CDS 424 Final
Isabelle is a network engineer deploying an IT infrastructure in one of her company's new branch offices. Currently, she is designing a local subnetwork that contains and exposes the office's external services to a larger, untrusted network, specifically the Internet. What is this called?
Demilitarized Zone (DMZ)
Which of the following is a core Internet Protocol Security (IPSec) protocol that provides encryption only, both encryption and integrity protection, or integrity protection only in all but the oldest IPSec implementations?
Encapsulating Security Payload (ESP)
What does a digital signature provide?
Nonrepudiation
Consuela is a business analyst for her company. She is working from home and on a video conference with several other team members. Her video conferencing client displays a message indicating that the quality of her connection is unstable. What is the most likely problem?
VPNs over the Internet can easily suffer from latency, fragmentation, traffic congestion, and dropped packets.
A company uses an Internet Protocol Security (IPSec) virtual private network (VPN) solution. It allows remote users to connect to the main office and allows communication between the main office and branch offices securely over the Internet. The main office network uses network address translation (NAT) with an internal IP address range of 192.168.0.1 to 192.168.0.254. Which of the following ranges must remote offices and users NOT use on their internal networks?
192.168.0.x
Alphonse is a network engineer who is developing his IT infrastructure's virtual private network (VPN) deployment plan. He has decided to place the VPN device between the externally facing and internally facing firewalls in the demilitarized zone (DMZ). He is determining the rule sets with which to configure both firewalls. His VPN device is a Secure Sockets Layer (SSL) VPN and he wants to use default settings. Which port should he allow the firewalls to pass traffic through?
443
Teodora is the procurement manager for her company's IT department. She is researching firewalls that come with enhancements beyond basic traffic filtering. Which of the following is considered a firewall enhancement?
Anti-malware scanning
Which of the following provides integrity protection for packet headers and data and can optionally provide replay protection and access protection?
Authentication Header (AH)
Which of the following establishes what a user can and cannot do relative to a virtual private network (VPN)?
Authorization
Dhruv is a network engineer using a command-line interface on his computer. He types the command mstsc/v and then a server name. What is he doing?
Connecting to a Windows server running a virtual private network (VPN).
Hyon is a network consultant. She was hired by a client company to examine the effectiveness of its IT infrastructure. She discovers that the company's Internet-facing firewall is not capable of automatically handling and adjusting for random source ports when a session is being established to its web and gaming servers. How should she correct this?
Create a custom rule to manage random source ports
Which of the following is a type of virtual private network (VPN) architecture that places a firewall in front of the VPN to protect it from Internet-based attacks as well as a firewall behind the VPN to protect the internal network?
DMZ architecture
Bill's work-issued Windows laptop has been configured so he can remotely connect to his office from home without having to initiate a virtual private network (VPN) connection. What technology is he using?
DirectAccess
Carl is a network technician who has been assigned to select a dedicated hardware device to act as the company's termination point for the secured virtual private network (VPN) tunnel. He chooses a device that allows the firewall to filter traffic exiting the VPN to move into the local area network (LAN). It is one that is best suited for controlled access into the demilitarized zone (DMZ). What is the solution that he recommends?
Edge router
Which of the following can delay in firewall software patching cause?
Exploitation of the firewall
James is a network engineer. He has been assigned the responsibility of designing a virtual private network (VPN) solution that will allow customers, suppliers, and business partners access to network resources without exposing the secure private LAN. The parties accessing these resources must use digital certificates issues by a certification authority (CA). What form of VPN is he setting up?
Extranet
Client capabilities do not affect the performance of a remote virtual private network (VPN) connection. (T/F)?
False
Hashing does not verify the integrity of messages. (T/F)?
False
Hypertext Transfer Protocol Secure (HTTPS) does NOT encrypt private transactions made over the Internet. (T/F)?
False
In IPSec tunnel mode, only the data packet payload is encapsulated, while the packet header is left intact. (T/F)?
False
The less complex a solution, the more room there is for mistakes, bugs, flaws, or oversights by security administrators. (T/F)?
False
The source address and the port address of inbound firewall rules are often set to Deny, unless the rule is to apply to specific systems or ports. (T/F)?
False
Tonya is an accountant working from home. She connects to her office each day over a virtual private network (VPN). The IT department for her company has deployed a VPN appliance to assist employees such as Tonya in performing their tasks remotely. What solution does Tonya use to access her files on the company's accounting server?
Host-to-gateway
Alice is a network engineer who has been tasked with researching a virtual private network (VPN) tunneling protocol to be used by her company. It must be able to pass traffic through a network address translation (NAT) server and be compatible with a number of well-known proprietary and open source platforms. What solution does she select?
Internet Key Exchange v2 (IKEv2)
Maria is a new network engineer for a company that was established more than 30 years ago. She is examining the IT infrastructure and discovers that the virtual private network (VPN) solution employs an older encryption protocol for backward compatibility. This protocol has largely been replaced, but it used to be popular in early VPN solutions. What is this protocol?
Layer 2 Tunneling Protocol (L2TP)
Which of the following can be described as putting each resource on a dedicated subnet behind a demilitarized zone (DMZ) and separating it from the internal local area network (LAN)?
N-tier deployment
Oscar is deploying a virtual private network (VPN) solution for his company. The VPN needs to connect to remote servers by their Internet Protocol (IP) addresses rather than using network address translation (NAT). What type of VPN is Oscar deploying?
Operating system (OS)
Mei is a new network technician for a mid-sized company. She is trying to determine what is causing a performance lag on the infrastructure's virtual private network (VPN). The lags typically occur between 8 a.m. and 9 a.m., and again between 1 p.m. and 2 p.m. What is the most likely cause?
Peak usage loads
Which of the following statements about ciphertext is true?
Properly encrypted data produces ciphertext that does not contain redundancies or recognizable patterns.
Remote Desktop Connection (RDC) is a built-in application that uses what proprietary protocol?
Remote Desktop Protocol (RDP)
Otto is one of many employees working from home. Because his home is located in a rural area, the only form of connectivity available is dial-up. To connect to his office located in an urban community, what must the IT department set up?
Remote access server (RAS)
Which of the following is a protocol that replaces the use of telnet and rlogin to log in to a shell on a remote host?
Secure Shell (SSH)
Analisa is a sales representative who travels extensively. At a trade show, Analisa uses her virtual private network (VPN) connection to simultaneously connect to the office LAN and her personal computer at home. What security risk does this pose?
Split tunneling
Susan is a network professional at a mid-sized company. Her supervisor has assigned her the task of designing a virtual private network (VPN) implementation. Susan has set up strong authentication and encryption in a test environment, and the VPN appliance is directly facing the Internet. When her work is evaluated, what does her supervisor immediately notice?
The VPN device is not protected by a firewall.
Miriam is the cybersecurity manager for her company's IT department. She is updating the computing and networking-related policies that apply company-wide. She learns that Wyatt, an engineer responsible for maintaining VPN access for remote employees, has written a VPN usage policy specifying parameters for use that is independent of what she is crafting. What is the most likely problem?
The correct answer is: The two independent policies might describe conflicting requirements such as differing password lengths.
Which of the following statements is TRUE of connection between a corporate local area network (LAN) and a remote client, such as a remote worker?
The remote client can have either a dedicated or a nondedicated connection to the internet.
Carl is a network engineer for a mid-sized company. He has been assigned the task of positioning hardware firewalls in the IT infrastructure based on common pathways of communication. After analyzing the problem, on which aspect of the network does he base his design?
Traffic patterns
A virtual private network (VPN) policy helps to ensure that users understand the requirements for computing on a VPN. (T/F)?
True
An access control list (ACL) focuses on controlling a specific user's or client's access to a protocol or port. (T/F)?
True
Authentication Header (AH) provides integrity protection for packet headers and data, as well as user authentication. (T/F)?
True
Firewalls should be considered a part of a security infrastructure, not the totality of security. (T/F)?
True
True or False? Remote Desktop Connection (RDC) is a built-in application that uses Remote Desktop Protocol (RDP).
True
True or False? Remote control is the ability to use a local computer system to remotely take control of another computer.
True
True or False? Side attacks against the encrypted link of a virtual private network (VPN) are nearly eliminated, while data entering or leaving the VPN is at risk.
True
Carl is a networking student who is reading about methods of encryption and how they work with firewalls. Right now, he is studying a form of encryption that encrypts the entire original payload and header of a packet. However, because the header contains only information about endpoints, it is not useful for a firewall filtering malicious traffic. Which of the following is the encryption method being described?
Tunnel mode
Which of the following is a vulnerability of both hardware and software virtual private networks (VPNs)?
Unpublished vulnerabilities in the code
Joaquin is a senior network technician for a mid-sized company who has been assigned the task of improving security for the IT infrastructure. He has been given a limited budget and must increase security without redesigning the network or replacing all internetworking security devices. He focuses on an approach that will identify a single vulnerability. What does he recommend?
Weakest link
Arturo is a new network technician. He wants to use Remote Desktop Protocol (RDP) to connect to a server from his computer. The server is on the other side of the building. His computer is running Windows 10. Will he be able to make the connection?
Yes, because the RDP protocol has clients that work on most common operating systems.
A filter pathway is designed to:
make it hard to bypass a network filtering system and force all traffic through one route
A hashing cryptographic function takes the input of any file or message and creates a fixed length output based on:
the hashing algorithm being used.
Torri is a network technician. She needs to configure the edge firewalls for her company's IT infrastructure. Her supervisor has told her she must find a configuration method that assumes all network traffic is safe and, as malicious traffic is identified, it is added to a list of exceptions. Which of the following configuration methods does Torri select?
Allow by defauly/deny by exception.
Isabelle is selecting a hardware virtual private network (VPN) solution for her company. She is evaluating various risks involved. She is considering a solution from a company that recently issued an upgrade that fixed known security issues. That helps her determine which product to buy. What is her decision?
Buy a newer product and live with the surprises.
A social networking website has been gathering a great deal of personal information on its users for years. This presents the potential danger of exposure if the site is hacked. In addition, the data could be sold by the social networking platform without the users' knowledge or consent. What technology does the social media company most likely use to gather data, such as users' buying preferences?
Data mining
Hajar is a new network administrator. She is inventorying firewalls in her company. She finds one that has a management interface lacking something and makes a note to replace it immediately. What is the missing firewall management interface?
Encryption
In an internally connected virtual private network (VPN), the Internet-facing VPN connection is front of a firewall. (T/F)?
False
Instability is not considered a potential threat associated with software virtual private networks (VPNs). (T/F)?
False
Rachel is the cybersecurity engineer for a company that fulfills government contracts on Top Secret projects. She needs to find a way to send highly sensitive information by email in a way that won't arouse the suspicion of malicious parties. If she encrypts the emails, everyone will assume they contain confidential information. What is her solution?
Hide messages in the company's logo within the email.
Protecting computers, hard disks, databases, and other computer equipment attached directly or indirectly to the Internet can be categorized as which kind of security?
Network security
Diego is a network consultant. He is explaining the benefits of virtual private network (VPN) connections for remote clients to the owner of a company who wants to allow most staff to work remotely. He says that a VPN is both private and secure. What does he say allows for this?
Authentication provides privacy and encryption provides security
Before an Internet user can access a demilitarized zone (DMZ), extranet, or private network resource, it first encounters an entity that is sturdy enough to withstand any sort of attack. What is this entity called?
Bastion host operating system
Which of the following statements is TRUE of encryption?
Every time an additional bit is added toa key length, it doubles the size of the possible keyspace.
Montel is the newly hired it administrator at a long-established company. in studying its it infrastructure, he discovers that the main office is connected to four other branch offices in their large city, with each office being linked to the others by dedicated leased lines that allow for direct communications from one location to the next. this mesh network is used only by the company. montel tells the company's cio that he has discovered an issue with this design. compared to a virtual private network (vpn), what main drawback does montel report?
Expense
The weakest link security strategy gains protection by using abnormal configurations. (T/F)?
False
True or False? A virtual private network (VPN) server for remote access must be located in the demilitarized zone (DMZ).
False
True or False? All private key cryptography is asymmetric, but some asymmetric algorithms are not private key algorithms.
False
Internet Protocol Security (IPSec) is a standards-based protocol suite designed specifically for securing ____________ communications.
Internet Protocol (IP)
Which operating system (OS) for a bastion host runs on most appliance firewalls as well as many Internet service provider (ISP) connection devices?
Proprietary OS
Which of the following records every connection outside the network on the Internet by IP address and URL requested?
Proxy server
Leandro is writing a firewall policy. He needs to define which type of firewall he needs for each portion of the infrastructure based on differing areas of risk and trust. What are these areas called?
Security zones
Carl is a student in a computer networking class who is studying virtual private network (VPN) implementations. He is learning the basics about VPNs. Which of the following statements does he find is TRUE?
VPNs are both hardware and software solutions.
Asymmetric cryptography that uses key pairs is commonly known as:
public key cryptography
Which of the following is an authentication method that supports smart cards, biometrics, and credit cards, and is a fully scalable architecture?
802.1x
Which of the following is needed when determining what firewall traffic to allow and what to block?
A complete inventory of all needed or desired network communciations.
Which of the following is closely associated with maintaining data integrity?
Hash
In balancing competing concerns while deploying a personal virtual private network (VPN) solution, Yee values his privacy more than his anonymity. Which is he most concerned about?
Having the endpoints of his VPN connection tracked
Susan is a mid-level executive at her corporation who works remotely. Today, she worked from a restaurant using her company-issued laptop and connected to the Internet using the restaurant's free Wi-Fi. Once she made a connection, she authenticated to her virtual private network (VPN) client that links to her office network over a private, secure tunnel. While working, she contacted Lelah, who works in IT. She casually mentioned where she is working. How did Lelah respond?
The data on the laptop was vulnerable in the time between when the laptop's wireless network interface connected to the Wi-Fi access point and when Susan enabled the VPN connection.
Lin is designing a virtual private network (VPN) implementation as a class project. The assignment includes a budget she has to follow. To save money, she decided to use a VPN without a firewall. What is the problem with her decision?
This approach will not work because VPNs cannot take the place of firewalls.
Which of the following is a protocol that supports Advanced Encryption Standard (AES) with 128, 192, and 256 keys?
Transport Layer Security (TLS)
A best practice is to define a complete firewall rule set for each prescribed firewall in a written firewall policy. (T/F)?
True
In a bypass virtual private network (VPN), traffic to the VPN and from the VPN to the internal network is not firewalled. (T/F)?
True
Malware is a vulnerability of a software virtual private network (VPN). (T/F)?
True
What is an example of security through obscurity?
Using a nonstandard operating system for workstations such as Free BSD.
Which of the following BEST describes a technology with inherent security risks and that can reveal information a user did NOT intend to share?
Peer-to-peer (P2P)
Tonya is redesigning her company's network infrastructure to accommodate rapid growth. Several departments are highly specialized. Tonya needs to allow Network News Transfer Protocol (NNTP) on some, but not all, subnets. Her budget is limited. Which of the following is the best solution?
Place existing routers capable of packet filtering at each subnet.
The design of firewall placement and configuration in a network infrastructure has many aspects. Which of the following concerns is most likely related to an upper management decision that does NOT conform with existing security policy?
Political
Armand is the IT director of his organization. He is working with accounting to determine a budget for upgrading the company's virtual private network (VPN) equipment. Several options are available, and after narrowing down his requirements, he still needs more technical assistance to make a decision. Rather than going with award-winning VPN products he has found in industry magazines and websites, what option does he select that will gain him assistance in doing "legwork"?
Reseller
All firewalls, including those using static packet filtering, stateful inspection, and application proxy, have one thing in common. What is it?
Rules
The IT department of a company has just rolled out a virtual private network (VPN) solution that offers greater flexibility, delegation of management, and added security over the previous implementation. What is this solution called?
Secure Sockets Layer (SSL) virtualization
What is a virtual private network (VPN) protocol that requires public key infrastructure (PKI) support to obtain and use a certificate?
Secure Sockets Layer/Transport Layer Security (SSL/TLS)
Landon is a network contractor. He has been hired to design security for the network of a small company. The company has a limited budget. Landon is asked to create a system that will protect the company's workstations and servers without undo expense. Landon decides to deploy one hardware firewall between the Internet and the local area network (LAN). What is this solution called?
Single defense
Mazie is a network engineer designing a virtual private network (VPN) architecture. The architecture must have the ability of establishing and maintaining a secure link between the company's main office and a branch office over the Internet, effectively creating a single distributed LAN. What solution does she recommend be applied?
Site-to-site
Demetrice is a network consultant. She has been hired to design security for a network that hosts 25 employees, many of whom need remote access. The client recently opened another small office in a neighboring community and wants to be able to routinely establish secure network connections between the two locations. The client often deals with customer bank information and requires a particularly secure solution. What is her response to these requirements?
Small office/home office (SOHO) virtual private network (VPN)
Which of the following is an encryption method that is very fast and is based on a single, shared key?
Symmetric
Which of the following can affect the confidentiality of documents stored on a server?
A server breach
In preserving the confidentiality of users on a corporate network, which party is responsible for setting up security policies to guarantee users' privacy?
Administrator
Which of the following is a virtual private network (VPN) encryption encapsulation method best suited for linking individual computers together, even though it does not encrypt the original IP header?
Transport
A default-allow firewall stance assumes that most traffic is benign. (T/F)?
True
A firewall best practice is to document every action taken during troubleshooting. (T/F)?
True
The source address and the port address of outbound firewall rules are often set as ANY, unless the rule is to apply to specific systems or ports. (T/F)?
True
True or False? A VPN creates or simulates a network connection over an intermediary network.
True
True or False? A dedicated leased link is an alternative to a virtual private network (VPN) between two office locations.
True
True or False? An SSL/TLS-based virtual private network (VPN) enables remote access connectivity from almost any Internet-enabled location using a web browser.
True
True or False? An intranet virtual private network (VPN) connects two or more internal networks.
True
True or False? Microsoft Remote Assistance allows support professionals to remotely control a user's system.
True
You can check firewall connectivity using the ping and traceroute commands. (T/F)?
True
Bill is a network technician. He is currently configuring the infrastructure's Internet-facing firewalls. He knows that the Internet Control Message Protocol (ICMP) echo type often referred to as "ping" is used by malicious persons to probe networks. He wants to set up a rule that will deny ping attempts from outside the network. What does he deny?
Type 8
Chris is a network engineer deploying a virtual private network (VPN) solution. He needs an implementation of Secure Sockets Layer/Transport Layer Security (SSL/TLS) that adds a layer of authentication to the access. What feature does he require?
Bidirectional authentication
Felicia is a network engineer deploying a virtual private network (VPN) solution. The VPN operates using Secure Shell (SSH). When asked by a new help desk tech about which layer of the OSI model it employs, how does Felicia answer?
7
Cassie is an IT help desk representative. She just received a trouble ticket from a remote user stating they cannot connect to the company network over the virtual private network (VPN). Cassie begins troubleshooting the matter, checking on recent configuration changes to the VPN equipment, looking at the unit's logs for error messages, and so on. She has examined the VPN-related features and potential problems but still doesn't understand why the end user's connection failed. She has been assured that both the end user and the company have Internet connectivity. What is the most likely reason the user cannot connect?
A network engineer has inadvertently changed the IP address of the firewall's internal interface that connects to the VPN's outward-facing port.
Fumiko is a network technician. She is configuring rules on one of her company's externally facing firewalls. Her network has a host address range of 192.168.42.140-190. She wants to allow all hosts access to a certain port except for 188, 189, and 190. What rule or rules must she write?
A single rule allowing hosts 140-187 is all that is necessary; the default-deny rule takes care of blocking the remaining nonincluded hosts.
Maria is a network engineer assigned to select a new virtual private network (VPN) solution for her company. She is weighing the benefits of commercial versus open-source VPNs. Which of the following is a benefit of open-source platforms?
Access to internet-based support
Elissa is a network technician. She is configuring firewall rules for one of her company's branch offices, which provides online retail sales of their products. She is configuring rules to block traffic based on a traditional model but needs to allow a particular type of traffic. What should she allow?
All traffic from port 80 originating from the office's web server, which is in a protected subnet
What is an intrusion detection system/intrusion prevention system (IDS/IPS) that uses patterns of known malicious activity similar to how antivirus applications work?
Database-based detection
Which of the following is a firewall implementation best practice?
Different firewall products should be used depending on firewall placement, such as different products for border firewalls versus internal host firewalls.
Alejandro is a cybersecurity contractor. He was hired by a Fortune 500 company to redesign its network security system, which was originally implemented when the company was a much smaller organization. The company's current solution is to use multiple firewall platforms from different vendors to protect internal resources. Alejandro proposes an infrastructure security method that, in addition to firewalls, adds tools such as an intrusion detection system (IDS), antivirus, strong authentication, virtual private network (VPN) support, and granular access control. What is this solution called?
Diversity of defense
In intrusion detection, anamoly-based detection looks for differences from normal traffic based on a recording of real-world traffic that establishes a baseline. (T/F)?
False
Which of the following is a protocol that allows web servers to complete secure transactions over the Internet?
Hypertext Transfer Protocol Secure (HTTPS)
While there is no single way to troubleshoot a virtual private network (VPN) issue, what is the MOST appropriate first step?
Identify the specific symptoms of the problem.
Tomika is a network architect. A coworker is helping to design a more secure placement of the company's virtual private network (VPN) device. The coworker suggests that the device be placed between the Internet-facing firewall and the internal network. What is Tomika's opinion of this deployment strategy?
Iti is somewhat secure but does not address possible security issues involving untrustworthy VPN connections.
Chang is a network engineer. He is revising the company's firewall implementation procedure. As part of this work, he is reviewing the procedural element requiring placement of network firewalls at chokepoints and mapping out the network structure to pinpoint the locations where firewalls are to be placed. Which of the following is he focusing on?
Network design
Which of the following is an advantage of Secure Sockets Layer/Transport Layer Security (SSL/TLS) virtual private networks (VPNs) versus Internet Protocol Security (IPSec) VPNs?
No NAT problems
Amy is a network engineering consultant. She is designing security for a small to medium-sized government contractor working on a project for the military. The government contractor's network is comprised of 30 workstations plus a wireless printer, and it needs remote authentication. Which of the following is a type of authentication solution she should deploy?
One that authenticates at the firewall and doesn't integrate with single sign-on (SSO).
Which of the following steps helps you verify that the internal network port of a virtual private network (VPN) device is available?
Open a command-line interface and use the ping command
Chad is a network engineer. He is tasked with selecting a virtual private network (VPN) platform for his company. He chooses a solution that is inexpensive and runs on UNIX, although it is less scalable and less stable than other solutions. What has he chosen?
Operating system-based VPN
Reid is a network security trainer for a mid-sized company. He is demonstrating alternative methods of protecting a network using unconventional means. The IT department's "sandbox" network is used for testing and is not connected to the production network. Using the sandbox, Reid shows how to protect a network from external threats without using a firewall. What is Reid's approach?
Packet sniffer
Shoshana is a network technician for a mid-sized organization. She is configuring firewall rules. She is in a firewall's graphical interface and sets a rule as TCP, 192.168.42.0/24, ANY, ANY, 443, Allow. In what order is this rule organizing protocols, source addresses, source and target ports, and actions?
Protocol, source address, source port, target address, target port, action
Opal is the chief technology officer for her company. She is working with the legal department to acquire virtual private network (VPN) service through a cloud implementation. Unless it is spelled out in the contract, Opal is afraid that a critical element in the VPN service will not be present, leaving remote access services vulnerable in case of a failure. What is she concerned about?
Redundancy
Tiffany is a network engineer for her company. To enhance the performance of the network, she uses a method that assigns incoming transactions as they arrive in sequence to each of the infrastructure's three firewalls. Transaction 1 goes to firewall 1, transaction 2 goes to firewall 3, transaction 3 to firewall 2, and so on. Which technique is Tiffany using?
Round-robin
Which component of a virtual private network (VPN) policy describes the parameters for employee use of the VPN, including consequences for not following the policy?
Scope/binding nature statement
Which of the following is the protocol used with HTTPS for encrypting communications to and from websites?
Secure Sockets Layer/Transport Layer Security (SSL/TLS)
Which of the following is described as an approach to network security in which each administrator is given sufficient privileges only within a limited scope of responsibility?
Separation of duties
Kasim is a network technician. He is tasked with deploying a virtual private network (VPN) in his company's IT infrastructure. He wants to place the VPN device where it is directly connected to both the Internet and the internal LAN. He believes that security will not be a concern because the VPN is already encrypted point-to-point. Which of the following statements is TRUE about this configuration?
The VPN device itself is still capable of being attacked.
Jacob is a network technician who works for a publishing company. He is setting up a new hire's access permissions. The new hire, Latisha, is an editor. She needs access to books that have been accepted for publication but are in the review stage. Jacob gives her access to the network drive containing only books in review, but not access to administrative or human resources network drives. What principle is Jacob applying?
The principle of least privilege
The configuration, location, software version, and underlying operating system of a virtual private network (VPN) are all factors that are most likely to affect:
stability
Nina is a corporate attorney for a San Francisco firm. The chief information and security officer (CISO) told her that the firm's data center had been hacked 24 hours ago. The personal information of more than 3 million users was accessed, including their full names, addresses, and login credentials. Nina discusses the company's liability under the law, including the requirement to implement and maintain reasonable security procedures and practices. If it can be proven that the firm was negligent, it may need to pay damages. Which of the following regulates this issue?
California Consumer Privacy Act (CCPA)
The stability of a virtual private network (VPN) connection can be affected by the number of firewalls and routers it must traverse. (T/F)?
True
With diversity of defense, most layers use a different security mechanism. (T/F)?
True
A network infrastructure supervisor is designing a firewall placement strategy that will protect the organization's Internet-facing web and email servers and the internal network. Which design will best protect both?
Using two firewalls to create a demilitarized zone (DMZ); one firewall is placed between the Internet and the servers, the other firewall is located behind the first firewall and the servers protecting the internal network
A hardware virtual private network (VPN) is a standalone device, dedicated to managing VPN functions. (T/F)?
True
Including photos of configuration screens in firewall procedures can speed up restoration after a network incident. (T/F)?
True