networking2 Flashcards
Linux stores passwords in the ____ file in encrypted format.
a. /etc/pass c. /etc/passwd
b. /root/passwd d. /system/password
/etc/passwd
Public-Key Infrastructure (PKI) must be used for ____ authentication.
a. Kerberos c. RADIUS
b. 802.1x Wi-Fi d. certificate-based
certificate-based
In ____________________-based access controls, access is granted based on a set of rules specified by the central authority.
ANS: rule
___________ is the act of confirming the identity of a potential user.
ANS: Authentication
With ____________________ authentication, the firewall enables the authenticated user to access the desired resources for a specific period of time.
ANS: client
____________________ IP address mappings work best because some TACACS+ systems use the source IP address to create the encryption key.
ANS: Static
The ____________________ password system, which is a feature of the Linux operating system that enables the secure storage of passwords, stores them in another file that has restricted access.
ANS: shadow
MATCHING CHAPTER 3
A firewall is designed to prevent all attackers, viruses, and would-be intruders from entering a computer or computer network. T/F
F
Mobile devices such as laptops, PDAs, and smartphones blur the perimeter boundary. T/F
T
A properly configured firewall only allows authorized connection attempts to the ports on the network it protects.
T/F
T
A packet-filtering firewall installed on a TCP/IP-based network typically functions at the TCP level. T/F
F
Application-layer gateways can control the way applications inside the network access external networks by setting up proxy services. T/F
T
Firewalls provide ____ services by examining packet headers and allowing traffic that conforms to estalished rules to continue.
a. packet filtering c. application proxy
b. NAT d. TCP/IP
a. packet filtering
Firewalls can be used to host ____ to reduce server load and improve Web-site performance.
a. logging c. VPN
b. shielding hosts d. cached data
d. cached data
A firewall may also help prevent some Trojan horses from leveraging the local network through unauthorized service ports called ____.
a. back doors c. perimeters
b. apPlication proxies d. content locks
a. back doors
Network perimeters may be blurred by ____.
a. VPNs c. Web sites
b. intranets d. desktop computers
a. VPNs
A ____ firewall enables you to log passing traffic, protecting the whole network at one time.
a. stateful c. perimeter
b. stateless d. DMZ
c. perimeter
A network that needs to connect to the Internet might have a ____ host and a service network.
a. walled c. packet
b. mail d. bastion
d. bastion
Ports numbers range from 0 to ____.
a. 1024 c. 65,535
b. 3999 d. 786,568
c. 65,535
The combination of a sender’s full address (network address plus port) and receiver’s address (network address plus port) makes up a ____.
a. socket c. bastion
b. packet d. DMZ
a. socket
A firewall can act as a(n) ____ server that makes high-level application connections on behalf of internal hosts and other machines.
a. proxy c. HTTP
b. forward d. outbound
a. proxy
____ are commonly used to connect two companies networks over the Internet in a site-to-site configuration.
a. Bastion hosts c. Proxy servers
b. VPNs d. Stateful proxies
b. VPNs
In the OSI model, level 1 is the ____ layer.
a. physical c. transport
b. data link d. application
a. physical
Application gateways function at the ____ layer of the OSI model.
a. presentation c. network
b. transport d. data link
a. presentation
Packet-filtering firewalls examine every incoming packet _____ and can selectively filter packets.
a. transport c. header
b. session d. data
c. header
A ____ contains the source’s IP and port as well as the destination’s IP and port, and it also provides information on the total time in seconds, the time remaining in seconds, and the protocol used (UDP or TCP).
a. state table c. datagram
b. packet header d. TCP table
a. state table
____ breaks a message into numbered segments so that it can be transmitted. It then reassembles the message when it reaches the destination computer.
a. TCP/IP c. IP filtering
b. UDP d. TCP filtering
b. UDP
To someone on the Internet or another outside network, it appears that all information is coming from a single computer when ____ is used.
a. PAT c. VPN
b. NAT d. IETF
a. PAT
____ firewalls can be used to perform load balancing.
a. Application gateway c. Stateless
b. Stateful d. NAT
a. Application gateway
Most firewalls fall into the ____ category.
a. application gateway c. MAC layer
b. packet-filter d. hybrid
d. hybrid
Third-generation, stateful inspection firewalls monitor network connections between internal and external systems using ____.
a. rules sets c. state tables
b. stateless protocols d. SQL databases
c. state tables
When the ____ architectural approach is used, the bastion host contains two NICs (network interface cards) rather than one, as in the bastion host configuration.
a. screened subnet c. packet-filtering router\
b. screened host d. dual-homed host
d. dual-homed host
A(n) ____________________ is an extended network that shares part of an organization’s network with third parties.
ANS: extranet
Port numbers come in two flavors: well-known ports and ____________________ ports.
ANS: ephemeral
The OSI networking model has ____________________ layers.
ANS:
seven
7
____________________ inspection blocks packets that are sent from an external computer that does not have a currently active connection to an internal computer.
ANS: Stateful
“____________________” refers to the era of technology a firewall evolved in.
ANS: Generation
MATCHING CHAPTER 4
