Audit Final
Most firewall rules are based on static attributes. They are not effective at protecting a network from all types of attacks, such as a distributed denial of service (DDoS) attack from a trusted server that was compromised. What can be used to help firewalls do a better job?
Intrusion detection system (IDS)/intrusion prevention system (IPS)
Which of the following is the definition of demilitarized zone (DMZ)?
A type of firewall that makes requests for remote services on behalf of local clients
Which of the following is a protocol suite designed to secure Internet Protocol (IP) traffic using authentication and encryption for each packet?
Internet Protocol Security (IPSec)
Which of the following is a tunneling protocol developed by Cisco Systems as an encapsulating protocol that can transport a variety of other protocols inside IP tunnels?
Generic Routing Encapsulation (GRE)
RADIUS is a network protocol that supports remote connections by centralizing the management tasks. What do I, U, and S stand for?
In, User, Service
Within the LAN-to-WAN Domain, what connects two or more separate networks?
Router
In one step of a penetration test, detailed information is collected about each node. Testers identify open and active ports, and can query open ports to determine which services are running on a selected node. This is:
Scanning and enumeration
You want to configure devices to send an alert to the network manager when remote users connect to your network. Which protocol is the best choice for monitoring network devices?
Simple Network Management Protocol (SNMP)
There are three main strategies for encrypting data to send to remote users. One strategy does not require any application intervention or changes at all; the connection with the remote user handles the encryption. This is:
System connection encryption
Which of the following best describes footprinting?
The process of determining the operating system and version of a network node
Which of the following best describes authentication in the Remote Access Domain?
The process of providing additional credentials that match the user ID or user name
Why should you verify that all data flowing through your virtual private network (VPN) is encrypted?
To prevent an attacker from capturing and reading the data
Which of the following is primarily a detective control in the Remote Access Domain?
Traffic analysis
A Web content filter examines Web-based traffic and can block Web content that does not adhere to an organization's Internet or Web acceptable use policy (AUP).
True
A best practice for the Remote Access Domain is to install at least one firewall between a virtual private network (VPN) endpoint and the internal network.
True
A distributed application is an environment in which the components that make up an application reside on different computers.
True
A proxy server forwards packets for authorized requests to a remote server, using its own Internet Protocol (IP) address as the source address to hide the true source's identity.
True
A virtual private network (VPN) uses a wide area network (WAN) connection.
True
In the Remote Access Domain, a remote user is a person who uses a wide area network (WAN) to connect to and access resources or applications from a remote location.
True
Internet-facing components are network components in an organization's IT infrastructure that users can access via the Internet.
True
Monitoring configuration settings is a detective control in the LAN-to-WAN Domain.
True
Network access control (NAC) enables you to check a client computer for compliance with security policies and either grant or deny its access to the internal network.
True
Point-to-Point Tunneling Protocol (PPTP) does not provide encryption.
True
Remote access management includes verifying that privacy settings are in place.
True
The FCAPS security management component includes activities to control access to network resources and limit access exclusively to authorized users.
True
The firewall blocks connections from Internet users to your local area network but allows the Web server to connect.
True
Virtual private network (VPN) tunneling allows applications to use any protocol to communicate with servers and services securely.
True
With virtual private network (VPN) tunneling, applications can use protocols that are NOT compatible with the wide area network (WAN).
True
What is a best practice for compliance in the Remote Access Domain?
Use global user accounts whenever possible.
In a penetration test, after the testers have all of the available information on operating systems and running software and services, the next step is to explore known vulnerabilities in the target's environment. This is:
Vulnerability identification
The two main types of attacks that may originate from within an organization are internal attacks on the organization and _______________.
internal-to-external attacks on another organization
A nonintrusive penetration test ____________.
only validates the existence of a vulnerability
Which of the following is the definition of intrusion prevention system (IPS)?
A network hardware device or software that detects unusual network activity that might represent an intrusion, and takes action to stop the attack
The following are the basic steps required to establish a remote connection EXCEPT:
Accounting
FCAPS is a network management functional model. FCAPS is an acronym that represents the focal tasks necessary to effectively manage a network. Security management is:
Activities to control access to network resources and limit access exclusively to authorized users
An intrusion detection system (IDS) is a server deliberately set up as insecure in an effort to trap or track attackers.
False
Cable, wireless, and cellular are typically baseband connections.
False
Encryption is a type of detective control in the LAN-to-WAN Domain.
False
Server Message Block (SMB) is a technique that creates a virtual encrypted connection and allows applications to use any protocol to communicate with servers and services without having to worry about addressing or privacy concerns.
False
TACACS+ encrypts only the password when sending an access request packet to the server. RADIUS encrypts the entire packet.
False