10 out of 10 points The following NTLM Authentication type is disabled by default in Windows Server 2003 and Windows Server

2008 servers; it should not be used in a production environment as it is weak and can be easily hacked by malicious users: Answer Selected Answer: LM authentication Response Feedback: LM authentication is disabled by default in Windows Server 2003 and Windows Server 2008.

Question 2
0 out of 10 points This suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to proide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data. Answer Selected Answer: Response Feedback: [None Given] IPSec is built into the definition of the IPv6 protocol suite; it is optional when using IPv4.

Question 3
10 out of 10 points This is a mathematical value that is used to provide an integrity check for a TCP or UDP packet. Answer Selected Answer: Checksum Response Feedback: The TCP or UDP checksum can be used to verify whether a packet has been modified in transit from a source computer to a destination computer.

Question 4
10 out of 10 points

This is used to provide gateway-to-gateway protection for site-to-site communications that cross the Internet (or other public networks). Answer Selected Answer: Tunnel mode Response Feedback: Tunnel mode is used to provide IPSec protection between two tunnel endpoints, not necessarily between the sending and receiving computers.

Question 5
10 out of 10 points The following protocol provides confidentiality (in addition to authentication, integrity, and anti-replay) for the IP payload: Answer Selected Answer: Encapsulating Security Payload (ESP) Response Feedback: ESP is used to provide both authentication and encryption; AH is only used to provide authentication.

Question 6
10 out of 10 points The following is a value contained in a received IKE message that is used to help identify the corresponding main mode SA: Answer Selected Answer: Cookie Response Feedback: A cookie is a value contained in a received IKE message that is used to help identify the corresponding main mode SA.

Question 7
10 out of 10 points Windows Server 2003 supports the following feature, which is used to determine new keying material through a new Diffie-Hellman exchange on a regular basis: Answer

Selected Answer: Dynamic rekeying Response Feedback: Dynamic re-keying is used to reduce the likelihood of a network attack based on the re-use of IPSec keys over time.

Question 8
100 out of 100 points Match the description with the terminology. Answer Question The ___________________ was configured in Windows 2000, Windows Server 2003, and Windows XP IPSec policies to ensure that the computer responds to requests for secure communication. A(n) ____________________ attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic. The strongest form of NT LAN Manager authentication is ___________________________. IPSec _______________________ is used to provide end-toend security, in which both hosts support IPSec using the same authentication protocols. A(n) ___________________ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain. Microsoft Network Monitor is an example of a real-world _______________________. The Windows Firewall with Advanced Security MMC snap-in allows you to integrate IPSec into the Windows Firewall by configuring one or more ________________________. The default _________________________ for IPSec connections in an Active Directory environment is the Kerberos v5 protocol. Selected Match H. default response rule G. identity spoofing E. NTLMv2 authentication I. transport mode F. Isolation

D. packet sniffer C. Connection Security Rules J. authentication method

Each Windows Firewall exception can be configured with a specific _________ to control which computers the local computer will accept connections from. A(n) ___________________ must occur before secure traffic can be sent, in order to determine the type of traffic to be secured and how it will be secured.

B. scope A. quick mode negotiation

Question 9
10 out of 10 points An IP Filter in which traffic that is defined in one direction will also be defined in the opposite direction is said to be: Answer Selected Answer: Mirrored Response Feedback: A mirrored IP Filter will automatically create a filter in the corresponding opposite direction.

Question 10
10 out of 10 points You can configure the Windows Firewall to allow one or more inbound connections based on any of the following that you configure: Answer Selected Answer: Exception Response Feedback: You will configure exceptions within the Windows Firewall to allow specific inbound or outbound traffic.

Question 11
10 out of 10 points This Connection Security Rule allows you to specify one or more computers that do not need to be authenticated in order to pass traffic. Answer

Selected Answer: Authentication exemption Response Feedback: You can use an authentication exemption rule to provide unauthenticated access to infrastructure servers, such as DHCP and DNS servers.