NW Firewalls Quiz #9 - Security Profiles

What action will show whether a downloaded PDF file from a user has been blocked by a security profile on the Next Generation firewall? a. Filter the data filtering logs for the user's traffic and the name of the PDF file b. Filter the system log for failed download messages c. Filter the session browser for all sessions from a user with the application adobe d. Filter the traffic logs for all traffic from the user that resulted in a deny action

a. Filter the data filtering logs for the user's traffic and the name of the PDF file

Which profile type is designed to protect against reconnaissance attacks such as host sweeps and port scans? a. Zone Protection b. Data Filtering c. DOS Protection d. Anti-Spyware

a. Zone Protection

A Zone Protection Profile is applied to which item? a. Security Policy Rules b. Ingress Ports c. Address Groups d. Egress Ports

b. Ingress Ports

To properly configure DOS protection to limit the number of sessions individually from specific source IPS you would configure a DOS Protection rule with the following characteristics: a. Action: Deny, Aggregate Profile with "Resources Protection" configured b. Action: Deny, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured c. Action: Protect, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured d. Action: Protect, Aggregate Profile with "Resources Protection" configured

c. Action: Protect, Classified Profile with "Resources Protection" configured, and Classified Address with "source-ip-only" configured

Network traffic matches an "allow" rule in the Security policy, but the attached File Blocking Profile is configured with a "block" action. To which two locations will the traffic be logged? Choose the 2 correct choices. a. Alarms Log b. Threat Log c. Data Filtering Log d. Traffic Log

c. Data Filtering Log d. Traffic Log

Which anti-spyware feature enables an administrator to quickly identify a potentially infected host on the network? a. CVE Number b. continue response page c. data filtering log entry d. DNS SInkhole

d. DNS SInkhole

What component of the Next Generation Firewall will protect from port scans? a. Anti-Virus Protection b. Vulnerability protection c. DOS Protection d. Zone protection

d. Zone protection

True or false? A Security Profile attached to a Security policy rule is evaluated only if the Security policy rule matches traffic and the rule action is set to "allow."

True