Security+ Set 3
Terms
undefined, object
copy deck
- What is hashing?
- changing a character string into a shorter fixed-length value or key
- What four trust models do PKI's fall into?
- heirarchical; network/mesh; trust list; key ring
- What is unique about the network/mesh model of PKI?
- multiple parties must be present before access to the token is granted
- Does PPTP require IP connectivity?
- yes
- Does L2TP require IP connectivity?
- no
- What does IPSec use for authentication and key exchange?
- Diffie-Hellman
- What does IPSec use for encryption?
- 40-bit DES algorithm
- What three methods are used to determine VLAN membership on the local switch?
- port-based; MAC-based; protocol-based
- What two methods are used to determine VLAN membership on a remote switch?
- implicit, based on MAC address; explicit, where the first switch adds a tag
- Why is detecting statistical anomolies a good approach to intrusion detection?
- don't have to understand the root cause of the anomolies
- What is the top priority in computer forensics?
- document each step taken
- What type of access control do most commercial OS's use?
- DAC
- How does CHAP work?
- server sends random value to client; client uses MD5 to create hash with ID, random value, and shared secret; client sends hash to server; server performs same function and compares values
- Is PPTP usually implemented through hardware or software?
- software
- Is L2TP usually implemented through hardware or software?
- hardware
- What is compulsory tunneling?
- situation where VPN server chooses the endpoint of a communication
- What advantage does compulsory tunneling provide?
- allows VPN connections to be concentrated over fewer high-capacity lines
- What port does L2TP use?
- UDP 1701
- What are the two encryption modes for IPSec?
- Transport, where only the data is encrypted; and Tunneling, where the entire packet is encrypted
- What protocol does IPSec use to exchange keys?
- Internet Key Exchange (IKE)
- What is key escrow?
- administration of a private key by a trusted third party
- What advantage does TACACS+ have over RADIUS?
- better security
- What advantage does RADIUS have over TACACS+?
- better vendor support and implementation
- What makes non-repudiation a stronger version of authentication?
- non-repudiation comes from a third party
- Non-repudiation has been compared to what real-world version of authentication?
- using a public notary
- What is a teardrop attack?
- a type of DoS attack using a false fragmentation offset value
- What is an AUP?
- Acceptable Use Policy
- From what does RSA derive its strength?
- the difficulty of factoring large numbers
- What three people were involved in the creation of RSA?
- Rivest, Shamir, Adleman
- Is RSA a public- or private-key system?
- public-key
- What is the standard key length for DES?
- 56 bits
- What is the standard key length for IDEA?
- 128 bits
- What is the standard key length for 3DES?
- 168 bits
- How are RSA and DES used together?
- RSA is used to encrypt the key for transmission; DES is used for message encryption
- What kind of encryption does AES use?
- private-key
- What is IDEA?
- International Data Encryption Algorithm- a 128-bit private-key encryption system
- What are the two most popular hashing routines in use today?
- MD5 and SHA-1
- What size is an MD5 hash?
- 128 bits
- What is MD5 designed for?
- digital signatures
- Observing the timer value in the TCP stack makes what possible?
- determining the OS in use, useful in planning attacks
- What are the three A's in computer forensics?
- Acquire, Authenticate, Analyze
- What is the first step in risk analysis?
- identifying assets
- What type of network is CHAP primarily used on?
- PPP