CTS 1134 chapter 10 Network Access Security
Unlock all answers in this set
Unlock answersquestion
What device is used to prevent a hacker or other security threats from entering the network?
answer
Firewall
question
What firewall configuration uses three connections to create a separate DMZ?
answer
Single Firewall Configuration The simplest and most basic configuration uses only one firewall to protect the network. This type of firewall is sometimes referred to as a single firewall configuration. In this configuration, a single firewall is placed between the external network, usually the Internet, and the internal network. This configuration also allows the servers to be put on a designated DMZ.
question
What firewall configuration is the preferred method to create a DMZ?
answer
Dual firewall configuration
question
What area acts a buffer between the internal and external networks?
answer
DMZ
question
You are installing several servers that will be used as web servers to reach customers over the Internet. Where should you place the servers?
answer
DMZ
question
What type of system tries to detect malicious activity, such as denial of service attacks and port scans?
answer
Network Intrusion detection system
question
What software can protect an individual computer by blocking packets that may try to access a computer without your knowledge or consent?
answer
Host based firewall
question
What type of firewall works with protocols and services to block TELNET, DNS, FTP, and HTTP?
answer
application layer firewall
question
What type of firewall blocks packets based on IP address or port?
answer
Packet Filter Firewall Network layer firewalls, as the name implies, work on the Network layer of the TCP/IP model. This means that they target primarily packet communications. Because Network layer firewalls tend to target packet traffic on a network, they are often referred to as packet filters. The packets filtered by a Network layer firewall can be filtered based on a wide variety of criteria. Some criteria are source and destination IP addresses, port addresses, what higher level protocols the packet contains, and many others.
question
What type of firewall keeps track of conversations to determine what packets it will allow to flow through the firewall?
answer
statefull firewall
question
Many firewalls, IDS, and anti-virus programs use _____________ or definitions to identify threats.
answer
signatures
question
What type of firewall is based on groups of interfaces? Question 12 options:
answer
Zone based firewall
question
What do you call a list of rules or policies programmed into a router or other device that specifies what can gain access to a network?
answer
ACL
question
What type of filtering uses physical addresses to allow or deny communications transit through a firewall?
answer
MAC filter
question
On which protocol are many tunneling protocols based?
answer
PPP
question
What PPP component is used to establish and configure the actual connection between two devices at the Data Link layer?
answer
LCP. Link control protocol
question
What PPP component is used to establish a connection at the Layer 3 level?
answer
NCP. Network Control Protocol
question
What process do you call a connection through a public network?
answer
Tunneling is the process of establishing a connection through a public network that looks like a point-to-point connection to the devices on either end of it, but in reality is not. For tunneling to work, three different protocols are needed: the carrier protocol, the encapsulating protocol, and the passenger protocol.
question
What is used to encode the header or the entire packet of a network communication so that it cannot be read simply by opening it or looking at its content?
answer
encription
question
What do you call data or text that is not encrypted?
answer
plain text
question
What protocol does L2TP use to provide encryption?
answer
IPSec
question
What IPSec protocol authenticates data packets but cannot encrypt them?
answer
AH. The Authentication Header (AH) authenticates data packets, but cannot encrypt them. By using AH for authentication, IPSec can provide integrity to the datagram it is authenticating. The authentication provided by AH also helps protect a packet from replay attacks.
question
What IPSec protocol is used to authenticate and encrypt data?
answer
ESP. Encapsulating Security Payload
question
Which IPSec mode allows the payload to be encrypted?
answer
Transport Mode In transport mode, only the payload or the data in a packet is encrypted. However, in tunnel mode, the entire packet is encrypted and then surround by a new IP packet containing a new IP header
question
Which IPSec mode is used when using a VPN protocol?
answer
tunnel mode
question
What is used to establish a connection from a client computer outside a local network to an enterprise LAN using the Internet or other public network?
answer
VPN
question
Which VPN allows you to use port 443?
answer
SSL. Secure Sockets Layers
question
What do you call terminal services in Windows Server 2008 R2?
answer
Remote Desktop Services
question
What allows you to log in remotely to a machine running Linux using a graphical user interface?
answer
VNC. Virtual Network Computing.
question
What protocol does Citrix use for terminal services?
answer
ICA. Independent computing architecture
question
Which encryption does WPA use for wireless networks?
answer
TKIP. Temporal Key Integrity Protocol
question
What encryption does WPA2 use for wireless networks?
answer
AES.
question
What is an assessment recommended as the most appropriate way of handling a certain task, based on an observation of the way that several organizations handle that task?
answer
Best Practices
question
What policies would you establish to specify how often a password needs to be changed?
answer
Password policy
question
What do you need to do to keep your Windows computer secure?
answer
Make sure the operating system has the newest updates
question
What technology users PPP inside an Ethernet frame?
answer
PPPoE
question
For a network, what is considered the weakest link?
answer
Users
question
Any time a security break is discovered, it should be immediately __________.
answer
reported to IT
question
What is the best way to protect against social engineering?
answer
User Training