IS3220 CHAPTER 9 Flashcards
1
Q
Hacking and testing utilities that use a brute force technique to craft packets and other forms of input directed toward the target is called ___?
These stress a system to push it to react improperly, to fail, or reveal unknown vulnerabilities.
A
FUZZING TOOLS
2
Q
- All the following are considered firewall management best practices EXCEPT?
- Have a written policy
- Provide open communications
- Maintain physical access control
- Don’t make assumptions
- Develop a checklist
A
Provide open communications
3
Q
- All the following are firewall management best practices EXCEPT?
- Lock, the watch
- Backup, backup, backup
- Keep it simple
- Perform penetration testing
- Implement fail-open response
A
Implement fail-open response
4
Q
- You are the security administrator for a small medical facility. To be in compliance with federal HIPAA regulations, you need to deploy a firewall to protect the entrée office network. You are concerned that a firewall failure could result in compliance violations as well as legal costs due to client court cases. Which of the following is the best choice of firewall for this situation?
- Deploy a client system with a native OS firewall
- Select any open-source firewall product
- Use the firewall provided by the ISP connection device
- Deploy a well-known commercial firewall from the approved products list
- Use a multi-function device, such as a wireless access point
A
Deploy a well-known commercial firewall from the approved products list
5
Q
- From the following options, what is the most important factor in selecting a firewall?
- Biometric authentication
- Types of traffic to be filtered
- Sales or discounts
- Bastion host OS
- Built-in antivirus scanning
A
Types of traffic to be filtered
6
Q
- A well-designed and configured firewall provides more than sufficient security protection without any additional safeguards.
TRUE OR FALSE
A
FALSE
7
Q
- Which of the following is a benefit of buying a ready-to deploy firewall over using a build-it-yourself firewall?
- Minimal setup time
- Less expensive
- Repurpose existing hardware
- Use open-source software
- More complex troubleshooting
A
Minimal setup time
8
Q
- Which of the following is a benefit of using a build-it-yourself firewall over buying a ready-to-deploy firewall?
- More costly
- On-site technical support
- Greater flexibility and customization
- Product warranty
- Requires skill and knowledge to deploy
A
Greater flexibility and customization
9
Q
- Which of the following is NOT one of the possible but rare attacks or exploits against a firewall?
- Coding flaw exploitation
- SMB share exploitation
- Buffer overflow attacks
- Firewalking
- Fragmentation
A
SMB share exploitation
10
Q
- The exploit or attack known as ___ can be used to cause a DoS, confuse an IDS, or bypass firewall filtering.
- Obfuscation
- Trojan hors
- SQL injection
- Fragmentation overlapping
- Spoofing
A
Fragmentation overlapping
11
Q
- Although successful attacks and exploits against firewalls are area, what is the best response or resolution to such compromises?
- Deploy anti-malware scanning
- Add additional rules to the set
- Position the firewall on a non-choke point
- Increase the transmission frequency
- Patching and updating
A
Patching and updating
12
Q
- Tunneling across or through a firewall can be used to perform all of the following tasks EXCEPT?
- Uses a closed port for covert communications
- Bypass filtering restrictions
- Use any open port to support communication
- Allow external users access to internal resources
- Support secure authorized remote access
A
Uses a closed port for covert communications
13
Q
- Which of the following statements is false?
- ICMP can be used as a tunneling protocol
- Encryption prevents filtering on content
- Outbound communications don’t need to be filtered
- Tunnels can be created using almost any protocol
- Tunnels can enable communications to bypass firewall filters
A
Outbound communications don’t need to be filtered
14
Q
- Which of the following provides anonymous but not encrypted, tunneling services?
- Cryptcat
- JanusVM
- TOR
- PacketIX VPN
- HotSpotShield
A
TOR
15
Q
- What is the best way to know that a firewall is functioning as expected?
- Review the documentation
- Presume it is until a patch is received from the vendor
- Test it
- Check the configuration
- Watch the log files
A
Test it
16
Q
- Which method of testing a firewall grants the tester the greatest range of freedom to perform tests that might douse physical or logical damage to a firewall?
- Live firewall tests
- Virtual firewall tests
- Laboratory test
- Simulation tests
- Production firewall tests
A
Virtual firewall tests
17
Q
- Which of the following tools tests and probes whether a port is open or closed?
- nmap
- netstat
- tcpview
- fport
- wireshark
A
nmap
18
Q
- Which of the following testing tools is an open-source vulnerability assessment engine that scans for known vulnerabilities?
- Snort
- Nessus
- Wireshark
- Netcat
- Syslog
A
Nessus
19
Q
- What is always the best tool for firewall troubleshooting?
- Source code
- Crimping tool
- Vulnerability scanner
- Information
- Fuzzing tool
A
Information
20
Q
- Which of the following is NOT a recommended commonsense element of troubleshooting?
- Isolate the problem
- Set it aside and return to it later
- Review change documentation
- Make fixes one at a time
- Have patience
A
Set it aside and return to it later
21
Q
- Which of the following is NOT part of a successful firewall use?
- Written plan
- Specific requirements
- Purchasing guidelines
- User survey of preferences
- Documentation
A
User survey of preferences
