Networking

Q: a. dual-homed host f. reverse firewallb. load-balancing software g. screened hostc. many-to-one NAT h. screening routerd. one-to-one NAT i. server farme. proxy server j. three-pronged firewall1/ a process that uses the source and destination TCP and UDP port addresses to map traffic between internal and external hosts2/ a device that filters outgoing connections3/ a group of servers connected in a subnet that work together to receive requests4/ the process of mapping one internal IP address to one external IP address5/ a firewall with separate interfaces connected to an untrusted network, a semitrusted network, and a trusted network6/ a computer configured with more than one network interface7/ a host in which one interface is connected to an internal network and the other interface is connected to a router to an untrusted network8/ software that forwards packets to and from the network being protected andcaches Web pages to speed up network performance9/ software that prioritizes and schedules requests and then distributes them to servers in a server cluster based on each server's current load and processing power10/ a router placed between an untrusted network and an internal network

Q: You can ______________ a bastion host by removing unnecessary accounts and services.

Q: A primary goal of proxy servers is to provide security at the _______________ layer.

Q: A DMZ is a subnet of _____________ accessible servers placed outside the internal network.

Q: In a screened ____________ setup, a router is added between the host and the Internet to carry out IP packet filtering.

Q: A _______________ router determines whether to allow or deny packets based on their source and destination IP addresses.

Q: Which type of translation should you use if you need 50 computers in the corporate network to be able to access the Internet using a single public IP address?a. one-to-one NAT c. one-to-many NATb. port address translation d. DMZ proxy translation

Q: Which type of NAT is typically used on devices in the DMZ?a. one-to-one NAT c. one-to-many NATb. port address translation d. many-to-one NAT

Q: Which of the following is true about private IP addresses?a. they are assigned by the IANA c. they are targeted by attackersb. they are not routable on the Internet d. NAT was designed to conserve them

Q: Why is a bastion host the system most likely to be attacked?a. it has weak security c. it is available to external usersb. it contains company documents d. it contains the default administrator account

Q: What is the term used for a computer placed on the network perimeter that is meant to attract attackers?a. bastion host c. proxy decoyb. honeypot d. virtual server

Q: What is a step you can take to harden a bastion host?a. enable additional services to serve as honeypots b. open several ports to confuse attackers c. configure several extra accounts with complex passwordsd. remove unnecessary services

Q: What is a critical step you should take on the OS you choose for a bastion host?a. ensure all security patches are installed b. make sure it is the latest OS version c. choose an obscure OS with which attackers are unfamiliard. customize the OS for bastion operation

Q: Which of the following best describes a bastion host?a. a host with two or more network interfaces b. a computer on the perimeter network that is highly protected c. a computer running a standard OS that also has proxy software installedd. a computer running only embedded firmware

Q: Which of the following is a disadvantage of using a proxy server?a. shields internal host IP addresses c. may require client configurationb. slows Web page access d. can"t filter based on packet content

Q: Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?a. Layer 7 switch c. proxy serverb. translating gateway d. ICMP redirector

Q: Which type of security device can speed up Web page retrieval and shield hosts on the internal network?a. caching firewall c. caching-only DNS serverb. proxy server d. DMZ intermediary

Q: Which type of firewall configuration protects public servers by isolating them from the internal network?a. screened subnet DMZ c. screening routerb. dual-homed host d. reverse firewall

Q: What should you consider installing if you want to inspect packets as they leave the network?a. security workstation c. filtering proxyb. RIP router d. reverse firewall

Q: In what type of attack are zombies usually put to use?a. buffer overrun c. DDoSb. virus d. spoofing

Q: Where should network management systems generally be placed?a. out of band c. on the perimeterb. in the DMZ d. in the server farm

Q: Which of the following is best described as software that prioritizes and schedules requests and then distributes them to servers based on each server's current load and processing power.a. server pooling software c. priority server farmb. traffic distribution filter d. load-balancing software

Q: What do you call a firewall that is connected to the Internet, the internal network, and the DMZ?a. multi-homed proxy c. three-way packet filterb. three-pronged firewall d. multi-zone host

Q: Which of the following best describes a DMZ?a. a network of computers configured with robust firewall software b. a subnet of publicly accessible servers placed outside the internal network c. a private subnet that is inaccessible to both the Internet and the company networkd. a proxy server farm used to protect the identity of internal servers

Q: Which of the following is true about a dual-homed host?a. serves as a single point of entry to the network b. its main objective is to stop worms and viruses c. uses a single NIC to manage two network connectionsd. it is used as a remote access server in some configurations

Q: Which of the following is true about a screening router?a. it examines the data in the packet to make filtering decisions b. it can stop attacks from spoofed addresses c. it maintains a state table to determine connection informationd. it should be combined with a firewall for better security

Q: The TCP normalization feature forwards abnormal packets to an administrator for further inspection.

Q: Proxy servers take action based only on IP header information.

Q: Reverse firewalls allow all incoming traffic except what the ACLs are configured to deny.

Q: A screened host has a router as part of the configuration.

Q: A dual-homed host has a single NIC with two MAC addresses.

Q: What is a cleanup rule? Provide an example.

Q: Describe a firewall policy for application traffic.

Q: What makes an effective rule base? List three points to consider.

Q: Describe a packet-filtering scenario that works with the DMZ.

Q: What is stateful packet filtering?

Q: What are the most common features of IP protocol headers that stateless packet filters base their filtering decisions on?

Q: Describe a hardware firewall and include one or more advantages and disadvantages.

Q: Describe a software firewall and include one or more advantages and disadvantages.

Q: Discuss what a firewall is and its role in a company's overall security scheme.

Q: a. cleanup rule f. rule baseb. firewall g. socketc. firewall appliance h. state tabled. firewall policy i. stateful packet filterse. proxy server j. stateless packet filters1/ software that forwards network packets and caches Web pages to speed up network performance2/ the end point of a computer-to-computer connection defined by an IP address and port address3/ a packet-filtering rule that comes last in a rule base and covers any packets that have not been covered by preceding rules4/ hardware devices with firewall functionality5/ filters that are similar to stateless packet filters, except that they also determine whether to allow or block packets based on information about current connections6/ hardware or software configured to block unauthorized access to a network7/ simple filters that determine whether to allow or block packets based on information in protocol headers8/ the collection of rules that filter traffic at an interface of a firewall9/ an addition to a security policy that describes how firewalls should handleapplication traffic, such as Web or e-mail applications10/ a file maintained by stateful packet filters that contains a record of all current connections

Q: The rule base should permit access to public servers in the _________ and enable users to access the Internet.

Q: A primary objective of a rule base is to ______________ communications based on complex rules.

Q: The ACK flag is normally sent at the end of the three-way ______________ to indicate that a connection is established.

Q: ACLs filter packets by using a __________ base to determine whether to allow a packet to pass.

Q: A firewall can consist of all devices positioned on the network _____________.

Q: Which of the following is NOT an ICMPv6 packet type that you should allow within your organization but never outside the organization?a. Destination unreachable c. Time Exceededb. Packet too big d. Packet Redirect

Q: Which of the following is a method for supporting IPv6 on IPv4 networks until IPv6 is universally adopted?a. Teredo tunneling c. IPsec tunnelingb. ICMPv6 encapsulation d. SMTP/S tunneling

Q: What type of ICMP packet can an attacker use to send traffic to a computer they control outside the protected network?a. Source Quench c. Destination Unreachableb. Echo Request d. Redirect

Q: What are the two standard ports used by FTP along with their function?a. UDP 23 control, TCP 20 data c. TCP 21 control, TCP 20 datab. UDP 20 data, TCP 21 control d. TCP 23 data, TCP 21 control

Q: What service uses UDP port 53?a. SMTP c. ICMPb. DNS d. TFTP

Q: Which two ports should packet-filtering rules address when establishing rules for Web access?a. 143, 80 c. 80, 443b. 25, 110 d. 423, 88

Q: Which of the following is a general practice for a rule base?a. begin by blocking all traffic and end by allowing selective services b. permit access to public servers in the DMZ c. allow all access to the firewalld. allow direct access from the Internet to computers behind the firewall

Q: Which of the following is NOT a protocol,port pair that should be filtered when an attempt is made to make a connection from outside the company network?a. TCP,80 c. UDP,138b. TCP,139 d. TCP,3389

Q: Which of the following is described as the combination of an IP address and a port number?a. portal c. datagramb. subnet d. socket

Q: What is considered the "˜cleanup rule" on a Cisco router?a. explicit allow all c. explicit promptb. implicit deny all d. implicit allow

Q: What is a suggested maximum size of a rule base?a. 30 rules c. 10 rulesb. 300 rules d. 100 rules

Q: Which of the following is NOT among the common guidelines that should be reflected in the rule base to implement an organization's security policy?a. only authenticated traffic can access the internal network b. employees can use instant-messaging only with external network users c. the public can access the company Web serversd. employees can have restricted Internet access

Q: Which element of a rule base conceals internal names and IP addresses from users outside the network?a. tracking c. NATb. filtering d. QoS

Q: At what layer of the OSI model do proxy servers generally operate?a. Application c. Transportb. Session d. Network

Q: What should a company concerned about protecting its data warehouses and employee privacy might consider installing on the network perimeter to prevent direct connections between the internal network and the Internet?a. router c. ICMP monitorb. VPN server d. proxy server

Q: What type of attack are stateless packet filters particularly vulnerable to?a. attempts to connect to ports above 1023 c. IP spoofing attacksb. attempts to connect to the firewall d. attempts to connect to ports below 1023

Q: Which of the following is NOT a criteria typically used by stateless packet filters to determine whether or not to block packets.a. IP address c. data patternsb. ports d. TCP flags

Q: Which of the following is an advantage of hardware firewalls?a. not scalable compared to software firewalls c. less expensive than software firewallsb. not dependent on a conventional OS d. easy to patch

Q: Which of the following is a typical drawback of a free firewall program?a. cannot monitor traffic in real time b. oversimplified configuration c. have centralized managementd. more expensive than hardware firewalls

Q: The Cisco PIX line of products is best described as which of the following?a. software firewall c. firewall applianceb. PC with firewall installed d. VPN gateway

Q: Since ICMP messages use authentication, man-in-the-middle attacks cannot be successful.

Q: Generally, connections to instant-messaging ports are harmless and should be allowed.

1 2 3 … 25 Next »

Subjects