Which of the following describes an access control list (ACL)?
a. a form of IDS/IPS detection based on a collection of samples, patterns, signatures, and so on
b. an event that does not trigger an alarm but should have, due to the traffic or event actually being abnormal and/or malicious
c. a mechanism that defines traffic or an event to apply an authorization control of allow or deny against
d. an intrusion detection system/intrusion prevention system (IDS/IPS) based on a defined normal, often defined using rules similar to firewall rules
answer
c. a mechanism that defines traffic or an event to apply an authorization control of allow or deny against
question
Which of the following is given to a notification from a firewall that a specific event or packet was detected?
a. management interface
b. rules
c. alert
d. anomaly-based detection
answer
c. alert
question
What is anomaly-based detection?
a. an event that does not trigger an alarm but should have because the traffic or event is abnormal and/or malicious
b. a notification from a firewall that a specific event or packet was detected
c. a form of intrusion detection system/intrusion prevention system (IDS/IPS) based on a defined normal, often defined using rules similar to firewall rules
d. an event that triggers an alarm but should not have because the traffic or event is benign
answer
c. a form of intrusion detection system/intrusion prevention system (IDS/IPS) based on a defined normal, often defined using rules similar to firewall rules
question
Which of the following is a technique for storing or copying log events to a centralized logging server?
a. firewall logging
b. write-once read-many (WORM) storage
c. unified threat management (UTM)
d. syslog
answer
d. syslog
question
Which term describes a security stance that prevents all communications except those enabled by specific allow exceptions?
a. deny by default/allow by exception
b. syslog
c. behavioral-based detection
d. signature-based detection
answer
a. deny by default/allow by exception
question
Which of the following describes fair queuing?
a. a technique of load balancing that operates by sending the next transaction to the firewall with the least current workload
b. a written expression of an item of concern (protocol, port, service, application, user, and IP address) and one or more actions to take when the item of concern appears in traffic
c. a form of IDS/IPS detection based on a collection of samples, patterns, signatures, and so on
d. an event that triggers an alarm but should not have because the traffic or event actually is benign
answer
a. a technique of load balancing that operates by sending the next transaction to the firewall with the least current workload
question
Which of the following refers to an event that does not trigger an alarm but should have, due to the traffic or event actually being abnormal and/or malicious?
a. false positive
b. deny by default/allow by exception
c. round robin
d. false negative
answer
d. false negative
question
Which of the following is not a protection against fragmentation attacks?
a. performing sender fragmentation
b. using firewall filtering
c. using firewalking
d. using IDS
answer
c. using firewalking
question
Which of the following can improve firewall performance?
a. load balancing
b. wirespeed
c. firewalking
d. port-based network access (admission) control (PNAC)
answer
a. load balancing
question
Which name is given to a hacking technique used against static packet filtering firewalls to discover the rules or filters controlling inbound traffic?
a. firewalking
b. signature-based detection
c. database-based detection
d. filter
answer
a. firewalking
question
Which of the following is a firewall rule that prevents internal users from accessing public FTP sites?
a. TCP 192.168.42.0/24 ANY ANY 21 Deny
b. TCP ANY ANY 192.168.42.0/24 ANY Deny
c. TCP 21 192.168.42.0/24 ANY ANY Deny
d. TCP ANY ANY ANY FTP Deny
answer
a. TCP 192.168.42.0/24 ANY ANY 21 Deny
question
Which of the following refers to the deployment of a firewall as an all-encompassing primary gateway security solution?
a. access control list (ACL)
b. false positive
c. signature-based detection
d. unified threat management (UTM)
answer
d. unified threat management (UTM)
question
Which of the following hands out tasks in a repeating non-priority sequence?
a. alert
b. firewalking
c. port-based network access (admission) control (PNAC)
d. round robin
answer
d. round robin
question
Which of the following is described as the maximum communication or transmission capability of a network segment?
a. round robin
b. signature-based detection
c. filter
d. wirespeed
answer
d. wirespeed
question
True or False: Unified threat management (UTM) has the advantage of managing multiple security services from a single interface.
a. true
b. false
answer
a. true
question
True or False: Authentication and authorization must be used together.
a. true
b. false
answer
b. false
question
True or False: A false negative is an event that triggers an alarm when the traffic or event is abnormal and/or malicious.
a. true
b. false
answer
b. false
question
True or False: Firewalking is a hacking technique used against static packet filtering firewalls to discover the rules or filters controlling inbound traffic.
a. true
b. false
answer
a. true
question
True or False: Overlapping occurs when full or partial overwriting of datagram components creates new datagrams out of parts of previous datagrams.
a. true
b. false
answer
a. true
question
True or False: Denial of service (DoS) attacks cannot be detected by a firewall.
a. true
b. false
answer
b. false
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
