Understanding Devices and Infrastructure Flashcards
Which of the following devices is the most capable of providing infrastructure security?
Hub
Switch
Router
Router
Routers can be configured in many instances to act as packet-filtering firewalls. When configured properly, they can prevent unauthorized ports from being opened
Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function?
Prevents unauthorized packets from entering the network
Allows all packets to leave the network
Eliminates collisions in the network
Prevents unauthorized packets from entering the network
Packet filters prevent unauthorized packets from entering or leaving a network. Packet filters are a type of firewall that blocks specified port traffic
Which device stores information about destinations in a network (choose the best answer)?
Hub
Modem
Router
Router
Routers store information about network destinations in routing tables. Routing tables contain information about known hosts on both sides of the router
As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You’re preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency?
Hub
Switch
Router
Switch
Switches create virtual circuits between systems in a network. These virtual circuits are somewhat private and reduce network traffic when used
You’ve been notified that you’ll soon be transferred to another site. Before you leave, you’re to audit the network and document everything in use and the reason why it’s in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn’t a tunneling protocol but is probably used at your site by tunneling protocols for network security?
IPSec
PPTP
L2TP
IPSec
IPsec provides network security for tunneling protocols. IPsec can be used with many different protocols besides TCP/IP, and it has two modes of security
Which of the following can be implemented as a software or hardware solution and is usually associated with a device—a router, a firewall, NAT, and so on—used to shift a load from one device to another?
Proxy
Hub
Load balancer
Load balancer
A load balancer can be implemented as a software or hardware solution and is usually associated with a device—a router, a firewall, NAT, and so on. As the name implies, it is used to shift a load from one device to another
Which of the following are multiport devices that improve network efficiency?
Switches
Modems
Gateways
Switches
Switches are multiport devices that improve network efficiency. A switch typically has a small amount of information about systems in a network
Which IDS system uses algorithms to analyze the traffic passing through the network?
Algebraic
Statistical
Heuristic
Heuristic
A heuristic system uses algorithms to analyze the traffic passing through the network
Which of the following can be used to offload the public-key encryption to a separate hardware plug-in card?
SSL accelerator
Load balancer
Proxy firewall
SSL accelerator
Since encrypting data is very processor-intensive, SSL accelerators can be used to offload the public-key encryption to a separate plug-in card
Which of the following protections implies that information, once written, cannot be modified?
DLP
ROM
WORM
WORM
With WORM (write-once-read-many) protection, information, once written, cannot be modified thus assuring that the data cannot be tampered with once it is written to the device
In which two modes can IPSec work?
Tunneling and Storing
Transport and Storing
Tunneling and Transport
Tunneling and Transport
IPsec can work in either Tunneling or Transport mode. In Tunneling mode, the data or payload and message headers are encrypted. Transport mode encrypts only the payload
With which tunnel configuration are only some (usually all incoming) requests routed and encrypted over the VPN?
Split
Full
Partial
Split
With a full tunnel configuration, all requests are routed and encrypted through the VPN, while with a split tunnel, only some requests (usually all incoming) are routed and encrypted over the VPN
With which type of load balance scheduling is the first client request sent to the first group of servers, the second is sent to the second, and so on?
Affinity
Round-robin
Sequential
Round-robin
With round-robin load balancing, the first client request is sent to the first group of servers, the second is sent to the second, and so on
Which type of load balancing configuration means that more than one load balancing server is working at all times to handle the load/requests as they come in?
Active-active
Cooperative-sharing
Equal-partner
Active-active
An active-active configuration means that more than one load balancing server is working at all times to handle the load/requests as they come in
Which of the following work by decrypting encrypted traffic (SSL or TLS), inspecting it, and then re-encrypting it before sending it on to its destination?
SSL gateways
SSL accelerators
SSL decryptors
SSL decryptors
SSL decryptors work by decrypting encrypted traffic (SSL or TLS), inspecting it, and then re-encrypting it before sending it on to its destination