Chapter 13 Practice Test Answers 1. C. Secure Sockets Layer (SSL) is a protocol that has been designed to provide a secure connection over an insecure network such as the Internet. 2. B. Kerberos works through the use of encrypted tickets and several server processes that run on one or more third-party trusted servers. 3. B and C. IPSec may be used either independently to provide tunneling services for VPN connections or in conjunction with L2TP as an encryption protocol. 4. A. Digital signatures can only guarantee intact data delivery; that is, data that has not changed since it was sent by the source. 5. D. Internet Key Exchange (IKE) performs many functions, among them the formation of security associations between communicating clients. 6. B. The man in the middle is a rogue program that intercepts all communications between the client and the server during an SSL lifetime. 7. C. L2TP is often used with IPSec to provide the tunnel for IPSec encryption. 8. A. In transport mode, the entire original packet is obscured by a new header and encryption. 9. C. Once you have the TGT, it must be sent to a ticket-granting server (TGS). 10. B. VPNs encapsulate the packets to prevent reading the transmission. This is called tunneling. 11. B and D. PPTP encapsulates the header and the payload to ensure safe delivery. 12. C. L2TP uses the three 56-bit key combination known as triple DES for encryption. 13. D. Kerberos is the default encryption and security system used with Microsoft Windows 2000 operating systems. 14. B. SSL uses a series of keys, public and private, to encrypt the data that is transported across the secure connection. The public-and-private key encryption system is known as the RSA algorithm. 15. A. Generic routing encapsulation (GRE) is used with PPTP. 16. A. The authentication server (AS) is responsible for creating session keys. 17. D. IPSec functions at the Network layer of the OSI Model. 18. D. The handshake process is an exchange of messages that the server uses to authenticate itself to the client using a public key. 19. D. The private key never leaves the possession of the owner. 20. B. Encapsulating security protocol (ESP) protects the header and the payload during transmission.