Chapter 10

¡Supera tus tareas y exámenes ahora con Quizwiz!

What kinds of issues might indicate a misconfigured ACL?

Connectivity and performance issues between two hosts in which some applications or ports can make the connection while others can't

What are the two primary features that give proxy servers an advantage over NAT?

Content filtering and File caching

What kind of firewall blocks traffic based on application data contained within the packets?

Content-filtering firewall

What causes most firewall failures?

Firewall misconfiguration

An _____________(use abbreviation) monitors network traffic and alerts (only) about suspicious activity.

IDS

Active Directory and 389 Directory Server are both compatible with which directory access protocol?

LDAP

EAPoL is primarily used with what kind of transmission?

Wireless

Which of the following ACL commands would permit web-browsing traffic from any IP address to any IP address?

access-list acl_2 permit http any any

On a Linux system, which command allows you to modify settings used by the built-in packet filtering firewall?

iptables

What feature of Windows Server allows for agentless authentication?

AD (Active Directory)

Which of the following is not one of the three AAA services provided by RADIUS and TACACS+?

Access control

What software might be installed on a device in order to authenticate it to the network?

Agent

What's the essential difference between an IPS and an IDS?

An IDS can only detect and log suspicious activity. An IPS can react when alerted to such activity.

Which NGFW feature allows a network admin to restrict traffic generated by a specific game?

Application awareness

Only one ___________________ exists on a network using STP.

Root bridge

What kind of ticket is held by Kerberos' TGS?

TGT

Why is a BPDU filter needed at the demarc?

The ISP's STP-related topology information shouldn't be mixed with a corporate network's STP-related topology information.

A stateless firewall inspects each incoming packet to determine whether it belongs to a currently active connection.

False

An ________________ (use abbreviation) can detect suspicious activity and block it from entering the network or the host

IPS

At what layer of the OSI model do proxy servers operate?

Layer 7

Which of the following features is common to both an NGFW and traditional firewalls?

Packet Filtering

Why do network administrators create domain groups to manage user security privileges?

To simplify the process of granting rights to users

Which command on an Arista switch would require an SNMP notification when too many devices try to connect to a port?

switchport port-security

Any traffic that is not explicitly permitted in the ACL is denied, which is called the ____________________________.

Implicit deny rule

A __________ (use abbreviation) is a security strategy that combines multiple layers of security appliances and technologies into a single safety net.

UTM


Conjuntos de estudio relacionados

Unit 4 Vocabulary - Media Influence & Media Bias (Part 1)

View Set

Math Quiz #1 -Area Perimeter Circumference

View Set

Human A & P Chapter 10: The Muscular System

View Set

Digital Forensics Final Study Guide

View Set

APUSH Unit 5 Additional Questions

View Set

CZC1 - additional questions (Chapter 18, 21)

View Set

Unit 5: Revolutions (1750-1900) - AP World History

View Set