Domain 4 Quiz

Domain 4 Quiz

1. Yoyodyne Corporation plans to use Active Directory for single sign-on throughout the enterprise. Which network protocols must be added to the ALLOW list in all internal router ACLs? Select two.
   1. LDAP
   2. LDAPS
   3. Kerberos
   4. X.500
2. Dmitri's company wants to establish SSO. The initial analysis concluded that they need a system that handles both authentication and authorization with tokens. Dmitri has concluded that the protocol used by Facebook and LinkedIn is the most promising. He is favoring:
   1. SAML
   2. OAUTH
   3. OpenID
   4. WS-Federation
   5. Shibboleth
3. Kristina works at a financial services firm that suffered a major breach. They have implemented a centralized AAA system regulating access to the Intranet. After proving their identity with a smart card and a complex passphrase, users are connected to the appropriate VLAN. Internal services are only provided to user sessions holding valid service tickets. Intranet activity records are continuously analyzed to detect inappropriate or malicious activity. Identify this latter activity.
   1. Identification
   2. Authentication
   3. Authorization
   4. Auditing
4. Pedro's manager has been given a recommendation that they implement a single-sign on solution in which user sessions will have cryptographic software tokens providing their identity, their authorization to use services, and the cryptographic keys used to secure their communication. What should Pedro recommend?
   1. Kerberos
   2. RADIUS
   3. SAML
   4. VPN
5. Mikhail, a system administrator, has been asked by Kelli, a database administrator, to create an account for the new database project. The account should require authenticated access, have auditing enable, but incapable of interaction, with credentials that rarely if ever change. What type of account should Mikhail create?
   1. Ordinary user
   2. Privileged user
   3. Administrator
   4. Guest
   5. Service
   6. Management
6. Which password policy setting would require a user to include both digits and special characters in their password?
   1. Prohibiting dictionary words
   2. Length
   3. Complexity
   4. Maximum age
   5. Minimum age
   6. Expiration
   7. Length
7. Akira authenticates with a device that displays a different value every minute. What is this an example of?
   1. Multi-factor
   2. OTP
   3. HOTP
   4. TOTP
8. Kerberos provides which three of the following? Select three.
   1. Network intrusion detection
   2. ESSO
   3. Cryptographic key control
   4. Log analysis and alerting
   5. An API supporting third-party applications
   6. A "single pane of glass" dashboard
9. Functional SSO must incorporate which of the following?
   1. Active Directory
   2. RADIUS
   3. Federated identity management
   4. Kerberos
10. Which of these is an XML-based open-source standard that involves an IdP or Identity Provider, an SP or Service Provider, and a Principal, and is the basis for several other authentication systems?
    1. SAML
    2. OAUTH
    3. OpenID
    4. Shibboleth
    5. WS-Federation
11. A military contractor is very worried about physical intrusion. They need to keep unauthorized individuals out of sensitive areas. Inappropriately allowing an unauthorized individuals into an area is classified as which of the following:
    1. False Acceptance
    2. False Rejection
    3. False Positive
    4. False Negative
    5. Fail Open
    6. Fail Closed
12. Which of these is an open-source standards-based solution for single sign-on web authentication, based largely on SAML?
    1. OAUTH
    2. OpenID
    3. EAP-TLS
    4. Shibboleth
    5. WS-Federation
13. Mutual authentication involves which two? Select two.
    1. Client authenticating the server
    2. Client authorizing the server
    3. Server authenticating the client
    4. Server authorizing the client
14. You are equipping a forensics team. Which of these would be most useful?
    1. A set of precision screwdrivers
    2. A playbook
    3. Luminol
    4. Latex gloves and masks
15. You observe this data.

    11:43:57.293662 IP 192.168.1.1 > 192.168.1.7: ICMP echo request, id 5331, seq 1, length 64
    11:43:57.294143 IP 192.168.1.7 > 192.168.1.1: ICMP echo reply, id 5331, seq 1, length 64
    11:43:58.294308 IP 192.168.1.1 > 192.168.1.7: ICMP echo request, id 5331, seq 2, length 64
    11:43:58.294730 IP 192.168.1.7 > 192.168.1.1: ICMP echo reply, id 5331, seq 2, length 64
    11:43:59.322328 IP 192.168.1.1 > 192.168.1.7: ICMP echo request, id 5331, seq 3, length 64
    11:43:59.322645 IP 192.168.1.7 > 192.168.1.1: ICMP echo reply, id 5331, seq 3, length 6 

    Which tool or defensive measure was involved? Select two.
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
16. You observe this data.

    www.google.com (172.217.6.4) 56(84) bytes of data.
    64 bytes from ord38s01-in-f4.1e100.net (172.217.6.4): icmp_seq=1 ttl=116 time=26.9 ms
    64 bytes from ord38s01-in-f4.1e100.net (172.217.6.4): icmp_seq=2 ttl=116 time=28.2 ms
    64 bytes from ord38s01-in-f4.1e100.net (172.217.6.4): icmp_seq=3 ttl=116 time=27.2 ms
    64 bytes from ord38s01-in-f4.1e100.net (172.217.6.4): icmp_seq=4 ttl=116 time=27.2 ms
    64 bytes from ord38s01-in-f4.1e100.net (172.217.6.4): icmp_seq=5 ttl=116 time=28.5 ms
    
    --- www.google.com statistics ---
    5 packets transmitted, 5 received, 0% packet loss, time 4005ms
    rtt min/avg/max/mdev = 26.976/27.673/28.568/0.621 ms 

    Which tool or defensive measure was involved?
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
17. You observe this data.

    enp9s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 192.168.1.1  netmask 255.255.255.0  broadcast 192.168.1.255
            inet6 2601:249:4300:cb:a62:66ff:fe2c:ab1c  prefixlen 64  scopeid 0x0<global>
            inet6 fe80::a62:66ff:fe2c:ab1c  prefixlen 64  scopeid 0x20<link>
            ether 08:62:66:2c:ab:1c  txqueuelen 1000  (Ethernet)
            RX packets 16332198  bytes 4799272313 (4.7 GB)
            RX errors 0  dropped 3  overruns 0  frame 0
            TX packets 27220877  bytes 32805346549 (32.8 GB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0 

    Which tool or defensive measure was involved?
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
18. You observe this data.

    Host is up (0.00031s latency).
    rDNS record for 192.168.1.40: hplj4250n.kc9rg.org
    Not shown: 993 closed ports
    PORT      STATE SERVICE    VERSION
    80/tcp    open  http       Virata-EmWeb 6.2.1 (HP LaserJet http config)
    280/tcp   open  http       Virata-EmWeb 6.2.1 (HP LaserJet http config)
    443/tcp   open  ssl/https?
    515/tcp   open  printer
    7627/tcp  open  http       HP-ChaiSOE 1.0 (HP LaserJet http config)
    9100/tcp  open  jetdirect?
    14000/tcp open  tcpwrapped
    MAC Address: 00:12:79:DF:81:B1 (Hewlett Packard)
    Device type: printer
    Running: HP embedded
    OS details: HP LaserJet 4250 (JetDirect) printer
    Network Distance: 1 hop
    Service Info: Host: 192.168.1.40; Device: printer 

    Which tool or defensive measure was involved?
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
19. You observe this data.

    192.168.1.4 at dc:a6:32:36:a9:4e [ether] on enp9s0
    192.168.1.218 at b8:27:eb:1f:f6:87 [ether] on enp9s0
    192.168.1.20 at b8:27:eb:03:6b:37 [ether] on enp9s0
    192.168.1.205 at b8:27:eb:f9:ea:4d [ether] on enp9s0
    192.168.1.7 at b8:27:eb:95:25:5b [ether] on enp9s0
    192.168.1.40 at 00:12:79:df:81:b1 [ether] on enp9s0
    192.168.1.254 at 38:94:ed:fa:48:88 [ether] on enp9s0
    192.168.1.42 at 00:1c:50:ac:72:1e [ether] on enp9s0
    192.168.1.3 at dc:a6:32:36:a9:4e [ether] on enp9s0 

    Which tool or defensive measure was involved?
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
20. You observe this data.

    Proto Recv-Q Send-Q Local Address          Foreign Address        (state)
    tcp        0      0 www.http               ec2-54-251-14-39.http  SYN_RCVD
    tcp        0      0 www.http               97-127-152-158.c.http  SYN_RCVD
    tcp        0     72 www.ssh                c-67-162-124-176.57046 ESTABLISHED
    tcp        0      0 www.ssh                c-67-162-124-176.56956 TIME_WAIT
    tcp        0      0 www.57694              metadata.google..http  ESTABLISHED
    tcp        0      0 localhost.9000         localhost.45172        TIME_WAIT
    tcp        0      0 www.https              cpe-184-153-88-7.45718 ESTABLISHED
    tcp        0      0 www.https              ec2-54-90-33-176.40684 ESTABLISHED
    tcp        0      0 www.https              petalbot-114-119.32762 TIME_WAIT
    tcp        0      0 www.https              static.kpn.net.49168   ESTABLISHED
    tcp        0      0 www.https              static.kpn.net.49169   ESTABLISHED
    tcp        0      0 www.https              185-97-201-166.n.1480  ESTABLISHED
    tcp        0      0 www.https              185-97-201-166.n.1478  ESTABLISHED
    tcp        0      0 www.https              185-97-201-166.n.1476  ESTABLISHED
    tcp        0      0 www.https              crawl-66-249-79-.52368 TIME_WAIT
    tcp        0      0 www.https              crawl-66-249-79-.35610 TIME_WAIT
    tcp        0      0 www.http               crawl-66-249-68-.58406 TIME_WAIT
    tcp        0      0 www.https              84.93.94.244.56895     ESTABLISHED
    tcp        0      0 www.https              ip-99-203-20-246.19011 ESTABLISHED
    tcp        0      0 www.https              pool-96-252-105-.51616 TIME_WAIT
    tcp        0     63 www.https              CPE589630c056fc-.59897 FIN_WAIT_1
    tcp        0      0 www.http               200.46.45.114.50849    CLOSED
    tcp        0      0 www.http               201.130.137.117..44167 CLOSED
    tcp        0      0 *.https                *.*                    LISTEN
    tcp        0      0 *.http                 *.*                    LISTEN
    tcp        0      0 localhost.9000         *.*                    LISTEN
    tcp        0      0 *.ssh                  *.*                    LISTEN
    tcp6       0      0 *.ssh                  *.*                    LISTEN
    tcp        0      0 localhost.smtp         *.*                    LISTEN 

    Which tool or defensive measure was involved?
    1. Wireshark
    2. ping
    3. nmap
    4. tcpdump
    5. netstat
    6. arp
    7. ifconfig
21. You observe this command output.

    ;; connection timed out; no servers could be reached 

    What is wrong?
    1. DNS cache poisoning has happened
    2. Your workstation cannot contact the nameserver
    3. The domain does not exist
    4. There is no host with the requested name
22. Which of these can you put in a boot script to prevent MitM?
    1. nmap -sS -sV -T5 192.168.12.72
    2. arp -s 00:13:3B:12:6f:aa 192.168.12.72
    3. tcpdump -i eth0 host 192.168.12.72 or ether host 00:13:3b:12:6f:aa
    4. netstat -an
    5. ping 192.168.12.72

To the answers

Passing = 82% of 22 = 18.0

Goal = 91% of 22 = 20.0