Test Bank For CNIT 242 Final Exam || Updated Actual Exam 500 Questions and Correct Detaile, Exams of Computer Security

Download Test Bank For CNIT 242 Final Exam || Updated Actual Exam 500 Questions and Correct Detaile and more Exams Computer Security in PDF only on Docsity!

Test Bank For CNIT 242 Final Exam | | Updated Actual Exam 500 Questions and Correct Detailed Answers 2025/2026 What does AAA stand for? What question does Authentication answer? What question does Authorization answer? What question does Accounting answer? Authentication can be accomplished using any of what 4 qualifications? What is two-factor authentication? What 2 steps does the authentication process involve? Authentication, Authorization, and Accounting Do you have the credentials necessary to access this system? Once authenticated, what do you have permission to do? Once authorized to access a resource, how much of the resource are you using? What you know, what you have, what you are, where you are Using two of the 4 authentication qualifications to prove an identity. Identification and proof of identification User ID, physical object (such as What are ways to provide ; , . ATM card), biometrics, digital identification? . certificates What are ways to provide proof of passwords, access codes, one-time identification? tokens, biometrics, digital certificates computer generated (NEVER simple What are strategic ways to develop names), sometimes created to some user IDs? algorithm, NEVER use the same as email address True or False: UID / password combo can be a powerful method of True authentication if properly managed What is the number one rule of DON'T WRITE PASSWORDS password security? DOWN The more strict the password What is the security tradeoff with rules, the higher the chances password? users will violate the first rule of secure passwords authentication. functions as both What are biometrics? ID and proof of ID, separated into physiological and behavioral What level do group policies assign rights to? What level do access control lists assign permissions to? What is an access control list? What do ACLs contain? system object simplest method of providing authorization, but requires a separate authentication method. they are attached to/located on the resource a list of authorized users and their authorization levels when the resource is accessed over When do "share" permissions apply? What 3 servers does Kerberos require? What is the basic concept of Kerberos? a network one authentication server, one ticket granting server, and at least one application server If a secret is known by only two people, either person can verify the identity of the other by confirming that the other person knows the secret. admins create the realms which encompass all that is available to access.a CNIT 242 Final Exam What is the purpose of a Kerberos Realm? What is within a Kerberos Realm? In Kerberos, when requesting access to a service or host, three interactions take place between you and: realm defines what Kerberos manages in terms of who can access what. Within the realm is the Client and the service/host machine to which they requested access. There is also the Key Distribution Center which hold the Authentication S and TGS the Authentication Server, the Ticket Granting Server, and the Service or host machine that you're wanting access to it itself is encrypted with a master How is the KDC protected? k ey Cisco-proprietary, TCP, AAA are What are traits of TACAS? separate processes Open standard, UDP, combines What are traits of RADIUS? Authentication and Authorization, only encrypts password CNIT 242 Final Exam Authentication only, no Authorization What are traits of Kerberos? ; or Accounting What standard does naming in AD LDAP standard follow? What needs to be formed among domain trees (explicitly or implicitly) trust relationships to build a domain forest? Does creating AD groups as ; . no, it does not maximize "Universal" maximize performance? When is the Authoritative DNS server contacted? Can users access their files when not connected to the network using Roaming User Profiles? What is the order in which group policies are applied? T/F: leaf objects can inherit attributes from its parent containers T/F: X.500 is the original basis for Kerberos What resource can provide centralized user authentication, and enables a general "phone book" about network users? Does AD use LDAP to do Authentication and Authorization? When the configured DNS server does not have the record in its database/cache No, that's not what roaming profiles do local, site, domain, OU a directory no...just authorization What logical view is a directory organized into? What are the 3 main a “tree”. root, branch and leaf components? What are the two ways a directory ; : ; geographic or functional can be arranged/organized? moving items in the directory to new ; ; . locations, such as individual users, What is pruning and grafting? groups, computers, or even whole sections of the directory Variables with values that are What are attributes? relevant to items in that part of the directory Why do items inherit attributes based Ensures consistency across items on their location in the directory? within a directory location Tr/Fa: When items are moved from one location in the directory to Fa another, they keep their old attributes. Defines the attribute types a What is a directory schema? directory can contain, along with the structure (like a template) What are container objects? Give examples What is a leaf? Give examples What are alias objects? make, model, duplex, B+W, defined in the directory schema. CNIT 242 Final Exam What are some attributes that would describe a leaf printer object? Where is this defined? What are directory enabled applications and what are some examples? objects that can be nested, such as country, organization, OU, group of names any object that cannot contain other objects in the directory, such as a person, computer, printer objects that point to other entries in the directory. most directories support this Core applications that rely on the directory for information: user logon, What port does LDAP operate in? Which type of directory is X.500 based? Which is loosely based? What is eDirectory? What is Open Directory? CNIT 242 Final Exam Which directory service is used by Apple, uses LDAP and Kerberos, and can integrate with AD? What is AD dependent on? What is a workgroup in terms of AD? Operates in a client/server manner overITCP port 389 active directory, DUH!, eDirectory Previously known as NDS (Novell Directory Services)Available in Novell Netware 4.0 and on Directory service used by Apple's OS X operating systemUses LDAP and Kerberos and can integrate with AD Open Directory DNS - Domain Name Service No centralized management or control, one or more computers on a Windows LAN that are NOT joined to Are workgroups handy? What is a domain? What does ADDS stand for? What is the purpose of Active Directory Domain Services? What are sites? What does replication mean? What can GPOs be linked to? a domain, no dependencies between computers no, they suck Collection of objects that share the same database Active Directory Domain Services stores info about users, computers, and other devices on the network. helps admins manage information and facilitate resource sharing and collaboration. required for directory- enabled applications like Microsoft Exchange Server a collection of well-connected subnets, represent the physical structure/topology of your network updating all domain controllers on a network when a change is made, can take time sites, domains, and OUs Which DC is allowed to make changes to the schema (definitions of things in the database) - Only one in the entire forest? Which DC is responsible for the forest-wide namespace - MUST be on a DC that is also a Global Catalog Server? What is the PDC Emulator and what is its scope? What is the Relative ID Master and what is its scope? The Schema Master The Domain Naming Master Used for backward compatibility with Windows NT DCs & for propagating password changes quickly across all DC's in the domain (not hours - but seconds) Should not be same machine as Global Catalog, ideallyscope = domain Responsible for making sure that SIDs are unique within the domain - SID is long security id. All SIDs ina domain are the same up to the last 32 bits, called the RID. RID master makes sure those 32 bits remain unique for each object in domain.scope = domain ; Maintains references to objects What is the Infrastructure Master and ; , . located in another domain what is its scope? ; (phantoms)scope = domain What must one DC be configured to a global catalog server in a multi-domain forest? What is a Global Catalog Server? CNIT 242 Final Exam Listing of all objects in the directory, should be on a different server than the PDC emulator In a single-domain forest, how many DCs should be global catalog ALL servers? Security and Distribution. Security What are the two types of groups in SIRI WML Tsle} ed te Th AD? tokens and can be used in ACL's. Distribution groups are organizational only and not for contain members from any domain within the forest. Only to the users and computers that are contained in the domain, How do the settings of a GPO OU, or OUs to which the GPO is apply? linked, and that are specified in or are members of a group that are specified in Security Filtering Sites, domains, and OUs CNIT 242 Final Exam What 3 things can Group Policies be linked to? What 6 things does Group Policy Users, computers, groups, sites, target? domains, OUs In Active Directory Group Policy, what are used to define the individual Group Policy Objects (GPOs) settings? Tru/Fal: The GPO must be assigned to the OU that contains the user, group or computer. Tru/Fal: GPOs can be directly assigned to users, groups of users, or computers What is the difference between user policies and computer policies when setting up a GPO? What is the default state for GPO entries? What happens if a parent GPO has a value for a setting and a child GRO does not? What happens if a parent GPO has a value for a setting and a child GPO has a non-conflicting value for the same setting? What happens if a parent GPO has a value for a setting and a child GPO Tru Fal User policies are applied when the user logs in, computer policies are applied when the computer boots up not configured the child inherits the parent's GPO in full The child inherits the parent's GPO in full and applies its own also The child inherits the GPO but the conflicting setting on the child overwrites the inherited values