Chapter 10 Review – ITSY 2301

question

Which of the following is true about a screening router?
answer

It should be combined with a firewall for better security
question

Which of the following is true about a dual-homed host?
answer

Serves as a single point of entry to the network
question

Which of the following best describes a DMZ?
answer

A subnet of publicly accessible servers placed outside the internal network
question

What do you call a firewall that is connected to the Internet, the internal network, and the DMZ?
answer

Three-pronged firwall
question

Where should network management systems generally be placed?
answer

?
question

Which of the following is best described as software that prioritizes and schedules requests and then distributes them to servers based on each servers current load and processing power?
answer

load balancing software
question

In what type of attack are zombies usually put to use?
answer

DDOS
question

Which of the following is a disadvantage of using a proxy server?
answer

they require client configuration
question

What should you consider installing if you want to inspect packets as they leave the network?
answer

reverse firewall
question

Which network device works at the Application layer by reconstructing packets and forwarding them to Web servers?
answer

proxy server
question

Which type of security device can speed up web page retrieval and shield hosts on the internal network?
answer

proxy server
question

Which type of firewall configuration protects public servers by isolating them from the internal network?
answer

screened subnet DMZ
question

What is the term for a computer placed on the network perimeter that is meant to attract attackers?
answer

Honeypot
question

What is a step you can take to harden a Bastion host?
answer

remove unnecessary services
question

What is a critical step you should take on the OS you choose for a bastion host?
answer

ensure all security patches are installed
question

Which type of translation should you use if you need 50 computers in the corporate network to be able to access the Internet using a single public IP address?
answer

port address translation
question

Which of the following is true about private IP addresses?
answer

they are not routable on the Internet
question

Which type of NAT is typically used on devices in the DMZ?
answer

one-to-one NAT
question

Which of the following best describes a bastion host?
answer

a computer on the network perimeter that is highly protected

Get instant access to
all materials

Become a Member