Chapter 13 Flashcards
What type of function is being performed when a router screens packets based on information in the packet header?
router screening
Which of the following describes a team of professionals whose job is to detect and respond to security incidents?
Security Operations Center (SOC)
What device is designed specifically to reduce broadcast traffic that passes over a network and to choose the best path for moving those packets?
router
To see what information is stored in RAM, a Cisco administrator would enter which command?
show running-config
A firewall that blocks a Telnet session from leaving the network over TCP port 443 uses which of the following?
Application layer inspection
Application layer inspection
False
Which of the following describes a tool that collects logs and alerts from multiple devices for security analysis?
Security Information and Event Management (SIEM)
Which of the following Cisco router components holds the router’s configuration file, and retains the configuration file’s information from being lost if the router is turned off?
NVRAM
Firewalls are installed on a network to protect a company’s internal network from dangers on the Internet. True or False?
True
Which type of Cisco access lists can restrict IP traffic entering or leaving a router’s interface based only on the source IP address?
Standard IP
Web filters can prevent which type of malicious activity?
Drive-by download
A large organization that is responsible for sensitive or critical data may elect to create which of the following to do damage assessment, risk remediation, and legal consultation?
Security Operations Center
A honeypot might be used in a network for which of the following reasons? (Choose all that apply.)
Lure or entrap hackers so that law enforcement can be informed.
Gather information on new attacks and threats.
Distract hackers from attacking legitimate network resources.
A router using a distance-vector routing protocol sends only new information to other routers on the network. True or False?
False
A stateful packet inspection firewall keeps track of network connections by using which of the following?
A state table
A standard IP access list can’t filter IP packets based on a destination address. True or False?
True
Which of the following sits between the Internet and the internal network and is sometimes referred to as a perimeter network?
DMZ
A benchmark is an industry consensus of best practices for writing access lists. True or False?
False
What type of packet filtering records session-specific information about a network connection, including the ports a client uses?
Stateful
Which of the following Cisco router components holds the router’s running configuration, routing tables, and buffers; this information is lost if the router is turned off?
RAM
Which type of memory contains a minimum version of Cisco’s IOS that is used to boot the router if the Cisco IOS becomes corrupted?
Read-only memory
A standard IP access list is restricted to source IP addresses.
True
What type of an IDS is being used when it does not take any action to stop or prevent an activity occurring?
passive system
Which type of routing protocol advertises only new paths to other routers on the network?
Link-state routing protocol
What type of firewall inspects network traffic at a higher level in the OSI model than a traditional stateful packet inspection firewall does?
application-aware firewall
What type of IDSs/IPSs monitors activity on network segments by sniffing traffic as it flows over the network and alerting a security administrator when something suspicious occurs?
Network-based
Which component holds the IOS a Cisco router can use?
Flash memory
Firewalls use which of the following to hide the internal network topology from outside users?
NAT
What specific type of tools can assist teams by identifying attacks and indicators of compromise by collecting, aggregating, and correlating log and alert data from routers, firewalls, IDS/IPS, endpoint logs, Web filtering devices, and other security tools?
SIEM
Which of the following Cisco components stores a router’s running configuration, routing tables, and buffers?
RAM