Exam 6: Security Technology: Access Controls, Firewalls, and Vpns

A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range and checks to see if a person, answering machine, or modem picks up.

In __________ mode, the data within an IP packet is encrypted, but the header information is not.

__________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.

A packet-____________________ firewall installed on a TCP/IP-based network typically functions at the IP level and determines whether to drop a packet (deny) or forward it to the next network connection (allow) based on the rules programmed into the firewall.

A(n) __________ is a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.

The dominant architecture used to secure network access today is the __________ firewall.

As organizations implement cloud-based IT solutions, bring your own device (BYOD) options for employees, and other emerging network solutions, the network perimeter may be ____________________ for them.

Terminal emulation, especially the unprotected ____________________ protocol, should be blocked from any access to all internal servers from the public network.

Configuring firewall policies is viewed as much as a(n) __________ as it is a(n) __________.

The application layer proxy firewall is also known as a(n) __________.

All Internet Control Message Protocol (ICMP) data should be denied.

Even if Kerberos servers are subjected to denial-of-service attacks, a client can still request additional services.

The proxy server is often placed in an unsecured area of the network or is placed in the __________ zone.

A common DMZ arrangement is a subnet firewall that consists of two or more internal bastion hosts behind a packet-filtering router, with each host protecting the trusted network. _________________________

In most common implementation models, the content filter has two components: __________.

A __________ filtering firewall can react to an emergent event and update or create rules to deal with the event.

A ____________________ mode VPN establishes two perimeter tunnel servers to encrypt all traffic that will traverse an unsecured network. The entire client packet is encrypted and added as the data portion of a packet addressed from one tunneling server to another.

​Accountability is the matching of an authenticated entity to a list of information assets and corresponding access levels.

The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________

Which of the following versions of TACACS is still in use?