Question 1

The service within Kerberos that generates and issues session keys is known as __________.

Accepted Answer

A)  VPN 
B)  KDC 
C)  AS 
D)  TGS 
A)  VPN 
B)  KDC 
C)  AS 
D)  TGS

Question 2

A trusted VPN uses  ____________________ circuits from a service provider who gives contractual assurance that no one else is allowed to use these circuits and that they are properly maintained and protected.

Accepted Answer

The answer of A trusted VPN uses  ____________________ circuits from...

Question 3

​Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.

Accepted Answer

A) True 
 B)False

Question 4

A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range and checks to see if a person, answering machine, or modem picks up.

Accepted Answer

The answer of A(n) ____________________ dialer is an automatic phone-dialing...

Question 5

When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture.

Accepted Answer

A) True 
 B)False

Question 6

Discretionary access control is an approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users.

Accepted Answer

A) True 
 B)False

Question 7

Configuring firewall policies is viewed as much as a(n) __________ as it is a(n) __________.

Accepted Answer

A)  art, science 
B)  philosophy, skill 
C)  skill, science 
D)  pain, necessity 
A)  art, science 
B)  philosophy, skill 
C)  skill, science 
D)  pain, necessity

Question 8

The firewall device must never be accessible directly from the ____________________ network.

Accepted Answer

publicuntr

Question 9

The ____________________ packet-filtering firewall can react to an emergent event and update or create rules to deal with that event.

Accepted Answer

The answer of The ____________________ packet-filtering firewall can react to...

Question 10

Good firewall rules include denying all data that is not verifiably authentic.

Accepted Answer

A) True 
 B)False

Question 11

A(n) ____________________ contains a computer chip that can verify and validate several pieces of information instead of just a PIN.

Accepted Answer

The answer of A(n) ____________________ contains a computer chip that...

Question 12

The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________

Accepted Answer

A) True 
 B)False

Question 13

The dominant architecture used to secure network access today is the __________ firewall.

Accepted Answer

A)  static 
B)  bastion 
C)  unlimited 
D)  screened subnet 
A)  static 
B)  bastion 
C)  unlimited 
D)  screened subnet

Question 14

Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of configuration rules.

Accepted Answer

A) True 
 B)False

Question 15

Most firewalls use packet header information to determine whether a specific packet should be allowed to pass through or should be dropped. _________________________

Accepted Answer

A) True 
 B)False

Question 16

In __________ mode, the data within an IP packet is encrypted, but the header information is not.

Accepted Answer

A)  tunnel 
B)  transport 
C)  public 
D)  symmetric 
A)  tunnel 
B)  transport 
C)  public 
D)  symmetric

Question 17

Known as the ping service, ICMP is a(n) __________ and should be ___________.

Accepted Answer

A)  essential feature, turned on to save money 
B)  common method for hacker reconnaissance, turned off to prevent snooping 
C)  infrequently used hacker tool, turned off to prevent snooping 
D)  common method for hacker reconnaissance, turned on to save money 
A)  essential feature, turned on to save money 
B)  common method for hacker reconnaissance, turned off to prevent snooping 
C)  infrequently used hacker tool, turned off to prevent snooping 
D)  common method for hacker reconnaissance, turned on to save money

Question 18

The __________ is an intermediate area between a trusted network and an untrusted network.

Accepted Answer

A)  perimeter 
B)  DMZ 
C)  domain 
D)  firewall 
A)  perimeter 
B)  DMZ 
C)  domain 
D)  firewall

Question 19

A(n) ____________________ private network is a secure network connection between systems that uses the data communication capability of an unsecured and public network.

Accepted Answer

The answer of A(n) ____________________ private network is a secure...

Question 20

Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _________________________

Accepted Answer

A) True 
 B)False

The service within Kerberos that generates and issues session keys is known as __________.

A trusted VPN uses ____________________ circuits from a service provider who gives contractual assurance that no one else is allowed to use these circuits and that they are properly maintained and protected.

Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.

A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range and checks to see if a person, answering machine, or modem picks up.

When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture.

Discretionary access control is an approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users.

Configuring firewall policies is viewed as much as a(n) as it is a(n) .

The firewall device must never be accessible directly from the ____________________ network.

The ____________________ packet-filtering firewall can react to an emergent event and update or create rules to deal with that event.

Good firewall rules include denying all data that is not verifiably authentic.

A(n) ____________________ contains a computer chip that can verify and validate several pieces of information instead of just a PIN.

The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________

The dominant architecture used to secure network access today is the __________ firewall.

Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of configuration rules.

Most firewalls use packet header information to determine whether a specific packet should be allowed to pass through or should be dropped. _________________________

In __________ mode, the data within an IP packet is encrypted, but the header information is not.

Known as the ping service, ICMP is a(n) and should be _.

The __________ is an intermediate area between a trusted network and an untrusted network.

A(n) ____________________ private network is a secure network connection between systems that uses the data communication capability of an unsecured and public network.

Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _________________________

Introduction to Information Security

The Need for Security

Legal, Ethical, and Professional Issues in Information Security

Planning for Security

Risk Management

Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Cryptography

Physical Security

Implementing Information Security

Security and Personnel

Information Security Maintenance

Filters

Exam 6: Security Technology: Access Controls, Firewalls, and VPNS

The service within Kerberos that generates and issues session keys is known as __________.

A trusted VPN uses ____________________ circuits from a service provider who gives contractual assurance that no one else is allowed to use these circuits and that they are properly maintained and protected.

​Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.

A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range and checks to see if a person, answering machine, or modem picks up.

When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networks through the use of some form of proxy access or DMZ architecture.

Discretionary access control is an approach whereby the organization specifies use of resources based on the assignment of data classification schemes to resources and clearance levels to users.

Configuring firewall policies is viewed as much as a(n) __________ as it is a(n) __________.

The firewall device must never be accessible directly from the ____________________ network.

The ____________________ packet-filtering firewall can react to an emergent event and update or create rules to deal with that event.

Good firewall rules include denying all data that is not verifiably authentic.

A(n) ____________________ contains a computer chip that can verify and validate several pieces of information instead of just a PIN.

The static packet filtering firewall can react to an emergent event and update or create rules to deal with that event. _________________________

The dominant architecture used to secure network access today is the __________ firewall.

Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or other firewall implementation, must have its own set of configuration rules.

Most firewalls use packet header information to determine whether a specific packet should be allowed to pass through or should be dropped. _________________________

In __________ mode, the data within an IP packet is encrypted, but the header information is not.

Known as the ping service, ICMP is a(n) __________ and should be ___________.

The __________ is an intermediate area between a trusted network and an untrusted network.

A(n) ____________________ private network is a secure network connection between systems that uses the data communication capability of an unsecured and public network.

Best practices in firewall rule set configuration state that the firewall device never allows administrative access directly from the public network. _________________________

Introduction to Information Security

The Need for Security

Legal, Ethical, and Professional Issues in Information Security

Planning for Security

Risk Management

Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools

Cryptography

Physical Security

Implementing Information Security

Security and Personnel

Information Security Maintenance

Filters

Lattice-based access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access.

Configuring firewall policies is viewed as much as a(n) as it is a(n) .

Known as the ping service, ICMP is a(n) and should be _.