Firewalls Flashcards

1
Q

Which of the following are characteristics of a circuit-level gateway? (Select two.)

Filters IP address and port
Filters based on sessions
Filters based on URL
Stateful
Stateless
A

Filters based on sessions

Stateful

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following functions are performed by proxies? (Select two.)

Give users the ability to participate in real-time text-based Internet discussions
Block employees from accessing certain Web sites
Cache web pages
Store client files
Filter unwanted e-mail
Block unwanted packets from entering your private network

A

Block employees from accessing certain Web sites

Cache web pages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You administer a Web server on your network. The computer has multiple IP addresses. They are
192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web
site as follows:
0 IP address: 192.168.23.8
0 HTTP Port: 1030
SSL Port: 443
Users complain that they can’t connect to the Web site when they type www.westsim.com. What is the most
likely source of the problem?

The HTTP port should be changed to 80.
Clients are configured to look for the wrong IP address.
FTP is not configured on the server.
SSL is blocking Web traffic.

A

The HTTP port should be changed to 80.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which port does Telnet use?

23
80
25
34

A

23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following
does the router use for identifying allowed or denied packets?
MAC address
Username and password
IP address
Session ID

A

IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You have been given a laptop to use for work. You connect the laptop to your company network, use it from
home, and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?

Proxy server
Host based firewall
VPN concentrator
Network based firewall

A

Host based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service
which of the following needs to be done?

Open port 80 to allow SNMP service.
Open port 110 to allow SMTP service.
Open port 110 to allow POP3 service.
Open port 25 to allow SMTP service.
Open port 25 to allow SNMP service.
Open port 80 to allow SMTP service.
A

Open port 25 to allow SMTP service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following does a router acting as a firewall use to control which packets are forwarded or
dropped?

PPP
RDP
IPsec
VNC
ACL
A

ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How does a proxy server differ from a packet filtering firewall?

A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network
layer.
A proxy server is used to create a DMZ, while a packet filtering firewall can only be used for screened
subnets.
A proxy server can prevent unknown network attacks, while a packet filtering firewall can only prevent
known attacks.
A proxy server includes filters for the session ID as well as the IP address and port number.

A

A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network
layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic.
Which of the following TCP/IP ports should you open on the firewall? (Select two.)

143
25
443
21
110
A

25

110

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which protocol and port number is used by BOOTP/DHCP?

TCP 69
UDP 123
TCP 67
UDP 67
TCP 123
UDP 69
A

UDP 67

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Haley configures a Web site using Windows 2000 default values. What are the HTTP port and SSL port
settings?

80 for HTTP; 443 for SSL
440 for HTTP; 160 for SSL
160 for HTTP; 440 for SSL
443 for HTTP; 80 for SSL

A

80 for HTTP; 443 for SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You manage a small network at work. Users use workstations connected to your network. No portable
computers are allowed.
As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan
the e-mails and prevent any e-mails with malicious attachments from being received by users.
Your solution should minimize administration, allowing you to centrally manage the scan settings.
Which solution should you use?

Network based firewall
Host based firewall
DMZ
SMTP

A

Network based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Your company has a connection to the Internet that allows users to access the Internet. You also have a Web
server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for
these two servers.
Which type of device should you use to create the DMZ?
IPS
Network based firewall
VPN concentrator
IDS
Host based firewall

A

Network based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
You have just installed a packet-filtering firewall on your network. What options will you be able to set on
your firewall? Select all that apply.
Destination address of a packet
Sequence number
Checksum
Digital signature
Port number
Source address of a packet
Acknowledgement number
A

Destination address of a packet

Port number

Source address of a packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is a firewall function?

Frame filtering
FTP hosting
Protocol conversion
Packet filtering
Encrypting
A

Packet filtering

17
Q

You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to
Internet users. The Web server must communicate with a database server for retrieving product, customer,
and order information.
How should you place devices on the network to best protect the servers? (Select two.)

Put the Web server on the private network.
Put the Web server inside the DMZ.
Put the database server on the private network.
Put the database server inside the DMZ.

A

Put the Web server inside the DMZ.

Put the database server on the private network.

18
Q

Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by
the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that
are downloaded over the leased connection, without decreasing performance.
What is the best way to do this?

Install modems in employees’ computers
Implement NAT
Install a proxy server
Install a packet-filtering firewall

A

Install a proxy server

19
Q
Which of the following network services or protocols uses TCP/IP port 22?
NNTP
TFTP
IMAP4
SSH
A

SSH

20
Q

You have recently installed a new Windows Server 2003 system. To ensure the accuracy of the system time,
you have loaded an application that synchronizes the hardware clock on the server with an external time
source on the Internet. Now, you must configure the firewall on your network to allow time synchronization
traffic through.
Which of the following ports are you most likely to open on the firewall?

123
110
119
80

A

123