Import Settings:

advertisement

Lesson 9: Securing Data Transmission and Authentication

Multiple Choice

1. Where is the checksum located? a) footer of each packet b) header of each packet c) payload of each packet d) application data of each packet

2. What suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data? a) IPSec b) checksum c) TCP d) UDP

3. What are the IPSEC default settings for the key lifetime in minutes? a) 350 b) 380 c) 450 d) 480

4. What rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain? a) Tunnel b) Authentication exemption c) Isolation d) Server to server

5. Which rule allows you to specify one or more computers that do not need to be authenticated to pass traffic? a) Tunnel b) Authentication exemption c) Isolation d) Server to server

6. Before secure data is sent, what must occur to determine the type of traffic to be secured and how it will be secured? a) quick mode negotiations b) quick mode messages c) IKE main mode negotiations d) IKE main mode messages

7. IKE main mode has a default lifetime of __________ hours. a) 6 b) 8 c) 10 d) 12

8. To set the Netsh IPSec context, what is the first command you enter at the command prompt? a) netsh b) ipsec c) static d) dynamic

9. Which statistic represents the number of failed outbound requests that occurred to establish the

SA since the IPSec service started? a) Receive Failures b) Acquire Failures c) Send Failures d) Authentication Failures

10. The command “set config property=ipsecloginterval value=value” can be set to what range of values? a) 0

7 b) 0, 1 c) 60 – 86,400 d) 0, 1, 2

11. Which “middle-of-the-road” form of NTLM authentication was used to improve upon the security of LM Authentication? a) LMv2 Authentication b) NTLM Authentication c) NTLMv2 Authentication d) None of the above

12 . Which type of attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic?

a) data modification b) denial of service c) man in the middle d) identity spoofing

13. Which process is used to establish trust between communicating systems, after which only trusted systems can communicate with each other? a) shared cryptography b) cryptographic checksum c) mutual authentication d) filtered methodology

14. Which default authentication method is used by IPSec policies deployed within an Active

Directory domain and can only be used in an Active Directory environment? a) Kerberos v5 protocol b) PKI certificate from a Certification Authority (CA) c) preshared key d) IPSec Authentication mode

15. What allows traffic that is defined in one direction to also be defined in the opposite direction? a) manifestation b) reflection c) mirroring d) evidencing

16. The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on which type of computer? a) Windows Server 2008 b) Windows Server 2003 c) Windows Vista d) Windows 2000

17. Which field does the IPSec driver use to match the correct SA with the correct packet? a) IPSec Driver field b) IKE Authentication field c) IP Filter field d) SPI field

18. What is used to determine encryption key material and security protection for use in protecting subsequent main mode or quick mode communications? a) quick mode negotiations b) quick mode messages c) main mode negotiations d) main mode messages

19. What statistic shows the total number of failed outbound quick mode SA addition requests that have been submitted by IKE to the IPSec driver since the IPSec service was last started? a) Key Addition Failures b) Key Update Failures

c) Get SPI Failures d) Receive Failures

20. What is the default authentication protocol in an Active Directory network? a) Kerberos v5 b) LM Authentication c) NTLM Authentication d) NTLMv2 Authentication

True/False

21. Each TCP/IP packet protected with IPSec contains a cryptographic checksum in the form of a keyed hash.

22. Use Tunnel mode when you require packet filtering and end-to-end security.

23. The Authentication Header (AH) protocol provides confidentiality and data encryption.

24. For IPSec, the only exception to complete protected cipher suite negotiation is the negotiation of the cipher suite of the initial ISAKMP SA, which is sent as XML.

25. To identify a specific SA for tracking purposes, a 32-bit number known as the Security

Parameters Index (SPI) is used.

Fill-in-the-Blank

26. An IP filter can be __________, meaning that traffic defined in one direction will also be defined in the opposite direction.

27. Quick mode messages are __________ messages that are encrypted using the ISAKMP SA.

28. IKE main mode has a default lifetime of __________ hours, but this number is configurable from 5 minutes to a maximum of 48 hours.

29. IPSec policy information is stored in Active Directory and cached in the local __________ of the computer to which it applies.

30. You can configure __________ policies to extend existing Active Directory–based or local

IPSec policies, override Active Directory–based or local IPSec policies, and enhance security during computer startup.

31. You can use the IP Security Policy Management console or the __________ command-line utility to manage an Active Directory–based policy.

32. __________ are the source IP address or range of addresses from which inbound traffic will be permitted.

33. A(n) __________ firewall is so named because it can track and maintain information based on the status of a particular connection.

34. A(n) __________ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain.

35. A(n) __________ is a value contained in a received IKE message that is used to help identify the corresponding main mode SA.

Short Answer

36. Previous versions of Windows supported what type of rule in IPSec, which was activated by default for all policies?

37. The Windows Firewall is enabled by default on all new installations of Windows Server

2008. How can it be managed?

38. What standard defines a mechanism to establish SAs?

39. Which Diffie-Hellman process does not prevent a man-in-the-middle attack, in which a malicious user between the negotiating peers performs two Diffie-Hellman exchanges, one with each peer?

40. What does Windows Server 2008 IPSec also support, which is the determination of new keying material through a new Diffie-Hellman exchange on a regular basis?

41. The Windows Firewall with Advanced Security MMC snap-in enables you to incorporate

IPSec into the Windows Firewall by configuring one or more what?

42. What is the name of the concatenation of one or more IP filters, which define a range of network traffic?

43. What can you use to determine the IPSec policies that are assigned but are not applied to

IPSec clients?

Download