Question

RSA is a common form of symmetric key encryption.

Select one:

True

False

What is the purpose of a nonce in an end-point authentication protocol?

Select one:

a. It protects against replay attacks.

b. It serves as a private key.

c. It serves as a public key.

d. It serves as a signature.

e. It serves as a shared symmetric key.

What is (19 * 16) mod 7?

Answer:

A TCP connection setup requires 3 messages to be passed. How many messages must be passed to setup an SSL session.

Select one:

a. 5

b. 6

c. 4

d. 3

How does a router configured as part of a VPN know to convert an unsecured datagram to an IPsec datagram?

Select one:

a. It checks its flow table.

b. It checks its NAT table.

c. It checks its SAD.

d. It checks its SPD.

Which of these security measures is known to be compromised?

Select one:

a. RADIUS

b. WPA-2

c. 802.11i

d. WEP

What type of system is used to completely separate packets from internal hosts and external hosts?

Select one:

a. IPSs

b. Proxies

c. Honey pots

d. IDSs

e. VPN concentrators

What is the function of a DMZ?

Select one:

a. To create a secure zone for VPN terminations.

b. To allow public traffic to access servers isolated from internal networks.

c. To separate a security zone for an IDS server.

d. To allow secure private traffic to access servers isolated from public networks.

Signature based IDSs inspect into the payloads of TCP and UDP segments.

Select one:

True

False

At which layers of the TCP/IP model do firewalls operate?

Select one or more:

a. Data Link

b. Application

c. Transport

d. Physical

e. Network

Answer 1

A) Answer: False

• RSA (Rivest–Shamir–Adleman) is an algorithm used by modern computers to encrypt and decrypt messages.
• It is an asymmetric cryptographic algorithm.
• Asymmetric means that there are two different keys.
• This is also called public key cryptography, because one of the keys can be given to anyone.

B) Answer: a) It protects against replay attacks.

• A nonce is used to avoid playback attacks.
• Its use assures that the correspondent is "live".
• Attacks due to connection replay can be protected by using a nonce.
• End point protocol will never use a nonce that is already used.

C) Answer: 3

• (19*16) mod 7 -> (304) mod 7 -> 3

D) Answer: 3

• The TCP three-way handshake in Transmission Control Protocol (also called the TCP-handshake; three message handshake and/or SYN-SYN-ACK) is the method used by TCP set up a TCP/IP connection over an Internet Protocol based network.
• TCP's three way handshaking technique is often referred to as "SYN-SYN-ACK" (or more accurately SYN, SYN-ACK, ACK) because there are three messages transmitted by TCP to negotiate and start a TCP session between two computers.

E) Answer: It checks its NAT table.

• The nature of NAT is to modify, or translate, a portion of the IP packet, specifically the source and destination addresses or ports, when the packet is en route from a given source to a given destination.
• The nature of IPsec is to detect and prevent the malicious manipulation of packets between a given source and destination.
• Therein lies the origin of IPsec/NAT incompatibilities—the nature of NAT is to manipulate a packet, while the nature of IPsec is to preserve the packet's integrity.

F) Answer: WPA-2

• The method of attack does not compromise the encryption process, but it does provide avenues of attack that can lead to various man-in-the-middle attacks that would further compromise communication.
• Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames.”

G) Answer: Proxies

• Proxies act on behalf of the whole network to completely separate packets from internal hosts and external hosts.

H) Answer: b) To allow public traffic to access servers isolated from internal networks.

• A DMZ can be set up many different ways, but the best explanation is the DMZ is used to separate and secure your inside network from the Internet, while still allowing hosts on the Internet to access your servers.
• The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN).
• An external network node can access only what is exposed in the DMZ, while the rest of the organization's network is firewalled.

I) Answer: True

J) Answer: c) and e)

• Firewalls are used to protect your internal/private LAN from the Internet.
• A firewall generally works at layer 3 and 4 of the OSI model.
• Layer 3 is the Network Layer where IP works and Layer 4 is the Transport Layer, where TCP and UDP function.
• Many firewalls today have advanced up the OSI layers and can even understand Layer 7 – the Application Layer.