CYB 220 - 4-2

Adding the /0 at the end of the network setting is equivalent to a subnet mask of - 255.0.0.0 - 0.0.0.0 - 255.255.255.0 - 255.255.255.255

0.0.0.0

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? - 65.19.28.154:80 - 10.254.254.189:80 - 10.254.254.189:1589 - 65.19.28.154:1589

65.19.28.154:80 (The reason is because 65 is the server address sending traffic BACK to the client coming FROM the server. The TO server port would be 1589, but typically a server sends back the requested information on port 80 Port 80 is the port number assigned to commonly used internet communication protocol, Hypertext Transfer Protocol (HTTP). It is the default network port used to send and receive unencrypted web pages.)

What steps do you take to configure a NAT rule? - Click the arrow beside the Add button, configure the NAT rule, apply - Click the arrow beside the Add button, click OK - Click the Add button, click Add Nat Rule, apply - Click the Add button, configure the NAT Rule, click OK

Click the arrow beside the Add button, configure the NAT rule, apply

What device will be used to test access to the web server in the lab? - Client machine - Firewall - Switch - Router

Client machine

What command is used to gain access to the global configuration mode on the firewall? - Terminal - Device configure - Enable - Configure terminal

Configure terminal

What key combination helps secure the logon process? - Ctrl+Alt+Del - Ctrl+Shift+Esc - Windows+R - Alt+F4

Ctrl+Alt+Del

Which of the following will help against attacks on all firewalls? - Enabling anti-spoofing - Enabling tunneling - Enabling advanced options - Enabling access control lists

Enabling anti-spoofing

The Cisco ASA device is a: - Router - Firewall - Server - Switch

Firewall

Which of the following should be your primary line of defense in network security? - Proxy server - NIPS - Firewall - Protocol analyzer

Firewall

James has detected a network intrusion in his company. What should he check first? - Performance logs - Firewall logs - Event viewer - DNS logs

Firewall logs

Which of the following should not be included in a password when making it complex? - Numbers - Function keys - Special characters - Uppercase letters

Function keys

Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.) - Caching proxy - Circuit-level gateway - UTM - IP proxy

IP proxy

Where would an NIDS sit on a network? (Select the best answer.) - Inline - On the extranet - On the DMZ - Back to back

Inline

Which of the following should be used to filter out activities such as instant messaging? - IP proxy - Application-level gateway - Internet content filter - Honeypot

Internet content filter

Lattice-based access control is an example of what type of access control policy? - RBAC - Rule-based access control - MAC - DAC

MAC

Which of the following is an access control policy determined by a computer system and not by a user or owner? - MAC - Discretionary security policy - DAC - RBAC

MAC

Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port? - Application-level gateway - Circuit-level gateway - Packet filtering - NAT filtering

NAT filtering

Snort and Bro are examples of which of the following? - SPI - Proxy servers - Firewalls - NIDS

NIDS

Which of the following can detect malicious packets and discard them? - NIDS - PAT - NIPS - Proxy server

NIPS

In a discretionary access control model, who is in charge of setting permissions to a resource? - Administrator and the owner - Any user of the computer - Administrator - Owner of the resource

Owner of the resource

"Maximum and minimum password age" is part of which of the following? - Organizational unit - Registry - Password policy - Group policy editor

Password policy

Which of the following access control policies is based on sets of permissions involved in an operation? - MAC - DAC - RBAC - Rule-based access control

RBAC

Of the following, what is a good way to protect the computer? - Remove password policies. - Delete the administrator account. - Rename and password protect the administrator account. - Keep the guest account enabled.

Rename and password protect the administrator account.

What is the order of steps for configuring a security policy? - Set up access, management access, setting the system clock, anti-spoofing - Set up access, setting the system clock, management access, anti-spoofing - Set up access, anti-spoofing, setting the system clock, management access - Setting the system clock, anti-spoofing, set up access, management access

Set up access, anti-spoofing, setting the system clock, management access

Which of the following is the strongest password? - This1sV#ryS3cure - Marqu1sD3S0d - |ocrian# - Thisisverysecure

This1sV#ryS3cure (password strength is based on length, then complexity)

Which of the following keeps every user in a standard user mode instead of administrator mode, even if the user is a member of the administrators group? - Password policy - Administrator policy - Vista access control - User Account Control

User Account Control

Which of the following is an example of a protocol analyzer? - Wireshark - HTTP proxy - ASA firewall - Syslog

Wireshark