Chapter 7

Question 1

Which type of cloud service model involves hardware services that are provided virtually, including network infrastructure devices such as virtual servers?
A) IaaS
B) PaaS
C) SaaS
D) XaaS

Answer 1

A) IaaS

Question 2

What cloud service model involves providing applications through an online user interface, providing for compatibility with a multitude of different operating systems and devices?
A) IaaS
B) SaaS
C) XaaS
D) PaaS

Answer 2

B) SaaS

Question 3

Which of the following is NOT an encryption algorithm used by SSH?
A) SHA-2
B) DES
C) RSA
D) Kerberos

Answer 3

A) SHA-2

Question 4

The SSH service listens on what TCP port?
A) 20
B) 21
C) 22
D) 23

Answer 4

C) 22

Question 5

The original version of the Secure Hashing Algorithm (SHA) was developed by the NSA, and used a hash of what length?
A) 128 bit
B) 160 bit
C) 256 bit
D) 512 bit

Answer 5

B) 160 bit

Question 6

What protocol below only provides the framework for authenticating clients and servers, but relies on other encryption and authentication schemes to verify the credentials of clients or servers? 
A) MS-CHAP
B) MS-CHAPv2
C) EAP
D) TKIP

Answer 6

C) EAP

Question 7

When using public and private keys to connect to an SSH server, where must your public key be placed before you can connect?
A) in an authorization file under your home directory on your computer.
B) in an authorization file on the host where the SSH server is.
C) in the /etc/ssh/keys folder.
D) in the /var/run/ssh/public folder.

Answer 7

B) in an authorization file on the host where the SSH server is.

Question 8

What security principle provides proof of delivery and proof of the senders identity?
A) utility 
B) integrity 
C) availability 
D) non-repudiation

Answer 8

D) non-repudiation

Question 9

The combination of a public key and a private key are known by what term below?
A) key set
B) key team
C) key pair
D) key tie

Answer 9

C) key pair

Question 10

Digital certificates are used by organizations known as what term below?
A) certification authorities 
B) certification registrars 
C) identity verifiers
D) certification exchanges

Answer 10

A) certification authorities

Question 11

What security encryption protocol requires regular reestablishment of a connection and can be used with any type of TCP/IP transmission? 
A) L2TP
B) TLS
C) IPsec
D) SSL

Answer 11

C) IPsec

Question 12

At what layer of the OSI model does the IPsec encryption protocol operate?
A) Physical layer
B) Network layer
C) Transport layer
D) Application layer

Answer 12

B) Network layer

Question 13

The PPP headers and trailers used to create a PPP frame that encapsulates network layer packets vary between 8 and 10 fights in size due to what field?
A) priority 
B) FCS
C) FEC
D) encryption

Answer 13

B) FCS

Question 14

When using a site-to-site VPN, what type of device sits at the edge of the LAN and establishes the connection between sites?
A) VPN proxy 
B) VPN server
C) VPN transport 
D) VPN gateway

Answer 14

D) VPN gateway

Question 15

Amazon and Rackspace both utilize what virtualization software below to create their cloud environments?
A) VMware vSphere
B) Oracle VirtualBox
C) Parallels
D) Citrix Xen

Answer 15

D) Citrix Xen

Question 16

What protocol below is a Microsoft proprietary protocol first available in windows vista?
A) L2TP
B) PPTP
C) TTLS
D) SSTP

Answer 16

D) SSTP

Question 17

What authentication protocol sends authentication information in cleartext without encryption?
A) PAP
B) MS-CHAP
C) MS-CHAPv2
D) EAP

Answer 17

A) PAP

Question 18

How often should administrators and network users be required to change their password?
A) 60 days
B) 90 days
C) 120 days
D) 180 days

Answer 18

A) 60 days

Question 19

What encryption protocol was designed as more of an integrity check for WEP transmissions rather than a sophisticated encryption protocol?
A) Kerberos
B) TKIP
C) AES
D) EAP

Answer 19

B) TKIP

Question 20

A securID keychain fob from RSA security generates a password that changes how often?
A) every 20 seconds
B) every 30 seconds
C) every 60 seconds
D) every 70 seconds

Answer 20

C) every 60 seconds

Question 21

What 2 protocols below are data link layer protocols designed to connect WAN endpoints in a direct connection, such as when a client computer connects to a server at an ISP using a dial-up or DSL connection and modem?
A) OpenVPN
B) SLIP
C) PPTP
D) PPP

Answer 21

B) SLIP

D) PPP

Question 22

What two different types of encryption can be used by IPsec during data transfer?
A) Secure Sockets Layer (SSL)
B) Authentication Header (AH)
C) Encapsulating Security Payload (ESP)
D) Advanced Encryption Standard (AES)

Answer 22

B) Authentication Header (AH)

C) Encapsulating Security Payload (ESP)

Question 23

The key management phase of IPsec is reliant on which two services below?
A) internet key exchange (IKE)
B) internet security association and key management protocol (ISAKMP)
C) authentication header (ah)
D) encapsulating security payload (ESP)

Answer 23

A) internet key exchange (IKE)

B) internet security association and key management protocol (ISAKMP)

Question 24

What two key lengths are the most popular for the SHA – 2 hashing algorithm?
A) 160
B) 256
C) 512
D) 1024

Answer 24

B) 256

C) 512

Question 25

What two options below are AAA services?
A) openSSH
B) OpenVPN
C) RADIUS 
D) TACACS+

Answer 25

C) RADIUS

D) TACACS+