Chat with AI
Deck 7: Network Security
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
Play
Full screen (f)
Deck 7: Network Security
1
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
True
2
What kind of networking device forwards packets across different computer networks by reading destination addresses?
A)switch
B)router
C)bridge
D)firewall
A)switch
B)router
C)bridge
D)firewall
B
3
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
A)switch
B)router
C)firewall
D)hub
A)switch
B)router
C)firewall
D)hub
D
4
The management in your corporate office want to group users on the network together logically even though they are attached to separate network switches. How can this be done?
A)Create a subnet for each network switch involved.
B)Create additional broadcast domains for the users.
C)Add all users to a single DMZ segment
D)Create a VLAN and add the users' computers / ports to the VLAN.
A)Create a subnet for each network switch involved.
B)Create additional broadcast domains for the users.
C)Add all users to a single DMZ segment
D)Create a VLAN and add the users' computers / ports to the VLAN.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
What technology enables authorized users to use an unsecured public network, such as the Internet, as if were a secure private network?
A)IKE tunnel
B)VPN
C)endpoint
D)router
A)IKE tunnel
B)VPN
C)endpoint
D)router
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
The OSI model breaks networking steps down into a series of six layers.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
A load balancer that works with the File Transfer Protocol is operating at what layer of the OSI model?
A)Layer 1
B)Layer 2
C)Layer 4
D)Layer 7
A)Layer 1
B)Layer 2
C)Layer 4
D)Layer 7
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?
A)Application
B)Protocol
C)Packet
D)Signature
A)Application
B)Protocol
C)Packet
D)Signature
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
Workgroup switches must work faster than core switches.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
Select below the layer of the OSI model at which the route a packet is to take is determined, and the addressing of the packet is performed.
A)Network
B)Data Link
C)Session
D)Presentation
A)Network
B)Data Link
C)Session
D)Presentation
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
A)Install a bastion, configure host
B)Set up a choke in front of the web server
C)Create a DMZ, add necessary hosts.
D)Configure a reduction point on a firewall
A)Install a bastion, configure host
B)Set up a choke in front of the web server
C)Create a DMZ, add necessary hosts.
D)Configure a reduction point on a firewall
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
A server that routes incoming requests to a specific destination server, and acts as the final destination IP for all client access, is known as a:
A)forward proxy
B)application proxy
C)system proxy
D)reverse proxy
A)forward proxy
B)application proxy
C)system proxy
D)reverse proxy
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured to make use of both servers in a manner that is transparent to the end users?
A)Stateful packet filtering
B)Load balancing
C)DNS caching
D)DNS poisoning
A)Stateful packet filtering
B)Load balancing
C)DNS caching
D)DNS poisoning
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
What layer of the OSI model is responsible for permitting two parties on a network to hold ongoing communications across the network?
A)Network
B)Data Link
C)Session
D)Presentation
A)Network
B)Data Link
C)Session
D)Presentation
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Defense in depth, or layered security, involves the use of multiple types of network hardware within a network.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
What is the name for a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?
A)proxy server
B)DNS server
C)VPN server
D)telnet server
A)proxy server
B)DNS server
C)VPN server
D)telnet server
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?
A)PAT
B)PNAT
C)NAPT
D)NAT
A)PAT
B)PNAT
C)NAPT
D)NAT
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
The standard TCP/IP protocol uses IP addresses which are how many bytes in length?
A)4
B)8
C)16
D)32
A)4
B)8
C)16
D)32
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
What is the name for an instruction that interrupts a program being executed and requests a service from the operating system?
A)system call
B)unit call
C)hardware instruction
D)system exception
A)system call
B)unit call
C)hardware instruction
D)system exception
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that can forward packets across computer networks
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that can forward packets across computer networks
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
A ______________ is a worker who work occasionally or regularly from a home office.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?
A)Stateful frame filtering
B)Stateless frame filtering
C)Stateful packet filtering
D)Stateless packet filtering
A)Stateful frame filtering
B)Stateless frame filtering
C)Stateful packet filtering
D)Stateless packet filtering
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
Searching incoming web content to match keywords
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
Searching incoming web content to match keywords
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
An intrusion prevention system that knows information such as the applications that are running as well as the underlying operating systems
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
An intrusion prevention system that knows information such as the applications that are running as well as the underlying operating systems
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
Select below the technology that can be used to examine content through application-level filtering:
A)Application gateway
B)Security proxy
C)Web security gateway
D)Firewall
A)Application gateway
B)Security proxy
C)Web security gateway
D)Firewall
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that connects network segments and forwards onlyl frames intended for that specific device or frames sent to all devices
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that connects network segments and forwards onlyl frames intended for that specific device or frames sent to all devices
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that aggregates VPN connections
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A device that aggregates VPN connections
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A technology that allows scattered users to be logically grouped together even though they may be attached to different switches
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A technology that allows scattered users to be logically grouped together even though they may be attached to different switches
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
Searching for malware in incoming web content
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
Searching for malware in incoming web content
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Internet ____________________ filters monitor Internet traffic and block access to preselected Web sites and files.
Match the following terms to the appropriate definitions.
Match the following terms to the appropriate definitions.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
Which network address below is not a private IP address network?
A)10.4.5.0
B)172.63.255.0
C)192.168.255.0
D)172.17.16.0
A)10.4.5.0
B)172.63.255.0
C)192.168.255.0
D)172.17.16.0
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
_________________ is a technique that allows a private IP addresses to be used on the Internet with a single public IP address.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Which of the following is not a component of an IP packet that a firewall rule can use for filtering purposes?
A)Source address
B)Destination port
C)Direction
D)Intent
A)Source address
B)Destination port
C)Direction
D)Intent
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A firewall that can identify the applications that send packets through the firewall and then make decisions about the applications
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A firewall that can identify the applications that send packets through the firewall and then make decisions about the applications
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
A network _________________ isolates connected devices by learning MAC addresses and only sending frames intended for specific MAC addresses to the ports they're connected to, unless the MAC address is unknown.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A technique that allows private IP addresses to be used on the public Internet.
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A technique that allows private IP addresses to be used on the public Internet.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Matching
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A monitoring technique used by an intrusion detection system (IDS) that uses an algorithm to determine if a threat exists
a. Application-aware firewall
b. Application-aware IPS
c. Content inspection
d. Heuristic monitoring
e. Malware inspection
f. Network address translation (NAT)
g. Router
h. Switch
i. Virtual LAN (VLAN)
j. VPN Concentrator
A monitoring technique used by an intrusion detection system (IDS) that uses an algorithm to determine if a threat exists
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
The traffic sent by devices connected to a hub can be captured and decoded by a _________________.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
What vendor neutral protocol implements support for VLAN tagging?
A)ISL
B)VTP
C)802.1Q
D)VSTP
A)ISL
B)VTP
C)802.1Q
D)VSTP
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
Discuss the two advantages that NAT provides.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
Describe how NAC works.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
List and describe three features of Internet content filters.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Describe the difference between subnetting and VLANs.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
Describe how VLAN communication takes place.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
List and describe three advantages to subnetting.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
What are the two TCP/IP protocols that are used by mail servers for clients accessing incoming mail?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
What is the difference between anomaly based monitoring and signature based monitoring?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
List and describe two advantages of a proxy server.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
How does a Unified Threat Management (UTM) security product help reduce administrative overhead?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
