True/False
Indicate whether the sentence or statement is true
or false.
|
|
1.
|
NAT
gives you the ability to mask the IP addresses of those computers behind the firewall from the
external world.
|
|
2.
|
Once
you have your written security policy, you can begin the process of selecting the appropriate
technology to deploy as your firewall.
|
|
3.
|
Creating ACL entries is a straightforward and easy task, not requiring a solid
understanding of the network structure.
|
|
4.
|
One
type of bastion host is a honey pot.
|
|
5.
|
The
chief advantage of application gateways is that, in the case of client-server protocols such as HTTP,
two steps are required to connect traffic.
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
6.
|
The
act of observing each packing in a network using either hardware or software is
called: a. | snooping | c. | sniffing | b. | checking | d. | None of the above | | | | |
|
|
7.
|
Security software that monitors networks and reports on any unauthorized attempts to
access any part of the system is called: a. | sniffing | c. | hoteling | b. | intrusion
detection systems | d. | demilitarized
zone | | | | |
|
|
8.
|
From
the hardware sense, what is an opening for connecting a networking cable called? a. | packet | c. | port | b. | secure login | d. | octet | | | | |
|
|
9.
|
What
is another name for eight bits? a. | packet | c. | DMZ | b. | DHCP | d. | octet | | | | |
|
|
10.
|
A
common practice among some companies typically where employees do not have permanent desks is
called: a. | hoteling | c. | client/server | b. | remote access | d. | None of the above | | | | |
|
|
11.
|
What
is a gateway between an inside network and an outside network called? a. | DMZ | c. | ICMP | b. | DHCP | d. | bastion host | | | | |
|
|
12.
|
What
enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for
external traffic? a. | DMZ | c. | NAT | b. | Access Control List | d. | DHCP | | | | |
|
|
13.
|
If a
company wants to host its own Internet services without sacrificing unauthorized to its private
network, they would set up a(n):
|
|
14.
|
An
example of a personal firewall software would be: a. | Zone Alarm | c. | Norton Firewall | b. | Black Ice
Defender | d. | All of the
above | | | | |
|
|
15.
|
What
is an action you should take to make sure your workstation and/or server is secure? a. | Remove the
TCP/IP protocol | c. | Keep all user
accounts available | b. | Use strong passwords | d. | All of the above | | | | |
|
|
16.
|
What
is a network management device that sites between different network segments and coordinates traffic
from one network to another? a. | router | c. | packet filtering | b. | DOCSIS | d. | hotel | | | | |
|
|
17.
|
What
do they call a private phone system that offers features such as voicemail, call forwarding and
conference calling? a. | SSH | c. | VLAN | b. | PBX | d. | None of the above | | | | |
|
|
18.
|
What
is used to provide a secure communication pathway or tunnel through such public networks as the
Internet?
|
|
19.
|
Building statistical profiles of user activity and then reacting to any activity that
falls outside the profiles is called: a. | anomaly-based detection | c. | remote access services | b. | signature-based
detection | d. | None of the
above | | | | |
|
|
20.
|
What
is it called when you install "agents" on each computer to protect the system and provide
audit trails? a. | DOCSIS | c. | IPSec | b. | computer-based IDS | d. | None of the above | | | | |
|
|
21.
|
What
is it called when you monitor activity on a specific network segment with a dedicated platform with
two components? a. | client-based
IDS | c. | network-based
IDS | b. | host-based
IDS | d. | server-based
IDS | | | | |
|
|
22.
|
What
is the protocol for assigning dynamic IP addresses to devices on the network? a. | TCP/IP | c. | ICMP | b. | DOCSIS | d. | DHCP | | | | |
|
|
23.
|
What
protocol does the ping command use? a. | TCP/IP | c. | ICMP | b. | IDS | d. | DHCP | | | | |
|
|
24.
|
What
is the reference model used as the architecture that classifies most network
functions? a. | domain | c. | PSI
Model | b. | OSI Model | d. | None of the above | | | | |
|
|
25.
|
A
network that is constructed by using public wires to connect nodes is called a(n): a. | Local Area
Network | c. | Virtual Local
Area Network | b. | Wide Area Network | d. | Virtual Wide Area Network | | | | |
|
|
26.
|
What
do you call data transmitted across networks that is broken down into small pieces? a. | sniffing | c. | porting | b. | filtering | d. | packets | | | | |
|
|
27.
|
What
guarantees a unique connection by using a combination of an IP address and a TCP or UDP
port? a. | NAT | c. | TCP/IP | b. | PAT | d. | None of the above | | | | |
|
|
28.
|
How
many techniques do basic firewalls use?
|
|
29.
|
What
are common areas of network attacks? a. | web servers | c. | mail servers | b. | FTP
services | d. | All of the
above | | | | |
|
|
30.
|
What
is it called when an unauthorized person is able to obtain administrator privileges of a switch and
modify its configuration? a. | switch hacking | c. | switch sniffing | b. | switch
hijacking | d. | None of the
above | | | | |
|
|
|
|
|
31.
|
What
does the figure above depict? a. | cable modem | c. | switch | b. | router | d. | hub | | | | |
|
Matching
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | DMZ | e. | packets | b. | computer-based IDS | f. | anomaly-based detection | c. | signature-based
detection | g. | collision
domain | d. | hoteling | h. | sniffing | | | | |
|
|
32.
|
Build
statistical profiles of user activity and react to abnormal activity.
|
|
33.
|
Similar to an antivirus program in its method of protection.
|
|
34.
|
The
act of observing each packet in a network.
|
|
35.
|
Install software application known as agent on each computer to be
protected.
|
|
36.
|
Data
transmitted across most networks that is broken into small pieces.
|
|
|
Please match the best term from the list below to the most appropriate
concept. a. | octet | e. | VLAN | b. | secure shell | f. | WAN | c. | ports | g. | DOCSIS | d. | bastion
hosts | h. | hoteling | | | | |
|
|
37.
|
A
network that is constructed by using public wire to connect nodes.
|
|
38.
|
Provides an encrypted connection for managing a remote terminal or
computer.
|
|
39.
|
A
common practice in some companies where employees do not have a permanent desk.
|
|
40.
|
Security similar to packet filters built into today's firewalls for cable
modems.
|
|
41.
|
List
of rules built according to organization policy stating who can access portions of the
network.
|