Session 3 Flashcards

1
Q

What is the role of a first generation or classic firewall?

Choices: 
A - Data layer 5 analyzation
B - Packet filtering
C - Application filtering
D - Circuit filtering
A

B - Packet filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which type of firewall works at network layer 7?

Choices: 
A - Classic
B - Packet
C - Application-level
D - Circuit
A

C - Application-level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A software firewall has a reduced attack surface due to its included operating system.

A - True
B - False

A

B - False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which are hardware-based firewall traits? Choose two answers.

Choices: 
A - Take up CPU space
B - No competition for resources
C - Have their own operating system
D - Not dedicated
A

B - No competition for resources

C - Have their own operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A stateless inspection inspects data based on which items? Choose three answers.

Choices: 
A - Destination and source IP addresses
B - Port numbers
C - Protocol addresses
D - Return traffic
E - Packet types
A

A - Destination and source IP addresses
B - Port numbers
E - Packet types

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A/The __________ is a collection of settings that are used to provide a positive security impact.

Choices: 
A - security baseline
B - Microsoft baseline
C - Security Compliance Manager
D - surveillance manager
A

A - security baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which best defines defense in depth?

Choices:
A - Providing multiple layers of security to protect assets
B - The last line of defense in protecting assets
C - A network security infrastructure
D - Defensive layers

A

A - Providing multiple layers of security to protect assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A(n) ________ is a logical network managed on a physical switch.

Choices: 
A - LAN
B - VLAN
C - IPRNET
D - ARCHNET
A

B - VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A router uses which item to determine where packets are sent?

Choices: 
A - Delay-tolerant network
B - Event handler
C - Presentation layer
D - Routing table
A

D - Routing table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which are traits of software routers? Choose two answers.

Choices:
A - Better scaling than hardware routers
B - Worse scaling than hardware routers
C - Support the same number of protocols as hardware routers
D - Do not support the same number of protocols as hardware routers

A

B - Worse scaling than hardware routers

D - Do not support the same number of protocols as hardware routers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which type of route allows the users to control exactly where traffic goes?

Choices: 
A - Static
B - Dynamic
C - Custom
D - IP
A

A - Static

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which best defines a honeypot?

Choices:
A - A system set up to wait for an IDS
B - A system designed to trap attackers
C - A collection of systems designed to trap attackers
D - An area of a network that is easily hackable

A

C - A collection of systems designed to trap attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which item is a collection of honeypots on a network?

Choices: 
A - Honeynet
B - Honey group
C - Honey party
D - Honeycluster
A

A - Honeynet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The perimeter network is commonly placed where on a network?

Choices:
A - Between the internal network and VPN
B - In the DMZ
C - Between the internal network and a VLAN
D - Between the internal network and a public network

A

D - Between the internal network and a public network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which is a difference between a sandwich DMZ and a single firewall DMZ?

Choices:
A - A sandwich DMZ has firewalls both inside and outside the perimeter network
B - A single firewall DMZ has firewalls both inside and outside the perimeter network
C - A sandwich DMZ is more useful
D - A single firewall DMZ is more secure

A

A - A sandwich DMZ has firewalls both inside and outside the perimeter network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

NAT saves on the use of public __________ addresses.

Choices: 
A - IPv5
B - IPv6
C - IPv4
D - IPv2
A

C - IPv4

17
Q

Which best defines a dynamic NAT?

Choices:
A - A private network device which gets a public IP address from a pool of available public IP addresses
B - A public network device which gets a public IP address from a pool of available public IP addresses
C - A private network device which gets a private IP address from a pool of available public IP addresses
D - A public network device which gets a private IP address from a pool of available public IP addresses

A

A - A private network device which gets a public IP address from a pool of available public IP addresses

18
Q

Which are the two IPsec modes?

Choices: 
A - Transport mode
B - Swarm mode
C - Phase-shift mode
D - Tunnel mode
A

A - Transport mode

D - Tunnel mode

19
Q

Which two items should be placed on separate subnets?

Choices: 
A - Mobile nodes
B - Servers
C - Netmasks
D - Test machines
A

B - Servers

D - Test machines

20
Q

Which type of protocol spoofing steals IP addresses, which forces traffic to the attacking machine?

Choices: 
A - DNS
B - IP address
C - DoS
D - ARP
A

D - ARP

21
Q

Which type of protocol spoofing redirects a web request to an incorrect website?

Choices: 
A - DNS
B - TCP
C - DoS
D - ACL
A

A - DNS

22
Q

Which IPsec protocol provides confidentiality, integrity, and availability for just the data in an IP payload?

Choices: 
A - VPN
B - IKE
C - ESP
D - AH
A

C - ESP

23
Q

Encryption does not take place in which IPsec protocol?

Choices: 
A - VPN
B - ACP
C - ADP
D - AH
A

D - AH

24
Q

Tunneling is used to securely transmit data over part of a(n) __________ connection.

Choices: 
A - SSH
B - VPN
C - SSL
D - GRE
A

B - VPN

25
Q

Which item helps avoid redirection to a malicious website?

Choices: 
A - DNS
B - DOS
C - DNSSEC
D - GRE
A

C - DNSSEC

26
Q

A network sniffing tool is used to capture the source and destination of __________.

Choices: 
A - data packets
B - IP addresses
C - DNS packets
D - MAC addresses
A

A - data packets

27
Q

A DoS network attack disrupts a network to the point where it can no longer function.

A - True
B - False

A

A - True

28
Q

Which common attack method injects a fraudulent destination for an IP address?

Choices: 
A - Replay attack
B - DNS poisoning
C - SQL injection attack
D - Cross-site scripting
A

B - DNS poisoning

29
Q

Which type of attack method is used to intercept data while it is being transferred?

Choices: 
A - Back door attack
B - Replay attack
C - Email bombing
D - Man-in-the middle
A

D - Man-in-the middle

30
Q

__________ is an attack method that inserts script that can bypass a web browser’s security mechanism.

Choices: 
A - SQL injection
B - Cross-site scripting
C - Remote code scripting
D - Password cracking
A

B - Cross-site scripting