16 Flashcards

1
Q

Which of the following answers refers to an STP frame?

A

BPDU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The term “DHCP snooping” refers to an exploit that enables operation of a rogue DHCP network server.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the name of a network security access control method in which a 48-bit physical address assigned to each network card is used to determine access to the network?

A

MAC filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A type of hardened server used as a secure gateway for remote administration of devices placed in a different security zone is known as:

A

Jump server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following servers would be best suited to act as an intermediary between an intranet and a screened subnet?

A

Jump server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In computer networking, a computer system or an application that acts as an intermediary between another computer and the Internet is commonly referred to as:

A

Proxy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following statements describe the function of a forward proxy? (Select 2 answers)

A
  • Acts on behalf of a client
  • Hides the identity of a client
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the statements listed below describe the function of a reverse proxy? (Select 2 answers)

A
  • Hides the identity of a server
  • Acts on behalf of a server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the characteristic features of a transparent proxy? (Select all that apply)

A
  • Doesn’t require client-side configuration
  • Redirects client’s requests and responses without modifying them
  • Clients might be unaware of the proxy service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A nontransparent proxy: (Select 2 answers)

A
  • Modifies client’s requests and responses
  • Requires client-side configuration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A type of NIDS/NIPS that relies on predetermined attack patterns to detect intrusions is referred to as a signature-based NIDS/NIPS.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A NIDS/NIPS that detects intrusions by comparing network traffic against the previously established baseline can be classified as: (Select all that apply)

A
  • Heuristic
  • Anomaly-based
  • Behavioral
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A security administrator configured a NIDS to receive traffic from network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the NIDS? (Select 2 answers)

A
  • Passive
  • Out-of-band
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following answers refers to a piece of hardware and associated software/firmware designed to provide cryptographic functions?

A

** HSM **

HSM (Hardware Security Module)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the acronyms listed below refers to a firewall controlling access to a web server?

A

** WAF **

A web application firewall (WAF) is a firewall that monitors, filters and blocks Hypertext Transfer Protocol (HTTP) traffic as it travels to and from a website or web application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the terms listed below refers to the dynamic packet filtering concept?

A
  • Stateful inspection
17
Q

Stateless inspection is a firewall technology that keeps track of the state of network connections and based on that data determines which network packets to allow through the firewall.

A

False

18
Q

The term “Unified Threat Management” (UTM) refers to a network security solution, commonly in the form of a dedicated device (called UTM appliance or web security gateway), which combines the functionality of a firewall with additional features such as URL filtering, content inspection, spam filtering, gateway antivirus protection, IDS/IPS function, or malware inspection.

A

True

19
Q

A solution that alleviates the problem of depleting IPv4 address space by allowing multiple hosts on the same private LAN to share a single public IP address is known as:

A

NAT

20
Q

Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device?

A

NAT

21
Q

Examples of application software designed to selectively block access to websites include: (Select 2 answers)

A
  • URL filter
  • Content filter
22
Q

Which of the acronyms listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?

A

ACL

23
Q

A rule-based access control mechanism implemented on routers, switches, and firewalls is called:

A

ACL

24
Q

Which of the following solutions is used for controlling network resources and assigning priority to different types of traffic?

A

Quality of Service (QoS)

25
Q

Which of the following allows an administrator to inspect traffic passing through a network switch?

A

Port mirroring