Lesson 8: Defining Network Infrastructures And Network Security
Unlock all answers in this set
Unlock answersquestion
A worldwide system of connected computer networks.
answer
Internet
question
Computers that connect to the internet use the _________ protocol suite.
answer
TCP/IP
question
The internet's IP classification system is defined by the ____________.
answer
Internet Assigned numbers Authority (IANA)
question
DNS is defined by the ___________.
answer
Internet Engineering Task Force (IETF)
question
An enormous system of interlinked hypertext documents that can be accessed with a web browser.
answer
World Wide Web (WWW)
question
An interactive type of web experience. It allows users to interact with each other and act as contributors to Web sites as well.
answer
Web 2.0
question
Used by organizations to share data with select individuals.
answer
Intranets & Extranets
question
A private computer network or single Web site that an organization implements in order to share data with employees around the world.
answer
Intranet
question
Used to share data with sister companies or other partnered organizations.
answer
Extranet
question
Allows connectivity between two remote networks.
answer
Virtual Private Network (VPN)
question
A connection between two or more computers or devices that are not on the same private network.
answer
Virtual Private Network (VPN)
question
VPNs normally utilize one of two tunneling protocols.
answer
PPTP & L2TP
question
The more commonly used VPN tunneling protocol as well as the less secure option.
answer
PPTP
question
This VPN tunneling protocol generally includes security mechanisms, and no additional software or protocols need to be loaded.
answer
PPTP
question
The Point-to-Point Tunneling Protocol (PPTP) utilizes port __________.
answer
1723
question
PPTP works within the ___________, which is also used for dial-up connections.
answer
Point to Point Protocol (PPP)
question
A VPN tunneling protocol that utilizes IPsec as its security protocol.
answer
L2TP
question
A VPN device or server that allows incoming L2TP connections must have inbound port ________ open.
answer
1701
question
Used to protect a network from malicious attack and unwanted intrusion.
answer
Firewalls
question
The most commonly used type of security device in an organization's perimeter.
answer
Firewalls
question
The two two types of firewall technologies built into firewalls.
answer
SPI & NAT
question
Inspects each packet that passes through the firewall and accepts or rejects it based on a set of rules.
answer
Packet Filtering
question
Does not retain memory of packets that have passed through the firewall which makes it vulnerable to IP spoofing attacks.
answer
Stateless Packet Filtering
question
A firewall running this is normally not vulnerable to IP spoofing attacks because it keeps track of the state of network connnections by examining the header in each packet.
answer
Stateful Packet Inspection (SPI)
question
This function operates at the network layer of the OSI model.
answer
Stateful Packet Inspection (SPI)
question
Filters traffic according to ports (TCP or UDP)
answer
NAT Filtering
question
NAT Filtering utilizes ______ or ______.
answer
TCP & UDP
question
Supports address and port translation and checks whether the type of application traffic is allowed.
answer
Application level Gateway (ALG)
question
This type of Firewall Methodology checks each type of packet coming in and discards those that are Telnet packets.
answer
Application level Gateway (ALG)
question
These hide information about the private network, but they do not filter individual packets.
answer
Circuit level Gateways
question
This works at the session layer of the OSI model when a TCP or UDP connection is established.
answer
Circuit level Gateways
question
Acts as an intermediary between a LAN and the Internet.
answer
Proxy Server
question
This means "go-between" and acts as a mediator between a private and public network.
answer
Proxy Server
question
Evaluates requests from clients, and if they meet certain criteria, forwards them to the appropriate server.
answer
Proxy Server
question
Attempts to serve client requests without actually contacting the remote server.
answer
Caching Proxy
question
The most common caching proxy is the _______ proxy, also known as a web proxy, which caches web pages from servers on the Internet for a set amount of time.
answer
HTTP
question
This is utilized to save bandwidth on the company's internet connection and to increase the speed at which client requests are carried out.
answer
HTTP Proxy
question
Secures a network by keeping machines behind it anonymous; it does this through the use of NAT.
answer
IP Proxy
question
A basic four-port router will act as an IP Proxy for the clients on the LAN it protects. This is an example of __________.
answer
IP Proxy
question
Filters out various types of Internet activities, such as access to certain Web sites, email, instant messaging, and so on.
answer
Internet Content Filter
question
An Internet Content Filter, or simply a content filter, is usually applied as software at the ____________ layer of the OSI model.
answer
Application
question
A type of IDS that attempts to detect malicious network activities by constantly monitoring network traffic.
answer
Network Intrusion Detection System (NIDS)
question
Designed to inspect traffic, and, based on its configuration or security policy, it can remove, detain, or redirect malicious traffic in addition to simply detecting it.
answer
Network Intrusion Prevention System (NIPS)
question
This configuration has a DMZ situated between two firewall devices, which could be black box appliances or Microsoft Internet Security and Acceleration (ISA) Servers.
answer
Back To Back
question
In this configuration, the DMZ is usually attached to a separate connection of the company firewall.
answer
3 Leg Perimeter Configuration
question
In the 3-Leg Perimeter Configuration, the firewall has three connections: one to the company _______, one to the _______, and one to the _________.
answer
Lan, DMZ, Internet
question
You have been tasked to set up an authentication server on a DMZ that will allow only users from a partner company. What kind of network are you configuring?
answer
Extranet
question
You are in charge of setting up a VPN that allows connections on inbound port 1723. What tunneling protocol are you going to use?
answer
PPTP
question
Proseware, Inc., wants you to set up a VPN server. What service in Windows Server 2008 should you use?
answer
RRAS
question
The IT director has asked you to install a firewall. Which of the following is not a type of firewall?
answer
DMZ
question
You suspect an issue with one of the ports on the firewall. You decide to scan the ports. Which of the following is the appropriate tool to use?
answer
NMAP
question
Your client wants a server that can cashe web pages in order to increase the speed of commonly accessed Web sites. What type of server does the client require?
answer
Proxy
question
The customer you are working for wants a device that can detect network anomalies and report them to an administrator. What type of device is the customer looking for?
answer
NIDS
question
Your boss asks you to set up an area that is not on the LAN but not quite on the internet. This area will house servers that will serve requests to users who are connecting to your intranet. What type of zone does your boss want you to set up?
answer
DMZ
question
You have been asked by a client to install a VPN server that can offer unencrypted tunnels by default, or encrypted tunnels by using IPSec. Which of the following services should you choose in order to accomplish this?
answer
L2TP
question
You have set up a default VPN in Windows Server 2008. However, your boss is not happy with the level of security. She would rather have L2TP combined with IPsec. What tunneling prtocol is running currently on the server?
answer
PPTN
question
Allows users to interact with each other and contribute to Web Sites.
answer
Web 2.0
question
The ___________ defines DNS.
answer
Internet Engineering Task Force (IETF)
question
The ___________ is an enormous system of interlinked hypertext documents.
answer
World Wide Web (WWW)
question
You have set up a netowrk zone that allows remote access for employees of your company. This is known as a ____________.
answer
Intranet
question
You install a VPN server that uses inbound port 1701. The server is utilizing the ____________ protocol.
answer
L2TP
question
You installed a VPN server and configured a VPN adapter on a client computer. However, the connection cannot be completed from the client to the server. This is because you skipped the ____________ step.
answer
Configure Users
question
The VPN server has been configured and is running properly. however, it has not been configured to hand out IP addresses to clients. When a VPN server is configured this way, the clients obtain their IP addresses from a ___________ server.
answer
DHCP
question
A firewall normally has a private and a __________ IP address.
answer
Public
question
You have installed a firewall that accepts or rejects packets based on a set of rules. This firewall keeps track of the state of the network connection. it is running a type of packet filtering known as __________.
answer
Stateful Packet Filtering
question
aYou have configured a firewall so that all ports are closed. Now you are attempting to scan the firewall's ports to verify that there are no open ones. you should use the ___________ option within the Nmap port scanning program.
answer
P0
question
What type of network can you set up that is another company's internal network?
answer
Extranet
question
What technology can you use temporarily to connect netowrks from two different companies?
answer
VPN
question
Which VPN technology is the most common and the easiest to set up?
answer
PPTP
question
What port does L2TP use?
answer
1701
question
Which type of firewall blocks packets based on rules that are based on IP addresses or ports?
answer
Packet Filtering
question
What technology used in firewalls keeps tracks of conversations so that it knows what to allow back into a network?
answer
Stateful Packet Inspection
question
What acts as a middleman that translates between internal and external addresses and that caches previously accessed web pages so that it can provide those more quickly in the futue?
answer
Proxy Server
question
What type of device is designed to inspect traffic, detect malicious activities, and take steps to mitigate the malicious activity?
answer
Network Intrusion Prevention System (NIPS)
question
Which DMZ configuration uses one firewall with three interfaces?
answer
3 leg perimeter configuration
question
What protocol is used with L2TP to provide encryption?
answer
IPSec
question
What type of firewall works on the Session layer that creates a connection and allows packets to flow between the two hosts without further checking?
answer
Circuit level Gateway
question
What type of firewall do you use to block access to certain websites or instant messengers?
answer
Internet Content Filter
question
When trying to protect your network, you should create your secure network based on ____________.
answer
Layers
question
What device is used to protect one network from another by using filtering packets?
answer
Firewall
question
What type of configuration creates a DMZ between two firewalls?
answer
Back to Back
