Question 1

Instead of talking about periods or phases, computer scientists use the term "state."

Accepted Answer

A) True 
 B)False  True

Question 2

Port numbers ranging from 49151 to 65535 are ________.

Accepted Answer

A)  source ports 
B)  registered ports 
C)  ephemeral ports 
D)  TCP ports 
A)  source ports 
B)  registered ports 
C)  ephemeral ports 
D)  TCP ports C

Question 3

Which of the following can be described as a particular temporal period during a connection?

Accepted Answer

A)  A connection 
B)  A default 
C)  A state 
D)  A socket 
A)  A connection 
B)  A default 
C)  A state 
D)  A socket C

Question 4

The earliest type of border firewalls used static packet filtering.

Accepted Answer

A) True 
 B)False

Question 5

Nearly all corporate border firewalls use the ________ filtering method.

Accepted Answer

A)  static packet 
B)  stateful packet 
C)  ingress 
D)  egress 
A)  static packet 
B)  stateful packet 
C)  ingress 
D)  egress

Question 6

By various accounts, it is estimated that ________ percent of all misbehavior is done by employees working within a site.

Accepted Answer

A)  20 to 35 
B)  30 to 50 
C)  30 to 70 
D)  50 to 90 
A)  20 to 35 
B)  30 to 50 
C)  30 to 70 
D)  50 to 90

Question 7

________ firewalls handle traditional firewall processing, antivirus filtering, and spam filtering.

Accepted Answer

A)  Unified threat management 
B)  Ingress 
C)  Egress 
D)  Static packet filter 
A)  Unified threat management 
B)  Ingress 
C)  Egress 
D)  Static packet filter

Question 8

Which of the following is FALSE about stateful packet inspection firewalls?

Accepted Answer

A)  They are relatively fast. 
B)  They are relatively inexpensive. 
C)  They are typically safe. 
D)  They are fairly rare. 
A)  They are relatively fast. 
B)  They are relatively inexpensive. 
C)  They are typically safe. 
D)  They are fairly rare.

Question 9

NAT firewalls translate both network addresses (IP addresses) and port addresses.

Accepted Answer

A) True 
 B)False

Question 10

IPSs use ________.

Accepted Answer

A)  SPI filtering 
B)  ingress filtering 
C)  IDS filtering methods 
D)  egress filtering 
A)  SPI filtering 
B)  ingress filtering 
C)  IDS filtering methods 
D)  egress filtering

Question 11

________ is used in firewalls that use various types of examination methods as a second type of protection.

Accepted Answer

A)  NAT 
B)  IPS 
C)  SPI 
D)  IDS 
A)  NAT 
B)  IPS 
C)  SPI 
D)  IDS

Question 12

A firewall policy database rarely includes more than six rules.

Accepted Answer

A) True 
 B)False

Question 13

A static packet filtering firewall can stop incoming packets with spoofed source IP addresses.

Accepted Answer

A) True 
 B)False

Question 14

Anomaly detection tends to generate so many false positives that many firms will not use it.

Accepted Answer

A) True 
 B)False

Question 15

Static packet filtering is sometimes used ________.

Accepted Answer

A)  on all internal transmission in a company 
B)  as a secondary filtering mechanism 
C)  on all Internet-related communication 
D)  as the primary border firewall filtering technique 
A)  on all internal transmission in a company 
B)  as a secondary filtering mechanism 
C)  on all Internet-related communication 
D)  as the primary border firewall filtering technique

Question 16

Companies should assume that an increasing number of attacks will reach their internal clients and servers.

Accepted Answer

A) True 
 B)False

Question 17

Signature-based detection is less accurate than anomaly detection.

Accepted Answer

A) True 
 B)False

Question 18

________ can examine outgoing packets from an internal client to the external webserver to detect client misbehavior.

Accepted Answer

A)  Protocol fidelity 
B)  The HTTP proxy 
C)  Internal IP address hiding 
D)  Packet streams 
A)  Protocol fidelity 
B)  The HTTP proxy 
C)  Internal IP address hiding 
D)  Packet streams

Question 19

________ uses specific examination methods depending on the state of the connection.

Accepted Answer

A)  IPS 
B)  SPI 
C)  IDS 
D)  ASIC 
A)  IPS 
B)  SPI 
C)  IDS 
D)  ASIC

Question 20

Which of the following is FALSE about IDSs?

Accepted Answer

A)  IDSs log all suspicious activity but only create alarms for some suspicious activities. 
B)  IDSs tend to generate far too many false alarms. 
C)  IDSs are highly processing-intensive. 
D)  IDSs use stateful packet inspection. 
A)  IDSs log all suspicious activity but only create alarms for some suspicious activities. 
B)  IDSs tend to generate far too many false alarms. 
C)  IDSs are highly processing-intensive. 
D)  IDSs use stateful packet inspection.

Instead of talking about periods or phases, computer scientists use the term "state."

Port numbers ranging from 49151 to 65535 are ________.

Which of the following can be described as a particular temporal period during a connection?

The earliest type of border firewalls used static packet filtering.

Nearly all corporate border firewalls use the ________ filtering method.

By various accounts, it is estimated that ________ percent of all misbehavior is done by employees working within a site.

________ firewalls handle traditional firewall processing, antivirus filtering, and spam filtering.

Which of the following is FALSE about stateful packet inspection firewalls?

NAT firewalls translate both network addresses (IP addresses) and port addresses.

IPSs use ________.

________ is used in firewalls that use various types of examination methods as a second type of protection.

A firewall policy database rarely includes more than six rules.

A static packet filtering firewall can stop incoming packets with spoofed source IP addresses.

Anomaly detection tends to generate so many false positives that many firms will not use it.

Static packet filtering is sometimes used ________.

Companies should assume that an increasing number of attacks will reach their internal clients and servers.

Signature-based detection is less accurate than anomaly detection.

________ can examine outgoing packets from an internal client to the external webserver to detect client misbehavior.

________ uses specific examination methods depending on the state of the connection.

Which of the following is FALSE about IDSs?

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters

Exam 6: Firewalls

Instead of talking about periods or phases, computer scientists use the term "state."

Port numbers ranging from 49151 to 65535 are ________.

Which of the following can be described as a particular temporal period during a connection?

The earliest type of border firewalls used static packet filtering.

Nearly all corporate border firewalls use the ________ filtering method.

By various accounts, it is estimated that ________ percent of all misbehavior is done by employees working within a site.

________ firewalls handle traditional firewall processing, antivirus filtering, and spam filtering.

Which of the following is FALSE about stateful packet inspection firewalls?

NAT firewalls translate both network addresses (IP addresses) and port addresses.

IPSs use ________.

________ is used in firewalls that use various types of examination methods as a second type of protection.

A firewall policy database rarely includes more than six rules.

A static packet filtering firewall can stop incoming packets with spoofed source IP addresses.

Anomaly detection tends to generate so many false positives that many firms will not use it.

Static packet filtering is sometimes used ________.

Companies should assume that an increasing number of attacks will reach their internal clients and servers.

Signature-based detection is less accurate than anomaly detection.

________ can examine outgoing packets from an internal client to the external webserver to detect client misbehavior.

________ uses specific examination methods depending on the state of the connection.

Which of the following is FALSE about IDSs?

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Host Hardening

Application Security

Data Protection

Incident and Disaster Response

Module a Networking Concepts

Filters