Firewalls Flashcards
Which of the following are characteristics of a circuit-level gateway? (Select two.)
Filters IP address and port Filters based on sessions Filters based on URL Stateful Stateless
Filters based on sessions
Stateful
Which of the following functions are performed by proxies? (Select two.)
Give users the ability to participate in real-time text-based Internet discussions
Block employees from accessing certain Web sites
Cache web pages
Store client files
Filter unwanted e-mail
Block unwanted packets from entering your private network
Block employees from accessing certain Web sites
Cache web pages
You administer a Web server on your network. The computer has multiple IP addresses. They are
192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web
site as follows:
0 IP address: 192.168.23.8
0 HTTP Port: 1030
SSL Port: 443
Users complain that they can’t connect to the Web site when they type www.westsim.com. What is the most
likely source of the problem?
The HTTP port should be changed to 80.
Clients are configured to look for the wrong IP address.
FTP is not configured on the server.
SSL is blocking Web traffic.
The HTTP port should be changed to 80.
Which port does Telnet use?
23
80
25
34
23
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following
does the router use for identifying allowed or denied packets?
MAC address
Username and password
IP address
Session ID
IP address
You have been given a laptop to use for work. You connect the laptop to your company network, use it from
home, and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?
Proxy server
Host based firewall
VPN concentrator
Network based firewall
Host based firewall
After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service
which of the following needs to be done?
Open port 80 to allow SNMP service. Open port 110 to allow SMTP service. Open port 110 to allow POP3 service. Open port 25 to allow SMTP service. Open port 25 to allow SNMP service. Open port 80 to allow SMTP service.
Open port 25 to allow SMTP service.
Which of the following does a router acting as a firewall use to control which packets are forwarded or
dropped?
PPP RDP IPsec VNC ACL
ACL
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network
layer.
A proxy server is used to create a DMZ, while a packet filtering firewall can only be used for screened
subnets.
A proxy server can prevent unknown network attacks, while a packet filtering firewall can only prevent
known attacks.
A proxy server includes filters for the session ID as well as the IP address and port number.
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network
layer.
You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic.
Which of the following TCP/IP ports should you open on the firewall? (Select two.)
143 25 443 21 110
25
110
Which protocol and port number is used by BOOTP/DHCP?
TCP 69 UDP 123 TCP 67 UDP 67 TCP 123 UDP 69
UDP 67
Haley configures a Web site using Windows 2000 default values. What are the HTTP port and SSL port
settings?
80 for HTTP; 443 for SSL
440 for HTTP; 160 for SSL
160 for HTTP; 440 for SSL
443 for HTTP; 80 for SSL
80 for HTTP; 443 for SSL
You manage a small network at work. Users use workstations connected to your network. No portable
computers are allowed.
As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan
the e-mails and prevent any e-mails with malicious attachments from being received by users.
Your solution should minimize administration, allowing you to centrally manage the scan settings.
Which solution should you use?
Network based firewall
Host based firewall
DMZ
SMTP
Network based firewall
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web
server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for
these two servers.
Which type of device should you use to create the DMZ?
IPS
Network based firewall
VPN concentrator
IDS
Host based firewall
Network based firewall
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply. Destination address of a packet Sequence number Checksum Digital signature Port number Source address of a packet Acknowledgement number
Destination address of a packet
Port number
Source address of a packet