ch 8 and 13a 158
You have just installed a packet filtering firewall on your network. Which options will you be able to set on your firewall?
-destination address of a packet -source address of a packet -port number
Which of the following are true of a circuit proxy filter firewall?
-verifies sequencing of session packets -operates at the session layer
which port number is used by snmp
161
You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
53
Haley configures a website using Windows Server 2016 default values. What are the HTTP port and SSterm-32L port settings?
80 for HTTP; 443 for SSL
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level
While developing a network application, a programmer adds functionality that allows her to acces the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application.
Backdoor
Which of the following functions are performed by proxies?
Block employees from accessing certain Web sites AND Cache web pages
A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack?
Buffer overflow
When designing a firewall, what is the recommend approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is anexample of which kind of attack? Backdoor Spamming DDoS ReplayDoS
DDoS
You want to allow your users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server.Which TCP/IP protocol should you implement to provide this capability?
FTP
Which of the following is likely to be located in a DMZ
FTP server
You have installed anti-virus software on the computers on your network. You update thedefinition and engine files and configure the software to update those files every day.What else should you do to protect your systems from malware? (Select two.)
Schedule regular full system scans. Educate users about malware.
You are monitoring network traffic on your network, and you see traffic between two network hosts on port 1720. What is the source of this network traffic?
Someone is using voice over IP (VOiP) to make a telephone call.
Which of the following features are common functions of an all-in-one security appliance?
Spam filtering Bandwidth shaping
Which of the following are methods for providing centralized authentication, authorization, andaccounting for remote access?
TACACS+ RADIUS
You are an administrator for a large company. You are setting up a computer at a worker's house so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account informationWhich utility should you use to accomplish this task?
Telnet
You are monitoring network traffic on your network and you see a large amount of traffic between a Windows workstation and a Windows server on the following ports -137 -138 -139 What is the source of this network traffic?
The workstation is using NetBIOS to access shared resources on the server.
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?
Turnstiles
which protocol and port number is used by TFTP
UDP 69
An all-in-one security appliance is best suited for which type of implementation?
a Remote
which of the following is the strongest form of multi-factor authentication?
a password, biometric scan, and a token device
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
ip addy
You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110, and 143.Assuming that no other ports on the firewall need to be configured to provide access, which applications are most likely to be hosted on the server? •Web server, DNS server, and DHCP server•Web server, DNS server, and email server•Email server, Newsgroup server, and DNS server•Web server and email server
•Web server and email server
In which of the following situations would you most likely implement a demilitarized zone (DMZ)? •You want to encrypt data sent between two hosts using the internet. •You want to detect and respond to attacks in real time. •You want to protect a public web server from attack. •You want internet users to see a single IP address when accessing your company network.
•You want to protect a public web server from attack.