Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 10: Protection Mechanisms

Full screen (f)
exit full mode
Question
The "something you produce" authentication mechanism makes use of something a user does like a signature or speech pattern..
Use Space or
up arrow
down arrow
to flip the card.
Question
A dumb card is a category that includes ID and ATM cards with magnetic strips containing the digital PIN against which a user's input is compared.
Question
Network-address translation (NAT)is often implemented with the screened-host firewalls architecture.
Question
A good rule of thumb is to require passwords to be at least eight characters long,with at least one number and one special character.
Question
The false reject rate of biometric technology is the rate at which authentic users are denied or prevented access to authorized areas as a result of a failure in the biometric device.
Question
Technical controls alone are adequately equipped to ensure a secure IT environment.
Question
Trap and Trace applications collect and analyze copies of packets from the network.
Question
Encryption uses algorithms to manipulate plaintext into ciphertext before transmission.
Question
Any firewall device must have its own set of configuration rules that controls its actions.
Question
Second generation of firewalls (stateful inspection firewalls)keeps track of each network connection established between internal and external systems using a state table.
Question
Many organizations don't even realize they have dial-up access,or they leave modem connections in place long after they have stopped fully using them.
Question
Scanning and analysis tools ensure confidentiality by concealing private information from unauthorized parties.
Question
An organization's Web page can provide information that can be used in social engineering attacks.
Question
An intrusion detection and prevention device denies access to a system by default.
Question
The ability to restrict specific services is a common practice in most modern routers,and is invisible to the user.
Question
Firewalls are designed,implemented,configured and operated by people,yet are resistant to human error.
Question
Firewalls are defined as any device that prevents specific type of information from moving between the untrusted network and the trusted network.
Question
Network-based intrusion detection and prevention systems yield many more false-positive readings than those that are host-based.
Question
Automated control systems for the most part can learn from mistakes,and they can adapt to changing situations.
Question
The "something you have" authentication mechanism takes advantage of something inherent in the user that is evaluated using biometrics.
Question
The proxy host contains two network interfaces in the configuration of the dual-homed host._________________________
Question
Biometric technologies are generally evaluated according to three basic criteria: False Reject Rate,False Accept Rate and Authentication Error Rate._________________________
Question
Digital key infrastructure is the entire set of hardware,software,and cryptosystems necessary to implement asymmetric key encryption in online commerce.
Question
The running key cipher is known as the one-time pad and uses a set of characters for encryption operations only once.
Question
The Internet is an example of a trusted network._________________________
Question
Managing the development and use of technical controls requires some knowledge and familiarity with the technology that enables them._________________________
Question
In the case of the man-in the-middle attack,an attacker pretends to be the second party in a conversation and routes traffic to the actual second party.
Question
Kerberos uses asymmetric key encryption to validate an individual user's access to certain network resources.
Question
A(n)password protection mechanism is a plain-language phrase,from which a virtual password is derived._________________________
Question
Although literally hundreds of variations exist,four architectural implementations of firewalls are especially common: packet filtering routers,screened-host firewalls,dual-homed host firewalls,and screened-subnet firewalls.
_________________________
Question
IPSec provides support for all uses within TCP/IP,including VPNs.
Question
The second generation of firewalls,called application-level firewalls,often consists of dedicated computers kept separate from the first filtering router called the edge router._________________________
Question
A popular extension to the TCP/IP protocol suite is Secure Shell (SSH),which provides security for remote access connections over public networks by creating a secure and persistent connection..
Question
Secure Sockets Layer (SSL)was developed to provide security for online electronic commerce transactions.
Question
Symmetric encryptions are more efficient in their use of CPU resources than asymmetric encryptions.
Question
A dual-homed host firewall is able to translate between the protocols of two different data link layers._________________________
Question
When evaluating biometric technologies,the false reject rate is also known as a Type II error or a false negative._________________________
Question
The second router in an application-level firewall is often called a(n)proxy server,because it relays internal services for external service requests.._________________________
Question
A system that is secret is safe.
Question
Two keys are used to encrypt and decrypt messages in symmetric encryption.
Question
____ controls defend against threats from within the organization.

A) Firewall
B) Education and training
C) Patches and upgrades
D) Host ID
Question
It is advisable to deny all ICMP data in order to limit the number of attacks to a network as the protocol is a common method for hacker reconnaissance and can be used for snooping._________________________
Question
A(n)temporal key is a symmetric key used for limited-use temporary communications by a hybrid encryption system._________________________
Question
Public key encryption is also known as asymmetric encryption._________________________
Question
Footprinting is the organized research of the Internet addresses owned or controlled by a target organization,using public Internet data._________________________
Question
A ____ is an example of the "something you know" authentication mechanism.

A) signature pattern recognition
B) password
C) fingerprint
D) smart card
Question
The process of converting an original message into a form that cannot be understood by unauthorized individuals is called encryption._________________________
Question
A ____ is NOT an example of the "something you have" authentication mechanism.

A) dumb card
B) password
C) smart card
D) cryptographic token
Question
Cryptology is the process of deciphering the original message also known as plaintext from an encrypted message._________________________
Question
There are three versions of the Terminal Access Controller Access Control System: TACACS,TACACS+ and RADIUS._________________________
Question
Knowledge-based intrusion detection and prevention systems examine data traffic for signatures which may comprise preconfigured,predetermined attack patterns._________________________
Question
A ____ is an example of the "something you are" authentication mechanism.

A) fingerprint
B) password
C) smart card
D) signature pattern recognition
Question
To encipher is to encrypt plaintext to ciphertext._________________________
Question
The trace function in a trap and trace scanning tool entices individuals who are illegally perusing the internal sections of a network,in order to determine who they are._________________________
Question
The data encryption standard is a popular symmetric encryption cryptosystem._________________________
Question
Polyalphabetic substitutions are advanced substitution ciphers that use two or more algorithms._________________________
Question
The Vernam cipher rearranges values within a block to create the ciphertext._________________________
Question
____ controls defend against threats from outside of the organization.

A) Security planning
B) Policy and law
C) Education and training
D) Firewall
Question
Digital signatures are encrypted messages that can be independently verified by a central facility (registry)as authentic,and serve as proof of nonrepudiation._________________________
Question
The Data Encryption Standard (DES)is a popular symmetric encryption system and uses a 64-bit block size and a(n)64-bit key._________________________
Question
Fourth generation firewalls,known as ____,allow only specific packets with a particular source,destination,and port address to pass through it.

A) dynamic packet filtering firewalls
B) packet filtering firewalls
C) stateful inspection firewalls
D) application-level firewalls
Question
A ____ commonly combines a separate dedicated firewall such as an application proxy server with a packet filtering router.

A) packet filtering router
B) screened-host firewall
C) screened-subnet firewall
D) dual-homed host firewall
Question
Which of the following biometric authentication systems is considered to be the least secure?

A) Keystroke pattern recognition
B) Signature recognition
C) Retina pattern recognition
D) Fingerprint recognition
Question
Which of the following characteristics currently used today for authentication purposes is NOT considered truly unique?

A) fingerprints
B) iris
C) retina
D) ID Cards
Question
Without a formal _____,administrators may implement controls that are inconsistent with the organization's overall philosophy.

A) ISSP
B) EISP
C) access control policy
D) biometrics
Question
A ____ is an example of the "something you produce" authentication mechanism.

A) password
B) dumb card
C) voice recognition
D) retina and iris scan
Question
Which of the following biometric authentication systems is the least accepted by users?

A) Fingerprint recognition
B) Keystroke pattern recognition
C) Retina pattern recognition
D) Voice pattern recognition
Question
Which of the following biometric authentication systems is considered to be the most secure?

A) Fingerprint recognition
B) Signature recognition
C) Keystroke pattern recognition
D) Retina pattern recognition
Question
____ firewalls are network devices that examine every incoming and outgoing packet's header,selectively allowing or rejecting packets based on the header information.

A) Packet filtering
B) Stateful inspection
C) DMZ
D) Proxy
Question
____ is NOT a packet header component that is most commonly examined by a packet filtering firewall.

A) IP source or destination address
B) Source or destination port
C) Inbound or outbound socket
D) MAC source and destination address
Question
____ architecture makes use of a demilitarized zone between the trusted and untrusted network.

A) Dual-homed host firewall
B) Packet filtering router
C) Screened-subnet firewall
D) Screened-host firewall system
Question
The third generation of firewalls,____ keeps track of each network connection established between internal and external systems using a specialized table.

A) stateful inspection firewall
B) application-level firewall
C) dynamic packet filtering firewall
D) packet filtering firewalls
Question
The ____ is a criteria used to compare and evaluate biometric technologies.

A) true reject rate
B) crossover acceptance rate
C) false reject rate
D) true accept rate
Question
Which of the following biometric authentication systems is the most accepted by users?

A) Keystroke pattern recognition
B) Fingerprint recognition
C) Voice pattern recognition
D) Retina pattern recognition
Question
The ____ authentication mechanism is considered to be biometric.

A) something you are
B) something you have
C) something you feel
D) something you know
Question
A firewall uses its ____ to decide whether or not to allow packets into the network.

A) configuration rules
B) access control list
C) rule base
D) network connections
Question
The intermediate area between trusted and untrusted networks is referred to as the ____.

A) safety zone
B) cache
C) demilitarized zone
D) proxy
Question
____,also known as proxy servers,often consists of dedicated computers kept separate from the first filtering router and are commonly used in conjunction with a second or internal filtering router.

A) Stateful inspection firewalls
B) Dynamic packet filtering firewalls
C) Packet filtering firewalls
D) Application-level firewalls
Question
The firewall architecture that consists of one or more internal bastion hosts located behind a packet filtering router is the ____.

A) screened-subnet firewall
B) dual-homed host firewall
C) proxy firewall
D) screened-host firewall
Question
Which of the following is a best practice in managing firewalls?

A) Telnet (terminal emulation) access to all internal servers from the public networks should be open
B) The firewall device should be accessible directly from the public network
C) All traffic from the trusted network is filtered
D) All Internet Control Message Protocol (ICMP) data should be denied
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/133
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 10: Protection Mechanisms
1
The "something you produce" authentication mechanism makes use of something a user does like a signature or speech pattern..
True
2
A dumb card is a category that includes ID and ATM cards with magnetic strips containing the digital PIN against which a user's input is compared.
True
3
Network-address translation (NAT)is often implemented with the screened-host firewalls architecture.
False
4
A good rule of thumb is to require passwords to be at least eight characters long,with at least one number and one special character.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
5
The false reject rate of biometric technology is the rate at which authentic users are denied or prevented access to authorized areas as a result of a failure in the biometric device.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
6
Technical controls alone are adequately equipped to ensure a secure IT environment.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
7
Trap and Trace applications collect and analyze copies of packets from the network.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
8
Encryption uses algorithms to manipulate plaintext into ciphertext before transmission.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
9
Any firewall device must have its own set of configuration rules that controls its actions.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
10
Second generation of firewalls (stateful inspection firewalls)keeps track of each network connection established between internal and external systems using a state table.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
11
Many organizations don't even realize they have dial-up access,or they leave modem connections in place long after they have stopped fully using them.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
12
Scanning and analysis tools ensure confidentiality by concealing private information from unauthorized parties.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
13
An organization's Web page can provide information that can be used in social engineering attacks.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
14
An intrusion detection and prevention device denies access to a system by default.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
15
The ability to restrict specific services is a common practice in most modern routers,and is invisible to the user.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
16
Firewalls are designed,implemented,configured and operated by people,yet are resistant to human error.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
17
Firewalls are defined as any device that prevents specific type of information from moving between the untrusted network and the trusted network.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
18
Network-based intrusion detection and prevention systems yield many more false-positive readings than those that are host-based.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
19
Automated control systems for the most part can learn from mistakes,and they can adapt to changing situations.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
20
The "something you have" authentication mechanism takes advantage of something inherent in the user that is evaluated using biometrics.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
21
The proxy host contains two network interfaces in the configuration of the dual-homed host._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
22
Biometric technologies are generally evaluated according to three basic criteria: False Reject Rate,False Accept Rate and Authentication Error Rate._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
23
Digital key infrastructure is the entire set of hardware,software,and cryptosystems necessary to implement asymmetric key encryption in online commerce.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
24
The running key cipher is known as the one-time pad and uses a set of characters for encryption operations only once.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
25
The Internet is an example of a trusted network._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
26
Managing the development and use of technical controls requires some knowledge and familiarity with the technology that enables them._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
27
In the case of the man-in the-middle attack,an attacker pretends to be the second party in a conversation and routes traffic to the actual second party.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
28
Kerberos uses asymmetric key encryption to validate an individual user's access to certain network resources.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
29
A(n)password protection mechanism is a plain-language phrase,from which a virtual password is derived._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
30
Although literally hundreds of variations exist,four architectural implementations of firewalls are especially common: packet filtering routers,screened-host firewalls,dual-homed host firewalls,and screened-subnet firewalls.
_________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
31
IPSec provides support for all uses within TCP/IP,including VPNs.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
32
The second generation of firewalls,called application-level firewalls,often consists of dedicated computers kept separate from the first filtering router called the edge router._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
33
A popular extension to the TCP/IP protocol suite is Secure Shell (SSH),which provides security for remote access connections over public networks by creating a secure and persistent connection..
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
34
Secure Sockets Layer (SSL)was developed to provide security for online electronic commerce transactions.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
35
Symmetric encryptions are more efficient in their use of CPU resources than asymmetric encryptions.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
36
A dual-homed host firewall is able to translate between the protocols of two different data link layers._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
37
When evaluating biometric technologies,the false reject rate is also known as a Type II error or a false negative._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
38
The second router in an application-level firewall is often called a(n)proxy server,because it relays internal services for external service requests.._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
39
A system that is secret is safe.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
40
Two keys are used to encrypt and decrypt messages in symmetric encryption.
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
41
____ controls defend against threats from within the organization.

A) Firewall
B) Education and training
C) Patches and upgrades
D) Host ID
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
42
It is advisable to deny all ICMP data in order to limit the number of attacks to a network as the protocol is a common method for hacker reconnaissance and can be used for snooping._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
43
A(n)temporal key is a symmetric key used for limited-use temporary communications by a hybrid encryption system._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
44
Public key encryption is also known as asymmetric encryption._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
45
Footprinting is the organized research of the Internet addresses owned or controlled by a target organization,using public Internet data._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
46
A ____ is an example of the "something you know" authentication mechanism.

A) signature pattern recognition
B) password
C) fingerprint
D) smart card
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
47
The process of converting an original message into a form that cannot be understood by unauthorized individuals is called encryption._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
48
A ____ is NOT an example of the "something you have" authentication mechanism.

A) dumb card
B) password
C) smart card
D) cryptographic token
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
49
Cryptology is the process of deciphering the original message also known as plaintext from an encrypted message._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
50
There are three versions of the Terminal Access Controller Access Control System: TACACS,TACACS+ and RADIUS._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
51
Knowledge-based intrusion detection and prevention systems examine data traffic for signatures which may comprise preconfigured,predetermined attack patterns._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
52
A ____ is an example of the "something you are" authentication mechanism.

A) fingerprint
B) password
C) smart card
D) signature pattern recognition
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
53
To encipher is to encrypt plaintext to ciphertext._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
54
The trace function in a trap and trace scanning tool entices individuals who are illegally perusing the internal sections of a network,in order to determine who they are._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
55
The data encryption standard is a popular symmetric encryption cryptosystem._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
56
Polyalphabetic substitutions are advanced substitution ciphers that use two or more algorithms._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
57
The Vernam cipher rearranges values within a block to create the ciphertext._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
58
____ controls defend against threats from outside of the organization.

A) Security planning
B) Policy and law
C) Education and training
D) Firewall
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
59
Digital signatures are encrypted messages that can be independently verified by a central facility (registry)as authentic,and serve as proof of nonrepudiation._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
60
The Data Encryption Standard (DES)is a popular symmetric encryption system and uses a 64-bit block size and a(n)64-bit key._________________________
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
61
Fourth generation firewalls,known as ____,allow only specific packets with a particular source,destination,and port address to pass through it.

A) dynamic packet filtering firewalls
B) packet filtering firewalls
C) stateful inspection firewalls
D) application-level firewalls
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
62
A ____ commonly combines a separate dedicated firewall such as an application proxy server with a packet filtering router.

A) packet filtering router
B) screened-host firewall
C) screened-subnet firewall
D) dual-homed host firewall
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
63
Which of the following biometric authentication systems is considered to be the least secure?

A) Keystroke pattern recognition
B) Signature recognition
C) Retina pattern recognition
D) Fingerprint recognition
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
64
Which of the following characteristics currently used today for authentication purposes is NOT considered truly unique?

A) fingerprints
B) iris
C) retina
D) ID Cards
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
65
Without a formal _____,administrators may implement controls that are inconsistent with the organization's overall philosophy.

A) ISSP
B) EISP
C) access control policy
D) biometrics
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
66
A ____ is an example of the "something you produce" authentication mechanism.

A) password
B) dumb card
C) voice recognition
D) retina and iris scan
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
67
Which of the following biometric authentication systems is the least accepted by users?

A) Fingerprint recognition
B) Keystroke pattern recognition
C) Retina pattern recognition
D) Voice pattern recognition
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
68
Which of the following biometric authentication systems is considered to be the most secure?

A) Fingerprint recognition
B) Signature recognition
C) Keystroke pattern recognition
D) Retina pattern recognition
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
69
____ firewalls are network devices that examine every incoming and outgoing packet's header,selectively allowing or rejecting packets based on the header information.

A) Packet filtering
B) Stateful inspection
C) DMZ
D) Proxy
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
70
____ is NOT a packet header component that is most commonly examined by a packet filtering firewall.

A) IP source or destination address
B) Source or destination port
C) Inbound or outbound socket
D) MAC source and destination address
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
71
____ architecture makes use of a demilitarized zone between the trusted and untrusted network.

A) Dual-homed host firewall
B) Packet filtering router
C) Screened-subnet firewall
D) Screened-host firewall system
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
72
The third generation of firewalls,____ keeps track of each network connection established between internal and external systems using a specialized table.

A) stateful inspection firewall
B) application-level firewall
C) dynamic packet filtering firewall
D) packet filtering firewalls
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
73
The ____ is a criteria used to compare and evaluate biometric technologies.

A) true reject rate
B) crossover acceptance rate
C) false reject rate
D) true accept rate
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
74
Which of the following biometric authentication systems is the most accepted by users?

A) Keystroke pattern recognition
B) Fingerprint recognition
C) Voice pattern recognition
D) Retina pattern recognition
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
75
The ____ authentication mechanism is considered to be biometric.

A) something you are
B) something you have
C) something you feel
D) something you know
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
76
A firewall uses its ____ to decide whether or not to allow packets into the network.

A) configuration rules
B) access control list
C) rule base
D) network connections
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
77
The intermediate area between trusted and untrusted networks is referred to as the ____.

A) safety zone
B) cache
C) demilitarized zone
D) proxy
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
78
____,also known as proxy servers,often consists of dedicated computers kept separate from the first filtering router and are commonly used in conjunction with a second or internal filtering router.

A) Stateful inspection firewalls
B) Dynamic packet filtering firewalls
C) Packet filtering firewalls
D) Application-level firewalls
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
79
The firewall architecture that consists of one or more internal bastion hosts located behind a packet filtering router is the ____.

A) screened-subnet firewall
B) dual-homed host firewall
C) proxy firewall
D) screened-host firewall
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
80
Which of the following is a best practice in managing firewalls?

A) Telnet (terminal emulation) access to all internal servers from the public networks should be open
B) The firewall device should be accessible directly from the public network
C) All traffic from the trusted network is filtered
D) All Internet Control Message Protocol (ICMP) data should be denied
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 133 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree