Network Security ) (Solved Questions 100% VERIFIED QUESTIONS AND ANSWERS)
4 views 0 purchase
Course
Network Security
Institution
Network Security
ticket >>> Once the authenticatoin server accepts the user as authentic it creates an encrypted _____ which is sent back to the client.
timestamp >>> In order to prevent an opponent from capturing the login ticket and reusing it to spoof the TGS, the ticket includes a ______ ...
ticket >>> Once the authenticatoin server accepts the user as authentic it creates an encrypted _____
which is sent back to the client.
timestamp >>> In order to prevent an opponent from capturing the login ticket and reusing it to spoof
the TGS, the ticket includes a ______ indicating the date and time at which the ticket was issued.
False >>> T/F: If the lifetime stamped on a ticket is very short (e.g. minutes an opponent has a greater
opportunity for replay.
Data Consumers >>> _____ are entities that obtain and employ data maintained and provided by
identity and attribute providers, which are often used to support authorization decisions and to collect
audit information
Kerberos principal >>> A ______ is a service or user that is known to the Kerberos system and is
identified by its principal name.
False >>> T/F: Kerberos relies exclusively on asymmetric encryption
True >>> T/F: The ticket-granting ticket is encrypted with a secret key known only to the authentication
server and the ticket granting server.
True >>> T/F: The principal underlying standard for federated identity is the Security Assertion Markup
Language (SAML) which defines the exchange of security information between online business partners.
permanent key >>> A _____ is a key used between entities for the purpose of distributing session keys.
True >>> T/F: The automated key distribution approach provides the flexibility and dynamic
characteristics needed to allow a number of users to access a number of servers and for the servers to
exchange data with each other.
False >>> T/F: If an opponent captures an unexpired service granting ticket and tries to use it they will
be denied access to the corresponding service.
attribute service >>> An __________ manages the creation and maintenance of attributes such as
passwords and biometric information.
Identity management >>> __________ is a centralized, automated approach to provide enterprise wide
access to resources by employees and other authorized individuals, with a focus of defining an identity
for each user, associating attributes with the identity, and enforcing a means by which a user can verify
identity.
, False >>> T/F: It is not necessary for a certification authority to maintain a list of certificates issued by
that CA that were not expired but were revoked
True >>> T/F: For symmetric encryption to work the two parties to an exchange must share the same
key, and that key must be protected from access by others.
signature >>> Containing the hash code of the other fields encrypted with the CA's private key, the
__________ covers all of the other fields of the certificate and includes the signature algorithm
identifier.
True >>> T/F: One of the major roles of public-key encryption is to address the problem of key
distribution
authentication server >>> The __________ knows the passwords of all users and stores these in a
centralized database and also shares a unique secret key with each server
True >>> T/F: Federated identity management is a concept dealing with the use of a common identity
management scheme across multiple enterprises and numerous applications and supporting many
thousands, even millions, of users
False >>> T/F: User certificates generated by a CA need special efforts made by the directory to protect
them from being forged
False >>> T/F: User certificates generated by a CA need special efforts made by the directory to protect
them from being forged
True >>> T/F: A session key is destroyed at the end of a session
True >>> T/F: X.509 is based on the use of public-key cryptography and digital signatures
ticket granting >>> In order to solve the problem of minimizing the number of times that a user has to
enter a password and the problem of a plaintext transmission of the password a __________ server is
used.
False >>> T/F: It is not required for two parties to share a secret key in order to communicate securely
with conventional encryption
NAC >>> ___________ is an umbrella term for managing access to a network
Saas >>> _________ saves the complexity of software installation, maintenance, upgrades, and patches
True >>> T/F: Network access control authenticates users logging into the network and determines
what data they can access and actions they can perform
True >>> T/F: The NIST cloud computing reference architecture focuses on the requirements of "what"
cloud services provide, not a "how to" design solution and implementation.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller johnlynn297. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.96. You're not tied to anything after your purchase.