Chapter 7 Lab Manual Review Questions and Answers
advertisement
Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-1 Chapter 7 Lab Manual Review Questions and Answers Lab 7.1 1. Dial-in access is enabled for the Administrator account only. True or False? 2. Which administrative tool is used to allow dial-in access in a Windows NT environment? a. b. c. d. Active Directory Users and Computers User Manager Computer Management Server Manager 3. Which administrative tool is used to allow dial-in access in a Windows Server 2003 workgroup environment? a. b. c. d. Active Directory Users and Computers User Manager Computer Management Server Manager 4. Which administrative tool is used to allow dial-in access in a Windows Server 2003 domain environment? a. b. c. d. Active Directory Users and Computers User Manager Computer Management Server Manager 5. When dial-in access is enabled, Terminal Services access is also enabled. True or False? Answers: False, b ,c, a, False Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-2 Lab 7.2 1. Which of the following Windows operating systems support VPN connections? (Choose all that apply.) a. b. c. d. Windows NT Windows 2000/2003 Windows 98 Windows 3.11 2. Which of the following Windows operating systems supports L2TP? a. b. c. d. Windows NT Windows 2000/2003 Windows 98 Windows 3.11 3. Which of the following Windows operating systems can run RRAS? a. b. c. d. Windows NT Windows 2000/2003 Windows 98 Windows 3.11 4. Which of the following Windows operating systems can run a VPN server? (Choose all that apply.) a. b. c. d. Windows NT Windows 2000/2003 Windows 98 Windows 3.11 5. Remote access policies can be configured using Windows Server 2003 Group Policy. True or False? Answers: (a, b, c), b, b, (a, b), False Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-3 Lab 7.3 1. Which of the following is the PPTP control port? a. b. c. d. UDP 1723 TCP 1723 TCP 1494 UDP 1494 2. What do the LCP extensions provide for PPTP? a. They provide error correction for the data link connection. b. They provide Data Link layer tunneling. c. They establish, configure, and test the data link connection. d. They link and connect the PPTP connection. 3. Which of the following protocols can be used with PPTP? (Choose all that apply.) a. b. c. d. IPX/SPX NetBEUI TCP/IP AppleTalk 4. Which protocol does PPTP use for encryption? a. b. c. d. PPP IPSec ESP PPTP can encrypt without another protocol. 5. Which of the following operating systems support PPTP? (Choose all that apply.) a. b. c. d. Windows Server 2003 Windows NT Windows 3.11 Windows 9.x Answers: b, c, (a, b, c, d), a, (a, b, d) Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-4 Lab 7.4 1. The default remote access policy is to allow access if dial-in permission is enabled. True or False? 2. Which of the following is a remote access policy attribute? (Choose all that apply.) a. b. c. d. Called-Station-ID Calling-Station-ID Client-IP-Address Tunnel-Type 3. Remote access logging can log which of the following events? a. b. c. d. accounting requests authentication requests periodic status all of the above 4. Which of the following can remote access servers provide to clients? (Choose all that apply.) a. b. c. d. DHCP IP spoofing DHCP relay DCHP repair 5. The default maximum port limit for each device that supports multiple ports is _________. a. b. c. d. 1 0 256 128 Answers: True, (a, b, c, d), d, (a, c), d Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-5 Lab 7.5 1. The wireless network name is case sensitive. True or False? 2. What is the maximum number of characters in a network name? a. b. c. d. 10 32 64 128 3. The wireless network name is also known as SSID. What does SSID mean? a. b. c. d. secure server identifier service set identifier secure shell identifier service store identifier 4. What is the default encryption strength of the Microsoft MN-700? a. b. c. d. 64-bit 128-bit 256-bit none 5. 128-bit WEP is considered _________. a. b. c. d. Answers: True, b, b, d, b weak strong very strong impenetrable Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-6 Lab 7.6 1. Which of the following can you use to access the Cisco Aironet WAP? a. b. c. d. e. Telnet serial Ethernet HTTP all of the above 2. Which of the following requires direct access to the Cisco Aironet WAP? a. b. c. d. Telnet serial Ethernet HTTP 3. The default configuration of the Cisco Aironet allows everyone access to the system configuration. True or False? 4. Which of the following is a setting used for terminal connections? (Choose all that apply.) a. b. c. d. e. 8 data bits 9600 bits per second 1 stop bit no parity XON/XOFF flow control 5. The Cisco Aironet can operate at 2.4 GHz and can conflict with certain cordless phones. True or False? Answers: e, b, True, (a, b, c, d, e), True Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-7 Lab 7.7 1. Which of the following can you use to configure the Cisco Aironet in a text-based environment? a. b. c. d. Telnet FTP TFTP HTTP 2. Which of the following can you use to configure the Cisco Aironet in a GUI environment? a. b. c. d. Telnet FTP TFTP HTTP 3. Telnet is disabled by default on the Cisco Aironet. True or False? 4. Telnet can be a security risk because it transmits the user name and password in plaintext. True or False? 5. Which of the following TCP ports does Telnet use? a. b. c. d. Answers: a, d, False, True, c 20 21 23 25 Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-8 Lab 7.8 1. When limiting access to configuration utilities, which of the following should be changed, besides adding users? (Choose all that apply.) a. b. c. d. the MAC address the default account and password the IP address the SSID 2. One way to secure a wireless network is to use a __________. a. b. c. d. firewall scrambler VPN DMZ 3. One way to secure the wireless administration of a Cisco Aironet is to __________. a. b. c. d. disable access to the WAP disable a router disable administrative access to the WAP disable security settings on the WAP 4. A recommended practice for wireless LANs is to ___________. a. b. c. d. e. disable file and printer sharing disable NetBEUI enable WEP protection use a nonobvious encryption key all of the above 5. Which of the following can interfere with wireless transmission? (Choose all that apply.) a. b. c. d. Answers: (b, d), c, a, e, (a, c, d) brick walls cell phones cordless phones distance Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-9 Lab 7.9 1. Administrators should use a separate account because it makes the system more secure. True or False? 2. Administrators should use a separate account because it makes auditing easier and more reliable. True or False? 3. The Cisco Aironet application used to administer access is called _________. a. b. c. d. Server Manager User Manager Computer Management WAP Manager 4. Which of the following are capability settings available to user accounts? (Choose all that apply.) a. b. c. d. Write SNMP Firmware Admin 5. To enable User Manager, at least one account must have full power. True or False? Answers: False, True, b, (a, b, c, d), True Security+ Guide to Network Security, Second Edition Lab Manual Solutions 7-1 0 Lab 7.10 1. The 802.11a standard can use which of the following bands? a. b. c. d. 2.4 GHz 5 GHz 2.4 MHz 5 MHz 2. The 802.11b standard uses which of the following bands? a. b. c. d. 2.4 GHz 5 GHz 2.4 MHz 5 MHz 3. The 802.11a standard can transmit data at speeds of up to ______ Mbps. a. b. c. d. 11 36 48 54 4. The 802.11b standard can transmit data at speeds of up to ______ Mbps. a. b. c. d. 11 36 48 54 5. Which of the following protocols is used to encrypt wireless transmission? a. b. c. d. Answers: d, c, d, a, b WAP WEP WSP WDP
