10 out of 10 points

The following NTLM Authentication type is disabled by default in Windows Server 2003 and Windows Server 2008 servers; it should not be used in a production environment as it is weak and can be easily hacked by malicious users:Answer

Selected Answer:LM authentication

Response Feedback:

LM authentication is disabled by default in Windows Server 2003 and Windows Server 2008.

Question 2

0 out of 10 points

This suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to proide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data.Answer

Selected Answer:    [None Given]

Response Feedback:

IPSec is built into the definition of the IPv6 protocol suite; it is optional when using IPv4.

Question 3

10 out of 10 points

This is a mathematical value that is used to provide an integrity check for a TCP or UDP packet.Answer

Selected Answer:Checksum

Response Feedback:

The TCP or UDP checksum can be used to verify whether a packet has been modified in transit from a source computer to a destination computer.

Question 4

10 out of 10 points

This is used to provide gateway-to-gateway protection for site-to-site

communications that cross the Internet (or other public networks).Answer

Selected Answer:Tunnel mode

Response Feedback:

Tunnel mode is used to provide IPSec protection between two tunnel endpoints, not necessarily between the sending and receiving computers.

Question 5

10 out of 10 points

The following protocol provides confidentiality (in addition to authentication, integrity, and anti-replay) for the IP payload:Answer

Selected Answer:Encapsulating Security Payload (ESP)

Response Feedback:

ESP is used to provide both authentication and encryption; AH is only used to provide authentication.

Question 6

10 out of 10 points

The following is a value contained in a received IKE message that is used to help identify the corresponding main mode SA:Answer

Selected Answer:Cookie

Response Feedback:

A cookie is a value contained in a received IKE message that is used to help identify the corresponding main mode SA.

Question 7

10 out of 10 points

Windows Server 2003 supports the following feature, which is used to determine new keying material through a new Diffie-Hellman exchange on a regular basis:Answer

Selected Answer:

Dynamic rekeying

Response Feedback:

Dynamic re-keying is used to reduce the likelihood of a network attack based on the re-use of IPSec keys over time.

Question 8

100 out of 100 points

Match the description with the terminology.Answer

Question Selected Match

The ___________________ was configured in Windows 2000, Windows Server 2003, and Windows XP IPSec policies to ensure that the computer responds to requests for secure communication.

 H.default response rule

A(n) ____________________ attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic.

 G.identity spoofing

The strongest form of NT LAN Manager authentication is ___________________________.

 E.NTLMv2 authentication

IPSec _______________________ is used to provide end-to-end security, in which both hosts support IPSec using the same authentication protocols.

 I.transport mode

A(n) ___________________ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain.

 F.Isolation

Microsoft Network Monitor is an example of a real-world _______________________.

 D.packet sniffer

The Windows Firewall with Advanced Security MMC snap-in allows you to integrate IPSec into the Windows Firewall by configuring one or more ________________________.

 C.

Connection Security Rules

The default _________________________ for IPSec connections in an Active Directory environment is the Kerberos v5 protocol.

 J.

authentication method

Each Windows Firewall exception can be configured with a  B.

specific _________ to control which computers the local computer will accept connections from. scope

A(n) ___________________ must occur before secure traffic can be sent, in order to determine the type of traffic to be secured and how it will be secured.

 A.

quick mode negotiation

Question 9

10 out of 10 points

An IP Filter in which traffic that is defined in one direction will also be defined in the opposite direction is said to be:Answer

Selected Answer:Mirrored

Response Feedback:

A mirrored IP Filter will automatically create a filter in the corresponding opposite direction.

Question 10

10 out of 10 points

You can configure the Windows Firewall to allow one or more inbound connections based on any of the following that you configure:Answer

Selected Answer:Exception

Response Feedback:

You will configure exceptions within the Windows Firewall to allow specific inbound or outbound traffic.

Question 11

10 out of 10 points

This Connection Security Rule allows you to specify one or more computers that do not need to be authenticated in order to pass traffic.Answer

Selected Answer:Authentication exemption

Response Feedback:

You can use an authentication exemption rule to provide unauthenticated access to infrastructure servers, such as DHCP and DNS servers.