Question 1

I am trying to reach a web server, www.chicago.edu. The response message from the DNS server tells my computer the _____.

Accepted Answer

A)  domain name of the www.chicago.edu server 
B)  IP address of the www.chicago.edu server 
C)  IP address of the DNS root server 
D)  IP address of the DNS authority server 
E)  MAC address of the www.chicago.edu server 
A)  domain name of the www.chicago.edu server 
B)  IP address of the www.chicago.edu server 
C)  IP address of the DNS root server 
D)  IP address of the DNS authority server 
E)  MAC address of the www.chicago.edu server B

Question 2

The ____ packet filtering screens individual packets in isolation.

Accepted Answer

A)  stateful 
B)  random 
C)  stateless 
D)  dynamic 
E)  independent 
A)  stateful 
B)  random 
C)  stateless 
D)  dynamic 
E)  independent C

Question 3

Which of the following filtering rules is considered a 'complete' rule on a firewall?

Accepted Answer

A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x. 
B)  If TCP destination port = 21.‏ 
C)  If HTML message contains 'sex' or 'entertainment'. ‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 25. 
E)  None of the above 
A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x. 
B)  If TCP destination port = 21.‏ 
C)  If HTML message contains 'sex' or 'entertainment'. ‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 25. 
E)  None of the above E

Question 4

Which of the following technologies is NOT used for authentication?

Accepted Answer

A)  Password and passphrase 
B)  Digital signature and digital certificate 
C)  Biometric solution (e.g., face recognition). 
D)  Security token 
E)  Access control list 
A)  Password and passphrase 
B)  Digital signature and digital certificate 
C)  Biometric solution (e.g., face recognition). 
D)  Security token 
E)  Access control list

Question 5

The analyst of cyber threat intelligence more likely uses ________ heavily for day-to-day tasks.

Accepted Answer

A)  forward proxy server 
B)  anti-virus and anti-malware 
C)  honeypot 
D)  software defined network 
E)  security information and event management (SIEM) 
A)  forward proxy server 
B)  anti-virus and anti-malware 
C)  honeypot 
D)  software defined network 
E)  security information and event management (SIEM)

Question 6

Choose a CORRECT pairing between a security layer and its corresponding technical solution (remember to choose the most accurate one).

Accepted Answer

A)  Application security -- Hardening intermediary devices 
B)  Data security -- Host-based firewall 
C)  Perimeter security -- DMZ (Demilitarized zone) 
D)  Host security -- Proxy server 
E)  Internal network security -- Server hardening 
A)  Application security -- Hardening intermediary devices 
B)  Data security -- Host-based firewall 
C)  Perimeter security -- DMZ (Demilitarized zone) 
D)  Host security -- Proxy server 
E)  Internal network security -- Server hardening

Question 7

Which filtering rule of a firewall is more likely a 'stateful' rule than the others?

Accepted Answer

A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet. 
B)  If TCP destination port = 21, then allow the packet. ‏ 
C)  If HTML message contains 'sex' or 'entertainment', then drop the packet. ‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 25, then allow the packet. 
E)  If source=192.168.1.34, dest.=163.43.24.11, source port=1075, dest. port=21, then allow the packet. 
A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet. 
B)  If TCP destination port = 21, then allow the packet. ‏ 
C)  If HTML message contains 'sex' or 'entertainment', then drop the packet. ‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 25, then allow the packet. 
E)  If source=192.168.1.34, dest.=163.43.24.11, source port=1075, dest. port=21, then allow the packet.

Question 8

The statement, "127.0.0.1 localhost", should be in included in the _________ file of a computer.

Accepted Answer

A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP 
A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP

Question 9

The following represent technical measures relevant to the host security layer EXCEPT:

Accepted Answer

A)  Host-based intrusion detection 
B)  Proxy servers 
C)  Anti-virus protection 
D)  OS patch/security update management 
E)  Server hardening (e.g., authentication, and auditing) 
A)  Host-based intrusion detection 
B)  Proxy servers 
C)  Anti-virus protection 
D)  OS patch/security update management 
E)  Server hardening (e.g., authentication, and auditing)

Question 10

The 'root' and 'authority' server concepts are relevant to the _________ protocol.

Accepted Answer

A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP 
A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP

Question 11

The authoritative server concept applies to the _________ protocol.

Accepted Answer

A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP 
A)  DHCP 
B)  HTTP 
C)  SMTP 
D)  DNS 
E)  FTP

Question 12

Which protocol information may be LEAST used by the firewall to filter packets?

Accepted Answer

A)  IP (Internet protocol) 
B)  TCP (Transport control protocol) 
C)  UDP (User datagram protocol) 
D)  ICMP (Internet control message protocol) 
E)  ARP (Address resolution protocol) 
A)  IP (Internet protocol) 
B)  TCP (Transport control protocol) 
C)  UDP (User datagram protocol) 
D)  ICMP (Internet control message protocol) 
E)  ARP (Address resolution protocol)

Question 13

Which CORRECTLY pairs a security layer and a technology solution?

Accepted Answer

A)  data security - operating system patch management 
B)  application security - hardening intermediary devices 
C)  host security - subnetwork segmentations 
D)  internal network security - corporate-wide data encryption 
E)  perimeter security - access control list on border routers 
A)  data security - operating system patch management 
B)  application security - hardening intermediary devices 
C)  host security - subnetwork segmentations 
D)  internal network security - corporate-wide data encryption 
E)  perimeter security - access control list on border routers

Question 14

Which command is issued to obtain the IP address of a domain name, "www.sdsu.edu", as in the figure?

Accepted Answer

A)  C:>ipconfig /flushdns www.sdsu.edu 
B)  C:>ipconfig /displaydns 
C)  C:>nslookup www.sdsu.edu 
D)  C:>netstat -n 
E)  C:>ipconfig /all 
A)  C:>ipconfig /flushdns www.sdsu.edu 
B)  C:>ipconfig /displaydns 
C)  C:>nslookup www.sdsu.edu 
D)  C:>netstat -n 
E)  C:>ipconfig /all

Question 15

"If destination IP = 161.154.23.59 and TCP port = 25, then pass the packet" is a form of the _____ filtering rule.

Accepted Answer

A)  stateful 
B)  random 
C)  stateless 
D)  dynamic 
E)  independent 
A)  stateful 
B)  random 
C)  stateless 
D)  dynamic 
E)  independent

Question 16

The _____ is better positioned to conduct 'deep packet inspection'.

Accepted Answer

A)  host computer firewall 
B)  application-aware/application layer firewall 
C)  stateless packet filtering firewall 
D)  stateful packet filtering firewall 
E)  access control list of a router 
A)  host computer firewall 
B)  application-aware/application layer firewall 
C)  stateless packet filtering firewall 
D)  stateful packet filtering firewall 
E)  access control list of a router

Question 17

Which of the following filtering rules of the firewall is considered a stateful rule ?

Accepted Answer

A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet. 
B)  If TCP destination port = 21, then drop the packet. ‏ 
C)  If the URL = www.darkspace.xxx, then drop the packet.‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 80, then pass the packet. 
E)  If the source and destination sockets of an arriving packet match those of a session established, then pass the packet. 
A)  If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet. 
B)  If TCP destination port = 21, then drop the packet. ‏ 
C)  If the URL = www.darkspace.xxx, then drop the packet.‏ 
D)  If destination IP = 161.154.23.59 and TCP port = 80, then pass the packet. 
E)  If the source and destination sockets of an arriving packet match those of a session established, then pass the packet.

Question 18

The intrusion detection and intrusion prevention systems are designed to enable/provide ______.

Accepted Answer

A)  data confidentiality (privacy) 
B)  data integrity 
C)  data authentication 
D)  access control 
E)  spoofing detection 
A)  data confidentiality (privacy) 
B)  data integrity 
C)  data authentication 
D)  access control 
E)  spoofing detection

Question 19

The uniform resource locator (URL) field includes information on:

Accepted Answer

A)  protocol + DNS authority server 
B)  protocol + domain name 
C)  domain name + DNS authority server 
D)  domain name + HTTP server 
E)  domain name + ISP router address 
A)  protocol + DNS authority server 
B)  protocol + domain name 
C)  domain name + DNS authority server 
D)  domain name + HTTP server 
E)  domain name + ISP router address

I am trying to reach a web server, www.chicago.edu. The response message from the DNS server tells my computer the _____.

The ____ packet filtering screens individual packets in isolation.

Which of the following filtering rules is considered a 'complete' rule on a firewall?

Which of the following technologies is NOT used for authentication?

The analyst of cyber threat intelligence more likely uses ________ heavily for day-to-day tasks.

Choose a CORRECT pairing between a security layer and its corresponding technical solution (remember to choose the most accurate one).

Which filtering rule of a firewall is more likely a 'stateful' rule than the others?

The statement, "127.0.0.1 localhost", should be in included in the _________ file of a computer.

The following represent technical measures relevant to the host security layer EXCEPT:

The 'root' and 'authority' server concepts are relevant to the _________ protocol.

The authoritative server concept applies to the _________ protocol.

Which protocol information may be LEAST used by the firewall to filter packets?

Which CORRECTLY pairs a security layer and a technology solution?

Which command is issued to obtain the IP address of a domain name, "www.sdsu.edu", as in the figure?

"If destination IP = 161.154.23.59 and TCP port = 25, then pass the packet" is a form of the _____ filtering rule.

The _____ is better positioned to conduct 'deep packet inspection'.

Which of the following filtering rules of the firewall is considered a stateful rule ?

The intrusion detection and intrusion prevention systems are designed to enable/provide ______.

The uniform resource locator (URL) field includes information on:

Networking: Fundamental Concepts

Cybersecurity: Fundamentals

Essential Layers of Computer Networking

Ip Address Planning and Management

Intermediary Devices

Wi-Fi and Cellular Network

Ethernet Lan

Cybersecurity: Threats

Cybersecurity: Data Protection

Fundamentals of Packet Routing

Wide Area Network

Physical Layer Data Transmissions

Enterprise Network: LAN Topology, Routing, and Connectivity

Filters

Exam 9: Cybersecurity: Network and Host Protection

I am trying to reach a web server, www.chicago.edu. The response message from the DNS server tells my computer the _____.

The ____ packet filtering screens individual packets in isolation.

Which of the following filtering rules is considered a 'complete' rule on a firewall?

Which of the following technologies is NOT used for authentication?

The analyst of cyber threat intelligence more likely uses ________ heavily for day-to-day tasks.

Choose a CORRECT pairing between a security layer and its corresponding technical solution (remember to choose the most accurate one).

Which filtering rule of a firewall is more likely a 'stateful' rule than the others?

The statement, "127.0.0.1 localhost", should be in included in the _________ file of a computer.

The following represent technical measures relevant to the host security layer EXCEPT:

The 'root' and 'authority' server concepts are relevant to the _________ protocol.

The authoritative server concept applies to the _________ protocol.

Which protocol information may be LEAST used by the firewall to filter packets?

Which CORRECTLY pairs a security layer and a technology solution?

Which command is issued to obtain the IP address of a domain name, "www.sdsu.edu", as in the figure?

"If destination IP = 161.154.23.59 and TCP port = 25, then pass the packet" is a form of the _____ filtering rule.

The _____ is better positioned to conduct 'deep packet inspection'.

Which of the following filtering rules of the firewall is considered a stateful rule ?

The intrusion detection and intrusion prevention systems are designed to enable/provide ______.

The uniform resource locator (URL) field includes information on:

Networking: Fundamental Concepts

Cybersecurity: Fundamentals

Essential Layers of Computer Networking

Ip Address Planning and Management

Intermediary Devices

Wi-Fi and Cellular Network

Ethernet Lan

Cybersecurity: Threats

Cybersecurity: Data Protection

Fundamentals of Packet Routing

Wide Area Network

Physical Layer Data Transmissions

Enterprise Network: LAN Topology, Routing, and Connectivity

Filters