Lesson 10 - Questions Flashcards
True or False? As they protect data at the highest layer of the protocol stack, application-based firewalls have no basic packet filtering functionality.
What distinguishes host-based personal software firewall from a network firewall appliance?
True or false? When deploying a non-transparent proxy, you must configure clients with the proxy address and port.
What is usually the purpose of the default rule on a firewall?
True or false? Static NAT means mapping a single public/external IP address to a single private/internal IP address.
What is the best option for monitoring traffic passing from host-to-host on the same switch?
What sort of maintenance must be performed on signature-based monitoring software?
What is the principal risk of deploying an intrusion prevention system with behavior-based detection?
If a Windows system file fails a file integrity check, should you suspect a malware infection?
What is a WAF?
What is the purpose of SIEM?
What is the difference between a sensor and a collector, in the context of SIEM?
Does Syslog perform all the functions of a SIEM?
You are writing a shell script to display the last 5 lines of a log file at /var/log/audit in a dashboard. What is the Linux command to do this?