Sec+ CH.3 Review Test

B is correct The newest version of Transport Layer Security (TLS)

should be implemented to access the network devices. Because the scenario

says the same interface is needed, the only possible choices are TLS or

Secure Sockets Layer (SSL). However, SSL has been deprecated and

should not be used. Lightweight Directory Access Protocol Secure

(LDAPS) is used to communicate with directories such as Microsoft Active

Directory. Simple Network Management Protocol version 3 (SNMPv3)

adds security to SNMP and encrypts the credentials sent to and from the

network devices, but it doesn’t support access via a browser interface.

B is correct. You can use Secure Shell (SSH) to encrypt confidential data

when transmitting it over the network. Secure File Transfer Protocol

(SFTP) uses SSH to encrypt File Transfer Protocol (FTP) traffic, but FTP is

unencrypted. Simple Network Management Protocol version 3 (SNMPv3)

is used to monitor and manage network devices, not transmit data over a

network. Secure Real-Time Transport Protocol (SRTP) provides encryption,

message authentication, and integrity for voice and video, but not all data.

C is correct. Simple Network Management Protocol version 3 (SNMPv3)

is a secure protocol that can monitor and collect information from network

devices. It includes strong authentication mechanisms to protect the

confidentiality of credentials. None of the other protocols listed are used to

monitor network devices. Secure Shell (SSH) provides a secure method of

connecting to devices but does not monitor them. File Transfer Protocol

Secure (FTPS) is useful for encrypting large files in transit, using Transport

Layer Security (TLS). TLS is commonly used to secure transmissions but

doesn’t include methods to monitor devices.

You are trying to determine what information attackers can gain about

your organization using network reconnaissance methods via the Internet.

Using a public wireless hot spot, you issue the following command:

nslookup -querytype=mx gcgapremium.com

You then see these results:

Server: UnKnown

Address: 10.0.0.1

Non-authoritative answer:

gcgapremium.com MX preference = 90, mail exchanger =

mx1.emailsrvr.com

gcgapremium.com MX preference = 20, mail exchanger =

mx2.emailsrvr.com

What does this tell you?

C is correct. This indicates that the mx1.emailsrvr.com is a backup mail

server. The preference of mx1.emailsrvr.com is 90, which is higher than the

preference of 20 for mx2.emailsrvr.com. In other words, mx2.emailsrvr.com

is the primary email server and mx1.emailsrvr.com is the secondary email

server. The “Address: 10.0.0.1” response indicates that the address of the

Domain Name System (DNS) server that gave the response is 10.0.0.1. The

“Server: UnKnown” response indicates that the DNS server is not using

PTR records, which resolve IP addresses to hostnames. Note that

“UnKnown” looks like a typo but is the way that nslookup (short for name

server lookup) displays it. The MX records are required so that other

Internet-based mail servers can find the mail servers handling mail sent to a

domain.

D is correct. This is a Domain Name System (DNS) server with the

added capabilities of DNS Security Extensions (DNSSEC). DNSSEC is a

suite of extensions to DNS. It uses a Resource Record Signature (RRSIG),

commonly referred to as a digital signature, to provide data integrity and

authentication for DNS replies. A DNS server resolves hostnames to IP

addresses. Secure Shell (SSH) is commonly used to connect to remote

systems and can be used to send files in an encrypted format over a

network. Simple Network Management Protocol version 3 (SNMPv3) is

used to manage and monitor network devices. Secure/Multipurpose Internet

Mail Extensions(S/MIME) is a popular standard used to encrypt email, but

email is not mentioned in the scenario.

A is correct. After creating the key pair, she should use the ssh-copy-id

command to copy the public key to the server. The first step uses the ssh-

keygen -t rsa command. This creates an RSA-based key pair (a private key

and a public key). The public key’s location and the name is

~.ssh/id_rsa.pub, and the private key’s location and the name is

~/.ssh/id_rsa. The second step is to copy the public key to the remote server

using the command ssh-copy-id -i ~.ssh/id_rsa.pub maggie@gcga. The

private key should always stay private, but the chmod 644 command makes

it readable by everyone, so it shouldn’t be used. The ssh command connects

to the remote server using Secure Shell (ssh). However, it’s not required to

connect to the server before copying it. The ssh-copy-id command is a

utility within the OpenSSH suite of tools.

B is correct. The Network Time Protocol (NTP) provides time

synchronization services, so enabling NTP on servers in the screened subnet

(sometimes called a demilitarized zone or DMZ) would meet this use case.

The Secure Real-time Transport Protocol (SRTP) provides encryption,

message authentication, and integrity for audio and video over IP networks.

Protocols such as Simple Mail Transfer Protocol (SMTP), Post Office

Protocol v3 (POP3), and Internet Message Access Protocol version 4

(IMAP4) are used for email. Encrypting data isn’t relevant to time

synchronization services provided by NTP.