Security Technologies: VPNs & Firewalls & IDS 4.4

Question 1

Provides a real-time analysis or security alerts generated by network hardware and applications

gathers data and logs from all sorts or different systems

Answer 1

Security Information and Event Management (SIEM)

Question 2

Routes and encrypts only the traffic bound for the headquarters over the VPN, and sends the rest of that traffic to the regular internet

Answer 2

Split Tunnel VPN

Question 3

Routes and encrypts all network requests through the VPN connection back to the headquarters

Answer 3

Full Tunnel VPN

Question 4

Creates a secure, remote-access VPN tunnel using a web browser without requiring a software or hardware client

Answer 4

Clientless VPN

Question 5

Provides cryptography and reliability using the upper layers of the OSI model, specifically Layers 5,6, and 7

Answer 5

Secure Socket Layer (SSL)

Question 6

Provides secure web browsing over HTTPS

Answer 6

Transport Layer Security (TLS)

Question 7

Older protocol. Lacks security features like an encryption by default and needs to be combined with an extra encryption layer for protection

Answer 7

Layer 2 Tunneling Protocol VPN (L2TP)

Question 8

Provides a tunneling protocol for the P2P protocol but also lacks native security and encryption features

Answer 8

Layer 2 Forwarding (L2F)

Question 9

Older version of a VPN. Supports dial-up networks but also lacks native security features except when used with Microsoft Windows

Answer 9

Point-to-Point Tunneling Protocol (PPTP)

Question 10

Provides Authentication and encryption of packets to create a secure encrypted communication path between two computers

Answer 10

IP Security (IPSec)

Question 11

is a master node. Sends and receives data from managed devices back to a centralized network management station

Answer 11

Simple Network Management Protocol (SNMP)

Question 12

The structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers

Answer 12

Management Information Base (MIB)

Question 13

Provides three security enhancements which added integrity, authentication, and confidentiality to the SNMP protocol

Answer 13

SNMPv3

Question 14

Sends the client a string of random text called a challenge which is then encrypted using a password and sent back to the server

Answer 14

Challenge Handshake Authentication Protocol (CHAP)

Question 15

Sends usernames and passwords in plain text for authentication

Answer 15

Password Authentication Protocol (PAP)

Question 16

Syslog Severity Levels 0-7

Answer 16

0-Emergency
1-Alert
2-Critical
3-Error
4-Warning
5-Notice
6-Information
7-Debugging

Question 17

Uses a set of rules defining the types of traffic permitted or denied through the device

Answer 17

Firewall

Question 18

Permits or denies traffic based on packet header

Answer 18

Packet-Filtering Firewall

Question 19

Inspects traffic as part of a session and recognizes where the traffic originated

Answer 19

Stateful Firewall

Question 20

Third generation firewall that conducts deep packet inspection and packet filtering

Answer 20

NextGen Firewall (NGFW)

Question 21

Set of rules applied to router interfaces that permit or deny certain traffic

Answer 21

Access Control List (ACL)

Question 22

Connects to devices that should have restricted access from the outside zone (like web servers)

Answer 22

Demilitarized Zone (DMZ)

Question 23

Combines firewall, router, intrusion detection/prevention system, anti-malware, and other features into a single device

Answer 23

Unified Threat Management (UTM) Device

Question 24

Signature contains strings of bytes (a pattern) that triggers detection

Answer 24

Signature-based Detection

Question 25

Relies on a specific declaration of the security policy

Answer 25

Policy-based detection

Question 26

Watches traffic patterns to build a baseline

Answer 26

Statistical Anomaly-based detection

Question 27

Adminstrator defines the patterns/baseline

Answer 27

Non-statistical Anomaly-based detection

Question 28

A network device protects entire network. Can be used to prevent DDoS attack

Answer 28

Network-based (NIDS.NIPS)

Question 29

Software-based and installed on servers and clients. Can be used to prevent people from installing or running software. Prevents Malware attacks.

Answer 29

Host-based (HIDS/HIPS)