CPSA Github Questions with
Complete Solutions46
Why can remote access VPNs not use Main Mode for IKE Phase-1 if the authentication method
is pre-shared key? - ANSWERS-Pre-shared key authentication with Main Mode requires that the
peer's IP is known before the connection is established.
What is the blocksize of the DES encryption cipher? - ANSWERS-64 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
Which is the least secure encryption cipher of those listed below? - ANSWERS-DES
Which file in a user's home directory controls the trust relationships for Berkeley R services? -
ANSWERS-.rhosts
Why can remote access servers not use aggressive mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with aggressive
mode does not provide identity protection.
What is the key length of the AES encryption cipher? - ANSWERS-128 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
,Which is the most secure encryption cipher of those listed below? - ANSWERS-AES
Which file in a user's home directory controls the trust relationships for SSH? -
ANSWERS-.ssh/authorized_keys
Why can remote access VPNs not use aggressive mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with aggressive
mode does not provide identity protection.
What is the key length of the Triple-DES encryption cipher? - ANSWERS-168 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
Which is the most secure encryption cipher of those listed below? - ANSWERS-AES
Which file in a user's home directory controls the trust relationships for FTP? - ANSWERS-.netrc
Why can remote access servers not use Main Mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with Main Mode
requires that the peer's IP is known before the connection is established.
What is the key length of the IDEA encryption cipher? - ANSWERS-128 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
,Which is the least secure encryption cipher of those listed below? - ANSWERS-DES
Which file in a user's home directory controls the trust relationships for NFS? - ANSWERS-.rhosts
Which operating system is most likely to be vulnerable to the TTYPROMPT vulnerability in the
telnet service? - ANSWERS-Solaris 8
What algorithm can be used to negotiate a shared encryption key? - ANSWERS-Diffie-Hellman
Which protocols are associated with PPTP? - ANSWERS-TCP port 1723 and IP protocol 47
Where are the encrypted passwords stored on a Solaris system? - ANSWERS-/etc/shadow
What is the purpose of the rwho protocol? - ANSWERS-To send regular broadcasts and listen to
broadcasts from other systems.
How do rwho clients query the rwho daemon? - ANSWERS-Using UDP port 513.
How do rwho clients query the rwho daemon using ONC/RPC? - ANSWERS-They can't.
How do you establish a null session to a Windows host from a Windows command shell? -
ANSWERS-NET USE \\hostname\ipc$ "" /u:""
What is the purpose of the NET USE command in establishing a null session? - ANSWERS-To
connect to a shared resource on a remote host.
What is the purpose of the \\hostname\ipc$ argument in the NET USE command? - ANSWERS-
To specify the IPC$ share on the remote host.
, What is the purpose of the /u:"" argument in the NET USE command? - ANSWERS-To specify a
null username.
What is the purpose of the account lockout threshold? - ANSWERS-To determine the number of
incorrect password attempts before an account is locked out.
How many incorrect password attempts will cause the built-in administrator account to be
locked out on a Windows 2003 system? - ANSWERS-The built-in administrator account will
never be locked out.
What is the purpose of the account lockout duration setting? - ANSWERS-To determine the
duration of an account lockout.
What is the purpose of the NET USE command in establishing a null session? - ANSWERS-To
connect to a shared resource on a remote host.
What is the purpose of the \\hostname\c$ argument in the NET USE command? - ANSWERS-To
specify the C$ share on the remote host.
What is the purpose of the /u:NULL argument in the NET USE command? - ANSWERS-There is
no such argument in the NET USE command.
What is the purpose of the /u:"" argument in the NET USE command? - ANSWERS-To specify a
null username.
What is the purpose of the account lockout threshold? - ANSWERS-To determine the number of
incorrect password attempts before an account is locked out.
Complete Solutions46
Why can remote access VPNs not use Main Mode for IKE Phase-1 if the authentication method
is pre-shared key? - ANSWERS-Pre-shared key authentication with Main Mode requires that the
peer's IP is known before the connection is established.
What is the blocksize of the DES encryption cipher? - ANSWERS-64 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
Which is the least secure encryption cipher of those listed below? - ANSWERS-DES
Which file in a user's home directory controls the trust relationships for Berkeley R services? -
ANSWERS-.rhosts
Why can remote access servers not use aggressive mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with aggressive
mode does not provide identity protection.
What is the key length of the AES encryption cipher? - ANSWERS-128 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
,Which is the most secure encryption cipher of those listed below? - ANSWERS-AES
Which file in a user's home directory controls the trust relationships for SSH? -
ANSWERS-.ssh/authorized_keys
Why can remote access VPNs not use aggressive mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with aggressive
mode does not provide identity protection.
What is the key length of the Triple-DES encryption cipher? - ANSWERS-168 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
Which is the most secure encryption cipher of those listed below? - ANSWERS-AES
Which file in a user's home directory controls the trust relationships for FTP? - ANSWERS-.netrc
Why can remote access servers not use Main Mode for IKE Phase-1 if the authentication
method is pre-shared key? - ANSWERS-Because pre-shared key authentication with Main Mode
requires that the peer's IP is known before the connection is established.
What is the key length of the IDEA encryption cipher? - ANSWERS-128 bits
What is this: 16:23:57.094021 IP 192.168.124.204.137 > 192.168.124.255.137: NBT UDP
PACKET(137): QUERY; REQUEST; BROADCAST - ANSWERS-A NetBIOS over TCP/IP name service
broadcast
,Which is the least secure encryption cipher of those listed below? - ANSWERS-DES
Which file in a user's home directory controls the trust relationships for NFS? - ANSWERS-.rhosts
Which operating system is most likely to be vulnerable to the TTYPROMPT vulnerability in the
telnet service? - ANSWERS-Solaris 8
What algorithm can be used to negotiate a shared encryption key? - ANSWERS-Diffie-Hellman
Which protocols are associated with PPTP? - ANSWERS-TCP port 1723 and IP protocol 47
Where are the encrypted passwords stored on a Solaris system? - ANSWERS-/etc/shadow
What is the purpose of the rwho protocol? - ANSWERS-To send regular broadcasts and listen to
broadcasts from other systems.
How do rwho clients query the rwho daemon? - ANSWERS-Using UDP port 513.
How do rwho clients query the rwho daemon using ONC/RPC? - ANSWERS-They can't.
How do you establish a null session to a Windows host from a Windows command shell? -
ANSWERS-NET USE \\hostname\ipc$ "" /u:""
What is the purpose of the NET USE command in establishing a null session? - ANSWERS-To
connect to a shared resource on a remote host.
What is the purpose of the \\hostname\ipc$ argument in the NET USE command? - ANSWERS-
To specify the IPC$ share on the remote host.
, What is the purpose of the /u:"" argument in the NET USE command? - ANSWERS-To specify a
null username.
What is the purpose of the account lockout threshold? - ANSWERS-To determine the number of
incorrect password attempts before an account is locked out.
How many incorrect password attempts will cause the built-in administrator account to be
locked out on a Windows 2003 system? - ANSWERS-The built-in administrator account will
never be locked out.
What is the purpose of the account lockout duration setting? - ANSWERS-To determine the
duration of an account lockout.
What is the purpose of the NET USE command in establishing a null session? - ANSWERS-To
connect to a shared resource on a remote host.
What is the purpose of the \\hostname\c$ argument in the NET USE command? - ANSWERS-To
specify the C$ share on the remote host.
What is the purpose of the /u:NULL argument in the NET USE command? - ANSWERS-There is
no such argument in the NET USE command.
What is the purpose of the /u:"" argument in the NET USE command? - ANSWERS-To specify a
null username.
What is the purpose of the account lockout threshold? - ANSWERS-To determine the number of
incorrect password attempts before an account is locked out.
