Chapter 6 Flashcards
Combo: Quiz 6 plus Book End of Chapter Questions
Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend?
a. router
b. hub
c. virtual private network
d. SIEM device
a. router
Describe how a mail gateway operates?
A mail gateway is designed to prevent dangerous emails from being delivered. Most mail gateways operate by monitoring inbound and outbound emails. In the case of inbound emails, a mail gateway searches the content in the email for anything that can be deemeed dangerous (malware, spam, and phishing attacks). In the case of outbounds emails, a mail gateway blocks any data that is sensitive in nature (healthcare records and/or financial data).
A firewall that keeps a record of the state of a connection between an internal computer an external device is using what technology below?
a) stateful packet filtering
b) stateless fram filtering
c) stateful frame filtering
d) stateless packet filtering
a) stateful packet filtering
Discuss the two advantages that NAT provides.
One advantage of using NAT is that you can use a NAT router. This device can add an additional layer of security by acting as a firewall by discarding unwanted packets. These discarded packets are denied access because they were not first sent out by the router.
A second advantage of using NAT is that you can mask the IP addressses of internal devices. Without the acutal IP address of the router, it is much more difficult to identify and attack a computer.
What is the difference between anomaly based monitoring and signature based monitoring?
The difference between anomaly based monitoring and signature based monitoring is who the strategy relies on enable it to work correctly. In the case of anomaly monitoring, it relies on the internal behavior of a user or network to make determinations on when to raise an alarm. In contrast, signature based monitoring relies on outside party like and updated database of signatures to make determinations on when to raise an alarm.
When VPN network traffic is routing only some traffic over the secure VPN while other traffci directly accesses the Internet, what technology is being used?
a) shared tunneling
b) full tunnel
c) priority tunnel
d) split tunneling
d) split tunneling
Anomaly monitoring is designed for detecting statistical anomalies.
(T/F)
True
What vendor neutral protocol implements support for VLAN tagging?
a) VSTP
b) ISL
c) VTP
d) 802.1 Q
d) 802.1 Q
What technology enables authorized users to use an unsecured public networks, such as the Internet as if it were a secure private network?
a) VPN
b) endpoint
c) router
d) IKE tunnel
a) VPN
One use of data loss prevention (DLP) is blocking the copying of file to a USB flash drive.
(T/F)
True
What data unit is associated with Open Systems Interconnection layer two?
a) frame
b) packet
c) segment
d) bit
a) frame
Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the organization’s secure intranet. Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?
a. A bridge will block packets between two different types of networks.
b. A bridge cannot be used on any Internet connection.
c. A bridge would block packets from reaching the Internet.
d. A bridge could permit access to the secure wired network from the unsecured wireless network.
d. A bridge could permit access to the secure wired network from the unsecured wireless network.
Which of these would NOT be a filtering mechanism found in a firewall ACL rule?
a. Source address
b. Direction
c. Date
d. Protocol
c. Date
Which of the following devices can identify the application that send packets and then make decisions about filtering based on it?
a. Internet content filter
b. Application-based firewall
c. Reverse proxy
d. Web security gateway
b. Application-based firewall
Which function does an Internet content filter NOT perform?
a. Intrusion detection
b. URL filtering
c. Malware inspection
d. Content inspection
a. Intrusion detection