Which statement regarding a demilitarized zone (DMZ) is NOT true?
answer
It contains servers that are used only by internal network users.
question
Which function does an Internet content filter NOT perform?
answer
intrusion detection
question
Which of the following is a multipurpose security device?
answer
Unified Threat Management
question
How does network address translation (NAT) improve security?
answer
It discards unsolicited packets.
question
Which of the following devices can identify the application that sends packets and then makes decisions about filtering based on it?
answer
application-based firewall
question
Francisco was asked by a student intern to explain the danger of a MAC flooding attack on a switch. What would Francisco say?
answer
Once the MAC address table is full the switch functions like a network hub.
question
What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?
answer
A NIPS can take actions more quickly to combat an attack.
question
Isabella is a security support manager for a large enterprise. In a recent meeting, she was asked which of the standard networking devices already present on the network could be configured to supplement the specific network security hardware devices that were recently purchased. Which of these standard networking devices would Isabella recommend?
answer
router
question
Which is the most secure type of firewall?
answer
stateful packet filtering
question
Which statement about network address translation (NAT) is true?
answer
It removes private addresses when the packet leaves the network.
question
Which device watches for attacks and sounds an alert only when one occurs?
answer
network intrusion detection system (NIDS)
question
Which of these would NOT be a filtering mechanism found in a firewall ACL rule?
answer
date
question
Sebastian was explaining to his supervisor why the enterprise needed to implement port security. His supervisor asked what security action a flood guard could do when a MAC flooding attack occurred. Which of the following was NOT an answer that was given by Sebastian?
answer
Cause the device to enter a fail-open mode
question
In which of the following configurations are all the load balancers always active?
answer
Active-active
question
Raul was asked to configure the VPN to preserve bandwidth. Which configuration would he choose?
answer
Split tunnel
question
Which of the following CANNOT be used to hide information about the internal network?
answer
a protocol analyzer
question
Which device is easiest for an attacker to take advantage of to capture and analyze packets?
answer
hub
question
Ximena noticed that Sofia had created a network bridge on her new laptop between the unsecured wireless network and the organization's secure intranet. Ximena explained to Sofia the problem associated with setting up the bridge. What did Ximena tell Sofia?
answer
A bridge could permit access to the secure wired network from the unsecured wireless network.
question
Which device intercepts internal user requests and then processes those requests on behalf of the users?
answer
Forward proxy server
question
Which of these is NOT used in scheduling a load balancer?
answer
The IP address of the destination packet
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
