Network Security Module 9 - Test Questions
What are two benefits of implementing a firewall in a network? (Choose two.)
- A firewall will sanitize protocol flow - A firewall will reduce security management complexity
What are two characteristics of an application gateway firewall? (Choose two.)
- Analyzes traffic at Layers 3, 4, 5, and 7 of the OSI model - Performs most filtering and firewall control in software
Which three layers of the OSI model include information that is commonly inspected by a stateful firewall? (Choose three.)
- Layer 3 - Layer 4 - Layer 5
Which three statements describe trusted and untrusted areas of the network? (Choose three.)
- The public internet is generally considered untrusted - Internal networks, except the dmz, are considered trusted - In a ZPF network, traffic that moves within zones is generally considered trusted
Which two protocols are stateless and do not generate connection information needed to build a state table? (Choose two.)
- UDP - ICMP
When implementing a ZPF, which statement describes a zone?
A zone is a group of one or more interfaces that have similar functions or features.
Which network security design typically uses one inside interface, one outside interface, and one DMZ interface?
Demilitarized
What are two best practices when implementing firewall security policies?
Disable unnecessary network services
Which type of firewall is a PC or server with firewall software running on it?
Host-based
Which type of firewall is a combination of various firewall types?
Hybrid
What is one benefit of using a next-generation firewall rather than a stateful firewall?
Integrated use of an intrusion prevention system (IPS)
Which security design uses different types of firewalls and security measures that are combined at different areas of the network to add depth to the security of an organization ?
Layered Defense
Which type of firewall is part of a router firewall, permitting or denying traffic based on Layer 3 and Layer 4 information?
Packet Filtering
Which type of firewall is commonly part of a router firewall and allows or blocks traffic based on Layer 3 or 4 information?
Packet filtering firewall
Which type of firewall is supported by most routers and is the easiest to implement?
Packet filtering firewall
Which statement is a characteristic of a packet filtering firewall?
They are susceptible to IP spoofing
How does a firewall handle traffic that is originating from the DMZ network and traveling to a private network?
Traffic is usually blocked when it is origination from the DMZ network and traveling to a private network
Which type of firewall filters IP traffic between a pair of bridged interfaces?
Transparent
Which type of firewall generally has a low impact on network performance?
stateless firewall
Which type of firewall filters information at Layers 3, 4, 5, and 7 of the OSI reference model?
Application Gateway
Which type of traffic is usually blocked when implementing a demilitarized zone?
Traffic originating from the DMZ network and traveling to the private network.
Which network design groups interfaces into zones with similar functions or features?
ZPF
