DCOM258: Quiz7: Network Perimeter Security(Ch8)

What are Snort and Bro examples of? -Firewalls -Proxy Servers -IDS -SPI

IDS

Which of the following devices should you use to keep machines behind it anonymous? (Select best answer) -Caching proxy -IP Proxy -Circuit level gateway -Firewall

IP Proxy

Where would a NIDS sit on a network? (best answer): -Inline -On the extranet -On the DMZ -Back to Back

Inline

Which of the following should be used to filter out activities such as instant messaging? -IP Proxy -Application-level gateway -Internet content filter -Honeypot

Internet content filter

Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of an IP address and port? -Packet filtering -NAT filtering -Application level gateway -Circuit level gateway

NAT filtering

Which of the following can detect malicious packets and discard them? -Proxy Server -NIDS -NIPS -PAT

NIPS

A firewall can use NAT and packet filters(T/F)

True

A stateless packet filter is vulnerable to IP spoofing attacks (T/F)

True

An IP proxy can be the victim of denial-of-service attacks(T/F)

True

Circuit-level gateways work at the session layer of the OSI model (T/F)

True

Honeynets are ore or more computers or servers used to counteract attempts at unauthorized access to a network(T/F)

True

NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port(T/F)

True

Which of the following are examples of protocol analyzers? (Select 2) (Wireshark, HTTP Proxy, NAT Filter, Network Monitor)

Wireshark Network Monitor

Which of the following should be your primary line of defense? -Proxy server -NIPS -Firewall -Protocol Analyzer

Firewall

James has detected an intrusion in his company what should he check first? -DNS logs -Firewall logs -Event Viewer -Performance logs

Firewall logs

A client computer uses IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall? -10.254.254.189: 1589 -10.254.254.189: 80 -65.19.28.154: 1589 -65.19.28.154:80

65.19.28.154:80

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic. (T/F)

False

A honeypot is a device that caches information for hackers(T/F)

False

An IP proxy serves client requests by caching HTTP information. (T/F)

False

NAT filtering accepts or rejects packets based on rules(T/F)

False