Page 780 - StudyBook.pdf
P. 780

764    Appendix • Self Test Appendix

                  ■ Log into a remote UNIX system using SSH

                  ■ Connect to a POP3 server and retrieve e-mail
              Which of these activities is most vulnerable to a sniffing attack?
                  A. Logging in to the corporate network using Kerberos
                  B. Accessing files on a remote system through a Web browser using SSL
                  C. Logging into a remote UNIX system using SSH
                  D. Connecting to a POP3 server and retrieving e-mail
              D. Connecting to a POP3 server sends the ID and password over the network in a non-
                 encrypted format due to the use of cleartext authentication.This data (in addition to the e-mail
                 content itself) is consequently vulnerable to being collected when sniffing the network.
              A, B, C.Answer A is incorrect because logging into a network using Kerberos is secure from
                 sniffing attacks due to encryption and timestamps.Answer B is incorrect because using SSL
                 encrypts the connection so that it cannot be viewed by sniffing.Answer C is incorrect because
                 using SSH encrypts the connection to the remote UNIX system.

              7.  You are reading a security article regarding penetration testing of various authentication
                  methods. One of the methods being described uses a time-stamped ticket as part of its
                  methodology.Which authentication method would match this description?
                  A. Certificates
                  B. CHAP
                  C. Kerberos
                  D. Tokens
              C. Kerberos is the only access control method listed which uses time-stamped tickets.
              Answer A is incorrect because certificates do not use tickets although they are time-stamped.
                 Answer B is incorrect because CHAP does not use time-stamped tickets as part of its method-
                 ology.Answer D is incorrect because tokens do not use tickets, although their numerical algo-
                 rithms may be based on timestamps.

              8.  You are validating the security of various vendors that you work with to ensure that your
                  transactions with the vendors are secure.As part of this, you validate that the certificates used
                  by the vendors for SSL communications are valid.You check one of the vendor’s certificates
                  and find the information shown in Figure 1.1. From the information shown, what vendor
                  would you have to trust as a CA for this certificate to be valid?















          www.syngress.com
   775   776   777   778   779   780   781   782   783   784   785