Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
1.
|
IPSec
is supported by which of the following task forces? a. | Electrical
Engineering | c. | IP Security
Engineering | b. | Network Engineering | d. | Internet Engineering | | | | |
|
|
|
2.
|
With
IPSec authentication, how many endpoints in the communication process must be
trusted? a. | either one or
both endpoints | c. | only one
endpoint | b. | both endpoints | d. | neither endpoint | | | | |
|
|
|
3.
|
Which
type of encryption uses multiple keys? a. | asymmetric | c. | hash | b. | symmetric | d. | none of the above | | | | |
|
|
|
4.
|
Which
type of encryption uses only a singe key? a. | symmetric | c. | both A and B | b. | hash | d. | neither A or
B | | | | |
|
|
|
5.
|
IPSec
uses digital signatures on ____ packet(s) of information. a. | each | c. | random | b. | alternating | d. | user-defined | | | | |
|
|
|
6.
|
Which
of the following parameters is negotiated when setting up a security association? a. | EH or ASP
mode | c. | hashing exchange
algorithms | b. | transport or tunnel mode | d. | all of the above | | | | |
|
|
|
7.
|
Which
IPSec mode does not encrypt packet data?
|
|
|
8.
|
Which
IPSec mode is used between two routers?
|
|
|
9.
|
Which
of the following best describes a security association? a. | the security
terms negotiated between two hosts using IPSec | b. | a transport
layer protocol that encrypts data communications | c. | the condition
under which two routers are allowed to encapsulate all traffic transferred | d. | a standard for
certificates that was created by the ITU-T | | |
|
|
|
10.
|
How
many ways are there for Windows Server 2003 to authenticate IPSec connections?
|
|
|
11.
|
The
second window of the IP Filter Wizard asks for the source IP address for the filter. This can be
statically configured as which of the following? a. | My IP Address | c. | Any IP Address | b. | A specific DNS
Name | d. | All of the
above | | | | |
|
|
|
12.
|
What
is the main disadvantage to third party certificates? a. | compatibility
problems | c. | security
risks | b. | cost | d. | increased network traffic | | | | |
|
|
|
13.
|
Which
of the following services can be configured to use certificates? a. | e-mail | c. | smart
cards | b. | EFS | d. | all of the above | | | | |
|
|
|
14.
|
Kerberos uses a security boundary called a(n) ____. a. | group | c. | domain | b. | circle | d. | realm | | | | |
|
|
|
15.
|
Which
of the following is an IPSec policy installed by default on Windows Server 2003? a. | Switch (Reply
Only) | c. | Server (Request
Security) | b. | Router (Respond Only) | d. | Tunnel (MD5 Enabled) | | | | |
|
|
|
16.
|
How
much ICMP traffic is allowed by the default IPSec policies? a. | some | c. | none | b. | all | d. | variable | | | | |
|
|
|
17.
|
How
many policies can be assigned at a time on a single machine running Windows Server
2003? a. | one | c. | three | b. | two | d. | as many as desired | | | | |
|
|
|
18.
|
A
single server can be configured with how many IPSec policies? a. | one | c. | three | b. | two | d. | as many as desired | | | | |
|
|
|
19.
|
After
an IPSec policy is assigned, when does it take effect? a. | immediately | c. | upon restarting
the IPSec Policy Agent | b. | after 30 minutes | d. | upon receiving the first encrypted
packet | | | | |
|
|
|
20.
|
How
many filter actions (used for security rules) exist by default on Windows Server
2003?
|
|
|
21.
|
What
defines what is done to traffic that matches an IP filter list? a. | filter
filters | c. | filter
rules | b. | filter actions | d. | filter descriptors | | | | |
|
|
|
22.
|
Each
filter action requires how many security methods? a. | at least one | c. | exactly two | b. | at most
one | d. | none | | | | |
|
|
|
23.
|
Which
two algorithms are used for AH and ESP data integrity? a. | SHA1 and
DES | c. | SHA1 and
MD5 | b. | DES and
MD5 | d. | DES and
3DES | | | | |
|
|
|
24.
|
Which
two algorithms are used for ESP data encryption? a. | SHA1 and DES | c. | SHA1 and MD5 | b. | DES and
MD5 | d. | DES and
3DES | | | | |
|
|
|
25.
|
Which
of the following is the most common hashing algorithm for commercial applications?
|
|
|
26.
|
In
cryptography, what does a key refer to? a. | a small number that is easy to
guess | c. | a small number
that is difficult to guess | b. | a large number that is difficult to
guess | d. | a large number
that is easy to guess | | | | |
|
|
|
27.
|
Which
type of encryption uses a public and private key? a. | symmetrical | c. | asymmetrical | b. | hash | d. | triple defense
(3DEF) | | | | |
|
|
|
28.
|
What
mode of IPSec communication is characterized by the communication between two hosts? a. | transport
mode | c. | forward
mode | b. | tunnel
mode | d. | transfer
mode | | | | |
|
|
|
29.
|
Which
of the following is the process used by two IPSec hosts to negotiate their security
parameters?
|
|
|
30.
|
A
certificate follows which standard? a. | X.507 | c. | X.509 | b. | X.508 | d. | X.510 | | | | |
|
|
|
31.
|
In
Active Directory, a domain is equivalent to which of the following in relation to
Kerberos? a. | realm | c. | area | b. | region | d. | location | | | | |
|
|
|
32.
|
The
default IPSec policies are configured to use which of the following for authentication by
default? a. | Cyclops | c. | Medusa | b. | Kerberos | d. | Hydra | | | | |
|
|
|
33.
|
How
many IPSec policies can be used without being assigned? a. | zero | c. | two | b. | one | d. | unlimited number | | | | |
|
|
|
34.
|
MD5
stands for ____. a. | Multiple
Decryption 5 | c. | Message Digest
5 | b. | Multiple Digest
5 | d. | Message
Decryption 5 | | | | |
|
|
|
35.
|
3DES
performs how many rounds of encryption with how many keys? a. | three rounds one
key | c. | one round three
keys | b. | three rounds
three keys | d. | one round one
key | | | | |
|