Sofie needs to configure the vpn to preserve bandwidth. which configuration would she choose?

Inhaltsverzeichnis Show

Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend?a. router b. hub c. virtual private network d. SIEM device
Describe how a mail gateway operates?
A mail gateway is designed to prevent dangerous emails from being delivered. Most mail gateways operate by monitoring inbound and outbound emails. In the case of inbound emails, a mail gateway searches the content in the email for anything that can be deemeed dangerous (malware, spam, and phishing attacks). In the case of outbounds emails, a mail gateway blocks any data that is sensitive in nature (healthcare records and/or financial data).
A firewall that keeps a record of the state of a connection between an internal computer an external device is using what technology below?a) stateful packet filteringb) stateless fram filteringc) stateful frame filteringd) stateless packet filtering
a) stateful packet filtering
Discuss the two advantages that NAT provides.
One advantage of using NAT is that you can use a NAT router. This device can add an additional layer of security by acting as a firewall by discarding unwanted packets. These discarded packets are denied access because they were not first sent out by the router. A second advantage of using NAT is that you can mask the IP addressses of internal devices. Without the acutal IP address of the router, it is much more difficult to identify and attack a computer.
What is the difference between anomaly based monitoring and signature based monitoring?
The difference between anomaly based monitoring and signature based monitoring is who the strategy relies on enable it to work correctly. In the case of anomaly monitoring, it relies on the internal behavior of a user or network to make determinations on when to raise an alarm. In contrast, signature based monitoring relies on outside party like and updated database of signatures to make determinations on when to raise an alarm.
When VPN network traffic is routing only some traffic over the secure VPN while other traffci directly accesses the Internet, what technology is being used?a) shared tunnelingb) full tunnelc) priority tunneld) split tunneling
d) split tunneling
Anomaly monitoring is designed for detecting statistical anomalies.(T/F)
What vendor neutral protocol implements support for VLAN tagging?a) VSTPb) ISLc) VTPd) 802.1 Q
What technology enables authorized users to use an unsecured public networks, such as the Internet as if it were a secure private network?a) VPNb) endpointc) routerd) IKE tunnel
One use of data loss prevention (DLP) is blocking the copying of file to a USB flash drive. (T/F)
What data unit is associated with Open Systems Interconnection layer two?a) frameb) packetc) segmentd) bit
Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the organization's secure intranet. Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?a. A bridge will block packets between two different types of networks. b. A bridge cannot be used on any Internet connection. c. A bridge would block packets from reaching the Internet. d. A bridge could permit access to the secure wired network from the unsecured wireless network.
d. A bridge could permit access to the secure wired network from the unsecured wireless network.
Which of these would NOT be a filtering mechanism found in a firewall ACL rule?a. Source address b. Direction c. Date d. Protocol
Which of the following devices can identify the application that send packets and then make decisions about filtering based on it?a. Internet content filter b. Application-based firewall c. Reverse proxy d. Web security gateway
b. Application-based firewall
Which function does an Internet content filter NOT perform?a. Intrusion detection b. URL filtering c. Malware inspection d. Content inspection
a. Intrusion detection
How does network address translation (NAT) improve security?a. It filters based on protocol. b. It discards unsolicited packets. c. It masks the IP address of the NAT device. d. NATs do not improve security.
b. It discards unsolicited packets.
Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch. What would Francisco say?a. Once the MAC address table is full the switch functions like a network hub. b. A MAC flooding attack with filter to the local host computer's MAC-to-IP address tables and prevent these hosts from reaching the network. c. In a defense of a MAC flooding attack network routers will freeze and not permit any incoming traffic. d. A MAC flooding attack will prevent load balances from identifying the correct VIP of the servers.
a. Once the MAC address table is full the switch functions like a network hub.
Which of the following devices is easiest for an attacker to take advantage of in order to capture and analyze packets?a. Router b. Hub c. Switch d. Load Balancer
Sebastian was explaining to his supervisor why the enterprise needed to implement port security. His supervisor asked what security action a flood guard could do when a MAC flooding attack occurred. Which of the following was NOT an answer that was given by Sebastian?a. Ignore the new MAC addresses while allowing normal traffic from the single pre-approved MAC address b. Cause the device to enter a fail-open mode. c. Record new MAC addresses up to a specific limit d. Block the port entirely
b. Cause the device to enter a fail-open mode.
Which statement regarding a demilitarized zone (DMZ) is NOT true?a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users.
d. It contains servers that are used only by internal network users.
Which statement about network address translation (NAT) is true?a. It substitutes MAC addresses for IP addresses. b. It can be stateful or stateless. c. It can be found only on core routers. d. It removes private addresses when the packet leaves the network.
d. It removes private addresses when the packet leaves the network.
Which of these is NOT used in scheduling a load balancer?a. The IP address of the destination packet b. Data within the application message itself c. Round-robin d. Affinity
a. The IP address of the destination packet
In which of the following configurations are all the load balancers always active?a. Active-active b. Active-passive c. Passive-active-passive d. Active-load-passive-load
a. Active-active
Which device intercepts internal user requests and then processes those requests on behalf of the users?a. Forward proxy server b. Reverse proxy server c. Host detection server d. Intrusion prevention device
a. Forward proxy server
Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose?a. Split tunnel b. Full tunnel c. Narrow tunnel d. Wide tunnel
a. Split tunnel
Which device watches for attacks and sounds an alert only when one occurs?a. Firewall b. Network intrusion detection system (NIDS) c. Network intrusion prevention system (NIPS) d. Proxy intrusion device
b. Network intrusion detection system (NIDS)
Which of the following is a multipurpose security device?a. Hardware security module b. Unified Threat Management (UTM) c. Media gateway d. Intrusion Detection/Prevention (ID/P)
b. Unified Threat Management (UTM)
Which of the following CANNOT be used to hide information about the internal network?a. Network address translation (NAT) b. Protocol analyzer c. Subnetter d. Proxy server
b. Protocol analyzer
What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?a. A NIDS provides more valuable information about attacks. b. There is no difference; a NIDS and a NIPS are equal. c. A NIPS can take actions more quickly to combat an attack. d. A NIPS is much slower because it uses protocol analysis.
c. A NIPS can take actions more quickly to combat an attack.
Which is the most secure type of firewall?a. Stateless packet filtering b. Stateful packet filtering c. Network intrusion detection system replay d. Reverse proxy analysis
b. Stateful packet filtering
Which device intercepts internal user requests and then processes those requests on behalf of the user?
How do NACs ensure that a device is safe to connect to a secure network quizlet?
Which network device is easiest for an attacker to take advantage of to capture and analyze packets?
Which of the following is the best solution to allow access to private resources from the Internet?

What will you do if theres an earthquake

Make sure you have a fire extinguisher, first aid kit, a battery-powered radio, a flashlight, and extra batteries at home. Learn first aid. Learn how to turn off the gas, water, and electricity. ...

Job design theory of motivation examples

An organization’s performance largely depends upon the HRM practices of which one of the major components is the job design practices. Organizations like Imation, Xerox, etc, motivate their ...

Why would a boiling point be lower than expected

The boiling point is reached when the vapor pressure of a liquid matches the atmospheric pressure. Raising the atmospheric pressure will raise the boiling point. Conversely, lowering the atmospheric ...

a. router

Describe how a mail gateway operates?

A mail gateway is designed to prevent dangerous emails from being delivered. Most mail gateways operate by monitoring inbound and outbound emails. In the case of inbound emails, a mail gateway searches the content in the email for anything that can be deemeed dangerous (malware, spam, and phishing attacks). In the case of outbounds emails, a mail gateway blocks any data that is sensitive in nature (healthcare records and/or financial data).

A firewall that keeps a record of the state of a connection between an internal computer an external device is using what technology below?a) stateful packet filteringb) stateless fram filteringc) stateful frame filteringd) stateless packet filtering

a) stateful packet filtering

Discuss the two advantages that NAT provides.

One advantage of using NAT is that you can use a NAT router. This device can add an additional layer of security by acting as a firewall by discarding unwanted packets. These discarded packets are denied access because they were not first sent out by the router. A second advantage of using NAT is that you can mask the IP addressses of internal devices. Without the acutal IP address of the router, it is much more difficult to identify and attack a computer.

What is the difference between anomaly based monitoring and signature based monitoring?

The difference between anomaly based monitoring and signature based monitoring is who the strategy relies on enable it to work correctly. In the case of anomaly monitoring, it relies on the internal behavior of a user or network to make determinations on when to raise an alarm. In contrast, signature based monitoring relies on outside party like and updated database of signatures to make determinations on when to raise an alarm.

When VPN network traffic is routing only some traffic over the secure VPN while other traffci directly accesses the Internet, what technology is being used?a) shared tunnelingb) full tunnelc) priority tunneld) split tunneling

d) split tunneling

Anomaly monitoring is designed for detecting statistical anomalies.(T/F)

True

What vendor neutral protocol implements support for VLAN tagging?a) VSTPb) ISLc) VTPd) 802.1 Q

d) 802.1 Q

What technology enables authorized users to use an unsecured public networks, such as the Internet as if it were a secure private network?a) VPNb) endpointc) routerd) IKE tunnel

a) VPN

One use of data loss prevention (DLP) is blocking the copying of file to a USB flash drive. (T/F)

True

What data unit is associated with Open Systems Interconnection layer two?a) frameb) packetc) segmentd) bit

a) frame

Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the organization's secure intranet. Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?a. A bridge will block packets between two different types of networks. b. A bridge cannot be used on any Internet connection. c. A bridge would block packets from reaching the Internet. d. A bridge could permit access to the secure wired network from the unsecured wireless network.

d. A bridge could permit access to the secure wired network from the unsecured wireless network.

Which of these would NOT be a filtering mechanism found in a firewall ACL rule?a. Source address b. Direction c. Date d. Protocol

c. Date

Which of the following devices can identify the application that send packets and then make decisions about filtering based on it?a. Internet content filter b. Application-based firewall c. Reverse proxy d. Web security gateway

b. Application-based firewall

Which function does an Internet content filter NOT perform?a. Intrusion detection b. URL filtering c. Malware inspection d. Content inspection

a. Intrusion detection

How does network address translation (NAT) improve security?a. It filters based on protocol. b. It discards unsolicited packets. c. It masks the IP address of the NAT device. d. NATs do not improve security.

b. It discards unsolicited packets.

Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch. What would Francisco say?a. Once the MAC address table is full the switch functions like a network hub. b. A MAC flooding attack with filter to the local host computer's MAC-to-IP address tables and prevent these hosts from reaching the network. c. In a defense of a MAC flooding attack network routers will freeze and not permit any incoming traffic. d. A MAC flooding attack will prevent load balances from identifying the correct VIP of the servers.

a. Once the MAC address table is full the switch functions like a network hub.

Which of the following devices is easiest for an attacker to take advantage of in order to capture and analyze packets?a. Router b. Hub c. Switch d. Load Balancer

b. Hub

Sebastian was explaining to his supervisor why the enterprise needed to implement port security. His supervisor asked what security action a flood guard could do when a MAC flooding attack occurred. Which of the following was NOT an answer that was given by Sebastian?a. Ignore the new MAC addresses while allowing normal traffic from the single pre-approved MAC address b. Cause the device to enter a fail-open mode. c. Record new MAC addresses up to a specific limit d. Block the port entirely

b. Cause the device to enter a fail-open mode.

Which statement regarding a demilitarized zone (DMZ) is NOT true?a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users.

d. It contains servers that are used only by internal network users.

Which statement about network address translation (NAT) is true?a. It substitutes MAC addresses for IP addresses. b. It can be stateful or stateless. c. It can be found only on core routers. d. It removes private addresses when the packet leaves the network.

d. It removes private addresses when the packet leaves the network.

Which of these is NOT used in scheduling a load balancer?a. The IP address of the destination packet b. Data within the application message itself c. Round-robin d. Affinity

a. The IP address of the destination packet

In which of the following configurations are all the load balancers always active?a. Active-active b. Active-passive c. Passive-active-passive d. Active-load-passive-load

a. Active-active

Which device intercepts internal user requests and then processes those requests on behalf of the users?a. Forward proxy server b. Reverse proxy server c. Host detection server d. Intrusion prevention device

a. Forward proxy server

Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose?a. Split tunnel b. Full tunnel c. Narrow tunnel d. Wide tunnel

a. Split tunnel

Which device watches for attacks and sounds an alert only when one occurs?a. Firewall b. Network intrusion detection system (NIDS) c. Network intrusion prevention system (NIPS) d. Proxy intrusion device

b. Network intrusion detection system (NIDS)

Which of the following is a multipurpose security device?a. Hardware security module b. Unified Threat Management (UTM) c. Media gateway d. Intrusion Detection/Prevention (ID/P)

b. Unified Threat Management (UTM)

Which of the following CANNOT be used to hide information about the internal network?a. Network address translation (NAT) b. Protocol analyzer c. Subnetter d. Proxy server

b. Protocol analyzer

What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?a. A NIDS provides more valuable information about attacks. b. There is no difference; a NIDS and a NIPS are equal. c. A NIPS can take actions more quickly to combat an attack. d. A NIPS is much slower because it uses protocol analysis.

c. A NIPS can take actions more quickly to combat an attack.

Which is the most secure type of firewall?a. Stateless packet filtering b. Stateful packet filtering c. Network intrusion detection system replay d. Reverse proxy analysis

b. Stateful packet filtering

Which device intercepts internal user requests and then processes those requests on behalf of the user?

A computer or an application program that intercepts user requests from the internal secure network and then processes those requests on behalf of the users. A special proxy server that "knows" the application protocols that it supports. For example, an FTP proxy server implements the protocol FTP.

How do NACs ensure that a device is safe to connect to a secure network quizlet?

How do NACs ensure that a device is safe to connect to a secure network? The NAC issues a health certificate, only allowing healthy devices to connect to the secured network. In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network.

Which network device is easiest for an attacker to take advantage of to capture and analyze packets?

Chapter 7 RQ's.

Which of the following is the best solution to allow access to private resources from the Internet?

Which of the following is the BEST solution to allow access to private resources from the internet? A VPN provides a secure outside connection to an internal network's resources.

Sofie needs to configure the vpn to preserve bandwidth. which configuration would she choose?

What will you do if theres an earthquake

Job design theory of motivation examples

Why would a boiling point be lower than expected

a. router

Describe how a mail gateway operates?

A firewall that keeps a record of the state of a connection between an internal computer an external device is using what technology below?a) stateful packet filteringb) stateless fram filteringc) stateful frame filteringd) stateless packet filtering

a) stateful packet filtering

Discuss the two advantages that NAT provides.

What is the difference between anomaly based monitoring and signature based monitoring?

When VPN network traffic is routing only some traffic over the secure VPN while other traffci directly accesses the Internet, what technology is being used?a) shared tunnelingb) full tunnelc) priority tunneld) split tunneling

d) split tunneling

Anomaly monitoring is designed for detecting statistical anomalies.(T/F)

True

What vendor neutral protocol implements support for VLAN tagging?a) VSTPb) ISLc) VTPd) 802.1 Q

d) 802.1 Q

What technology enables authorized users to use an unsecured public networks, such as the Internet as if it were a secure private network?a) VPNb) endpointc) routerd) IKE tunnel

a) VPN

One use of data loss prevention (DLP) is blocking the copying of file to a USB flash drive. (T/F)

True

What data unit is associated with Open Systems Interconnection layer two?a) frameb) packetc) segmentd) bit

a) frame

d. A bridge could permit access to the secure wired network from the unsecured wireless network.

Which of these would NOT be a filtering mechanism found in a firewall ACL rule?a. Source address b. Direction c. Date d. Protocol

c. Date

Which of the following devices can identify the application that send packets and then make decisions about filtering based on it?a. Internet content filter b. Application-based firewall c. Reverse proxy d. Web security gateway

b. Application-based firewall

Which function does an Internet content filter NOT perform?a. Intrusion detection b. URL filtering c. Malware inspection d. Content inspection

a. Intrusion detection

How does network address translation (NAT) improve security?a. It filters based on protocol. b. It discards unsolicited packets. c. It masks the IP address of the NAT device. d. NATs do not improve security.

b. It discards unsolicited packets.

a. Once the MAC address table is full the switch functions like a network hub.

Which of the following devices is easiest for an attacker to take advantage of in order to capture and analyze packets?a. Router b. Hub c. Switch d. Load Balancer

b. Hub

b. Cause the device to enter a fail-open mode.

Which statement regarding a demilitarized zone (DMZ) is NOT true?a. It can be configured to have one or two firewalls. b. It typically includes an email or web server. c. It provides an extra degree of security. d. It contains servers that are used only by internal network users.

d. It contains servers that are used only by internal network users.

Which statement about network address translation (NAT) is true?a. It substitutes MAC addresses for IP addresses. b. It can be stateful or stateless. c. It can be found only on core routers. d. It removes private addresses when the packet leaves the network.

d. It removes private addresses when the packet leaves the network.

Which of these is NOT used in scheduling a load balancer?a. The IP address of the destination packet b. Data within the application message itself c. Round-robin d. Affinity

a. The IP address of the destination packet

In which of the following configurations are all the load balancers always active?a. Active-active b. Active-passive c. Passive-active-passive d. Active-load-passive-load

a. Active-active

Which device intercepts internal user requests and then processes those requests on behalf of the users?a. Forward proxy server b. Reverse proxy server c. Host detection server d. Intrusion prevention device

a. Forward proxy server

Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose?a. Split tunnel b. Full tunnel c. Narrow tunnel d. Wide tunnel

a. Split tunnel

Which device watches for attacks and sounds an alert only when one occurs?a. Firewall b. Network intrusion detection system (NIDS) c. Network intrusion prevention system (NIPS) d. Proxy intrusion device

b. Network intrusion detection system (NIDS)

Which of the following is a multipurpose security device?a. Hardware security module b. Unified Threat Management (UTM) c. Media gateway d. Intrusion Detection/Prevention (ID/P)

b. Unified Threat Management (UTM)

Which of the following CANNOT be used to hide information about the internal network?a. Network address translation (NAT) b. Protocol analyzer c. Subnetter d. Proxy server

b. Protocol analyzer

c. A NIPS can take actions more quickly to combat an attack.

Which is the most secure type of firewall?a. Stateless packet filtering b. Stateful packet filtering c. Network intrusion detection system replay d. Reverse proxy analysis

b. Stateful packet filtering

Which device intercepts internal user requests and then processes those requests on behalf of the user?

How do NACs ensure that a device is safe to connect to a secure network quizlet?

Which network device is easiest for an attacker to take advantage of to capture and analyze packets?

Which of the following is the best solution to allow access to private resources from the Internet?

zusammenhängende Posts

NEUESTEN NACHRICHTEN

Populer

Um

Legal

Hilfe

Sozial