Tough Questions 141-150

Posted byChrisPosted inUncategorized
  1. For 802.11 wireless LANs, which of the following is a feature shared by both WPA2-PSK and WPA2-Enterprise?
     
    (a) Both utilise server-side authentication using server-side certs
    (b) Both support 128-bit AES-CCMP
    (c) Both support WPS (Wi-Fi Protected Setup)
    (d) Both use RC4 to provide integrity for data frames
    (e) Both can only be used in the 2.4 GHz frequency ranges
     
    Answer:
    (b)
     
    Explanation:
    (a) is a possibility for WPA2-Enterprise only, depending on implementation
    (c) WPS is supported only for PSK
    (d) RC4 is an encryption algorithm (i.e. confidentiality not integrity) – it was used by WEP, but is not used in WPA or WPA2
    (e) Both can be used in both ranges (2.4 & 5 GHz)
     
  2. Which of the following access control mechanisms allows information owners to control access to resources by evaluating the subject, object & the environment?
     
    (a) Rule-based access control
    (b) Attribute-based access control
    (c) Role-based access control
    (d) Discretionary access control
     
    Answer:
    (b)
     
    Explanation:
    Attribute-based access control allows you to create policies that control access to resources by evaluating attributes of the subject (e.g. clearance, department, role), object (e.g. type, owning department, classification/sensitivity) and/or environment (e.g. time, location).
     
  3. Your accounting dept is moving from locally-installed software to a SaaS solution provided by a large accounting software vendor. The process will involve moving existing accounting data to the SaaS provider’s cloud-based servers. Which of the following would your organisation MOST LIKELY consider before making the move? (Choose two)
     
    (a) SLA (Service Level Agreement)
    (b) MOU (Memorandum Of Understanding)
    (c) NDA (Non-Disclosure Agreement)
    (d) Software License
    (e) ISA (Interconnection Service Agreement)
     
    Answers:
    (a), (c)
     
    Explanation:
    An SLA will define metrics for performance and uptime, and sometimes penalties to be paid by the provider in the event of an SLA breach. MOU’s are a voluntary, non-legally binding agreement between two organisations, which would not be appropriate in this case. An NDA would be required to oblige the provider not to disclose your organisation’s data. Software licenses are generally used for locally-installed software. An ISA is used when connecting the networks/resources of two organisations with differing security policies, and would generally not be required for accessing a SaaS solution e.g. via a web browser.
     
  4. Which one of the following is NOT a characteristic of the Challenge Handshake Authentication Protocol?
     
    (a) Challenges are encrypted using a symmetric algorithm
    (b) Authentication is negotiated via a 3-way handshake
    (c) Authenticator will randomly require re-authentication
    (d) CHAP supports mutual authentication by client & server
     
    Answer:
    (a)
     
    Explanation:
    (a) The challenges are hashed with your password (i.e. one-way encryption, not symmetric)
    (b), (c) and (d) are all characteristics of CHAP. Note that the CHAP 3-way handshake (challenge, response, accept/reject) is completely different from the TCP 3-way handshake!
     
  5.  Which of the following represents the BEST reason to upgrade your web application servers to TLS 1.3?
     
    (a) The SNI is encrypted by default in TLS 1.3
    (b) The server certificate is encrypted when sent to the client
    (c) TLS 1.3 supports a larger number of legacy algorithms
    (d) The server uses certificate pinning to speed up connection times
     
    Answer:
    (b)
     
    Explanation:
    (a) SNI (Server Name Identification) is the ability for the client to specify the name of the site they are connecting to as part of the client”hello” message. This enables the server to support multiple websites on a single IP address. ESNI (Encrypted Server Name Identification) does exist, but is not a feature of TLS 1.3, and is not yet widely supported.
    (b) Prior to TLS 1.3, the server certificate was sent in plaintext, which reveals the name of the site and raises privacy concerns.
    (c) TLS 1.3 drops support for a large number of less secure legacy algorithms.
    (d) Certificate pinning is a feature of OCSP and is nothing to do with TLS 1.3 per se.
     
  6. Which of the following is a benefit of implementing DNSSEC?
     
    (a) Using encryption, DNSSEC prevents service providers from mining your DNS queries
    (b) DNSSEC prevents you from going to malicious websites by redirecting your connection attempts
    (c) DNSSEC speeds up name resolution by compressing queries & answers
    (d) DNSSEC authenticates server responses using digital signatures
     
    Answer:
    (d)
     
    Explanation:
    (a) DNSSEC does not provide confidentiality for DNS lookups.
     
  7. Which of the following differentiates DOM-based XSS attacks from reflected & stored XSS attacks?
     
    (a) DOM-based XSS is stored on the web server and sent to a victim when visiting the web page
    (b) DOM-based XSS will not be visible in the HTML source of the page
    (c) DOM-based XSS relies on tricking a user into clicking on a malicious hyperlink
    (d) DOM-based XSS exploits a server-side flaw, and stored & reflected XSS are client-side exploits
     
    Answer:
    (b)
     
    Explanation:
    In both reflected and stored vector attacks, scripts are sent to the victim’s browser within the actual HTML code. DOM-based XSS uses the JavaScript Document Object Model to manipulate the content of the page programmatically, and inserts the code that way.
    (c) could be true for both types of XSS.
     
  8. Which of the following is a key concept that provides for the security of stream ciphers in modern cryptography systems?
     
    (a) Digital signatures
    (b) Confusion
    (c) Collision resistance
    (d) Diffusion
    (e) Entropy
    (f) Asymmetry
     
    Answer:
    (b)
     
    Explanation:
    (b) Confusion attempts to make it as difficult as possible to determine the relationship between plaintext & ciphertext. Confusion is primarily achieved through substitution, and can be applied in both stream and block ciphers.
    (d) Diffusion is a mechanism that improves the security of block ciphers, and cannot be used with stream ciphers. This is primarily achieved through transposition (i.e. jumbling up the data.)
     
  9. Which of the following is true regarding the use of RAID 6?
     
    (a) Requires a minimum of 6 drives to implement
    (b) It can remain functional with two simultaneous drive failures
    (c) It has a net cost of one drive to store parity data
    (d) It has a faster read speed than RAID 5
     
    Answer:
    (b)
     
    Explanation:
    (a) RAID 6 can be implemented with a minimum of 4 drives
    (b) RAID 6 can tolerate the failure of two drives at the same time
    (c) You lose the net equivalent of two drives to parity
    (d) There is no read speed difference between RAID 5 and RAID 6
     
  10. Which of the following is NOT a characteristic of tunnel-mode IPSec?
     
    (a) Tunnel mode IPSec encrypts the entire original IP packet
    (b) Tunnel mode IPSec hides the number of nodes communicating through the link
    (c) Tunnel mode IPSec provides end-to-end security for client & server
    (d) Tunnel mode IPSec will still allow for NIDS to provide value on the LAN side of links
     
    Answer:
    (c)
     
    Explanation:
    Transport mode can provide end-to-end security between client and server, but tunnel mode cannot. This is because the portion of traffic from the client to the IPSec VPN concentrator at one end, and from the concentrator at the other end to the server, is not IPSec-protected.

Leave a comment

Design a site like this with WordPress.com
Get started