SEC+ Revision Questions Authentication Flashcards
Before accessing computer systems, a government agency requires users to swipe a card through a keyboard-embedded card reader and then provide a PIN. What is this an example of?
A. Bi-factor authentication
B. Biometric authentication
C. Location-based authentication
D. Multifactor authentication
D. Multifactor authentication
Your traveling users require secure remote access to corporate database servers. What should you configure for them?
A. Modem
B. WLAN
C. VPN
D. Intranet
C. VPN
You are the network administrator for a national marketing firm. Employees have frequent lengthy telephone conference calls with colleagues from around the country. To reduce costs, you have been asked to recommend replacement telephony solutions. Which of the following might you suggest?
A. Modem
B. VoIP
C. Internet text chat
D. E-mail
B. VoIP
You are an IT security consultant auditing a network. During your presentation of audit findings, one of your clients asks what can be used to prevent unauthorized LAN access. How do you answer the question?
A. NAC
B. Packet filtering firewall
C. PKI
D. SSL
A. NAC
What type of server authenticates users prior to allowing network access?
A. File server
B. Active Directory
C. RADIUS
D. Domain controller
C. RADIUS
Which of the following are examples of RADIUS clients? (Choose two.)
A. VPN client
B. 802.1x-capable switch
C. Wireless router
D. Windows 7 OS
E. Linux OS
B. 802.1x-capable switch
&
C. Wireless router
Which of the following are true regarding TACACS+? (Choose three.)
A. It is compatible with TACACS.
B. It is compatible with RADIUS.
C. It is a Cisco proprietary protocol.
D. It can be used as an alternative to RADIUS.
E. TACACS+ uses TCP.
C. It is a Cisco proprietary protocol.
&
D. It can be used as an alternative to RADIUS.
&
E. TACACS+ uses TCP.
You are the network administrator for a UNIX network. You are planning your network security. A secure protocol must be chosen to authenticate all users logging in. Which is a valid authentication protocol choice?
A. TCP
B. Telnet
C. Kerberos
D. AES
C. Kerberos
A client asks you to evaluate the feasibility of a Linux client and server operating system environment. The primary concern is having a central database of user and computer accounts capable of secure authentication. What Linux options should you explore?
A. NFS
B. SSH
C. Samba
D. LDAP
D. LDAP
You are configuring a Cisco network authentication appliance. During configuration, you are given a list of authentication choices. Which choice provides the best security and reliability?
A. RADIUS
B. TACACS
C. TACACS+
D. XTACACS
C. TACACS+
A user enters their logon name to gain network access. To which of the following terms would this example apply?
A. Identification
B. Authorization
C. Auditing
D. Authentication
A. Identification
A user enters a logon name and password to gain network access. Choose the best description to which this applies.
A. Single-factor authentication
B. Dual-factor authentication
C. Multifactor authentication
D. Quasifactor authentication
A. Single-factor authentication
A corporation has invested heavily in the development of a much sought after product. To protect its investment, the company would like to ensure that only specific personnel can enter a research facility. Which of the following is considered the most secure?
A. Building access card
B. Voice scan
C. Fingerprint scanner
D. Retinal scanner
D. Retinal scanner
Which of the following is considered three-factor authentication?
A. Building access card/voice recognition scan
B. Building access card/username/password
C. Username/password/smartcard
D. Username/password/smartcard/PIN
D. Username/password/smartcard/PIN
To log on to a secured system, a user must enter a username, password, and passcode. The passcode is generated from a tiny handheld device and displayed on a tiny screen. What type of device is this?
A. Smartcard
B. PKI certificate
C. Key fob
D. VPN
C. Key fob
Which of the following prevents users from having to specify logon credentials when accessing multiple applications?
A. Single sign-on
B. Remember my password
C. Biometric authentication
D. Trusted OS
A. Single sign-on
Which authentication protocol replaces RADIUS?
A. TACACS
B. TACACS+
C. XTACACS
D. Diameter
D. Diameter
Which of the following best describes the CHAP protocol?
A. PKI certificates must be used on both ends of the connection.
B. 802.1x equipment forwards authentication requests to a RADIUS server.
C. Passwords are never sent over the network.
D. SSL is used to encrypt the session.
C. Passwords are never sent over the network.
You are configuring a WPA2 wireless network connection on a company laptop. The company has implemented a PKI. Which WPA2 network authentication method would be the best choice?
A. MS-CHAP
B. Local computer certificate
C. WPA2 PSK
D. SSO
B. Local computer certificate
Which of the following examples best illustrates authentication?
A. A user accesses a shared folder to which they have been granted permission.
B. A computer successfully identifies itself to a server prior to user logon.
C. A network contains two network links to a remote office in case one fails.
D. A network appliance encrypts all network traffic before transmitting it further.
B. A computer successfully identifies itself to a server prior to user logon.
A technician is troubleshooting user access to an 802.1x wireless network called CORP. The same computer was previously given an IP address on the 10.17.7.0/24 network, but now for some reason it has an IP address on the 10.16.16.0/24 network. DHCP is functioning correctly on the network. The technician reports the machine was recently reimaged, and the image uses DHCP. What is the most likely cause of the problem?
A. The workstation has a static IP address on the 10.16.16.0/24 network.
B. The technician needs to issue the ipconfig /renew command.
C. The workstation time is incorrect.
D. The workstation needs to have its PKI certificate reinstalled.
D. The workstation needs to have its PKI certificate reinstalled.
What type of security problem would Network Access Control best address?
A. Dictionary attack
B. ARP cache poisoning
C. WEP
D. SQL injection attack
B. ARP cache poisoning
A company intranet consists of various internal web servers each using different authentication stores. What would allow users to use the same username and password for all internal web sites?
A. NAC
B. SSO
C. VPN
D. Smartcard
B. SSO
While capturing network traffic, you notice clear-text credentials being transmitted. After investigating the TCP headers, you notice the destination port is 389. What type of authentication traffic is this?
A. EAP
B. EAP-TLS
C. LDAP
D. CHAP
C. LDAP
