IEEE 802.1X standard

Answer 13

Port-Based Network Access Control

Question 14

what attacks are 802.1X vulnerable to?

Answer 14

MITM and hijacking

Question 15

the oversight and management of the efficiency and performance of network communications

Answer 15

QoS - Quality of service

Question 16

5 telephony protocols

Answer 16

POTS - plain old telephone service
PSTN - public switched telephone network
PBX - private branch exchange
mobile/cell services
VOIP - voice over IP

Question 17

PBX and PSTN vulnerabilities

Answer 17

interception, eavesdropping, tapping

Question 18

7 VOIP vulnerabilities

Answer 18

MiTM
hijacking
pharming
DoS
vishing
phreaking
fraud and abuse

Question 19

telephone switching or exchange system deployed in private orgs to enable multistation use of a small number of PSTN lines

Answer 19

PBS - Private Branch Exchange

Question 20

this security feature adds authentication requirements to all external connections to a PBX

Answer 20

Direct inward system access (DISA)

sus -.-

Question 21

this type of remote access gives users the ability to remotely connect to and manipulate or interact with a single service

Answer 21

service specific remote access

Question 22

this type of remote access grants a remote user the ability to fully control another system that is physically distant from them

Answer 22

remote control

Question 23

this type of remote access is just another name for when a remote client establishes a direct connection to a LAN such as with wireless or VPN

Answer 23

remote note operation

Question 24

this type of remote access can be used to refer to remote control, remote access, or remote desktop services

Answer 24

screen scraper/scraping
virtual applications
virtual desktops

Question 25

this type of remote access can be used to refer to an automated tool that interacts with a human interface

Answer 25

screen scraper

Question 26

4 topics to address in a remote access security management strategy

Answer 26

remote connectivity technology transmission protection authentication protection remote user assistance

Question 27

the use of various multimedia-supporting communication solutions to enhance distance collaboration

Answer 27

multimedia collaboration

Question 28

load-balancing scheme where each packet or connection is assigned a destination randomly

Answer 28

random choice

Question 29

load-balancing scheme where each packet or connection is assigned the next destination in order

Answer 29

round robin

Question 30

load-balancing scheme where the device with the lowest current load receives the next connection

Answer 30

load monitoring

Question 31

load-balancing scheme where each packet or connection is assigned a destination based on a subjective preference or known capacity difference

Answer 31

preferencing/weighted

Question 32

load-balancing scheme where each connection is assigned a destination based on the destination's relative distance from the load balancer

Answer 32

locality based/geographic

Question 33

load-balancing scheme where each connection is assigned a destination based on previous connections from the same client

Answer 33

Locality based (affinity)

Question 34

a form of load balancing that uses all available pathways or systems during normal operations. Optimizes availability during normal conditions.

Answer 34

active-active system

Question 35

a form of load balancing that keeps some pathways or systems in an unused state during normal operations that are only used for failover. This optimizes availability.

Answer 35

active-passive system

Question 36

What is an SMTP server called when it does not require senders to authenticate before accepting messages?

Answer 36

an open relay or a relay agent

Question 37

what is an SMTP server called when it does require authentication?

Answer 37

closed relays or authenticated relays

Question 38

an email security standard that offers authentication and confidentiality to email through public key encryption, digital envelopes, and digital signatures.

Answer 38

S/MIME

Question 39

a peer-to-peer public-private key email system that uses a variety of encryption algorithms to encrypt files and email messages.

Answer 39

PGP

Question 40

a means to asset that valid email is sent by an organization through verification of domain name identity

Answer 40

DKIM - DomainKeys Identified Mail

Question 41

checking with the domain administrators to ensure that the sender is authorized to send messages through their system

Answer 41

SPF - Sender Policy Framework

Question 42

a DNS-based email authentication system

Answer 42

DMARC- Domain Message Authentication Reporting and Conformance

Question 43

attempts to set up an encrypted connection with the target email server; it is an SMTP command

Answer 43

STARTTLS, explicit TLS, opportunistic TLS for SMTP

Question 44

TLS-encrypted SMTP which assumes the target server supports TLS. If not, the connection is terminated because plaintext is not accepted. Be better losers.

Answer 44

Implicit SMTPS

Question 45

a form of DoS attack when someone responds with a Reply All to a message that has a significant number of recipients

Answer 45

mail storm

Question 46

an obsolete encapsulation protocol operating at the Data Link layer on TCP port 1723

Answer 46

PPTP Point-to-Point Tunneling Protocol

Question 47

a Cisco tunneling protocol that operates at layer 2 and uses UDP port 1701

Answer 47

L2TP Layer 2 Tunneling Protocol

Question 48

a Cisco tunneling protocol that provides encapsulation without encryption

Answer 48

GRE Generic Routing Encapsulation

Question 49

a protocol that operates on TCP 22 that can be used as a transport mode VPN

Answer 49

SSH

Question 50

an open source VPN option based on TLS

Answer 50

OpenVPN

Question 51

a collection of protocols used for establishing VPN links between hosts or networks

Answer 51

IPsec Internet Protocol Security

Question 52

4 primary switch functions

Answer 52

learning, forwarding, dropping, flooding

Question 53

a table held in switch memory that contains a mapping between MAC addresses and port numbers

Answer 53

CAM table

Question 54

a switch feature that restricts the number of MAC addresses that will be accepted into the CAM table from each port

Answer 54

MAC limiting

Question 55

the characteristic of a security control that ensures it is unseen by users

Answer 55

transparency

Question 56

a form of auditing focused on communications, containing details about the source, destination, timestamp, packets, etc of communications on a network

Answer 56

transmission logging

Question 57

security controls to prevent eavesdropping

Answer 57

physical access security encryption onetime authentication application allow listing

Question 58

security control to prevent modification attacks

Answer 58

integrity checking

Question 59

a dedicated physical pathway is created between the two communicating parties

Answer 59

circuit switching