Chapter 2 Quiz

Which of the following is a malicious software program distributed by a hacker to take control of a victim's computers?

Which term describes the calculation of the total loss potential across a year for a given asset and a specific threat?

Which of the following refers to a form of encryption also known as point-to-point or host-to-host encryption?

Which name is given to a probability prediction based on statistics and historical occurrences on the likelihood of how many times in the next year a threat is going to cause harm?

Which of the following describes an appliance firewall?

Which of the following characteristics describes the application layer?

Which of the following refers to a type of firewall that filters on a specific application's content and session information?

Which term describes the cumulative value of an asset based on both tangible and intangible values?

Which malicious software program is distributed by hackers to take control of victims' computers?

Which of the following is not a consideration when placing firewalls on the network?

Which firewall has a network interface located in a unique network segment that allows for true isolation of the segments and forces the firewall to filter all traffic moving from one segment to another?

Which of the following refers to a software firewall installed on a client or server?

Ingress and egress filtering can expand beyond protection against spoofing and include a variety of investigations on inbound and outbound traffic. Which of the following is not one of the ways ingress and egress filtering expand beyond protection against spoofing?

Which term is used to describe a firewall that is implemented via software?

Which of the following refers to a type of software product that is pre-compiled and whose source code is undisclosed?

Which firewall product is designed for larger networks?

Which name is given to a form of filtering that focuses on traffic content?

Which of the following refers to a host firewall installed on a client or server?

Which of the following describes dynamic packet filtering?

Which name is given to an entrance or exit point to a controlled space?

A firewall is a filtering device that enforces network security policy and protects the network against external attacks.

The term Annualized Loss Expectancy (ALE) is the calculation of the total loss potential for the lifetime of an asset and a specific threat.

The term Annualized Rate of Occurrence (ARO) refers to a probability prediction based on statistics and historical occurrences on the likelihood of how many times in the next year a threat will be a realized attack.

A personal firewall is designed to provide protection to a single system or a small network.

An application firewall filters on a specific application's content and session information; however, it cannot inspect traffic at any layer.

The term asset value (AV) describes the cumulative value of an asset based on both tangible and intangible values. AV supports the SLE calculation.

The term bastion host refers to a firewall positioned along the pathway of a potential attack. It serves as the first line of defense for the network.

A software firewalls is a host firewall installed on a client or server.

Dynamic packet filtering uses a static or fixed set of rules to filter network traffic.

Ingress filtering filters traffic as it attempts to enter a network, including spoofed addresses, malformed packets, unauthorized ports and protocols, and blocked destinations.

When placing firewalls, you should consider the structure of the network, traffic patterns on the network, Internet connectivity, and remote access.

A dual-homed firewall describes a firewall that has three network interfaces. Each network interface is located in a unique network segment. This allows for true isolation of the segments and forces the firewall to filter all traffic traversing from one segment to another.

A software firewall can protect a single host or a network of hosts, whereas a hardware firewall can protect only a single host.

The term bump-in-the-stack describes a term for a firewall that is implemented via software.

A circuit is a logical connection between a client and a resource server.

A closed source is a type of software product that is pre-compiled and whose source code is undisclosed.

Dynamic packet filtering is the process of automatically creating temporary filters. In most cases, the filters allow outbound responses to previous inbound requests.

Content filtering is a form of filtering that focuses on traffic content.

Cost/benefit analysis is the final equation of risk analysis to assess the relative benefit of a counter-measure against the potential annual loss of a given asset exposed to a specific threat.

Data Link Layer (Layer 2) is the second layer of the OSI model responsible for logical addressing (MAC addresses) and supporting network topology, such as Ethernet.