Name:     ID: 
 
    Email: 

CNG 131 Chapter 09

True/False
Indicate whether the sentence or statement is true or false.
 

 1. 

NAT gives you the ability to mask the IP addresses of those computers behind the firewall from the external world.
 

 2. 

Once you have your written security policy, you can begin the process of selecting the appropriate technology to deploy as your firewall.
 

 3. 

Creating ACL entries is a straightforward and easy task, not requiring a solid understanding of the network structure.
 

 4. 

One type of bastion host is a honey pot.
 

 5. 

The chief advantage of application gateways is that, in the case of client-server protocols such as HTTP, two steps are required to connect traffic.
 

Multiple Choice
Identify the letter of the choice that best completes the statement or answers the question.
 

 6. 

The act of observing each packing in a network using either hardware or software is called:
a.
snooping
c.
sniffing
b.
checking
d.
None of the above
 

 7. 

Security software that monitors networks and reports on any unauthorized attempts to access any part of the system is called:
a.
sniffing
c.
hoteling
b.
intrusion detection systems
d.
demilitarized zone
 

 8. 

From the hardware sense, what is an opening for connecting a networking cable called?
a.
packet
c.
port
b.
secure login
d.
octet
 

 9. 

What is another name for eight bits?
a.
packet
c.
DMZ
b.
DHCP
d.
octet
 

 10. 

A common practice among some companies typically where employees do not have permanent desks is called:
a.
hoteling
c.
client/server
b.
remote access
d.
None of the above
 

 11. 

What is a gateway between an inside network and an outside network called?
a.
DMZ
c.
ICMP
b.
DHCP
d.
bastion host
 

 12. 

What enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic?
a.
DMZ
c.
NAT
b.
Access Control List
d.
DHCP
 

 13. 

If a company wants to host its own Internet services without sacrificing unauthorized to its private network, they would set up a(n):
a.
DMZ
c.
DHCP
b.
RAS
d.
DOCSIS
 

 14. 

An example of a personal firewall software would be:
a.
Zone Alarm
c.
Norton Firewall
b.
Black Ice Defender
d.
All of the above
 

 15. 

What is an action you should take to make sure your workstation and/or server is secure?
a.
Remove the TCP/IP protocol
c.
Keep all user accounts available
b.
Use strong passwords
d.
All of the above
 

 16. 

What is a network management device that sites between different network segments and coordinates traffic from one network to another?
a.
router
c.
packet filtering
b.
DOCSIS
d.
hotel
 

 17. 

What do they call a private phone system that offers features such as voicemail, call forwarding and conference calling?
a.
SSH
c.
VLAN
b.
PBX
d.
None of the above
 

 18. 

What is used to provide a secure communication pathway or tunnel through such public networks as the Internet?
a.
IPSec
c.
SSH
b.
VLAN
d.
VPN
 

 19. 

Building statistical profiles of user activity and then reacting to any activity that falls outside the profiles is called:
a.
anomaly-based detection
c.
remote access services
b.
signature-based detection
d.
None of the above
 

 20. 

What is it called when you install "agents" on each computer to protect the system and provide audit trails?
a.
DOCSIS
c.
IPSec
b.
computer-based IDS
d.
None of the above
 

 21. 

What is it called when you monitor activity on a specific network segment with a dedicated platform with two components?
a.
client-based IDS
c.
network-based IDS
b.
host-based IDS
d.
server-based IDS
 

 22. 

What is the protocol for assigning dynamic IP addresses to devices on the network?
a.
TCP/IP
c.
ICMP
b.
DOCSIS
d.
DHCP
 

 23. 

What protocol does the ping command use?
a.
TCP/IP
c.
ICMP
b.
IDS
d.
DHCP
 

 24. 

What is the reference model used as the architecture that classifies most network functions?
a.
domain
c.
PSI Model
b.
OSI Model
d.
None of the above
 

 25. 

A network that is constructed by using public wires to connect nodes is called a(n):
a.
Local Area Network
c.
Virtual Local Area Network
b.
Wide Area Network
d.
Virtual Wide Area Network
 

 26. 

What do you call data transmitted across networks that is broken down into small pieces?
a.
sniffing
c.
porting
b.
filtering
d.
packets
 

 27. 

What guarantees a unique connection by using a combination of an IP address and a TCP or UDP port?
a.
NAT
c.
TCP/IP
b.
PAT
d.
None of the above
 

 28. 

How many techniques do basic firewalls use?
a.
one
c.
three
b.
two
d.
four
 

 29. 

What are common areas of network attacks?
a.
web servers
c.
mail servers
b.
FTP services
d.
All of the above
 

 30. 

What is it called when an unauthorized person is able to obtain administrator privileges of a switch and modify its configuration?
a.
switch hacking
c.
switch sniffing
b.
switch hijacking
d.
None of the above
 
 
131test_files/i0330000.jpg
 

 31. 

What does the figure above depict?
a.
cable modem
c.
switch
b.
router
d.
hub
 

Matching
 
 
Please match the best term from the list below to the most appropriate concept.
a.
DMZ
e.
packets
b.
computer-based IDS
f.
anomaly-based detection
c.
signature-based detection
g.
collision domain
d.
hoteling
h.
sniffing
 

 32. 

Build statistical profiles of user activity and react to abnormal activity.
 

 33. 

Similar to an antivirus program in its method of protection.
 

 34. 

The act of observing each packet in a network.
 

 35. 

Install software application known as agent on each computer to be protected.
 

 36. 

Data transmitted across most networks that is broken into small pieces.
 
 
Please match the best term from the list below to the most appropriate concept.
a.
octet
e.
VLAN
b.
secure shell
f.
WAN
c.
ports
g.
DOCSIS
d.
bastion hosts
h.
hoteling
 

 37. 

A network that is constructed by using public wire to connect nodes.
 

 38. 

Provides an encrypted connection for managing a remote terminal or computer.
 

 39. 

A common practice in some companies where employees do not have a permanent desk.
 

 40. 

Security similar to packet filters built into today's firewalls for cable modems.
 

 41. 

List of rules built according to organization policy stating who can access portions of the network.
 



 
Submit          Reset Help