Network Defense Security Ch. 10

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

You can ______________ a bastion host by removing unnecessary accounts and services.

harden

Which of the following is true about a screening router?

it should be combined with a firewall for better security

Which of the following is best described as software that prioritizes and schedules requests and then distributes them to servers based on each server's current load and processing power.

load-balancing software

software that prioritizes and schedules requests and then distributes them to servers in a server cluster based on each server's current load and processing power

load-balancing software

a process that uses the source and destination TCP and UDP port addresses to map traffic between internal and external hosts

many-to-one NAT

Which of the following is a disadvantage of using a proxy server?

may require client configuration

Which type of NAT is typically used on devices in the DMZ?

one-to-one NAT

the process of mapping one internal IP address to one external IP address

one-to-one NAT

Where should network management systems generally be placed?

out of band

Which type of translation should you use if you need 50 computers in the corporate network to be able to access the Internet using a single public IP address?

port address translation

Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?

proxy server

Which type of security device can speed up Web page retrieval and shield hosts on the internal network?

proxy server

software that forwards packets to and from the network being protected and caches Web pages to speed up network performance

proxy server

A DMZ is a subnet of _____________ accessible servers placed outside the internal network.

publicly

What is a step you can take to harden a bastion host?

remove unnecessary services

What should you consider installing if you want to inspect packets as they leave the network?

reverse firewall

a device that filters outgoing connections

reverse firewall

a host in which one interface is connected to an internal network and the other interface is connected to a router to an untrusted network

screened host

Which type of firewall configuration protects public servers by isolating them from the internal network?

screened subnet DMZ

A _______________ router determines whether to allow or deny packets based on their source and destination IP addresses.

screening

a router placed between an untrusted network and an internal network

screening router

a group of servers connected in a subnet that work together to receive requests

server farm

Which of the following is true about a dual-homed host?

serves as a single point of entry to the network

What do you call a firewall that is connected to the Internet, the internal network, and the DMZ?

three-pronged firewall

a firewall with separate interfaces connected to an untrusted network, a semitrusted network, and a trusted network

three-pronged firewall

A primary goal of proxy servers is to provide security at the _______________ layer.

Application

In what type of attack are zombies usually put to use?

DDoS

Which of the following best describes a bastion host?

a computer on the perimeter network that is highly protected

Which of the following best describes a DMZ?

a subnet of publicly accessible servers placed outside the internal network

a computer configured with more than one network interface

dual-homed host

What is a critical step you should take on the OS you choose for a bastion host?

ensure all security patches are installed

What is the term used for a computer placed on the network perimeter that is meant to attract attackers?

honeypot

In a screened ____________ setup, a router is added between the host and the Internet to carry out IP packet filtering.

host

Why is a bastion host the system most likely to be attacked?

it is available to external users

Which of the following is true about private IP addresses?

they are not routable on the Internet


Kaugnay na mga set ng pag-aaral

Ch 2 Variables and Assignments ver 2

View Set

Week 1 - Understanding Security Threats

View Set

pf insurance (Personal Finance 12)

View Set

World History: The Age of Revolution

View Set

Con 317 Midterm, CON 317 Final (quizzes only)

View Set