Chat with AI
Deck 6: Firewall Configuration and Administration
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
Play
Full screen (f)
Deck 6: Firewall Configuration and Administration
1
SSL supports firewall-based ____.
A) IP forwarding
B) encryption
C) VPN
D) application proxy
A) IP forwarding
B) encryption
C) VPN
D) application proxy
B
2
The IP range 10.x.x.x provides about ____ addresses.
A) 16.5 billion
B) 16.5 million
C) 1.05 million
D) 65,500
A) 16.5 billion
B) 16.5 million
C) 1.05 million
D) 65,500
B
3
The formula for calculating memory usage for Check Point's FW-1 NG firewall is ____.
A) MemoryUsage = (AverageLifetime)/(ConcurrentConnections)/(AverageLifetime + 50 seconds)*120
B) MemoryUsage =(AverageLifetime)/ (ConcurrentConnections)*(AverageLifetime + 50 seconds)*120
C) MemoryUsage = (ConcurrentConnections)/(AverageLifetime)+(AverageLifetime + 50 seconds)+120
D) MemoryUsage = (ConcurrentConnections)/(AverageLifetime)*(AverageLifetime + 50 seconds)*120
A) MemoryUsage = (AverageLifetime)/(ConcurrentConnections)/(AverageLifetime + 50 seconds)*120
B) MemoryUsage =(AverageLifetime)/ (ConcurrentConnections)*(AverageLifetime + 50 seconds)*120
C) MemoryUsage = (ConcurrentConnections)/(AverageLifetime)+(AverageLifetime + 50 seconds)+120
D) MemoryUsage = (ConcurrentConnections)/(AverageLifetime)*(AverageLifetime + 50 seconds)*120
D
4
The firewall administrator should test the firewall and evaluate its performance to ensure that the network traffic is moving efficiently.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
The ____ approach processes firewall rules in top-to-bottom order.
A) Deny All
B) In Order
C) Best Fit
D) Last Fit
A) Deny All
B) In Order
C) Best Fit
D) Last Fit
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
If the primary goal of a firewall is to block unauthorized access, the emphasis needs to be on restricting rather than enabling connectivity
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
With the ____ approach, the firewall determines the order in which the rules are processed.
A) Deny All
B) In Order
C) Best Fit
D) Last Fit
A) Deny All
B) In Order
C) Best Fit
D) Last Fit
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
The cornerstone of most firewalls is the ____, a set of instructions based on organizational policy, configured by the administrator.
A) rule set
B) IP forwarding set
C) packet filter
D) DNS
A) rule set
B) IP forwarding set
C) packet filter
D) DNS
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
It is good practice to set aside time to perform firewall maintenance ____.
A) daily
B) weekly
C) monthly
D) yearly
A) daily
B) weekly
C) monthly
D) yearly
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
____ firewalls are installed at all endpoints of the network, including the remote computers that connect to the network through VPNs.
A) Distributed
B) Remote
C) Integrated
D) Routing
A) Distributed
B) Remote
C) Integrated
D) Routing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
If you decide to first restrict all transmissions through the gateway except a specific set of services, you are following the principle of ____.
A) deny all
B) least privilege
C) connectivity
D) permissive approach
A) deny all
B) least privilege
C) connectivity
D) permissive approach
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Any firewall hardware can support a proxy server.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
If a proxy server is in service, ____ should be disabled on routers and other devices that lie between the networks.
A) PAT
B) NAT
C) DNS
D) IP forwarding
A) PAT
B) NAT
C) DNS
D) IP forwarding
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
____ is the hub for a large mailing list that features frequent announcements about security flaws.
A) Common Vulnerabilities and Exposures Database
B) CERT Coordination Center
C) SecurityFocus
D) The National Vulnerability Database
A) Common Vulnerabilities and Exposures Database
B) CERT Coordination Center
C) SecurityFocus
D) The National Vulnerability Database
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
____ provides a baseline index point for evaluating coverage of tools and services.
A) Common Vulnerabilities and Exposures Database
B) CERT Coordination Center
C) SecurityFocus
D) The National Vulnerability Database
A) Common Vulnerabilities and Exposures Database
B) CERT Coordination Center
C) SecurityFocus
D) The National Vulnerability Database
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Different types of hardware can be secured in different ways, but one of the most important ways is to ____.
A) never update once you have a good configuration defined
B) buy products from the same brand
C) only use on network administrator
D) choose good passwords that you then guard closely
A) never update once you have a good configuration defined
B) buy products from the same brand
C) only use on network administrator
D) choose good passwords that you then guard closely
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
A(n) ____ approach allows all packets to pass through except those specified to be blocked.
A) Allow-All
B) Allow-Some
C) Port 80
D) Except Video
A) Allow-All
B) Allow-Some
C) Port 80
D) Except Video
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Computer systems have failed when critical computers were placed on the top floor of buildings that were poorly air conditioned.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
One of the disadvantages of a load-sharing setup is that total network performance declines.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
A firewall must be ____ so its performance can grow along with the network it protects.
A) productive
B) extensible
C) scalable
D) robust
A) productive
B) extensible
C) scalable
D) robust
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Having a ____ password in place prevents someone from starting up your computer and accessing your hard disk files with a floppy disk called a boot disk.
A) BIOS
B) screen saver
C) supervisor
D) startup
A) BIOS
B) screen saver
C) supervisor
D) startup
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
The ____ lets you extend their functionality and integrate virus scanning into their set of abilities.
A) Border Gateway Protocol (BGP)
B) Open Shortest Path First (OSPF)
C) Open Platform for Security (OPSEC)
D) Content Vectoring Protocol (CVP)
A) Border Gateway Protocol (BGP)
B) Open Shortest Path First (OSPF)
C) Open Platform for Security (OPSEC)
D) Content Vectoring Protocol (CVP)
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Set of rules that blocks all access by default, and then permits only specific types of traffic to pass through.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Set of rules that blocks all access by default, and then permits only specific types of traffic to pass through.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
The practice of storing data in a part of disk storage space so it can be retrieved as needed.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
The practice of storing data in a part of disk storage space so it can be retrieved as needed.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
A ____ network monitors the operation of the primary firewall and synchronizes the state table connections so the two firewalls have the same information at any given time
A) caching
B) load balancing
C) hot standby
D) heartbeat
A) caching
B) load balancing
C) hot standby
D) heartbeat
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Tell the firewall what types of traffic to let in and out of your network.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Tell the firewall what types of traffic to let in and out of your network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
The even distribution of traffic among two or more load-sharing firewalls can be achieved through the use of ____________________ switches, which are network devices with the intelligence to make routing decisions based on source and destination IP address or port numbers as specified in Layer 4 of the OSI reference model.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
The administrator should periodically review a firewall's ____________________ and analyze the traffic that passes through the firewall, paying particular attention to suspicious activity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Of central importance to the operation of the firewall software that it hosts.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Of central importance to the operation of the firewall software that it hosts.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
____ of frequently accessed resources, such as Web page text and image files, can dramatically speed up the performance of your network because it reduces the load on your Web servers.
A) Hashing
B) Caching
C) Redundancy
D) Load balancing
A) Hashing
B) Caching
C) Redundancy
D) Load balancing
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Must be entered to complete the process of starting up a computer.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Must be entered to complete the process of starting up a computer.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
A(n) ____________________ interface is software that enables you to configure and monitor one or more firewalls that are located at different network locations.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Primary intent is to let all traffic through and then block specific types of traffic.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Primary intent is to let all traffic through and then block specific types of traffic.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
A critical ____________________ is defined as a software- or hardware-related item that is indispensable to the operation of a device or program.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Enables a packet to get from one network's OSI stack of interfaces to another.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Enables a packet to get from one network's OSI stack of interfaces to another.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
Many companies use the Internet to enable a(n) ____________________ that connects internal hosts with specific clients in other organizations.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Used to gain access to the BIOS set-up program or to change the BIOS password.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Used to gain access to the BIOS set-up program or to change the BIOS password.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
In 2003, GASSP was succeeded by ____.
A) GAAP
B) CISSP
C) GAISP
D) GASSPv2
A) GAAP
B) CISSP
C) GAISP
D) GASSPv2
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Match each item with a statement below.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Password you need to enter to make your screen saver vanish so you can return to your desktop and resume working.
a.boot-up password
b.firewall rules
c.bastion host
d.screen saver password
e.restrictive
f.IP forwarding
g.permissive
h.supervisor password
i.caching
Password you need to enter to make your screen saver vanish so you can return to your desktop and resume working.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
GAISP recommends the ____ management of IT assets and resources.
A) environmental
B) network
C) remote
D) integrated
A) environmental
B) network
C) remote
D) integrated
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
How should a firewall administrator guard against new risks?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Describe the need for firewall scalability.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
List the critical resources for a firewall's successful operation.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
What is an intrusion detection and prevention system?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Describe the importance of the bastion host's performance.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
Describe best practices for adding software updates and patches.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
What is a screen saver password? Why is it important?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
Describe the Content Vectoring Protocol (CVP).
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
What are the GAISP nine Pervasive Principles?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
What is IP forwarding?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
