Which elements do digital certificate contain that can be used to increase the reliability of authenticity and nonrepudiation?

	a) Each digital certificate host stores only the trusted private keys of the certificate authority (CA).
	b) Digital certificates use a private key pair signed by a third party.
	c) Digital certificates use a public key pair signed by a trusted third party.
	d) Digital certificates use a public key and private key pair signed by a trusted third party.

Opal is the chief technology officer for her company. She is working with the legal department to acquire virtual private network (VPN) service through a cloud implementation. Unless it is spelled out in the contract, Opal is afraid that a critical element in the VPN service will not be present, leaving remote access services vulnerable in case of a failure. What is she concerned about?

	a) Authentication
	b) Redundancy
	c) Security
	d) Privacy

Armand is the IT director of his organization. He is working with accounting to determine a budget for upgrading the company's virtual private network (VPN) equipment. Several options are available, and after narrowing down his requirements, he still needs more technical assistance to make a decision. Rather than going with award-winning VPN products he has found in industry magazines and websites, what option does he select that will gain him assistance in doing "legwork"?

	a) Purchasing manager
	b) Reseller
	c) VPN policy writer
	d) Help desk staff

Miriam is the cybersecurity manager for her company's IT department. She is updating the computing and networking-related policies that apply company-wide. She learns that Wyatt, an engineer responsible for maintaining VPN access for remote employees, has written a VPN usage policy specifying parameters for use that is independent of what she is crafting. What is the most likely problem?

	a) The two independent policies might describe conflicting requirements such as differing password lengths.
	b) The two independent policies might define the logical network infrastructure differently.
	c) The process of IT policy making should be handled only at the level of the chief information officer (CIO).
	d) Wyatt's policy may be more comprehensive than Miriam's documentation.

Which of the following is a type of virtual private network (VPN) architecture that places a firewall in front of the VPN to protect it from Internet-based attacks as well as a firewall behind the VPN to protect the internal network?

	a) Bypass
	b) Internally connected
	c) Two-factor
	d) DMZ architecture

Kasim is a network technician. He is tasked with deploying a virtual private network (VPN) in his company's IT infrastructure. He wants to place the VPN device where it is directly connected to both the Internet and the internal LAN. He believes that security will not be a concern because the VPN is already encrypted point-to-point. Which of the following statements is TRUE about this configuration?

	a) A VPN has a built-in firewall and is therefore protected from Internet threats.
	b) This configuration could leave the VPN device vulnerable to social engineering.
	c) The VPN device itself is still capable of being attacked.
	d) Without a firewall, an employee on the internal LAN could use the VPN to make an insecure connection to a remote host.

Tomika is a network architect. A coworker is helping to design a more secure placement of the company's virtual private network (VPN) device. The coworker suggests that the device be placed between the Internet-facing firewall and the internal network. What is Tomika's opinion of this deployment strategy?

	a) It is a highly secure deployment and the plan should be proposed to the chief technology officer (CTO).
	b) It is somewhat secure but does not address possible security issues involving untrustworthy VPN connections.
	c) Along with the firewall, an intrusion detection system/intrusion prevention system (IDS/IPS) solution should be placed between the firewall and the VPN device.
	d) Although the firewall adds more security, it will slow down traffic to the VPN device.

Alphonse is a network engineer who is developing his IT infrastructure's virtual private network (VPN) deployment plan. He has decided to place the VPN device between the externally facing and internally facing firewalls in the demilitarized zone (DMZ). He is determining the rule sets with which to configure both firewalls. His VPN device is a Secure Sockets Layer (SSL) VPN and he wants to use default settings. Which port should he allow the firewalls to pass traffic through?

	a) 115
	b) 194
	c) 443
	d) 500

Which of the following is one of the most common and easily exploited vulnerabilities on any hardware network device?

	a) Default password
	b) Application conflicts
	c) Malware
	d) Undistributed authentication credentials

Maria is a network engineer assigned to select a new virtual private network (VPN) solution for her company. She is weighing the benefits of commercial versus open-source VPNs. Which of the following is a benefit of open-source platforms?

	a) Access to Internet-based support
	b) Available hardware maintenance
	c) Available management tools
	d) Ease of installation and management

Aileen is a help desk technician. She and her coworkers start getting a lot of calls from remote workers saying that their virtual private network (VPN) connection to the office abruptly dropped. Last month, Aileen helped deploy a new VPN solution that uses redundant VPN devices with their own power sources connecting to an Internet circuit. What is the most likely cause of the problem?

	a) Both VPNs coincidentally went down at the same time.
	b) Someone accidently turned off the power strip supplying electricity to the VPN units.
	c) The company's single Internet circuit went down.
	d) Too many remote workers attempted to connect via the VPN and crashed both units.

Sebastian is the HR department's trainer. He is developing various materials to teach the fundamentals of using a virtual private network (VPN) to a variety of audiences, from the president and vice presidents of the corporation to newly hired mid-level managers and entry-level employees. After implementing his training program some weeks ago, he began getting calls from the IT help desk stating that users are contacting them with troubleshooting issues for their VPN sessions. The help desk technicians do not know how to respond. What is the most likely problem?

	a) Sebastian forgot to add basic troubleshooting to his end-user training.
	b) Sebastian neglected to direct the end users to consult their training manual first before contacting the help desk.
	c) Sebastian neglected to train IT personnel on troubleshooting remote connections.
	d) Sebastian did not make recordings of his training sessions available on the company intranet so end users could get a refresher if needed.

Which of the following steps helps you verify that the internal network port of a virtual private network (VPN) device is available?

	a) Open a command-line interface and use the ping command.
	b) Open a command-line interface and use an ipconfig command.
	c) Use an Internet-based tool to issue a traceroute command.
	d) Physically visit the VPN device and visually inspect the connection to the internal port.

While there is no single way to troubleshoot a virtual private network (VPN) issue, what is the MOST appropriate first step?

	a) Call the vendor.
	b) Answer phone calls, emails, and texts from users asking when the problem will be fixed.
	c) Identify the specific symptoms of the problem.
	d) Try the most likely solution.