Networking, Appliances, Applications & Functions

Question 1

Service-dependent filtering
the method by which a firewall examines the port numbers in Transport layer protocol headers is

Answer 1

Service-dependent filtering

Question 2

Which of the following criteria does a firewall capable of service-dependent filtering use to block traffic?
a. Hardware addresses
b. Protocol identifiers
c. IP addresses
d. Port numbers

Answer 2

Port Numbers

Question 3

Explain hubs and switches in relation to collision domains

Answer 3

All of the devices connected to a hub are part of a single collision domain, whereas each device connected to a switch has its own collision domain.

Question 4

Both switches and bridges process incoming packets by scanning their Data link layer hardware addresses and forwarding the packets out the port connected to the destination system. How many ports to switches and bridges have respectively?

Answer 4

Many and two

Question 5

Cut-through switches are fast, because

Answer 5

hey look at only the first 6 bytes (the destination media access control, or MAC, address) when forwarding a frame. They do not perform a cyclical redundancy check (CRC) on the entire frame’s contents prior to forwarding it out a port leading to the destination.

Question 6

Source route is a bridging technique in which

Answer 6

the source host, not the switch, determines the path a frame will take through a network to reach a destination.

Question 7

Store-and-forward switches take in the

Answer 7

entire frame and verify its contents by performing a CRC calculation before forwarding it.

Question 8

What security measure can scan Transport layer header fields for evidence of SYN floods

Answer 8

a firewall capable of stateful packet inspection

Question 9

methods typically used by intrusion detection systems (IDSs) to analyze incoming network traffic

Answer 9

Anomaly-based detection and Signature-based detection

Question 10

Security information and event management (SIEM) systems can function as a central clearinghouse for information gathered by

Answer 10

IDSs and other security processes

Question 11

Which piece of hardware or software connects networks by translating communications from one protocol to another

Answer 11

Gateway

Question 12

Each port on a router defines

Answer 12

a separate broadcast domain

Question 13

a next-generation firewall (NGFW) has

Answer 13

Deep packet inspection (DPI)

Question 14

Content filters are a firewall feature that examine

Answer 14

the data inside packets, rather than their origin, to locate objectionable material

Question 15

Load balancers typically do not use the__________________ to direct traffic since this is a factor that does not change.

Answer 15

hardware configuration of the servers

Question 16

A load balancer is a type of

Answer 16

Router

Question 17

Stateful packet inspection is a firewall feature that enables the device

Answer 17

to examine network and Transport layer header fields, looking for patterns that indicate damaging behaviors, such as IP spoofing, SYN floods, and teardrop attacks.