Firewall Authentication

Descripción

NSE4 6.0 NSE4 6.0 Test sobre Firewall Authentication, creado por Marcos Avila el 16/08/2018.
Marcos Avila
Test por Marcos Avila, actualizado hace más de 1 año
Marcos Avila
Creado por Marcos Avila hace más de 6 años
86
1

Resumen del Recurso

Pregunta 1

Pregunta
Fortigate methods of firewall authentication (Select 3)
Respuesta
  • Local password authentication
  • server-based password authentication
  • two-factor authentication
  • LDAP
  • Token
  • TACACS+

Pregunta 2

Pregunta
Remote authentication server (Select 4)
Respuesta
  • POP3
  • RADIUS
  • LDAP
  • TACACS+
  • Token Server
  • FortiAuthenticator

Pregunta 3

Pregunta
POP3 is the only server that requires an email address as the login credential.
Respuesta
  • True
  • False

Pregunta 4

Pregunta
Tokens use a specific algorithm to generate an OTP. The algorithm consists of:
Respuesta
  • The time: obtained from an accurate internal clock. A seed: a unique, randomly-generated number that does not change in time.
  • A seed: obtained from an accurate internal clock. The time : a unique, randomly-generated number that does not change in time.

Pregunta 5

Pregunta
Authentication methods and active authentication types :
Respuesta
  • Active Passive
  • Local Remote

Pregunta 6

Pregunta
[blank_start]Active[blank_end] : User receives a login prompt Must manually enter credentials to authenticate POP3, LDAP, RADIUS, Local and TACACS+ [blank_start]Passive[blank_end] : User does not receive a login prompt Credentials are determined automatically -Method varies depending on type of authentication used FSSO, RSSO, and NTLM
Respuesta
  • Active
  • Passive

Pregunta 7

Pregunta
Port used for LDAP:
Respuesta
  • TCP Port 389
  • TCP Port 398
  • TCP Port 983

Pregunta 8

Pregunta
?
Respuesta
  • Example Directory Tree
  • Example Organizational Domain Tree
  • Example LDAP hierarchy

Pregunta 9

Pregunta
Testing LDAP query:
Respuesta
  • diagnose test authserver ldap <server> <username> <password>
  • diagnose authserver <serverip> ldap <username> <password>

Pregunta 10

Pregunta
When FortiGate uses RADIUS server for remote authentication, which statement about RADIUS is true?
Respuesta
  • a. FortiGate must query remote RADIUS server using the distinguished name (dn).
  • b. RADIUS group memberships are provided by vendor specific attributes (VSAs) configured on the RADIUS server.

Pregunta 11

Pregunta
Which of the following is a valid reply from a RADIUS server to an ACCESS-REQUEST packet from FortiGate?
Respuesta
  • a. ACCESS-PENDING
  • b. ACCESS-REJECT

Pregunta 12

Pregunta
A remote LDAP user is trying to authenticate with a user name and password. How does FortiGate verify the login credentials?
Respuesta
  • a. FortiGate queries its own database for user credentials.
  • b. FortiGate sends the user entered credentials to the remote server for verification.

Pregunta 13

Pregunta
Which statement about guest user groups is true?
Respuesta
  • a. Guest user group accounts are temporary.
  • b. Guest user group account passwords are temporary.

Pregunta 14

Pregunta
Which statement about active authentication is true?
Respuesta
  • a. Active authentication is always used before passive authentication.
  • b. The firewall policy must allow the HTTP, HTTPS, FTP, and/or Telnet protocols in order for the user to be prompted for credentials.

Pregunta 15

Pregunta
[blank_start]ACCESS—ACCEPT[blank_end], which means that the user credentials are ok [blank_start]ACCESS—REJECT[blank_end], which means that the credentials are wrong [blank_start]ACCESS—CHALLENGE[blank_end], which means that the server is requesting a secondary password ID, token, or certificate. This is typically the reply from the server when using two-factor authentication.
Respuesta
  • ACCESS—ACCEPT
  • ACCESS—REJECT
  • ACCESS—CHALLENGE

Pregunta 16

Pregunta
[blank_start]The Common Name identifier[blank_end] setting is the attribute name used to find the user name. Some schemas allow you to use the attribute uid. Active Directory most commonly uses sAMAccountName or cn, but can use others as well. [blank_start]The Distinguished Name[blank_end] setting identifies the top of the tree where the users are located, which is generally the dc value; however, it can be a specific container or ou. You must use the correct X.500 or LDAP format. [blank_start]The Bind Type[blank_end] setting depends on the security settings of the LDAP server. The setting Regular (to specify a regular bind) is required if you are searching across multiple domains and require the credentials of a user that is authorized to perform LDAP queries (for example, an LDAP administrator).
Respuesta
  • The Common Name identifier
  • The Distinguished Name
  • The Bind Type
Mostrar resumen completo Ocultar resumen completo

Similar

Ciclo del Nitrógeno
Barbara Fredericksen
Sistema Internacional de Unidades (SI)
Raúl Fox
Test de Matemáticas para el GMAT (en Inglés)
Diego Santos
Práctica sobre el verbo
Kenneth Zapata
Mapas mentales en GoConqr
Adriana Gallegos
Estructura física y lógica de las computadoras
mauriciofrog
Importancia de la Comunicación en el Liderazgo
pi75251085
LA CADENA ALIMENTICIA
Nohemi Vargas2399
VERBOS...
Ulises Yo
Lexicología Jurídica
Alfonso Tester
Preguntas abiertas. La Guerra Civil
Salustiano Gutiérrez Baena