Chapter 06 Quiz – Network Security Devices, Design, and Technology

Question 1

Question # 01

Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.

a. True
b. False

Answer 1

a. True

Question 2

Question # 02

An intranet is a separate open network that anyone can access with out prior authorization.

a. True
b. False

Answer 2

b. False

Question 3

Question # 03

One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive.

a. True
b. False

Answer 3

a. True

Question 4

Question # 04

Anomaly monitoring is designed for detecting statistical anomalies.

a. True
b. False

Answer 4

a. True

Question 5

Question # 05

What data unit is associated with the Open Systems Interconnection layer four?

a. segment
b. packet
c. frame
d. bit

Answer 5

a. segment

Question 6

Question # 06

What kind of networking device forwards packets across different computer networks by reading destination addresses?

a. switch
b. router
c. bridge
d. firewall

Answer 6

b. router

Question 7

Question # 07

An administrator has two servers that host the same web content, but only one server is utilized at a given time.

What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users?

a. stateful packet filtering
b. Load balancing
c. failover servers
d. proxy servers

Answer 7

b. Load balancing

Question 8

Question # 08

A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?

a. Stateful frame filtering
b. Stateless frame filtering
c. Stateful packet filtering
d. Stateless packet filtering

Answer 8

c. Stateful packet filtering

Question 9

Question # 09

What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?

a. forward proxy server
b. DNS server
c. VPN server
d. telnet server

Answer 9

a. forward proxy server

Question 10

Question # 10

Which of the following is a server that routes incoming requests coming from an external network to the correct internal server?

a. forward proxy
b. application proxy
c. system proxy
d. reverse proxy

Answer 10

d. reverse proxy

Question 11

Question # 11

What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?

a. application-based
b. protocol-based
c. behavioral-based
d. signature-based

Answer 11

d. signature-based

Question 12

Question # 12

What is the name of an instruction that interrupts a program being executed and requests a service from the operating system?

a. system call
b. unit call
c. hardware instruction
d. system exception

Answer 12

a. system call

Question 13

Question # 13

When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?

a. PAT
b. PNAT
c. NAPT
d. NAT

Answer 13

a. PAT

Question 14

Question # 14

Which network address below is not a private IP address network?

a. 10.4.5.0
b. 172.63.255.0
c. 192.168.255.0
d. 172.17.16.0

Answer 14

b. 172.63.255.0

Question 15

Question # 15

What vendor neutral protocol implements support for VLAN tagging?

a. ISL
b. VTP
c. 802.1Q
d. VSTP

Answer 15

c. 802.1Q

Question 16

Question # 16

The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?

a. Create a subnet for each network switch in use
b. Create additional subnets for the separate groups
c. Add all users to a single network segment
d. Create a VLAN and add the users’ computers / ports to the correct VLAN

Answer 16

d. Create a VLAN and add the users’ computers / ports to the correct VLAN

Question 17

Question # 17

What type of dedicated cryptographic processor that provides protection for cryptographic keys?

a. SSL/TLS accelerator
b. media gateway
c. SSL decryptor
d. hardware security module

Answer 17

d. hardware security module

Question 18

Question # 18

Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs?

a. local-based intrusion detection system
b. host-based intrusion detection system
c. host-based application protection
d. local-based application protection

Answer 18

b. host-based intrusion detection system

Question 19

Question # 19

When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used?

a. priority tunnel
b. split tunneling
c. full tunnel
d. shared tunneling

Answer 19

b. split tunneling

Question 20

Question # 20

What type of network is a private network that can also be accessed by authorized external customers, vendors, and partners?

a. extranet
b. intranet
c. enterprise network
d. guest network

Answer 20

a. extranet

Question 21

Question # 21

If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration?

a. physical network segregation
b. complete network segregation
c. network isolation
d. logical network segregation

Answer 21

a. physical network segregation

Question 22

Question # 22

What term is used to describe the software agents that are used by NAC and installed on devices to gather information?

a. NAC check agents
b. server health agents
c. host agent health checks
d. network health agents

Answer 22

c. host agent health checks

Question 23

Question # 23

Describe how Network Access Control (NAC) works.

Network Access Control assesses the condition of a device before allowing connection to a network. Any system not meeting the minimum security requirements is placed in quarantine and allowed to correct deficiencies before retesting against the NAC for access.

Answer 23

NAC examines the current state of a system or network device before it is allowed to connect to the network. Any device that does not meet a specified set of criteria, such as having the most current anti-virus signature or the software firewall properly enabled, is only allowed to connect to a “quarantine” network where the security deficiencies are corrected. After the problems are solved, the device is connected to the normal network. The goal of NAC is to prevent computers with suboptimal security from potentially infecting other computers through the network.