Chapter 10 Review – ITSY 2301 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Which of the following is true about a screening router?
answer
It should be combined with a firewall for better security
question
Which of the following is true about a dual-homed host?
answer
Serves as a single point of entry to the network
question
Which of the following best describes a DMZ?
answer
A subnet of publicly accessible servers placed outside the internal network
question
What do you call a firewall that is connected to the Internet, the internal network, and the DMZ?
answer
Three-pronged firwall
question
Where should network management systems generally be placed?
answer
?
question
Which of the following is best described as software that prioritizes and schedules requests and then distributes them to servers based on each servers current load and processing power?
answer
load balancing software
question
In what type of attack are zombies usually put to use?
answer
DDOS
question
Which of the following is a disadvantage of using a proxy server?
answer
they require client configuration
question
What should you consider installing if you want to inspect packets as they leave the network?
answer
reverse firewall
question
Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?
answer
proxy server
question
Which type of security device can speed up web page retrieval and shield hosts on the internal network?
answer
proxy server
question
Which type of firewall configuration protects public servers by isolating them from the internal network?
answer
screened subnet DMZ
question
What is the term for a computer placed on the network perimeter that is meant to attract attackers?
answer
Honeypot
question
What is a step you can take to harden a Bastion host?
answer
remove unnecessary services
question
What is a critical step you should take on the OS you choose for a bastion host?
answer
ensure all security patches are installed
question
Which type of translation should you use if you need 50 computers in the corporate network to be able to access the Internet using a single public IP address?
answer
port address translation
question
Which of the following is true about private IP addresses?
answer
they are not routable on the Internet
question
Which type of NAT is typically used on devices in the DMZ?
answer
one-to-one NAT
question
Which of the following best describes a bastion host?
answer
a computer on the network perimeter that is highly protected