Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Top Five Toughest Questions > Top Five Toughest Questions - Pg. 140

140 CHAPTER 8 Security Standards and Services can be used to distract attackers from real servers and keep them occupied while you collect information on the attack and the source of the attack. After an attack has occurred, the most important thing to do is to collect all the evidence of the attack and its methods. You will also want to take steps to ensure that the same type of attack cannot be successfully performed on the network in the future. Authentication protocols are chosen based on the applications, complexity, and level of security needs. Kerberos provides access through secure encrypted keys and issuance of tickets. CHAP validates the identity of the clients through three-way handshake (challenge, response, success, or failure). RADIUS is the most popular of all the AAA servers, which include RADIUS, TACACS, and TACACS+. We also reviewed Extension Authentication Protocol and Protected EAP. Top Five Toughest Questions 1. You are performing a security audit for a company to determine their risk from various attack methods. As part of your audit, you work with one of the company's employees to see what activities he performs during the day that could be at risk. As you work with the employee, you see him perform the following activities: Log into the corporate network using Kerberos Access files on a remote system through a Web browser using SSL Log into a remote UNIX system using Secure Shell (SSH) Connect to a Post Office Protocol 3 (POP3) server and retrieve e-mail Which of these activities is most vulnerable to a sniffing attack? A. Logging into the corporate network using Kerberos B. Accessing files on a remote system through a Web browser using SSL C. Logging into a remote UNIX system using SSH D. Connecting to a POP3 server and retrieving e-mail 2. You are a security consultant for a large company that wants to make its intranet available to its employees via the Internet. They want to ensure that the site is as secure as possible. To do this, they want to use multifactor authentication. The site uses an ID and password already but they want to add security features that ensure that the site is indeed their site, not a spoofed site, and that the user is an authorized user. Which authentication technology supports this? A. Certificates B. CHAP C. Kerberos D. Tokens 3. You have been asked to help a company implement multifactor authentica- tion. They want to make sure that the environment is as secure as possible through the use of biometrics. Based on your knowledge of authentication, you understand that biometrics falls under the "something you are"