Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

More documents

Recommendations

Info

140 CHAPTER 8 Security Standards and Services can be used to distract attackers from real servers and keep them occupied while you collect information on the attack and the source of the attack. After an attack has occurred, the most important thing to do is to collect all the evidence of the attack and its methods. You will also want to take steps to ensure that the same type of attack cannot be successfully performed on the network in the future. Authentication protocols are chosen based on the applications, complexity, and level of security needs. Kerberos provides access through secure encrypted keys and issuance of tickets. CHAP validates the identity of the clients through three-way handshake (challenge, response, success, or failure). RADIUS is the most popular of all the AAA servers, which include RADIUS, TACACS, and TACACS+. We also reviewed Extension Authentication Protocol and Protected EAP. Top Five Toughest Questions 1. You are performing a security audit for a company to determine their risk from various attack methods. As part of your audit, you work with one of the company’s employees to see what activities he performs during the day that could be at risk. As you work with the employee, you see him perform the following activities: Log into the corporate network using Kerberos Access files on a remote system through a Web browser using SSL Log into a remote UNIX system using Secure Shell (SSH) Connect to a Post Office Protocol 3 (POP3) server and retrieve e-mail Which of these activities is most vulnerable to a sniffing attack A. Logging into the corporate network using Kerberos B. Accessing files on a remote system through a Web browser using SSL C. Logging into a remote UNIX system using SSH D. Connecting to a POP3 server and retrieving e-mail 2. You are a security consultant for a large company that wants to make its intranet available to its employees via the Internet. They want to ensure that the site is as secure as possible. To do this, they want to use multifactor authentication. The site uses an ID and password already but they want to add security features that ensure that the site is indeed their site, not a spoofed site, and that the user is an authorized user. Which authentication technology supports this A. Certificates B. CHAP C. Kerberos D. Tokens 3. You have been asked to help a company implement multifactor authentication. They want to make sure that the environment is as secure as possible through the use of biometrics. Based on your knowledge of authentication, you understand that biometrics falls under the “something you are”
Network Access Security 141 category. Which other category should be used with the biometric device to provide the highest level of security A. Something you know B. Something you have C. Something you do D. All these options have their own benefits and detriments. 4. When using LDAP for authentication in an internetworking environment, what is the best way to ensure that the authentication data is secure from packet sniffing A. Use LDAP to keep all passwords encrypted when transmitted to the server. B. Use LDAP over SSL/TLS to encrypt the authentication data. C. Require that the clients use strong passwords so that they cannot easily be guessed. D. Use LDAP over HTTP/S to encrypt the authentication data. 5. You have been asked to use an existing router and utilize it as a firewall. Management would like you to use it to perform address translation and block some known bad IP addresses that previous attacks have originated from. With this in mind, which of the following statements are accurate A. You have been asked to perform NAT services B. You have been asked to set up a proxy C. You have been asked to set up stateful inspection D. You have been asked to set up a packet filter Answers 1. Correct answer and explanation: D. Connecting to a POP3 server sends the ID and password over the network in a nonencrypted format due to the use of clear text authentication. This data (in addition to the e-mail content itself) is consequently vulnerable to being collected when sniffing the network. Incorrect answers and explanations: A, B, and C. Answer A is incorrect because logging into a network using Kerberos is secure from sniffing attacks due to encryption and time stamps. Answer B is incorrect because using SSL encrypts the connection so that it cannot be viewed by sniffing. Answer C is incorrect because using SSH encrypts the connection to the remote UNIX system. 2. Correct answer and explanation: A. Certificates can be used not only to ensure that the site is the company’s Web site, but also that the user is an authorized user. The Web server can be configured to require client-side certificates. Incorrect answers and explanations: B, C, and D. Answer B is incorrect because CHAP does not support two-way authentication in this manner. Answer C is incorrect because Kerberos can authenticate the
Page 2 and 3:
Syngress is an imprint of Elsevier
Page 4 and 5:
xii About the Authors Technical Edi
Page 6 and 7:
2 CHAPTER 1 Network Fundamentals Ne
Page 8 and 9:
4 CHAPTER 1 Network Fundamentals re
Page 10 and 11:
6 CHAPTER 1 Network Fundamentals
Page 12 and 13:
8 CHAPTER 1 Network Fundamentals Wh
Page 14 and 15:
10 CHAPTER 1 Network Fundamentals d
Page 16 and 17:
12 CHAPTER 1 Network Fundamentals
Page 18 and 19:
14 CHAPTER 1 Network Fundamentals T
Page 20 and 21:
16 CHAPTER 1 Network Fundamentals T
Page 22 and 23:
18 CHAPTER 1 Network Fundamentals I
Page 24 and 25:
20 CHAPTER 2 Network Media DID YOU
Page 26 and 27:
22 CHAPTER 2 Network Media Table 2.
Page 28 and 29:
24 CHAPTER 2 Network Media ■ Perf
Page 30 and 31:
26 CHAPTER 2 Network Media Table 2.
Page 32 and 33:
28 CHAPTER 2 Network Media LAN TECH
Page 34 and 35:
30 CHAPTER 2 Network Media CONNECTO
Page 36 and 37:
32 CHAPTER 2 Network Media EXAM WAR
Page 38 and 39:
34 CHAPTER 2 Network Media problems
Page 40 and 41:
36 CHAPTER 2 Network Media electrom
Page 42 and 43:
38 CHAPTER 3 Network Devices Table
Page 44 and 45:
40 CHAPTER 3 Network Devices some o
Page 46 and 47:
42 CHAPTER 3 Network Devices ■
Page 48 and 49:
44 CHAPTER 3 Network Devices ■
Page 50 and 51:
46 CHAPTER 3 Network Devices EXAM W
Page 52 and 53:
48 CHAPTER 3 Network Devices ■ Du
Page 54 and 55:
50 CHAPTER 3 Network Devices Proxy
Page 56 and 57:
52 CHAPTER 3 Network Devices Top Fi
Page 58 and 59:
54 CHAPTER 3 Network Devices the co
Page 60 and 61:
56 CHAPTER 4 Wireless Networking
Page 62 and 63:
Page 64 and 65:
60 CHAPTER 4 Wireless Networking Ta
Page 66 and 67:
62 CHAPTER 4 Wireless Networking WE
Page 68 and 69:
64 CHAPTER 4 Wireless Networking Th
Page 70 and 71:
66 CHAPTER 4 Wireless Networking us
Page 72 and 73:
Page 74 and 75:
70 CHAPTER 4 Wireless Networking si
Page 76 and 77:
72 CHAPTER 4 Wireless Networking co
Page 78 and 79:
74 CHAPTER 5 The OSI Model and Netw
Page 80 and 81:
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
Page 88 and 89:
Page 90 and 91:
Page 92 and 93: 88 CHAPTER 5 The OSI Model and Netw
Page 94 and 95: 90 CHAPTER 6 TCP/IP and Routing ■
Page 96 and 97: 92 CHAPTER 6 TCP/IP and Routing For
Page 98 and 99: 94 CHAPTER 6 TCP/IP and Routing UND
Page 100 and 101: 96 CHAPTER 6 TCP/IP and Routing ■
Page 102 and 103: 98 CHAPTER 6 TCP/IP and Routing Sub
Page 104 and 105: 100 CHAPTER 6 TCP/IP and Routing co
Page 106 and 107: 102 CHAPTER 6 TCP/IP and Routing
Page 108 and 109: 104 CHAPTER 6 TCP/IP and Routing al
Page 110 and 111: CHAPTER 7 Wide Area Networking 107
Page 112 and 113: WAN Protocols and Properties 109 In
Page 114 and 115: WAN Protocols and Properties 111 Cr
Page 116 and 117: Internet Access Methods 113 EXAM WA
Page 118 and 119: Internet Access Methods 115 Wireles
Page 120 and 121: Internet Access Methods 117 Top Fiv
Page 122 and 123: Internet Access Methods 119 with th
Page 124 and 125: 122 CHAPTER 8 Security Standards an
Page 146 and 147: 144 CHAPTER 9 Network Management
Page 148 and 149: 146 CHAPTER 9 Network Management Wi
Page 150 and 151: 148 CHAPTER 9 Network Management Cr
Page 152 and 153: 150 CHAPTER 9 Network Management
Page 154 and 155: 152 CHAPTER 9 Network Management An
Page 156 and 157: 154 CHAPTER 9 Network Management Lo
Page 158 and 159: 156 CHAPTER 10 Network Troubleshoot
Page 178 and 179: Glossary 177 Access Determines who
Page 180 and 181: Glossary 179 Extensible Authenticat
Page 182 and 183: Glossary 181 Oscilloscope A cable t
Page 184 and 185: Glossary 183 Wireless Network A net
Page 186 and 187: 186 Index Data link layer, 74-75 fu
Page 188 and 189: 188 Index Network troubleshooting,
show all

Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

Create successful ePaper yourself

Delete template?

Save as template?