5.0 Network Security – Flashcards
Unlock all answers in this set
Unlock answersquestion
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
answer
Circuit-level.
question
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
answer
Signature-based
question
Which of the following is the most important thing to do to prevent console access to the router?
answer
Keep the router in a locked room
question
Which of the following is the best device to deploy to protect your private network from a public untrusted network?
answer
Firewall
question
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?
answer
Intranet
question
What is the most common form of host-based IDS that employs signature or pattern matching detection methods?
answer
Anti-virus software
question
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
answer
IDS
question
Which of the following are performed by proxies?
answer
Block employees from accessing certain Web sites. Cache web pages.
question
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
answer
Host based firewall.
question
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers?
answer
Put the database server on the private network. Put the Web server on the DMZ.
question
Which of the following are characteristics of a circuit-level gateway?
answer
Filters based on sessions. Stateful.
question
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
answer
Network based firewall.
question
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
answer
Screen lock
question
Which of the following are NOT reasons to remote wipe a mobile device?
answer
When the device is inactive for a period of time
question
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?
answer
Remote wipe
question
Which of the following are true of a circuit proxy filter firewall?
answer
Operates at the Session Layer Verifies sequencing of session packets
question
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? Select all that apply.
answer
Source address of a packet, Destination address of a packet, AND Port Number
question
When designing a firewall, what is the recommended approach for opening and closing ports?
answer
Close all ports open, only ports required by applications inside the DMZ
question
Which of the following are characteristics of a packet filtering firewall?
answer
Stateless Filters IP address and port
question
You connect your computer to a wireless network available at the local library. You find that you can access all web sites you want on the Internet except two. What might be causing the problem?
answer
A proxy server is blocking access to the web sites
question
Which of the following is a firewall function?
answer
Packet filtering
question
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
answer
Application level
question
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of emails for all users. You want to scan the emails and prevent any emails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
answer
Network based firewall
question
You have a company network that is connected to the internet. You want all users to have internet access, but need to protect your private network and users. You also need to make private network and users. You also need to make a Web server publicly available to Internet users. Which solution should use?
answer
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ
question
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
answer
VLANs
question
Which of the following best describes the concept of a virtual LAN?
answer
Devices on the same network logically grouped as if they were grouped on separate networks.
question
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
answer
Trunk ports
question
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
answer
VLAN
question
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
answer
Port authentication
question
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch? Which one of the following should you implement?
answer
802.1x
question
Which of the following applications typically use 802.1x authentication?
answer
Controlling access through a switch Controlling access though a wireless access point
question
Which of the following devices can monitor a network and detect potential security attacks?
answer
IDS
question
Which of the following devices is capable of detecting and responding to security threats?
answer
IPS
question
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?
answer
Extranet
question
In which of the following situations would you most likely implement a demilitarized zone(DMZ)?
answer
You want to protect a public Web server from attack
question
Which of the following is likely to be located in a DMZ?
answer
FTP Server
question
You want to install a firewall that can reject packets that are not part of an active session. What type of firewall should you use?
answer
Circuit-level
question
What do host based intrusion detection systems often rely upon to perform their detection activities?
answer
Host system auditing capabilities
question
What actions can a typical passive IDS take when it detects an attack?
answer
The IDS logs all pertinent data about the intrusion An alert is generate and delivered via email, the console, or SNMP trap.
question
Network based intrusion detection is the most suited to detect and prevent what type of attacks?
answer
bandwidth-based denial of service attacks
question
Which of the following prevents access based on website ratings and classifications?
answer
Content filter
question
What does an IDS that uses signature recognition use for identifying attacks?
answer
Comparisons to a database of known attacks
question
You want to implement an IDS that uses rules or statistical analysis to detect attacks. What type of IDS should you deploy?
answer
Anomaly based IDS
question
Which of the following solutions would you implement to track which websites that network users are accessing?
answer
Proxy
question
Which of the following are security devices that perform stateful inspection of packet data, looking for patterns that indicate malicious code?
answer
IDS IPS
question
You would like to control internet access based on users, time of day, and web sites visited. How can you do this?
answer
Install a proxy server. Allow internet access only through the proxy server.
question
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
answer
Switch port
question
Which of the following describes how access lists can be used to improve network security.
answer
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, socket numbers.
question
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. What feature prevents switching loops and ensures there is only a single active path between any two switches?
answer
Spanning tree
question
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. What feature should your switch support?
answer
Spanning tree
question
In which of the following situations would you use port security?
answer
You wanted to restrict the devices that could connect through a switch port.
question
You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cable from the library computers to connect to their laptops to the internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a switch. You want to restrict access to the network so only the library computers are permitted connectivity to the internet. What can you do?
answer
Configure port security on the switch
question
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
answer
VLAN
question
Members of the sales team use laptops to connect to the company network. While traveling, the connect their laptops to the internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. What solution should you use?
answer
NAC (Network Access Control)
question
What do you call a set of solutions that helps ensure availability for a VOIP solution?
answer
QoS (Quality of Service)
question
What is a vulnerability associated with a PBX?
answer
2600 Club - Long distance w/o paying (2600KHz)
question
You want to use an encryption protocol for encrypting internet phone calls. What protocol would you use?
answer
PGP (Pretty Good Privacy)
question
You have a company network with a single switch. All devices connect to the network through a switch. You want to control which devices will be able to connect to you network. for devices that do not have the latest OS patches, you want to prevent access to all network devices except for a special server that holds the patches that all the computer need to download. Which tow of the following components will be part of your solution?
answer
802.1x authentication Remediation servers
question
You are concerned about attacks directed at your firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
answer
IPS - Intrusion Prevention System
question
You want to create a collection of computers on your network that appear to have valuable data, but are really computers configured with fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the methods of the attacks that are being deployed. What should you implement?
answer
Honeynet
question
You have configured a NIDS to monitor network traffic. Which of the following describes an attack that is NOT detected by the NIDS device?
answer
False Negative
question
The presence of unapproved modems on desktop systems gives rise to the LAN being vulnerable to which of the following?
answer
War Dialing
question
Which of the following phone attacks adds unauthorized charges to a telephone bill?
answer
Cramming