Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Firewalls and Network Security > Quiz 9 > Flashcards

Quiz 9 Flashcards

1
Q

To properly configure DOS protection to limit the number of sessions individually from specific source IPS you would configure a DOS Protection rule with the following characteristics:
Select one:

a. Action: Deny, Classified Profile with “Resources Protection” configured, and Classified Address with “source-ip-only” configured

b. Action: Protect, Classified Profile with “Resources Protection” configured, and Classified Address with “source-ip-only” configured

c. Action: Deny, Aggregate Profile with “Resources Protection” configured

d. Action: Protect, Aggregate Profile with “Resources Protection” configured

A

b. Action: Protect, Classified Profile with “Resources Protection” configured, and Classified Address with “source-ip-only” configured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What action will show whether a downloaded PDF file from a user has been blocked by a security profile on the Next Generation firewall?

Select one:

a. Filter the traffic logs for all traffic from the user that resulted in a deny action

b. Filter the system log for failed download messages

c. Filter the data filtering logs for the user’s traffic and the name of the PDF file

d. Filter the session browser for all sessions from a user with the application adobe

A

c. Filter the data filtering logs for the user’s traffic and the name of the PDF file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What component of the Next Generation Firewall will protect from port scans?

Select one:

a. Anti-Virus Protection

b. Zone protection

c. DOS Protection

d. Vulnerability protection

A

b. Zone protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which anti-spyware feature enables an administrator to quickly identify a potentially infected host on the network?

Select one:

a.
DNS SInkhole

b.
data filtering log entry

c.
continue response page

d.
CVE Number

A

DNS SInkhole

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or false? A Security Profile attached to a Security policy rule is evaluated only if the Security policy rule matches traffic and the rule action is set to “allow.”

Select one:
True
False

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A Zone Protection Profile is applied to which item?

Select one:

a.
Address Groups

b.
Egress Ports

c.
Security Policy Rules

d.
Ingress Ports

A

Ingress Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Network traffic matches an “allow” rule in the Security policy, but the attached File Blocking Profile is configured with a “block” action. To which two locations will the traffic be logged?

Choose the 2 correct choices.

If you choose an incorrect choice your question score will be deducted.

Select one or more:

a.
Alarms Log

b.
Traffic Log

c.
Threat Log

d.
Data Filtering Log

A

Traffic Log , Data Filtering Log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which profile type is designed to protect against reconnaissance attacks such as host sweeps and port scans?

Select one:

a.
DOS Protection

b.
Zone Protection

c.
Anti-Spyware x

d.
Data Filtering x

A

Zone Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Firewalls and Network Security (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions