Final Exam Prep - Lecture Items

Question 1

defense-in-depth

Answer 1

the most important firewall principle is to

multiple layers of defense mechanisms:

• The first line is a prevention mechanism
• second line is detection and response mechanisms
• third is attack resilient technologies

Question 2

DMZ

Answer 2

his public facing service, that while it is part of the enterprise network, it is separated from
the trusted network. For example, while customers can interact with
the web service in the DMZ to log
in and submit transaction requests, they cannot directly access the servers in the trusted network that
are authorizing and processing the transactions.

Question 3

Typically the systems in the ________ require or foster external connectivity such as a corporate Web site, an e-mail server, or a DNS server.

Answer 3

DMZ

Question 4

Firewalls can stop Hackers breaking into your system

Answer 4

True

Question 5

T/F Firewalls can stop viruses and worms that spread through email

Answer 5

False

Question 6

viruses and worms that spread through THE INTERNET

Answer 6

True

Question 7

Examples of IPSec security measures

Answer 7

authentication of source IP addresses, 
confidentiality and integrity protection of packet data. 
And authenticity of packet data, 
in particular preventing replay of 
packets.

Question 8

IP Spoofing is used for

Answer 8

Unidirectional Communication

Question 9

2 operation modes of IPSec

Answer 9

Transport

Tunnel

Question 10

IPSec can assure that a router advertisement comes from an authorized router

Answer 10

True

Question 11

IPSec can assure that a routing update is not forged

Answer 11

True

Question 12

IPSec can assure that a redirect message comes from the router to which the initial packet was sent

Answer 12

True

Question 13

3 parts of IPSec architecture

Answer 13

ESP - Encapsulating Security Payload
Authentication Header - AH
Internet Key Exchange - IKE

Question 14

ESP stands for

Answer 14

Encapsulated Security Payload