Firewalls fall into ____ major processing-mode categories.
question
packet-filtering
answer
____ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.
question
All of the above
answer
The restrictions most commonly implemented in packet-filtering firewalls are based on ____.
a. IP source and destination address
b. TCP or UDP source and destination port
requests
c. Direction (inbound or outbound)
d. All of the above
question
static
answer
____ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall.
question
dynamic
answer
A ____ filtering firewall can react to an emergent event and update or create rules to deal with the event.
question
stateful
answer
____ inspection firewalls keep track of each network connection between internal and external systems.
question
application-level firewall
answer
The application gateway is also known as a(n) ____.
question
demilitarized
answer
The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone.
question
DMZ
answer
The ____ is an intermediate area between a trusted network and an untrusted network.
question
mac layer
answer
____ firewalls are designed to operate at the media access control sublayer of the data link layer of the OSI network model.
question
WAPs
answer
In recent years, the broadband router devices that can function as packet-filtering firewalls have been enhanced to combine the features of ____.
question
sacrificial
answer
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____ host
question
screened subnet
answer
The dominant architecture used to secure network access today is the ____ firewall
question
SOCKS
answer
____ is the protocol for handling TCP traffic through a proxy server
question
23
answer
Telnet protocol packets usually go to TCP port ____.
question
7
answer
ICMP uses port ____ to request a response to a query and can be the first indicator of a malicious attack.
question
rating and filtering
answer
In most common implementation models, the content filter has two components: ____.
question
RADIUS
answer
____ and TACACS are systems that authenticate the credentials of users who are trying to access an organization's network via a dial-up connection.
question
All of the above
answer
Which of the following is a valid version of TACACS?
a. TACACS
b. Extended TACACS
c. TACACS+
d. All of the above
question
KDC
answer
____ generates and issues session keys in Kerberos.
question
TGS
answer
Kerberos ____ provides tickets to clients who request services.
question
PAC
answer
In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____.
question
VPN
answer
A(n) ____ is "a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures."
question
transport
answer
In ____ mode, the data within an IP packet is encrypted, but the header information is not.
question
point-to-point tunneling protocol
answer
ISA Server can use ____ technology.
question
firewall
answer
A(n) ____________________ is an information security program that prevents specific types of information from moving between the outside world and the inside world
question
filtering
answer
A packet-____________________ firewall installed on a TCP/IP based network typically functions at the IP level and determines whether to drop a packet (deny) or forward it to the next network connection (allow) based on the rules programmed into the firewall
question
restricitions
answer
Simple firewall models enforce address ____________________, which are rules designed to prohibit packets with certain addresses or partial addresses from passing through the device
question
dynamic
answer
The ____________________ packet-filtering firewall allows only a particular packet with a particular source, destination, and port address to enter through the firewall
question
proxy
answer
The application firewall is also known as a(n) ____________________ server
question
transport
answer
The circuit gateway firewall operates at the ____________________ layer
question
hybrid
answer
____________________ firewalls combine the elements of other types of firewalls β that is, the elements of packet filtering and proxy services, or of packet filtering and circuit gateways
question
kernel
answer
The fifth generation firewalls include the ____________________ proxy, a specialized form that works under Windows NT Executive, which is the kernel of Windows NT
question
sacrificial
answer
Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____________________ host
question
screened subnet
answer
The architecture of a(n) ____________________ firewall provides a DMZ.
question
SOCKS
answer
The general approach of the ____________________ protocol is to place the filtering requirements on the individual workstation rather than on a single point of defense (and thus point of failure).
question
public
answer
The firewall device is never accessible directly from the ____________________ network
question
telnet
answer
____________________ (terminal emulation) access to all internal servers from the public networks should be blocked
question
content
answer
A(n) ____________________ filter is a software filter β technically not a firewall β that allows administrators to restrict access to content from within a network
question
reverse
answer
Content filters are often called ____________________ firewalls
question
war
answer
A(n) ____________________ dialer is an automatic phone-dialing program that dials every number in a configured range, and checks to see if a person, answering machine, or modem picks up
question
authentication
answer
The Remote ____________________ Dial-In User Service system centralizes the management of user authentication by placing the responsibility for authenticating each user in the central RADIUS server.
question
terminal
answer
The ____________________ Access Controller Access Control System contains a centralized database, and it validates the user's credentials at this TACACS server.
question
kerberos
answer
The ____________________ authentication system is named after the three-headed dog of Greek mythology, that guards the gates to the underworld.
question
ticket
answer
In Kerberos, a(n) ____________________ is an identification card for a particular client that verifies to the server that the client is requesting services and that the client is a valid member of the Kerberos system and therefore authorized to receive services
question
multi-vendor
answer
The Secure European System for Applications in a(n) ____________________ Environment is the result of a European research and development project partly funded by the European Commission.
question
virtual
answer
A(n) ____________________ private network is a private and secure network connection between systems that uses the data communication capability of an unsecured and public network.
question
public
answer
SESAME uses ____________________ key encryption to distribute secret keys
question
legacy
answer
A trusted VPN is also known as a(n) ____________________ VPN
question
tunnel
answer
In ____________________ mode, the organization establishes two perimeter tunnel servers
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
