Internet Appliances Facts

Question 1

_____ is responsible for ensuring network uptime, security, and access to network resources.

Answer 1

network administrator

Question 2

Internet appliances can be implemented to help make the network administrator’s job easier by:

Answer 2

-automating tasks
-providing network security
-monitoring the network for potential issues.

Question 3

Internet appliances can come in two forms:

Answer 3

-One form is an embedded system that contains all hardware and software in one device.
-The other form is software running on a server.

Question 4

You can use a _____ to monitor the servers and distribute traffic so one server does not get overwhelmed

Answer 4

load balancer

Question 5

_____ work by reading the information in the packet headers of incoming traffic and using algorithms to determine the best flow of traffic.

Answer 5

Network layer load balancers

Question 6

Round robin

Answer 6

is the most basic algorithm. the servers handle network requests in sequential order. The load balancer does not monitor each server’s current load, as it assumes the servers can handle each request in the same amount of time.
This can still lead to a server getting overwhelmed.

Question 7

This algorithm works the same as the round robin, but takes the server’s power into consideration. A more powerful server is sent more traffic than less powerful servers.

Answer 7

Weighted round robin

Question 8

_____ algorithm looks at the active connections each server is handling and sends the network traffic to the server that currently has the lowest number of connections.

Answer 8

The least connections

Question 9

Least connections treats each network request equally.
Does not take into account that some requests require more time.
Does not take into account the power of each server.

Answer 9

facts

Question 10

Example of least connections is

Answer 10

if a request comes in that will take a long time to process, the load balancer can’t take this into consideration. It might direct that traffic to the next server in line, but that server might already be dealing with another request. This can cause that server to get backed up and slow down the network.

Question 11

Example of least connections is

Answer 11

if a request comes in that will take a long time to process, the load balancer can’t take this into consideration. It might direct that traffic to the next server in line, but that server might already be dealing with another request. This can cause that server to get backed up and slow down the network.

Question 12

This algorithm distributes traffic based on the active connections and the processing power of each server.

Answer 12

weighted least connections

Question 13

This algorithm creates a hash key based on the source and destination IP addresses. The hash key is assigned to a server and all requests for the remainder of the active session are handled by that same server.

Answer 13

Source IP hash

Question 14

-makes decisions based solely on the data in the packet header which results in a lot of guesswork.
-This can lead to inefficient distribution of traffic between the servers.

Answer 14

network layer load balancer

Question 15

_____ can distribute traffic based on the content of network packets including the HTTP header, HTTP message, and the session cookies.

Answer 15

application layer load balancer

Question 16

The application layer load balancer also tracks the responses from the servers, so it can keep track of whether the session will continue or not. This allows the load balancer to make routing decisions based on data and not guess work. (true or false)

Answer 16

true

Question 17

The application layer load balancer most commonly uses the least pending request (LPR) algorithm. This algorithm monitors all pending requests and routes them to the most available server. This algorithm allows the load balancer to continue to monitor all server loads and instantly make adjustments in case there’s a sudden surge of incoming connections.

Answer 17

facts

Question 18

Spam email can be extremely dangerous to the network as it can introduce malware and clog the network. (true/false)

Answer 18

true

Question 19

You can use a _____ internet appliance to monitor incoming and outgoing emails to reduce the amount of spam affecting the network.

Answer 19

spam gateway

Question 20

The spam gateway can block incoming spam emails using these methods: (1/3)

Answer 20

1) Comparing sender addresses to a blocklist.
Example: If the sender is on a blocklist, the email is blocked. The problem with using this method is that it is fairly easy to bypass the blocklist by spoofing (faking) the sender’s email address.

Question 21

The spam gateway can block incoming spam emails using these methods: (2/3)

Answer 21

2) Using email authentication technologies on the spam gateway.

Question 22

The spam gateway can block incoming spam emails using these methods: (3/3)

Answer 22

3) Checking embedded links in the email.
Explain: If the link redirects to a malicious site, the email will be blocked.

Question 23

Some spam gateways monitor outgoing emails to prevent spam emails from leaving the network. If spam emails come from the organization’s domain, the domain can be added to other organizations’ blocklists. (true/false)

Answer 23

true

Question 24

DMARC:

Answer 24

-Verifies the email sender.
-Tells the recipient what to do if neither authentication method passes.
-Allows the recipient to tell the sender about messages that pass or fail DMARC authentication.

Question 25

_____ is an internet appliance that you can implement on the network

Answer 25

proxy server

Question 26

The proxy server is typically configured to monitor all incoming and outgoing network traffic. It determines if the traffic is allowed or not. (true or false)

Answer 26

true

Question 27

The _____ can configure the proxy server to block specific categories of content, such as gambling websites.
The _____ also keeps internal users anonymous since all outgoing traffic shows as coming from the proxy server.

Answer 27

network administrator, proxy server

Question 28

In many instances, the proxy server also caches information from sites on the internet. It works like this:

Answer 28

-When a client computer requests an allowed website, it directs the traffic to the site and caches a copy of it.
-When a second or subsequent request for that website is made, rather than go to the internet to get that site’s information, the proxy server provides the cached content.
-This eliminates repetitive requests and speeds up internet queries.
-At configured intervals, the proxy server re-caches website information so the cache doesn’t become stale.

Question 29

_____ combines multiple functions into a single device.

Answer 29

The unified threat management (UTM) internet appliance

Question 30

The _____ is responsible for monitoring and controlling all incoming and outgoing traffic.

Answer 30

firewall

Question 31

-The firewall controls the flow of data based on rules that have been configured by the network administrator.
-Most firewalls are configured to detect the type of traffic; the source and destination addresses; and ports.
(true/false)

Answer 31

true

Question 32

_____ monitors all network traffic looking for anything out of the ordinary.

Answer 32

Intrusion prevention system (IPS)

Question 33

When malicious or suspicious packets are detected, the IPS blocks the packets and notifies the network security team so further action can be taken. (true/false)

Answer 33

true

Question 34

Anti-malware

Answer 34

Many UTM appliances use anti-malware software to detect and prevent malware from infecting the network.
Malware can include viruses, spyware, ransomware, and other malicious software. It should be blocked from the network. Malware programs can devastate a network by destroying, stealing, or blocking access to critical data and infrastructure.

Question 35

Content filtering

Answer 35

Similar to the proxy server, the UTM can monitor HTTP requests and block unauthorized web sites. The rules are configured by the network administrator.

Question 36

The unified threat management appliance can provide other functions such as routing functions, VPN support, NAT, etc. More advanced UTM appliances can implement other appliances such as the load balancer, proxy server, spam gateway, etc.

Answer 36

facts

Question 37

combines the protections of both Domain Keys Identified Mail (DKIM) and Sender Policy Frameworks (SPF)

Answer 37

Domain-based Message Authentication, Reporting, and Conformance (DMARC).

Question 38

protect users from malicious emails.

Answer 38

Sender Policy Frameworks (SPF)