Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IS3220 NETWORK SECURITY, FIREWALLS, & VPNS > IS3220 CHAPTER 9 > Flashcards

IS3220 CHAPTER 9 Flashcards

1
Q

Hacking and testing utilities that use a brute force technique to craft packets and other forms of input directed toward the target is called ___?
These stress a system to push it to react improperly, to fail, or reveal unknown vulnerabilities.

A

FUZZING TOOLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. All the following are considered firewall management best practices EXCEPT?
  2. Have a written policy
  3. Provide open communications
  4. Maintain physical access control
  5. Don’t make assumptions
  6. Develop a checklist
A

Provide open communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. All the following are firewall management best practices EXCEPT?
  2. Lock, the watch
  3. Backup, backup, backup
  4. Keep it simple
  5. Perform penetration testing
  6. Implement fail-open response
A

Implement fail-open response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. You are the security administrator for a small medical facility. To be in compliance with federal HIPAA regulations, you need to deploy a firewall to protect the entrée office network. You are concerned that a firewall failure could result in compliance violations as well as legal costs due to client court cases. Which of the following is the best choice of firewall for this situation?
  2. Deploy a client system with a native OS firewall
  3. Select any open-source firewall product
  4. Use the firewall provided by the ISP connection device
  5. Deploy a well-known commercial firewall from the approved products list
  6. Use a multi-function device, such as a wireless access point
A

Deploy a well-known commercial firewall from the approved products list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. From the following options, what is the most important factor in selecting a firewall?
  2. Biometric authentication
  3. Types of traffic to be filtered
  4. Sales or discounts
  5. Bastion host OS
  6. Built-in antivirus scanning
A

Types of traffic to be filtered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. A well-designed and configured firewall provides more than sufficient security protection without any additional safeguards.
    TRUE OR FALSE
A

FALSE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Which of the following is a benefit of buying a ready-to deploy firewall over using a build-it-yourself firewall?
  2. Minimal setup time
  3. Less expensive
  4. Repurpose existing hardware
  5. Use open-source software
  6. More complex troubleshooting
A

Minimal setup time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Which of the following is a benefit of using a build-it-yourself firewall over buying a ready-to-deploy firewall?
  2. More costly
  3. On-site technical support
  4. Greater flexibility and customization
  5. Product warranty
  6. Requires skill and knowledge to deploy
A

Greater flexibility and customization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Which of the following is NOT one of the possible but rare attacks or exploits against a firewall?
  2. Coding flaw exploitation
  3. SMB share exploitation
  4. Buffer overflow attacks
  5. Firewalking
  6. Fragmentation
A

SMB share exploitation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. The exploit or attack known as ___ can be used to cause a DoS, confuse an IDS, or bypass firewall filtering.
  2. Obfuscation
  3. Trojan hors
  4. SQL injection
  5. Fragmentation overlapping
  6. Spoofing
A

Fragmentation overlapping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Although successful attacks and exploits against firewalls are area, what is the best response or resolution to such compromises?
  2. Deploy anti-malware scanning
  3. Add additional rules to the set
  4. Position the firewall on a non-choke point
  5. Increase the transmission frequency
  6. Patching and updating
A

Patching and updating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Tunneling across or through a firewall can be used to perform all of the following tasks EXCEPT?
  2. Uses a closed port for covert communications
  3. Bypass filtering restrictions
  4. Use any open port to support communication
  5. Allow external users access to internal resources
  6. Support secure authorized remote access
A

Uses a closed port for covert communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Which of the following statements is false?
  2. ICMP can be used as a tunneling protocol
  3. Encryption prevents filtering on content
  4. Outbound communications don’t need to be filtered
  5. Tunnels can be created using almost any protocol
  6. Tunnels can enable communications to bypass firewall filters
A

Outbound communications don’t need to be filtered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. Which of the following provides anonymous but not encrypted, tunneling services?
  2. Cryptcat
  3. JanusVM
  4. TOR
  5. PacketIX VPN
  6. HotSpotShield
A

TOR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. What is the best way to know that a firewall is functioning as expected?
  2. Review the documentation
  3. Presume it is until a patch is received from the vendor
  4. Test it
  5. Check the configuration
  6. Watch the log files
A

Test it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Which method of testing a firewall grants the tester the greatest range of freedom to perform tests that might douse physical or logical damage to a firewall?
  2. Live firewall tests
  3. Virtual firewall tests
  4. Laboratory test
  5. Simulation tests
  6. Production firewall tests
A

Virtual firewall tests

17
Q
  1. Which of the following tools tests and probes whether a port is open or closed?
  2. nmap
  3. netstat
  4. tcpview
  5. fport
  6. wireshark
A

nmap

18
Q
  1. Which of the following testing tools is an open-source vulnerability assessment engine that scans for known vulnerabilities?
  2. Snort
  3. Nessus
  4. Wireshark
  5. Netcat
  6. Syslog
A

Nessus

19
Q
  1. What is always the best tool for firewall troubleshooting?
  2. Source code
  3. Crimping tool
  4. Vulnerability scanner
  5. Information
  6. Fuzzing tool
A

Information

20
Q
  1. Which of the following is NOT a recommended commonsense element of troubleshooting?
  2. Isolate the problem
  3. Set it aside and return to it later
  4. Review change documentation
  5. Make fixes one at a time
  6. Have patience
A

Set it aside and return to it later

21
Q
  1. Which of the following is NOT part of a successful firewall use?
  2. Written plan
  3. Specific requirements
  4. Purchasing guidelines
  5. User survey of preferences
  6. Documentation
A

User survey of preferences

IS3220 NETWORK SECURITY, FIREWALLS, & VPNS (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions