6.10.9 Section Quiz

pdf

School

St. Petersburg College *

*We aren’t endorsed by this school

Course

1358

Subject

Information Systems

Date

Feb 20, 2024

Type

pdf

Pages

9

Uploaded by MasterRain12063

Report
6.10.9 Section Quiz Candidate: Anthony Patrizzi (apatrizzi324@gmail.com) Date: 2/4/2024, 2:19:33 PM • Time Spent: 03:35 Score: 100% Passing Score: 80% Question 1. Correct When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system? Coupon Voucher Hashkey Ticket Explanation The tokens used in Kerberos authentication are known as tickets . Tickets perform a number of functions, including notifying the network service of the user who has been granted access and authenticating the identity of that person when he or she attempts to use the network service. The terms coupon and voucher are not associated with Kerberos or any other commonly implemented network authentication system. The term hashkey is sometimes used to describe a value that has been derived from some piece of data when that value is then used to access a service. This term is not associated with Kerberos. References 6.10.2 Network Authentication Facts q_netauth_kerberos_01_secp7.question.fex Question 2. Correct Individual Response about:srcdoc 1 of 9 2/4/2024, 2:20 PM
Question 3. Correct A user has just authenticated using Kerberos. Which object is issued to the user immediately following login? Ticket-granting ticket Client-to-server ticket Digital signature Digital certificate Explanation Individual Response about:srcdoc 2 of 9 2/4/2024, 2:20 PM
Kerberos functions as follows: 1. The client sends an authentication request to the authentication server. 2. The authentication server validates the user's identity and grants a ticket-granting ticket (TGT). The TGT validates the user's identity and is good for a specific ticket- granting server. 3. When the client needs to access a resource, it submits its TGT to the ticket-granting server (TGS). The TGS validates that the user is allowed access and issues a client-to- server ticket. 4. The client connects to the service server and submits the client-to-server ticket as proof of access. 5. The SS accepts the ticket and allows access. References 6.10.2 Network Authentication Facts q_netauth_kerberos_03_secp7.question.fex Question 4. Correct You want to deploy SSL to protect authentication traffic with your LDAP-based directory service. Which port does this action use? 60 80 389 443 636 2208 Explanation Individual Response about:srcdoc 3 of 9 2/4/2024, 2:20 PM
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
To use Secure Sockets Layer (SSL) for LDAP authentication, use port 636. Port 80 is used for HTTP, while port 443 is used for HTTPS (HTTP with SSL). Simple LDAP authentication uses port 389. References 6.10.2 Network Authentication Facts q_netauth_ldaps_01_secp7.question.fex Question 5. Correct Your LDAP directory-services solution uses simple authentication. What should you always do when using simple authentication? Use IPsec and certificates Use Kerberos Add SASL and use TLS Use SSL Explanation Protect LDAP simple authentication by using SSL to protect authentication traffic. LDAP simple authentication uses cleartext for username and password exchange. Protect this exchange with SSL. While you can protect authentication using SASL, this requires changing the authentication mode of LDAP from simple to SASL. When using SASL, you can use a wide range of solutions, such as TLS, Kerberos, IPsec, or certificates. References 6.10.2 Network Authentication Facts q_netauth_ldaps_02_secp7.question.fex Individual Response about:srcdoc 4 of 9 2/4/2024, 2:20 PM
Question 6. Correct Which ports does LDAP use by default? (Select two.) 389 69 636 110 161 Explanation Lightweight Directory Access Protocol (LDAP) uses ports 389 and 636 by default. Port 636 is used for LDAP over SSL. This is the secure form or mode of LDAP. Unsecured LDAP uses port 389. Port 69 is used by Trivial File Transfer Protocol (TFTP). Port 110 is used by Post Office Protocol version 3 (POP3). Port 161 is used by Simple Network Management Protocol (SNMP). References 6.10.2 Network Authentication Facts q_netauth_ldap_secp7.question.fex Question 7. Correct What is mutual authentication? A process by which each party in an online communication verifies the identity of the other party. The use of two or more authentication factors. Deploying CHAP and EAP on remote access connections. Individual Response about:srcdoc 5 of 9 2/4/2024, 2:20 PM
Using a certificate authority (CA) to issue certificates. Explanation Mutual authentication is the process by which each party in an online communication verifies the identity of the other party. Mutual authentication is most common in VPN links, SSL connections, and e-commerce transactions. In each of these situations, both parties in the communication want to ensure that they know with whom they are interacting. The use of two or more authentication factors is called two-factor authentication. Challenge Handshake Authentication Protocol (CHAP) and Extensible Authentication Protocol (EAP) are authentication protocols. Communicating hosts might use certificates issued by a trusted CA in performing mutual authentication. However, using the CA is not, in itself, a definition of mutual authentication. References 5.7.2 Network Access Control Facts 6.1.6 Access Control Model Facts 6.3.3 Authorization Facts 6.9.2 Remote Access Facts q_netauth_mutual_secp7.question.fex Question 8. Correct A manager has told you she is concerned about her employees writing their passwords for websites, network files, and database resources on sticky notes. Your office runs exclusively in a Windows environment. Which tool could you use to prevent this behavior? Local Users and Groups Credential Manager Individual Response about:srcdoc 6 of 9 2/4/2024, 2:20 PM
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Computer Management Key Management Service Explanation Credential Manager securely stores account credentials for network resources, such as file servers, websites, and database resources. Local Users and Groups manages only local account credentials. Key Management Service is used to manage the activation of Windows systems on a network. Computer Management is used to complete Windows management tasks, such as viewing event logs, managing hardware devices, and managing hard disk storage. References 6.10.8 Credential Management Facts q_credmgmt_password_01_secp7.question.fex Question 9. Correct KWalletManager is a Linux-based credential management system that stores encrypted account credentials for network resources. Which encryption methods can KWalletManager use to secure account credentials? (Select two.) HMAC-SHA1 Blowfish GPG Kerberos Individual Response about:srcdoc 7 of 9 2/4/2024, 2:20 PM
Twofish Explanation KWalletManager offers two encryption options for protecting stored account credentials. These two encryption options are Blowfish and GPG. HMAC-SHA1 is most often used with one-time passwords. Kerberos is used for login authentication and authorization in a Windows domain. Twofish is an encryption mechanism that is similar to the Blowfish block cipher but has not been standardized at this point. References 6.10.8 Credential Management Facts q_credmgmt_password_02_secp7.question.fex Question 10. Correct You want to protect the authentication credentials you use to connect to the LAB server in your network by copying them to a USB drive. Click the option you use in Credential Manager to protect your credentials. Explanation Individual Response about:srcdoc 8 of 9 2/4/2024, 2:20 PM
Within Credential Manager, use the Back up Credentials and Restore Credentials links to back up and restore credentials. It is recommended that you back up credentials to a removable device, such as a USB flash drive, to protect them from a hard disk crash on the local system. References 6.10.8 Credential Management Facts q_credmgmt_password_03_secp7.question.fex Copyright © The Computing Technology Industry Association, Inc. All rights reserved. Individual Response about:srcdoc 9 of 9 2/4/2024, 2:20 PM
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

4.4.6 Section Quiz.pdf
Farhan_Mohd_IST_110_Assign_CyberSec_Certs_rev4.docx
IT - Project 5-2.docx
Farhan_Mohd_IST_110_Lab_IoT_Vulnerabilities_rev4.docx
IT - Network Configuration Model (1).docx
IST_110_Lab_Common_Tech_Vulnerabilities_rev3.docx
Case 6.4 C.docx
Project 1: Database Design Project – HealthOne Medical Database.docx
Quiz 13 All Correct.docx
Quiz 12 All Correct.docx
Quiz 6.docx
CS123A_Module_2_Week_4_Weekly_Feedback.docx