Chapter 2 Quiz

Which of the following refers to a type of firewall that filters on a specific application's content and session information? a. circuit firewall b. hardware firewall c. application firewall d. stateful inspection

c. application firewall

Which malicious software program is distributed by hackers to take control of victims' computers? a. hardware firewalls b. viruses c. bots d. bastion bot

c. bots

Which name is given to a form of filtering that focuses on traffic content? a. stateful inspection filtering b. static filtering c. content filtering d. application gateway

c. content filtering

Which firewall has a network interface located in a unique network segment that allows for true isolation of the segments and forces the firewall to filter all traffic moving from one segment to another? a. appliance firewall b. software firewall c. dual-homed firewall d. triple-homed firewall

c. dual-homed firewall

Which of the following refers to a form of encryption also known as point-to-point or host-to-host encryption? a. hardware firewall b. circuit firewall c. transport mode encryption d. tunnel mode encryption

c. transport mode encryption

Which term describes the calculation of the total loss potential across a year for a given asset and a specific threat? a. annualized loss expectancy (ALE) b. annualized rate of occurrence (ARO) c. user datagram protocol (UDP) d. cost-benefit analysis

a. annualized loss expectancy (ALE)

Which term describes the cumulative value of an asset based on both tangible and intangible values? a. asset value (AV) b. exposure factor (EF) c. single loss expectancy (SLE) d. packet

a. asset value (AV)

Ingress and egress filtering can expand beyond protection against spoofing and include a variety of investigations on inbound and outbound traffic. Which of the following is not one of the ways ingress and egress filtering expand beyond protection against spoofing? a. dynamic packet filtering b. blacklist and whitelist filtering c. protocol and port blocking d. confirmation of authentication or authorization before communications continue

a. dynamic packet filtering

Which of the following refers to a software firewall installed on a client or server? a. host firewall b. hardware firewall c. transport layer (Layer 4) d. client

a. host firewall

True or False: A closed source is a type of software product that is pre-compiled and whose source code is undisclosed. a. true b. false

a. true

True or False: A firewall is a filtering device that enforces network security policy and protects the network against external attacks. a. true b. false

a. true

True or False: Ingress filtering filters traffic as it attempts to enter a network, including spoofed addresses, malformed packets, unauthorized ports and protocols, and blocked destinations. a. true b. false

a. true

True or False: The term bastion host refers to a firewall positioned along the pathway of a potential attack. It serves as the first line of defense for the network. a. true b. false

a. true

Which of the following describes an appliance firewall? a. the process of automatically created temporary filters. In most cases, the filters allow inbound responses to previous outbound requests b. a hardened hardware firewall c. the second layer of the OSI model responsible for physical addressing (MAC addresses) d. a type of firewall that filters on a specific application's content and session information

b. a hardened hardware firewall

Which term is used to describe a firewall that is implemented via software? a. risk assessment b. bump-in-the-stack c. hardware firewall d. screening router

b. bump-in-the-stack

Which of the following refers to a type of software product that is pre-compiled and whose source code is undisclosed? a. circuit b. closed source c. bots d. physical address

b. closed source

True or False: An application firewall filters on a specific application's content and session information; however, it cannot inspect traffic at any layer. a. true b. false

b. false

Which of the following describes dynamic packet filtering? a. an entrance or exit point to a controlled space b. the function of routing traffic from an external source received on a specific pre-defined IP address and port combination (also known as a socket) to an internal resource server c. a process that translates internal addresses into external addresses d. a process that automatically creates temporary filters. In most cases, the filters allow inbound responses to previous outbound requests

d. a process that automatically creates temporary filters. In most cases, the filters allow inbound responses to previous outbound requests

Which of the following is a malicious software program distributed by a hacker to take control of a victim's computers? a. sacrificial host b. client c. server d. agent

d. agent

Which of the following is not a consideration when placing firewalls on the network? a. structure of the network b. traffic patterns c. most likely access pathways d. where hackers are located

d. where hackers are located