University of the Cumberlands EMISS ISOL532 Telecommunications and network security. Chapter 7 & 8 Quiz. 20 Q&A

Document Content and Description Below

QUESTION 1 1. If you do not eliminate personal communications, business functions can continue unhindered. True False 5.00000 points QUESTION 2 1. Which command-line or graphical interface is u... sed to control and configure a device? Port-based network access (Admission) control (PNAC) Fair queuing Management interface Signature 5.00000 points QUESTION 3 1. Wireshark can be used in the absence of a firewall, with a firewall set to allow all traffic, or even in the presence of a firewall to inventory all traffic on the network. True False 5.00000 points QUESTION 4 1. Authentication is the process of defining which resources can be accessed by an electronic entity and what level or type of access is granted. True False 5.00000 points QUESTION 5 1. When conducting an inventory, you don't need to include protocols in use or the port(s) in use. You just need to include the likely source and destination addresses. True False 5.00000 points QUESTION 6 1. When defining firewall rules, you should keep the rule set as simple as possible. True False 5.00000 points QUESTION 7 1. Fair queuing is a technique of load balancing that operates by sending the next transaction to the firewall with the least current workload. True False 5.00000 points QUESTION 8 1. Which one of the following is not a benefit of having a written firewall policy? It acts as a tool for assisting in troubleshooting. It serves as a guideline for detecting changes and differences. It defines how to use a reverse proxy to add an additional layer of protection and control between Internet-based users and internally hosted servers. It ensures consistent filtering across firewalls. 5.00000 points QUEST ION 9 1. The fewer rules you need to check before you grant an Allow, the less delay to the traffic stream. True False 5.00000 points QUEST ION 10 1. Which of the following refers to an operating system built exclusively to run on a bastion host device? Universal participation Bastion host OS Reverse caching Proprietary OS 5.00000 points QUESTION 11 1. Software firewalls cannot be bastion hosts. True False 5.00000 points QUESTION 12 1. Which of the following refers to the deployment of a firewall as an allencompassing primary gateway security solution? Unified threat management (UTM) Access control list (ACL) Signature-based detection False positive 5.00000 points QUESTION 13 1. Which of the following is a dedicated hardware device that functions as a black-box sentry? Fail-safe Reverse proxy firewall Proxy firewall Appliance firewall 5.00000 points QUESTION 14 1. You cannot replace a native or default software firewall product in a general-purpose operating system (OS) with a third-party option. True False 5.00000 points QUESTION 15 1. Denial of service (DoS) attacks cannot be detected by a firewall. True False 5.00000 points QUESTION 16 1. Encryption of the session that accesses a firewall’s management interface is the most important and critical aspect of management interface configuration. True False 5.00000 points QUESTION 17 1. Which of the following refers to a form of IDS/IPS detection based on a collection of samples, patterns, signatures, and so on stored in a database of known malicious traffic and events? All traffic or events that match an item in the database are considered abnormal and potentially malicious. Database-based detection Firewalking Anomaly-based detection False Positive 5.00000 points QUESTION 18 1. A hacker uses a valid IP address of an internal host, and then from an external system, the hacker attempts to establish a communication session with the internal host over a multitude of different ports. This is called internal code planting. True False 5.00000 points QUESTION 19 1. In which type of environment do you block all access to all resources, internal and external, by default, and then use the principle of least privilege by adding explicit and specific allow-exceptions only when necessary based on job descriptions? Defaultdeny Defaultaccept Filter-free Fail-safe 5.00000 points QUESTION 20 1. Which of the following does not protect against fragmentation attacks? Using IDS Performing sender fragmentation Using firewall filtering Using firewalking [Show More]

Last updated: 2 years ago

Preview 1 out of 5 pages