6.2.13
Your company has an internet connection. You also have a web server and an email server that you want to make available to your internet users, and you want to create a screened subnet for these two servers. Which of the following should you use?
A network-based firewall
Which of the following describes how access control lists can improve network security?
An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.
Which of the following are specific to extended Access control lists? (Select two.)
Are the most used type of ACL. Use the number ranges 100-199 and 2000-2699.
Which of the following are characteristics of a stateless firewall? (Select two.)
Controls traffic using access control lists, or ACLs. Allows or denies traffic by examining information in IP packet headers
Which of the following are true about routed firewalls? (Select two.)
Counts as a router hop. Supports multiple interfaces.
Which of the following BEST describes a stateful inspection?
Determines the legitimacy of traffic based on the state of the connection from which the traffic originated.
Which of the following is a firewall function?
Packet filtering
You have used firewalls to create a screened subnet. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server to retrieve product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)
Put the database server on the private network. Put the web server inside the screened subnet.
Which of the following combines several layers of security services and network functions into one piece of hardware?
Unified Threat Management (UTM)
These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?
Add a permit statement to the bottom of the access list.