testout chapter 6

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Which of the following is true about a network-based firewall?

A network-based firewall is installed at the edge of a private network or network segment.

How does a proxy server differ from a packet-filtering firewall?

A proxy server operates at the Application layer, while a packet-filtering firewall operates at the Network layer.

Your Cisco router has three network interfaces configured. S0/1/0 is a WAN interface that is connected to an ISP. F0/0 is connected to an Ethernet LAN segment with a network address of 192.168.1.0/24. F0/1 is connected to an Ethernet LAN segment with a network address of 192.168.2.0/24. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do?

Add a permit statement to the bottom of the access list.

Which of the following describes how access control lists can improve network security?

An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.

Which of the following is true about an intrusion detection system?

An intrusion detection system monitors data packets for malicious or unauthorized traffic.

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.

Anomaly-based

Which of the following are specific to extended Access control lists? (Select two.)

Are the most used type of ACL. Use the number ranges 100-199 and 2000-2699.

Which of the following terms describes a network device that is exposed to attacks and has been hardened against those attacks?

Bastion

Which of the following are true about reverse proxy? (Select two.)

Can perform load balancing, authentication, and caching. Handles requests from the internet to a server on a private network.

Which of the following does the sudo iptables -F command accomplish?

Clears all the current rules.

Which of the following BEST describes a stateful inspection?

Determines the legitimacy of traffic based on the state of the connection from which the traffic originated.

Which IDS traffic assessment indicates that the system identified harmless traffic as offensive and generated an alarm or stopped the traffic?

False positive

Which of the following chains is used for incoming connections that aren't delivered locally?

Forward

As a security precaution, you've implemented IPsec to work between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?

Host-based IDS

You have been given a laptop to use for work. You connect the laptop to your company network, use the laptop from home, and use it while traveling.

Host-based firewall

You're concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible.

IPS

Which of the following is true about an NIDS?

It detects malicious or unusual incoming and outgoing traffic in real time.

Which IDS type can alert you to trespassers?

PIDS

Which of the following is a firewall function?

Packet filtering

What do you need to configure on a firewall to allow traffic directed to the public resources on the screened subnet?

Packet filters

ou have used firewalls to create a screened subnet. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server to retrieve product, customer, and order information.

Put the web server inside the screened subnet. Put the database server on the private network.

You are managing a network and have used firewalls to create a screened subnet. You have a web server that internet users need to access. It must communicate with a database server to retrieve product, customer, and order information.

Put the web server inside the screened subnet. Put the database server on the private network.

Based on the diagram, which type of proxy server is handling the client's request?

Reverse proxy server

Which of the following are characteristics of a packet-filtering firewall? (Select two.)

Stateless Filters IP address and port

Which of the following are true about routed firewalls? (Select two.)

Supports multiple interfaces Counts as a router hop.

Which of the following describes the worst possible action by an IDS?

The system identified harmful traffic as harmless and allowed it to pass without generating any alerts.

Which device combines multiple security features, such as anti-spam, load-balancing, and antivirus, into a single network appliance?

Unified Threat Management (UTM)

Which of the following combines several layers of security services and network functions into one piece of hardware?

Unified Threat Management (UTM)

You've just installed a new network-based IDS system that uses signature recognition. What should you do on a regular basis?

Update the signature files

You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to the internet users. Which solution should you use?

Use firewalls to create a screened subnet. Place the web server inside the screened subnet and the private network behind the screened subnet.

Which of the following is the BEST solution to allow access to private resources from the internet?

VPN

Which of the following is true about a firewall?

You must manually specify which traffic you want to allow through the firewall. Everything else is blocked.

In which of the following situations would you MOST likely implement a screened subnet?

You want to protect a public web server from attack.

How many network interfaces does a dual-homed gateway typically have?

three

Your company has an internet connection. You also have a web server and an email server that you want to make available to your internet users, and you want to create a screened subnet for these two servers. Which of the following should you use?

A network-based firewall

Which options are you able to set on a firewall? (Select three.)

Port number Packet destination address Packet source address

Which of the following uses access control lists (ACLs) to filter packets as a form of security?

Screened router

Which of the following can serve as a buffer zone between a private, secured network and an untrusted network?

Screened subnet

Which of the following is another name for a firewall that performs router functions?

Screening router

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identifying entities listed in a database?

Signature-based IDS


संबंधित स्टडी सेट्स

Health Assessment: PrepU Chapter 1, 2, 3, 4, 13, 14, 15

View Set

TESTOUT NETWORK PRO V 4.1.0 Part 3

View Set

The School as a Community of Care

View Set

Biological Psychology Chapter 5 Kalat

View Set

Econ 1051: Exam #3 - Practice Exam

View Set

FamCom Quiz 3 Practice Questions

View Set