1.
Question 1
Fill in the blank: In the world of AAA security, “authn” is short for _____.
authoritarian
authorization
authored
authentication
2.
Question 2
Fill in the blank: Authorization is concerned with determining _____ to resources.
identity
eligibility
validity
access
3.
Question 3
Fill in the blank: Security Keys utilize a secure challenge-and-response authentication system, which is based on _____.
public key cryptography
shared secrets
symmetric encryption
steganography
4.
Question 4
Fill in the blank: Security Keys are more ideal than OTP generators because they are resistant to _____ attacks.
phishing
password
brute force
DDoS
5.
Question 5
Fill in the blank: In addition to the client being authenticated by the server, certificate authentication also provides _____.
malware protection
server authentication
authorization
integrity
6.
Question 6
In LDAP language, what do we call the folder an object belongs to?
A distinguished name (DN)
A data information tree
TLS
An organizational unit (OU)
7.
Question 7
Fill in the blank: Kerberos enforces strict _____ requirements. Otherwise, authentication will fail.
strong password
LDAP
AES
time
8.
Question 8
Consider the following scenario: Multiple client switches and routers have been set up at a small military base. The network team decided to implement Terminal Access Controller Access-Control System Plus (TACACS+), along with Kerberos, and an external Lightweight
Directory Access Protocol (LDAP) service. What is the primary reason TACACS+ was chosen for this?
Single Sign-On
NIPRNet
Network access
*A: Device administration
9.
Question 9
Consider the following scenario: A company is utilizing Google Business applications for their marketing department. These applications should be able to temporarily access a user’s email account to send links for review. Why should the company use Open Authorization (OAuth) in this situation?
Compatibility with third party apps
Utilize a Key Distribution Center server
Gain access through a wireless access point
Administer multiple network devices
10.
Question 10
Which of the following is a way to define permissions or authorizations for objects?
Access control entries
Network access servers (NAS)
Access control lists (ACL)
Extensible authentication protocols