Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Networking + > Chapter 15: Physical and Hardware Security > Flashcards

Chapter 15: Physical and Hardware Security Flashcards

1
Q
  1. In general, firewalls work by ___________________.
    A. Rejecting all packets regardless of security restrictions
    B. Forwarding all packets regardless of security restrictions
    C. Allowing only packets that pass security restrictions to be forwarded
    D. None of the above
A
  1. C. Firewalls work by allowing only packets that pass security restrictions to be forwarded through the firewall. A firewall can also permit, deny, encrypt, decrypt, and proxy all computer traffic that flows through it; this can be between a public and private network or between different security domains (or zones) on a private network. You as the administrator set up the rules by which a firewall decides to forward or reject packets of data.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
2. In which layer of the OSI model do software firewalls operate? (Choose all that apply.)
A. Application
B. Presentation
C. Physical
D. Network
A
  1. A, D. Firewalls work at the Application layer or the Network layer.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What is the main difference between a network-based firewall and a host-based firewall?
    A. A network-based firewall protects the Internet from attacks.
    B. A network-based firewall protects a network, not just a single host.
    C. A network-based firewall protects the network wires.
    D. A network-based firewall protects a CD from data loss.
A
  1. B. A network-based firewall is what companies use to protect their private network from public networks. The defining characteristic of this type of firewall is that it’s designed to protect an entire network of computers as opposed to just one system. This is usually a combination of hardware and software. A host-based firewall is implemented on one machine and is designed to protect that machine only. Most often, this is implemented as software; no additional hardware is required in your personal computer to run a host-based firewall.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What is one advantage that a stateless firewall has over its stateful counterparts?
    A. It uses less power.
    B. It utilizes less memory.
    C. It’s better at preventing network attacks.
    D. It works better on external networks.
A
  1. B. The one big advantage that a stateless firewall has over its stateful counterparts is that it uses less memory. Today, stateless firewalls are best if used on an internal network where security threats are lower and there are few restrictions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
5. Which if the following items cannot be identified by the NESSUS program?
A. Default password use
B. Incorrect IP addresses
C. Unsecured data
D. Missing security patches
A
  1. B. NESSUS cannot identify an incorrect IP addresses.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
6. What is the benefit of using a firewall?
A. Protects external users
B. Protects external hardware
C. Protects LAN resources
D. Protects hardware from failure
A
  1. C. One of the benefits of using a firewall is that it helps protect LAN resources from unwanted attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
7. IDS systerms can identify attackers by their \_\_\_\_\_\_\_\_\_\_\_\_.
A. Port number
B. Signature
C. Timing
D. IV
A
  1. B. An intrusion detection system (IDS) monitors network traffic, looking for signs of an intrusion. Intrusions are detected by an attack signature.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
8. Which device can limit traffic on a network and allow access onto specific TCP/IP port numbers when security is a concern?
A. Hub
B. Firewall
C. DNS
D. Modem
A
  1. B. Firewalls, which use access lists, can permit or deny connections and types of traffic in or out of the network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
9. Which is not a type of access control list (ACL)?
A. Standard
B. Extended
C. Referred
D. Outbound
A
  1. C. Standard, extended, and outbound are all types of ACL. Referred is not.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
10. What is it called when the firewall ignores an attack?
A. Logging
B. Shunning
C. Notification
D. False negative
A
  1. B. You can sometimes just ignore the attack because it’s possible it won’t affect your network. This is called shunning.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is the function of a DMZ?
    A. To separate a security zone for an IPS and IDS server
    B. To create a security zone for VPN terminations
    C. To create a security zone that allows public traffic but is isolated from the private inside network
    D. To create a security zone that allows private traffic but is isolated from the public network
A
  1. C. A DMZ can be set up many different ways, but the best explanation is the DMZ is used to separate and secure your inside network from the Internet, while still allowing hosts on the Internet to access your servers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
12. Which of the following are types of services that firewalls can provide?
A. Content filtering
B. Segregate network segments
C. Signature identification
D. Scanning services
E. All of the above
A
  1. E. Most firewalls provide content filtering, signature identification, and the ability to segregate network segments into separate security zones. Most firewalls are also capable of performing scanning services, which means that they scan different types of incoming traffic in an effort to detect problems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
13. Which type of security device monitors network traffic, looking for signs of an intrusion?
A. Intrusion detection system
B. Demilitarized zone (DMZ)
C. Firewall
D. VPN concentrator
A
  1. A. An intrusion detection system (IDS) monitors network traffic, looking for signs of an intrusion. Intrusions are detected by matching activity versus known signatures within the IDS’s database. If an intrusion is detected, a passive response such as logging or notifying a network administrator is executed. An intrusion prevention system (IPS) is like an IDS, but with two key differences. First, it learns what is “normal” on the network and can react to abnormalities even if they aren’t part of the signature database. Second, it can issue an active response such as shutting down a port, resetting connections, or attempting to lull the attacker into a trap.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
14. Which of the following is a vulnerability scanner?
A. Network Monitor
B. NESSUS
C. Traceroute
D. Tripwire
A
  1. B. NESSUS is a propriety vulnerability scanning program that requires a license for commercial use yet is the single most popular scanning program in use.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Which of the following is NOT a function of NMAP?
    A. Perform port scanning
    B. Identify operating systems
    C. Collect passwords
    D. Identify versions of network services in operation on the network
A
  1. C. NESSUS does not collect passwords.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
16. Changing network configurations, terminating sessions, and deceiving the attacker are actions that can be taken from what type of security device?
A. Access control list (ACL)
B. Content filtering
C. Security zones
D. Intrusion prevention system (IPS)
A
  1. D. Changing network configurations, terminating sessions, and deceiving the attacker are all actions that can be taken by an IPS device.
17
Q 
17. \_\_\_\_\_\_\_\_\_\_\_act on behalf of the whole network to completely separate packets from internal hosts and external hosts.
A. Honeypots
B. IDSs
C. IPSs
D. Proxies
A
  1. D. Proxies act on behalf of the whole network to completely separate packets from internal hosts and external hosts.
18
Q
  1. Which of the following cannot be identified by NESSUS?
    A. Unsecured access to sensitive data on a system
    B. IP address conflicts
    C. Misconfigurations like open mail relay
    D. Password issues
A
  1. B. NESSUS operates by performing a port scan and then follows up with more specific tests, but it cannot identify IP address conflicts.
19
Q 
19. A \_\_\_\_\_\_\_\_\_\_\_ firewall keeps track of the established connections passing through it.
A. Hardware
B. Software
C. Stateful
D. Network
A
  1. C. A stateful firewall keeps track of the established connections passing through it. When another packet is received that’s part of an existing connection (part of a current state), the packet is passed without checking the ACLs.
20
Q 
20. A(n) \_\_\_\_\_\_\_\_\_\_\_ learns what is “normal” on the network and can react to abnormalities even if they’re not part of the signature database.
A. IDS
B. Firewall
C. IPS
D. VPN concentrator
A
  1. C. An intrusion prevention system (IPS) is like an IDS, but with two key differences. First, it learns what is “normal” on the network and can react to abnormalities even if they’re not part of the signature database. Second, it can issue an active response such as shutting down a port, resetting connections, or attempting to lull an attacker into a trap.

Networking + (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions