Question 1

The system of using digital certificates,CAs,and other registration authorities that verify and authenticate the validity of each party involved in a transaction over a public network is known as ____.

A) AAA server
B) AAA infrastructure
C) public cryptography
D) public key infrastructure (PKI)

D

Accepted Answer

Digital certificates, CAs, and other registration authorities are used in a public key infrastructure (PKI) system to verify and authenticate each party involved in a transaction over a public network. The other options, AAA server and AAA infrastructure, do not specifically address the use of digital certificates and PKI. Public cryptography is a broad term that encompasses different cryptographic schemes and algorithms, and may or may not involve the use of digital certificates and PKI.

Question 2

A ____ deployment uses local authentication with one or more RADIUS servers at each site. However, the authentication database is replicated from one central site to each local site.&#10;A) distributed autonomous site&#10;B) distributed sites with centralized authentication and security&#10;C) single site deployment&#10;D) distributed sites and security with centralized authentication

Accepted Answer

A distributed autonomous site deployment involves local authentication with RADIUS servers at each site, and the authentication database is replicated from a central site to each local site. This setup allows for local authentication processes while maintaining a centralized control over the authentication database.

Question 3

____ measures the resources a user consumes during each network session.&#10;A) Accounting&#10;B) Authorization&#10;C) Authentication&#10;D) Integrity

Accepted Answer

Accounting measures the resources a user consumes during each network session, such as the amount of data transferred, the duration of the session, and the identity of the user. Authorization refers to the process of determining whether a user should be granted access to a particular resource. Authentication refers to confirming the identity claimed by a user, while integrity refers to maintaining the accuracy and consistency of data as it is transmitted and stored.

Question 4

LEAP is not vulnerable to dictionary attack tools.

Accepted Answer

LEAP is vulnerable to dictionary attacks, as it uses a shared secret password instead of unique credentials for each user. This makes it easier for attackers to use automated tools to guess the password.

Question 5

The X.500 standard defines a protocol for a client application to access an X.500 directory called the ____.&#10;A) DAP&#10;B) DIB&#10;C) DIT&#10;D) DIU

Accepted Answer

The Directory Access Protocol (DAP) is the protocol specified in the X.500 standard for a client application to access an X.500 directory. Choice B, DIB (Directory Information Base), is a term used to refer to the X.500 directory itself. Choice C, DIT (Directory Information Tree), is a hierarchical structure that organizes information within the X.500 directory. Choice D, DIU (Directory Information Update), is not a term used in the X.500 standard.

Question 6

Wireless authentication first requires the wireless device-not the user-to be authenticated before being connected to the WLAN.

Accepted Answer

Wireless authentication uses a device's MAC address or other unique identifier to authenticate it before allowing it to connect to the WLAN. User authentication may also be required after the device is connected.

Question 7

If authentication is performed by IEEE 802.1x using the WPA or WPA2 Enterprise model, the distribution of the ____, from which all other keys are formed, is done by the authentication server.&#10;A) pairwise master key (PMK)&#10;B) master key (MK)&#10;C) pairwise transient key (PTK)&#10;D) key confirmation key (KCK)

Accepted Answer

The answer of If authentication is performed by IEEE 802.1x...

Question 8

____ is an industry standard protocol specification that forwards username and password information to a centralized server.&#10;A) Kerberos&#10;B) TACACS+&#10;C) PKI&#10;D) Asymmetric encryption

Accepted Answer

Kerberos is a network authentication protocol used to provide secure transactions over insecure networks. PKI (Public Key Infrastructure) is a framework for managing digital certificates and public-key encryption. Asymmetric encryption is a type of encryption that uses two different keys for encryption and decryption. TACACS+ (Terminal Access Controller Access-Control System Plus) is a protocol that forwards username and password information to a centralized server for authentication and authorization. Therefore, the answer is B) TACACS+.

Question 9

With ____ deployment, RADIUS servers are located at each site to perform authentication. However, instead of the authentication database being replicated to each site, it is centrally located.&#10;A) distributed autonomous site&#10;B) distributed sites with centralized authentication and security&#10;C) single site deployment&#10;D) distributed sites and security with centralized authentication

Accepted Answer

Distributed sites and security with centralized authentication deployment involves RADIUS servers located at each site for authentication, but the authentication database is centrally located, not replicated across sites.

Question 10

The MKs are used for access point to wireless device transmissions, or unicast transmissions.

Accepted Answer

MKs (Multicast Keys) are used for access point to wireless device transmissions, or unicast transmissions.

Question 11

____ allows a RADIUS server to authenticate wireless devices stations by verifying a hash known as MD5 of each user's password.&#10;A) PAP&#10;B) CHAP&#10;C) MS-CHAP&#10;D) EAP-MD5

Accepted Answer

The answer of ____ allows a RADIUS server to authenticate...

Question 12

____ uses the unique human characteristics of a person for authentication (something the user is).&#10;A) Digital certificates&#10;B) Passwords&#10;C) Biometrics&#10;D) Password tokens

Accepted Answer

The answer of ____ uses the unique human characteristics of...

Question 13

____ deployment consists of one or more RADIUS servers accessing a centralized authentication database.&#10;A) Distributed autonomous sites&#10;B) Distributed sites with centralized authentication and security&#10;C) Single site&#10;D) Distributed sites and security with centralized authentication

Accepted Answer

The answer of ____ deployment consists of one or more...

Question 14

LDAP was developed by Microsoft and the University of Michigan in 1996.

Accepted Answer

The answer of LDAP was developed by Microsoft and the...

Question 15

EAP was originally defined for dial-up access but is now used for both wired and wireless access.

Accepted Answer

The answer of EAP was originally defined for dial-up access...

Question 16

Several of the EAP protocols use ____, which creates a ciphertext from cleartext.&#10;A) symmetric encryption&#10;B) hashing&#10;C) asymmetric encryption&#10;D) filtering

Accepted Answer

The answer of Several of the EAP protocols use ____,...

Question 17

In public key cryptography, the ____ key encrypts the message.&#10;A) public&#10;B) private&#10;C) known&#10;D) user

Accepted Answer

The answer of In public key cryptography, the ____ key...

Question 18

____ requires that the wireless device and RADIUS server prove their identities to each other by using public key cryptography such as digital certificates.&#10;A) PAP&#10;B) LEAP&#10;C) EAP-TLS&#10;D) EAP-MD5

Accepted Answer

The answer of ____ requires that the wireless device and...

Question 19

The International Organization for Standardization (ISO) created a standard for directory services known as ____.&#10;A) ISO.500&#10;B) LDAP-1000&#10;C) X.500&#10;D) Z.101

Accepted Answer

The answer of The International Organization for Standardization (ISO) created...

Question 20

A ____ is a database stored on the network that contains information about users and network devices.&#10;A) PKI&#10;B) biometric service&#10;C) Kerberos service&#10;D) directory service

Accepted Answer

The answer of A ____ is a database stored on...

Question 21

The ____ is used by the EAP key exchanges to provide confidentiality.&#10;A) KEK&#10;B) KCK&#10;C) WPAK&#10;D) nonce key

Accepted Answer

The answer of The ____ is used by the EAP...

Question 22

The ____________________ is used by the EAP key exchanges to provide data origin authenticity.

Accepted Answer

The answer of The ____________________ is used by the EAP...

Question 23

The purpose of the ____ handshake is to authenticate the GTK.&#10;A) group key&#10;B) four-way&#10;C) five-way&#10;D) MK

Accepted Answer

The answer of The purpose of the ____ handshake is...

Question 24

The management protocol of IEEE 802.1x that governs the interaction between the wireless device, access point, and RADIUS server is known as the ____________________.

Accepted Answer

The answer of The management protocol of IEEE 802.1x that...

Question 25

What are the primary differences between LDAP and DAP?

Accepted Answer

The answer of What are the primary differences between LDAP...

Question 26

What are the two types of device authentication supported by the IEEE 802.11 standard?

Accepted Answer

The answer of What are the two types of device...

Question 27

Entries in the DIB are arranged in a tree structure called the ____________________.

Accepted Answer

The answer of Entries in the DIB are arranged in...

Question 28

Access points and wireless devices must exchange information in order to create and acknowledge the MKs and the GKs. This exchange of information is known as ____.&#10;A) WPA exchange&#10;B) GK encryption&#10;C) handshakes&#10;D) MK exchange

Accepted Answer

The answer of Access points and wireless devices must exchange...

Question 29

How does Kerberos work?

Accepted Answer

The answer of How does Kerberos work?...

Question 30

____________________ is the process that determines whether the user has the authority to carry out certain tasks.

Accepted Answer

The answer of ____________________ is the process that determines whether...

Question 31

The exchange of information for the MK is based on a ____.&#10;A) group key handshake&#10;B) PTK handshake&#10;C) GTK encryption&#10;D) four-way handshake

Accepted Answer

The answer of The exchange of information for the MK...

Question 32

When an AP sends the same packet to all wireless devices, known as a broadcast, MKs are not used. Instead, ____ are used.&#10;A) temporal keys&#10;B) group keys (GK)&#10;C) key confirmation keys (KEKs)&#10;D) pairwise master keys (PMKs)

Accepted Answer

The answer of When an AP sends the same packet...

Question 33

Identify the types of information typically included in a digital certificate.

Accepted Answer

The answer of Identify the types of information typically included...

Question 34

Briefly describe the functions of a RADIUS client and a RADIUS server.

Accepted Answer

The answer of Briefly describe the functions of a RADIUS...

Question 35

What are the advantages and disadvantages of distributed autonomous site deployment?

Accepted Answer

The answer of What are the advantages and disadvantages of...

Question 36

What are the advantages and disadvantages of distributed sites with centralized authentication and security deployment?

Accepted Answer

The answer of What are the advantages and disadvantages of...

Question 37

Certificates are issued by a trusted third party called a(n) ____________________.

Accepted Answer

The answer of Certificates are issued by a trusted third...

Question 38

What is authentication for a wired network?

Accepted Answer

The answer of What is authentication for a wired network?...

Question 39

The ____ is the value that the wireless devices use to decrypt broadcast messages from APs.&#10;A) GTK&#10;B) MK&#10;C) PTK&#10;D) PMK

Accepted Answer

The answer of The ____ is the value that the...

Question 40

What are the steps for creating a pairwise master key (PMK)?

Accepted Answer

The answer of What are the steps for creating a...

Question 41

Describe the main characteristics of the Challenge-Handshake Authentication Protocol (CHAP).

Accepted Answer

The answer of Describe the main characteristics of the Challenge-Handshake...

Question 42

Match between columns&#10;                        Premises: secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;secret combination of letters and numbers that validates (authenticates) a user by what he or she knows.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;basic authentication protocol that was used to authenticate a user to a remote access server or to an ISP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;Microsoft implementation of CHAP.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;electronic files that the user has and are used to uniquely identify users and resources over networks.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;a randomly chosen value.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;handles some CA tasks such as processing certificate requests and authenticating users.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;management protocol that controls port-based authentication.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;starting point of the group key hierarchy.&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).&#10;authentication system developed by the Massachusetts Institute of Technology (MIT).

Accepted Answer

The Answer of Nonce and Registration authority (RA) and PAP is...

Deck 8: Secure Wireless Authentication