“Do I Know This Already?” Quiz– Cisco Security Tools
Take the quiz (either here or use the PTP software) if you want to use the score to help you decide how much time to spend on this chapter. Appendix A, “Answers to the ‘Do I Know This
Already?’ Quizzes,” found at the end of the book, includes both the answers and explanations. You can also find answers in the PTP testing software.
Table 20-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping
Caution
The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you incorrectly guess skews your self-assessment results and might provide you with a false sense of security.
1. Why can you trust a website with your SSO credentials?
a. Because your user credentials are transferred and stored securely
b. Because your user credentials are not transferred to the website
c. Because your user credentials are transferred securely, the receiving site does not store them
d. Because your connection to the website is encrypted
2. What is one negative aspect of SSO?
a. Your credentials are shared with multiple websites or systems.
b. Most SSO systems do not support 2FA and other advanced authentication methods.
c. An attacker who gains access to one password gains access to many of a user’s accounts.
d. Websites that use SSO do not encrypt their traffic.
3. What does password strength refer to?
b. The password’s entropy bits
c. The number of different kinds of characters used in a password
d. The number of words in a passphrase
4. After adding some symbols, lowercase letters, and uppercase characters to make guessing a password more difficult, what will add more strength to a password?
a. Making the password longer
b. Adding more variation by replacing letters with numbers
c. Adding more variation by mixing up the case more
d. Making the password shorter in length so it is easier to remember
5. What is one vulnerability of text message-based 2FA systems might an attacker be able to exploit?
a. You could lose your phone, so you can no longer access your account.
b. Text message–based 2FA systems still require a password or passphrase.
c. An attacker could clone or swap your phone’s SIM, so they receive the 2FA text messages.
d. The attacker could make a copy of your fingerprint and use it without you being present.
6. What do biometric systems store a copy of on your device for verification?
a. Your personal identification number
b. A picture of your face, finger, etc.
c. Your telephone number
d. A digital hash of your face, fingerprint, etc.
7. What does stateful packet filtering use to determine which packets to forward or drop?
a. The source and destination IP addresses
b. The contents of the packet in the context of an upper-layer protocol
c. The state of the session between the transmitter and receiver
d. A hash of the source and destination addresses divided by a hash of the packet’s contents
8. What email fields does a DKIM header sign?
a. The sender’s email address, the receiver’s email address, the body of the message, the message’s subject, and other fields
b. Only the sender’s and receiver’s addresses
c. The source and destination IP addresses
d. The sender’s telephone number
9. Is it always safe to click on links in emails you receive?
a. Yes, because of the many layers of security built into email systems
b. Yes, because no one is likely to send you a link to a password stealing website
c. No, because the security systems in email do not validate links
d. No, because email is easy to intercept and read
10. What is nonrepudiation?
a. Keeping communications and information confidential
b. Proving data has not changed since it was transmitted
c. Proving a sender sent a piece of information
d. Proving a person is who they say they are
11. What is the security justification for using a VPN?
a. To make it look like you are in a different location
b. To protect your data from being read by attackers who intercept your traffic
c. To ensure your data is protected all the way to the server you are communicating with
d. To make certain you know the identity of the server you are communicating with