Chapter 10
true
NAC works on wired and wireless networks. True False
firewall
A ___________ controls the flow of traffic by preventing unauthorized network traffic from entering or leaving a particular portion of the network. hub firewall router switch
Firewall
A _____________ contains rules that define the types of traffic that can come and go through a network. switch firewall hub network protocol
network access control (NAC)
A method to restrict access to a network based on identity or other rules is the definition of ________. network access control (NAC) screened subnet network address translation (NAT) stateful inspection firewall
network access control (NAC)
A method to restrict access to a network based on identity or other rules is the definition of ________. stateful inspection firewall Media Access Control (MAC) network access control (NAC) screened subnet
true
A network protocol governs how networking equipment interacts to deliver data across the network. True False
false
A packet-filtering firewall remembers information about the status of a network communication. True False
An advanced firewall that processes all traffic between two systems. Instead of allowing a direct connection between two systems, the proxy connects to each system separately and passes filtered traffic to the destination based on filtering rules.
Application proxy firewall
True
Border firewalls simply separate the protected network from the Internet. True False
A protocol used on IP networks to provide configuration details automatically to client computers.
Dynamic Host Configuration Protocol (DHCP)
True
Dynamic Host Configuration Protocol (DHCP) means a protocol used on IP networks to provide configuration details automatically to client computers. True False
A hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position.
Hacktivist
A network device that connects network segments, echoing all received traffic to all other ports.
Hub
A 32-bit or 128-bit number that uniquely identifies a computer on a network.
IP address
False
IP addresses are eight-byte addresses that uniquely identify every device on the network. True False
false
IPv6 addresses are 64-bit numbers. True False
A management protocol for IP networks.
Internet Control Message Protocol (ICMP)
False
Internet Control Message Protocol (ICMP) is a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address. True False
A method to restrict access to a network based on identity or other rules.
Network access control (NAC)
A method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address.
Network address translation (NAT)
An internationally accepted framework of standards that govern how separate computer systems communicate using networks.
OSI model
False
One of the OSI Reference Model layers, the Transport Layer, creates, maintains, and disconnects communications that take place between processes over the network. True False
An internationally accepted framework of standards that govern how separate computer systems communicate using networks.
Open systems interconnection (OSI) Reference model
A protocol to implement a VPN connection between two computers.
Point-to-point Tunneling Protocol (PPTP)
A device that connects two or more networks and selectively interchanges packets of data between them.
Router
A firewall device that has three NICs. One NIC connects to the Internet, the second NIC connects to the internal network, and the third NIC connects to a DMZ.
Screened subnet
A firewall that examines the state of a connection as well as simple address, port, and protocol rules to determine how to process a packet.
Stateful inspection firewall
A network device that connects network segments, creating a direct connection between a sending and receiving port.
Switch
A variation of denial of service (DoS) attacks, but launched against traditional and packet-based telephone systems. A TDoS attack disrupts an organization's use of its telephone system through a variety of methods.
Telephony denial of service (TDoS)
True
Telephony denial of service (TDoS) is a variation of a denial of service (DoS) attack, but is launched against traditional and packet-based telephone systems. A TDoS attack disrupts an organization's use of its telephone system through a variety of methods. True False
false
The OSI Reference Model is a theoretical model of networking with interchangeable layers. True False
True
The term hacktivist describes a hacker who is, or claims to be, motivated by political or social justice concerns and uses hacking skills to reinforce his or her chosen position. True False
true
The term network access control (NAC) describes a method to restrict access to a network based on identity or other rules. True False
False
The term screened subnet refers to a firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator. True False
Point-to-Point Tunneling Protocol (PPTP)
What name is given to a protocol to implement a VPN connection between two computers? screened subnet Point-to-Point Tunneling Protocol (PPTP) Internet Control Message Protocol (ICMP) Dynamic Host Configuration Protocol (DHCP)
network address translation (NAT)
What term is used to describe a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address? network address translation (NAT) Internet Control Message Protocol (ICMP) application proxy firewall network access control (NAC)
network address translation (NAT)
What term is used to describe a method of IP address assignment that uses an alternate, public IP address to hide a system's real IP address? Internet Control Message Protocol (ICMP) application proxy firewall network access control (NAC) network address translation (NAT)
Wi-Fi Protected Access (WPA)
What term is used to describe the current encryption standard for wireless networks? wireless access point (WAP) Wired Equivalent Privacy (WEP) screened subnet Wi-Fi Protected Access (WPA)
Session Layer
Which OSI Reference Model layer creates, maintains, and disconnects communications that take place between processes over the network? Presentation Layer Transport Layer Data Link Layer Session Layer
Presentation Layer
Which OSI Reference Model layer is responsible for the coding of data? Transport Layer Data Link Layer Session Layer Presentation Layer
Data Link Layer
Which OSI Reference Model layer is responsible for transmitting information on computers connected to the same local area network (LAN)? Presentation Layer Session Layer Transport Layer Data Link Layer
Physical Layer
Which OSI Reference Model layer must translate the binary ones and zeros of computer language into the language of the transport medium? Physical Layer Transport Layer Data Link Layer Session Layer
A method of IP address assignment that uses an alternate, public IP address to hide a system’s real IP address.
Which of the following is the definition of network address translation (NAT)? A protocol to implement a VPN connection between two computers. A method to restrict access to a network based on identity or other rules. A management protocol for IP networks. A method of IP address assignment that uses an alternate, public IP address to hide a system’s real IP address.
A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator.
Which of the following is the definition of packet-filtering firewall? A firewall device that has three NICs. One NIC connects to the Internet, the second connects to the internal network, and the third connects to a DMZ. A protocol used on IP networks to provide configuration details automatically to client computers. A firewall that examines each packet it receives and compares the packet to a list of rules configured by the network administrator. An advanced firewall that processes all traffic between two systems. Instead of allowing a direct connection between two systems, it connects to each system separately and passes filtered traffic to the destination based on filtering rules.
Current encryption for wireless networks. Much stronger than WEP, WPA is the recommended encryption for wireless use.
Wi-FI protected access (WPA)
Legacy encryption for wireless networks. WEP is weak and does not provide sufficient protection for most traffic.
Wired Equivalent Privacy (WEP)
Internet Protocol Security (IPSec)
________ is a suite of protocols designed to connect sites securely using IP networks. Point-to-Point Tunneling Protocol (PPTP) Dynamic Host Configuration Protocol (DHCP) Internet Protocol Security (IPSec) Network access control (NAC)
reconnaissance
network______ is gathering information about networks for future attacks
true
the DMZ a boarder firewall true false