Network Security, Firewalls, and VPNs | Chapter One - "Fundamentals of Network Security" | Assessment Questions #1 - #20
What distinguishes workgroups from client/server networks? (In other words, what feature is common to one of these but not both?)
Centralized authentication
What is the most important characteristic of an effective security goal?
It is written down
Which of the following is true regarding a Layer 2 address and a Layer 3 address?
Layer 2 addresses can be filtered with MAC address filtering; Network Layer addresses are at Layer 3 and are routable
Which of the following is NOT a feature of a proxy server?
MAC address filtering
Which of the following are common security objectives?
Nonrepudiation, confidentiality, integrity, and availability
Remote control is to thin clients as remote access is to?
VPN
What is a difference between a DMZ and an extranet?
VPN required for access
Which of the following is allowed under NAC if a host is lacking a security patch?
Access to remediation servers
What is an asset?
Anything used in a business task
What is the most common default security stance on firewalls?
Denying by default, allowing by exception
Who is responsible for network security?
Everyone
What is egress filtering?
Examining traffic as it leaves a network
What is the benefit of learning to think like a hacker?
Protecting vulnerabilities before they are compromised
Which of the following are NOT benefits of IPv6?
RFC 1918 address
What is the primary security concern with wireless connections?
Signal propagation
What elements of network design have the greatest risk of causing a DoS?
Single point of failure; bottlenecks
What is true about all security components and devices?
They all have flaws or limitations
An outsider needs access to a resource hosted on your extranet. The outsider is a stranger to you, but one of your largest distributors vouches for him. If you allow him access to the resource, this is known as what?
Trusted third party
What two terms are closely associated with VPNs?
Tunneling and encapsulation
For what type of threat are there no current defenses?
Zero day