Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Unix/Linux Admin > CH 13 FIREWALL QUESTIONS > Flashcards

CH 13 FIREWALL QUESTIONS Flashcards

1
Q

Security on the Internet was considered as a priority and was designed from the start.

True

False

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The Linux packet filter and firewall infrastructure is referred to as _________.

A) Packfilter

B) Netflix

C) Netpackets

D) Netfilter

A

D) Netfilter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The main principle of Netfilter is:

A) to act only as a firewall.

B) to make decisions on how and when packets should flow.

C) to filter inappropriate websites from being viewed in a web browser.

D) to capture packets and release them only when the administrator allows.

A

B) to make decisions on how and when packets should flow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The iptables command specifically manages traffic over the _______ protocol(s).

A) IPv4 AND IPv6

B) IPv4

C) IPv6

D) TCP

A

B) IPv4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The command to modify Netfilter’s IPv6 configuration is ________:

A) ip

B) ip6tables

C) iptablesv6

D) ipv6tables

A

B) ip6tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The _________ is responsible for handling network address translation.

A) NAT table

B) raw table

C) filter table

D) mangle table

A

A) NAT table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The most common use of the NAT table is to:

A) IP masking.

B) Doman Name Server translation.

C) allow multiple systems to access another network.

D) DHCP aliasing.

A

C) allow multiple systems to access another network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The _____ table is responsible for altering or marking packets.

A) mangle

B) NAT

C) filter

D) raw

A

A) mangle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The raw table is used mainly for dealing with packets at a very _____________.

A) low level

B) even flow

C) high level

D) fast pace

A

A) low level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The _____ table is responsible for providing basic packet filtering.

A) mangle

B) raw

C) NAT

D) filter

A

D) filter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Network Address Translation (NAT) allows administrators to hide hosts ______________________.

A) only on the source side of a packet

B) on chesnuts roasting on an open fire

C) on both sides of a router

D) only on the destination side of a packet

A

C) on both sides of a router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNAT is also known as the “demilitarized zone.”

True

False

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SNAT changes the source IP address and port number so it appears different to the ‘outside world.’

True

False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Masquerading is really just a special case of_______________.

A

SNAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Netfilter’s ability to ensure that packet headers are examined to be sure they are safe to route is referred to as

A) NAT monitoring

B) Stateless connection tracking

C) Stateful connection tracking

D) Internet connection tracking

A

C) Stateful connection tracking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

NAT alone is sufficient to provide network security

True

False

A

False

17
Q

________ are a list of rules that acts on a packet flowing through a Linux system.

A) Chains

B) Routes

C) Ropes

D) Channels

A

A) Chains

18
Q

There are_________pre-defined chains in Netfilter.

A

5

PREROUTING - the first chain that is fired when a packet enters the system. Can invoke rules in filter, mangle and NAT tables. Allows for immediate exclusion of packets before any other processing is done.

FORWARD - fired when IP forwarding is enabled and the packet’s destination IP address is on another host. This would be a situation if the Linux server is configured as a gateway server.

INPUT - fired only when packet is destined for host itself. Can call rules in the filter and mangle tables. Final step for inbound packets. From here, applications at layer 4 and above can begin to interact with transmitted data.

OUTPUT - Fired when a packet is being sent FROM the host itself to a destination address. Simialr to PREROUTING but for data leaving the host. Can run rules in the filter, mangle, and NAT tables.

POSTROUTING - generally the SNAT actions (changing the source IP address/port) are done here for outbound packets. Stateful connection tracking can also be enabled here.

19
Q

Besides OUTPUT, which two of the default chains also uses the NAT table?

A) POSTROUTING

B) OUTPUT

C) INPUT

D) FORWARD

E) PREROUTING

A

A) POSTROUTING

E) PREROUTING

Unix/Linux Admin (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions