ITN 263 Final Pt 1 | Questions with complete solutions

Document Content and Description Below

ITN 263 Final Pt 1 | Questions with complete solutions What is an example of security through obscurity? Using a nonstandard operating system for workstations such as FreeBSD Rachel is the cybersecu... rity engineer for a company that fulfills government contracts on Top Secret projects. She needs to find a way to send highly sensitive information by email in a way that won't arouse the suspicion of malicious parties. If she encrypts the emails, everyone will assume they contain confidential information. What is her solution? Hide messages in the company's logo within the email. Jacob is a network technician who works for a publishing company. He is setting up a new hire's access permissions. The new hire, Latisha, is an editor. She needs access to books that have been accepted for publication but are in the review stage. Jacob gives her access to the network drive containing only books in review, but not access to administrative or human resources network drives. What principle is Jacob applying? The principle of least privilege Which of the following is described as an approach to network security in which each administrator is given sufficient privileges only within a limited scope of responsibility? Separation of duties Landon is a network contractor. He has been hired to design security for the network of a small company. The company has a limited budget. Landon is asked to create a system that will protect the company's workstations and servers without undo expense. Landon decides to deploy one hardware firewall between the Internet and the local area network (LAN). What is this solution called? Single defense Which of the following can be described as putting each resource on a dedicated subnet behind a demilitarized zone (DMZ) and separating it from the internal local area network (LAN)? N-tier deployment Alejandro is a cybersecurity contractor. He was hired by a Fortune 500 company to redesign its network security system, which was originally implemented when the company was a much smaller organization. The company's current solution is to use multiple firewall platforms from different vendors to protect internal resources. Alejandro proposes an infrastructure security method that, in addition to firewalls, adds tools such as an intrusion detection system (IDS), antivirus, strong authentication, virtual private network (VPN) support, and granular access control. What is this solution called? Diversity of defense A filter pathway is designed to: Make it hard to bypass a network filtering system and force all traffic through one route Joaquin is a senior network technician for a mid-sized company who has been assigned the task of improving security for the IT infrastructure. He has been given a limited budget and must increase security without redesigning the network or replacing all internetworking security devices. He focuses on an approach that will identify a single vulnerability. What does he recommend? Weakest link A company vice president (VP) finds that the network security restrictions imposed by the security manager are too confining. To counter them, the VP habitually uses weak passwords, shares accounts with his assistant, and installed unapproved software. What security principle is the VP violating? Universal participation Amy is a network engineering consultant. She is designing security for a small to medium-sized government contractor working on a project for the military. The government contractor's network is comprised of 30 workstations plus a wireless printer, and it needs remote authentication. Which of the following is a type of authentication solution she should deploy? RADIUS Which of the following is an authentication method that supports smart cards, biometrics, and credit cards, and is a fully scalable architecture? 802.1x Which of the following is unlikely to support at-firewall authentication? Demilitarized zone (DMZ) firewall Carl is a network engineer for a mid-sized company. He has been assigned the task of positioning hardware firewalls in the IT infrastructure based on common pathways of communication. After analyzing the problem, on which aspect of the network does he base his design? Traffic patterns What is the basic service of a reverse proxy? Hides the identity of a web server accessed by a client over the Internet Which of the following is a firewall, proxy, and routing service that does NOT support caching, encryption endpoint, or load balancing? Note that this service can be found on almost any service or device that supports network address translation. Port forwarding Before an Internet user can access a demilitarized zone (DMZ), extranet, or private network resource, it first encounters an entity that is sturdy enough to withstand any sort of attack. What is this entity called? Bastion host operating system Which operating system (OS) for a bastion host runs on most appliance firewalls as well as many Internet service provider (ISP) connection devices? Proprietary OS The combination of certain techniques allows for relevant information collected by this solution from multiple systems and processes to be aggregated and analyzed for use in decision making. What is the name of this solution? Security information and event management (SIEM) What is an intrusion detection system/intrusion prevention system (IDS/IPS) that uses patterns of known malicious activity similar to how antivirus applications work? Database-based detection Security systems configured by the same security administrator can potentially have the same misconfiguration or design weakness. True The weakest link security strategy gains protection by using abnormal configurations. False Users with the minimum level of access to resources needed to complete their assigned tasks follow the principle of least privilege. True The less complex a solution, the more room there is for mistakes, bugs, flaws, or oversights by security administrators. False When the defense in depth security strategy is followed, a single component failure does not result in compromise or intrusion. True In an N-tier deployment, multiple subnets are deployed in series to separate private resources from public. True With diversity of defense, most layers use a different security mechanism. True Multiple firewalls in a series is considered diversity of defense but not defense in depth. False A drawback of multiple-vendor environments is the amount of network staff training that is typically needed. True In the fail-safe security stance, when any aspect of security fails, the best result of that failure is to fail into a state that supports or maintains essential security protections. True An intrusion detection system (IDS) serves as a companion mechanism to a firewall. True Under the universal participation security stance, every employee, consultant, vendor, customer, business partner, and outsider must be forced to work within the security policy's limitations. True Reverse proxy is a firewall service that allows external users access to internally hosted web resources. True Firewall logging helps to ensure that defined filters or rules are sufficient and functioning as expected. True One common firewall event that usually warrants an alert is a firewall reboot. True Firewalls should be considered a part of a security infrastructure, not the totality of security. True An intrusion detection system (IDS) false positive occurs when the IDS fails to detect an attack. False An intrusion prevention system (IPS) does not replace an intrusion detection system (IDS). True In intrusion detection, anomaly-based detection looks for differences from normal traffic based on a recording of real-world traffic that establishes a baseline. False The collection of disparate log information from systems on a network is called aggregation. True All firewalls, including those using static packet filtering, stateful inspection, and application proxy, have one thing in common. What is it? Rules Torri is a network technician. She needs to configure the edge firewalls for her company's IT infrastructure. Her supervisor has told her she must find a configuration method that assumes all network traffic is safe and, as malicious traffic is identified, it is added to a list of exceptions. Which of the following configuration methods does Torri select? Allow by default/deny by exception Alphonse is a networking contractor who has been hired by a small to medium-sized company to configure its firewall. The firewall comes preconfigured with a common rule set that allows web, email, instant messaging, and file transfer traffic using default ports. The company wants to allow access to secure websites and common website protocols but block access to insecure Internet websites. Which of the following is the best solution? Allow access to HTTPS, SQL, and Java, but deny access to HTTP Hyon is a network consultant. She was hired by a client company to examine the effectiveness of its IT infrastructure. She discovers that the company's Internet-facing firewall is not capable of automatically handling and adjusting for random source ports when a session is being established to its web and gaming servers. How should she correct this? Create a custom rule to manage random source ports Duncan runs a small writing and editing business. He employs two people in his small office/home office (SOHO). He also has general knowledge of networking, including how to configure a basic firewall to protect the network. His off-the-shelf firewall has rule sets built in with several main elements. Duncan is currently setting rules for TCP and UDP. What element is he working with? Base protocol Shoshana is a network technician for a mid-sized organization. She is configuring firewall rules. She is in a firewall's graphical interface and sets a rule as TCP, 192.168.42.0/24, ANY, ANY, 443, Allow. In what order is this rule organizing protocols, source addresses, source and target ports, and actions? Protocol, source address, source port, target address, target port, action Bill is a network technician. He is currently configuring the infrastructure's Internet-facing firewalls. He knows that the Internet Control Message Protocol (ICMP) echo type often referred to as "ping" is used by malicious persons to probe networks. He wants to set up a rule that will deny ping attempts from outside the network. What does he deny? Type 8 Fumiko is a network technician. She is configuring rules on one of her company's externally facing firewalls. Her network has a host address range of 192.168.42.140-190. She wants to allow all hosts access to a certain port except for hosts 188, 189, and 190. What rule or rules must she write? A single rule allowing hosts 140-187 is all that is necessary; the default-deny rule takes care of blocking the remaining nonincluded hosts. Which of the following is needed when determining what firewall traffic to allow and what to block? A complete inventory of all needed or desired network communications Lenita is a network technician. She is setting up a rule set for a firewall in her company's demilitarized zone (DMZ). For email, she creates an allow-exception rule permitting Simple Mail Transfer Protocol (SMTP) traffic on port 25 to leave the internal network for the Internet. Her supervisor examines Lenita's work and points out a possible problem. What is it? The allow-exception rule could create a loophole threatening internal communications on the same port. Reid is a network security trainer for a mid-sized company. He is demonstrating alternative methods of protecting a network using unconventional means. The IT department's "sandbox" network is used for testing and is not connected to the production network. Using the sandbox, Reid shows how to protect a network from external threats without using a firewall. What is Reid's approach? Packet sniffer Elissa is a network technician. She is configuring firewall rules for one of her company's branch offices, which supports online retail sales of the company's products. She is configuring rules to block traffic based on a traditional model but needs to allow a particular type of traffic. What should she allow? All traffic from port 80 originating from the office's web server, which is in a protected subnet What is the first step in deploying a firewall? Construct a firewall policy Leandro is writing a firewall policy. He needs to define which type of firewall he needs for each portion of the infrastructure based on differing areas of risk and trust. What are these areas called? Security zones Which of the following can a delay in firewall software patching cause? Exploitation of the firewall A malicious party has discovered the IP address of a host inside a network she wants to hack. She employs a form of port scanning, attempting to establish a connection with the host using multiple different ports. Which technique is she using? Firewalking Tiffany is a network engineer for her company. To enhance the performance of the network, she uses a method that assigns incoming transactions as they arrive in sequence to each of the infrastructure's three firewalls. Transaction 1 goes to firewall 1, transaction 2 goes to firewall 3, transaction 3 to firewall 2, and so on. Which technique is Tiffany using? Round-robin Carl is a networking student who is reading about methods of encryption and how they work with firewalls. Right now, he is studying a form of encryption that encrypts the entire original payload and header of a packet. However, because the header contains only information about endpoints, it is not useful for a firewall filtering malicious traffic. Which of the following is the encryption method being described? Tunnel mode Teodora is the procurement manager for her company's IT department. She is researching firewalls that come with enhancements beyond basic traffic filtering. Which of the following is considered a firewall enhancement? Anti-malware scanning Hajar is a new network administrator. She is inventorying firewalls in her company. She finds one that has a management interface lacking something and makes a note to replace it immediately. What critical security measure is the management interface missing? Encryption Firewalls filter traffic using rules or filters. True Firewall rules are instructions that evaluate and take action on traffic traversing the network. True A default-deny firewall stance assumes that all traffic is potentially unauthorized. True A default-allow firewall stance assumes that most traffic is benign. True Allow-by-default automatically prevents most malicious communications by default. False To avoid confusion, an organization should have a written security policy for a minimum number of security components. False Depending on the firewall, a single rule can sometimes define outbound and inbound communication parameters. True An access control list (ACL) focuses on controlling a specific user's or client's access to a protocol or port. True The source address and the port address of outbound firewall rules are often set as ANY, unless the rule is to apply to specific systems or ports. True The source address and the port address of inbound firewall rules are often set to Deny, unless the rule is to apply to specific systems or ports. False A best practice for firewall rules is to keep the rule set as simple as possible. True A change control mechanism tracks and monitors the changes to a system. True A potential loophole is created when the wrong rule is positioned last in a firewall rule set. False The universal Deny rule should be the last and final rule in a firewall rule set. True A best practice is to define a complete firewall rule set for each prescribed firewall in a written firewall policy. True A buffer overflow is a condition in which a memory buffer exceeds its capacity and the extra content "overflows" into adjacent memory. True Firewall filtering is an effective protection against fragmentation attacks. True Firewalking is a technique to learn the configuration of a firewall from the inside. False When a firewall functions at wire speed, the firewall does not introduce any delay or latency in communications because it operates at the same speed as the network. True Fair queuing is the distribution of the firewall filtering workload across multiple parallel firewalls. False Isabella is a network administrator. She is researching virtual private network (VPN) options for company employees who work from home. The solution must provide encryption over public networks, including the Internet; not rely upon pathways the company owns; be reliable; and not be subject to eavesdropping. It must also be cost-effective. Which solution does she choose? Secured VPN Otto is one of many employees working from home. Because his home is located in a rural area, the only form of connectivity available is dial-up. To connect to his office located in an urban community, what must the IT department set up? Remote access server (RAS) Which of the following statements is TRUE of connections between a corporate local area network (LAN) and a remote client, such as a remote worker? The remote client can have either a dedicated or a nondedicated connection to the Internet. Diego is a network consultant. He is explaining the benefits of virtual private network (VPN) connections for remote clients to the owner of a company who wants to allow most staff to work remotely. He says that a VPN is both private and secure. What does he say is the rationale? Authentication provides privacy and encryption provides security. Susan is a mid-level executive at her corporation who works remotely. Today, she worked from a restaurant using her company-issued laptop and connected to the Internet using the restaurant's free Wi-Fi. Once she made a connection, she authenticated to her virtual private network (VPN) client that links to her office network over a private, secure tunnel. While working, she contacted Lelah, who works in IT. She casually mentioned where she is working. How did Lelah respond? The data on the laptop may have been vulnerable in the time between when the laptop's wireless network interface connected to the Wi-Fi access point and when Susan enabled the VPN connection. Montel is the newly hired IT administrator at a long-established company. In studying its IT infrastructure, he discovers that the main office is connected to four other branch offices in their large city, with each office being linked to the others by dedicated leased lines that allow for direct communications from one location to the next. This mesh network is used only by the company. Montel tells the company's CIO that he has [Show More]

Last updated: 10 months ago

Preview 4 out of 17 pages