Network Perimeter Security

Oct 28, 2017

📄 Contents

␡

⎙ Print

< Back Page 8 of 9 Next >

This chapter is from the book 

CompTIA Security+ SY0-501 Cert Guide, 4th Edition

Learn More Buy

Review Questions

Answer the following review questions. Check your answers with the correct answers that follow.

Which tool would you use if you want to view the contents of a packet?

A. TDR

B. Port scanner

C. Protocol analyzer

D. Loopback adapter

The honeypot concept is enticing to administrators because

A. It enables them to observe attacks.

B. It traps an attacker in a network.

C. It bounces attacks back at the attacker.

D. It traps a person physically between two locked doors.

James has detected an intrusion in his company network. What should he check first?

A. DNS logs

B. Firewall logs

C. The Event Viewer

D. Performance logs

Which of the following devices should you employ to protect your network? (Select the best answer.)

A. Protocol analyzer

B. Firewall

C. DMZ

D. Proxy server

Which device’s log file will show access control lists and who was allowed access and who wasn’t?

A. Firewall

B. Smartphone

C. Performance Monitor

D. IP proxy

Where are software firewalls usually located?

A. On routers

B. On servers

C. On clients

D. On every computer

Where is the optimal place to have a proxy server?

A. In between two private networks

B. In between a private network and a public network

C. In between two public networks

D. On all of the servers

A coworker has installed an SMTP server on the company firewall. What security principle does this violate?

A. Chain of custody

B. Use of a device as it was intended

C. Man trap

D. Use of multifunction network devices

You are working on a server and are busy implementing a network intrusion detection system on the network. You need to monitor the network traffic from the server. What mode should you configure the network adapter to work in?

A. Half-duplex mode

B. Full-duplex mode

C. Auto-configuration mode

D. Promiscuous mode

Which of the following displays a single public IP address to the Internet while hiding a group of internal private IP addresses?

A. HTTP proxy

B. Protocol analyzer

C. IP proxy

D. SMTP proxy

E. PAC

If your ISP blocks objectionable material, what device would you guess has been implemented?

A. Proxy server

B. Firewall

C. Internet content filter

D. NIDS

Of the following, which is a collection of servers that was set up to attract attackers?

A. DMZ

B. Honeypot

C. Honeynet

D. VLAN

Which of the following will detect malicious packets and discard them?

A. Proxy server

B. NIDS

C. NIPS

D. PAT

Which of the following will an Internet filtering appliance analyze? (Select the three best answers.)

A. Content

B. Certificates

C. Certificate revocation lists

D. URLs

Which of the following devices would detect but not react to suspicious behavior on the network? (Select the most accurate answer.)

A. NIPS

B. Firewall

C. NIDS

D. HIDS

E. UTM

One of the programmers in your organization complains that he can no longer transfer files to the FTP server. You check the network firewall and see that the proper FTP ports are open. What should you check next?

A. ACLs

B. NIDS

C. AV definitions

D. FTP permissions

Which of the following is likely to be the last rule contained within the ACLs of a firewall?

A. Time of day restrictions

B. Explicit allow

C. IP allow any

D. Implicit deny

Which of the following best describes an IPS?

A. A system that identifies attacks

B. A system that stops attacks in progress

C. A system that is designed to attract and trap attackers

D. A system that logs attacks for later analysis

What is a device doing when it actively monitors data streams for malicious code?

A. Content inspection

B. URL filtering

C. Load balancing

D. NAT

Allowing or denying traffic based on ports, protocols, addresses, or direction of data is an example of what?

A. Port security

B. Content inspection

C. Firewall rules

D. Honeynet

Which of the following should a security administrator implement to limit web-based traffic that is based on the country of origin? (Select the three best answers.)

A. AV software

B. Proxy server

C. Spam filter

D. Load balancer

E. Firewall

F. URL filter

G. NIDS

You have implemented a technology that enables you to review logs from computers located on the Internet. The information gathered is used to find out about new malware attacks. What have you implemented?

A. Honeynet

B. Protocol analyzer

C. Firewall

D. Proxy

Which of the following is a layer 7 device used to prevent specific types of HTML tags from passing through to the client computer?

A. Router

B. Firewall

C. Content filter

D. NIDS

Your boss has asked you to implement a solution that will monitor users and limit their access to external websites. Which of the following is the best solution?

A. NIDS

B. Proxy server

C. Block all traffic on port 80

D. Honeypot

Which of the following firewall rules only denies DNS zone transfers?

A. deny IP any any

B. deny TCP any any port 53

C. deny UDP any any port 53

D. deny all dns packets

< Back Page 8 of 9 Next >

🔖 Save To Your Account

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.

Email Address

Network Perimeter Security

This chapter is from the book

This chapter is from the book

This chapter is from the book 

Review Questions

Pearson IT Certification Promotional Mailings & Special Offers