chapter 9

Question 1

The firewall may be a single computer system or a set of two or more
systems that cooperate to perform the firewall function.

Answer 1

T

Question 2

A firewall can serve as the platform for IPSec.

Answer 2

T

Question 3

The firewall can protect against attacks that bypass the firewall

Answer 3

F

Question 4

A packet filtering firewall is typically configured to filter packets going
in both directions.

Answer 4

T

Question 5

One disadvantage of a packet filtering firewall is its simplicity

Answer 5

F

Question 6

The countermeasure to tiny fragment attacks is to discard packets with
an inside source address if the packet arrives on an external interface.

Answer 6

F

Question 7

A traditional packet filter makes filtering decisions on an individual
packet basis and does not take into consideration any higher layer context.

Answer 7

T

Question 8

A prime disadvantage of an application-level gateway is the additional
processing overhead on each connection.

Answer 8

T

Question 9

The primary role of the personal firewall is to deny unauthorized
remote access to the computer.

Answer 9

T

Question 10

A DMZ is one of the internal firewalls protecting the bulk of the
enterprise network

Answer 10

F

Question 11

A logical means of implementing an IPSec is in a firewall.

Answer 11

T

Question 12

Distributed firewalls protect against internal attacks and provide
protection tailored to specific machines and applications.

Answer 12

T

Question 13

An important aspect of a distributed firewall configuration is security
monitoring.

Answer 13

T

Question 14

Unlike a firewall, an IPS does not block traffic.

Answer 14

F

Question 15

Snort Inline enables Snort to function as an intrusion prevention
capability.

Answer 15

T

Question 16

_________ control determines the types of Internet services that can be accessed, inbound or outbound.
A. Behavior B. Direction
C. Service D. User

Answer 16

Service

Question 17

_________ control controls how particular services are used.
A. Service B. Behavior
C. User D. Direction

Answer 17

Behavior

Question 18

_________ control determines the direction in which particular service requests may be initiated and allowed to flow through the firewall.
A. Behavior B. User
C. Direction D. Service

Answer 18

Direction

Question 19

________ control controls access to a service according to which user is attempting to access it.
A. User B. Direction
C. Service D. Behavior

Answer 19

User

Question 20

The _________ defines the transport protocol.
A. destination IP address B. source IP address
C. interface D. IP protocol field

Answer 20

IP protocol field

Question 21

A __________ gateway sets up two TCP connections, one between itself and a TCP user on an inner host and one between itself and a TCP user on an outside host.
A. packet filtering B. stateful inspection
C. application-level D. circuit-level

Answer 21

circuit-level

Question 22

An example of a circuit-level gateway implementation is the __________ package.
A. application-level B. SOCKS
C. SMTP D. stateful inspection

Answer 22

SOCKS

Question 23

Typically the systems in the _________ require or foster external connectivity such as a corporate Web site, an e-mail server, or a DNS server.
A. DMZ B. IP protocol field
C. boundary firewall D. VPN

Answer 23

DMZ

Question 24

A _________ consists of a set of computers that interconnect by means of a relatively unsecure network and makes use of encryption and special protocols to provide security.
A. proxy B. UTM
C. VPN D. stateful inspection firewall

Answer 24

VPN

Question 25

A _________ configuration involves stand-alone firewall devices plus host-based firewalls working together under a central administrative control.
A. packet filtering firewall B. distributed firewall
C. personal firewall D. stateful inspection firewall

Answer 25

distributed firewall

Question 26

Typical for SOHO applications, a __________ is a single router between internal and external networks with stateless or full packet filtering.
A. single bastion T B. double bastion inline
C. screening router D. host-resident firewall

Answer 26

screening router

Question 27

__________ are attacks that attempt to give ordinary users root access.
A. Privilege-escalation exploits B. Directory transversals
C. File system access D. Modification of system resources

Answer 27

Privilege-escalation exploits

Question 28

__________ scans for attack signatures in the context of a traffic stream rather than individual packets.
A. Pattern matching B. Protocol anomaly
C. Traffic anomaly D. Stateful matching

Answer 28

Stateful matching

Question 29

__________ looks for deviation from standards set forth in RFCs.
A. Statistical anomaly B. Protocol anomaly
C. Pattern matching D. Traffic anomaly

Answer 29

Protocol anomaly

Question 30

The _________ attack is designed to circumvent filtering rules that depend on TCP header information.
A. tiny fragment B. address spoofing
C. source routing D. bastion host

Answer 30

tiny fragment