Security - Chapter 6

9 September 2022
4.7 (114 reviews)
40 test answers

Unlock all answers in this set

Unlock answers (36)
question
The OSI model breaks networking steps down into a series of six layers.
answer
False
question
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
answer
True
question
All modern operating systems include a hardware firewall, usually called a host-based firewall
answer
False
question
Workgroup switches must work faster than core switches.
answer
False
question
An intranet is a separate open network that anyone can access without prior authorization.
answer
False
question
NAT is not a specific device, technology, or protocol. It is a technique for substituting IP addresses.
answer
True
question
A security advantage of VLANs is that they can be used to prevent direct communication between servers.
answer
True
question
An agent may be a permanent NAC agent and reside on end devices until uninstalled, but it cannot be a dissolvable NAC agent
answer
False
question
One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive.
answer
True
question
Anomaly monitoring is designed for detecting statistical anomalies
answer
True
question
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
answer
D. Hub
question
What data unit is associated with the Open Systems Interconnection layer four?
answer
A. Segment
question
What data unit is associated with the Open Systems Interconnection layer two?
answer
C. Frame
question
What kind of networking device forwards packets across different computer networks by reading destination addresses?
answer
B. Router
question
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users?
answer
B. Local Balancing
question
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?
answer
C. Stateful Packet filtering
question
What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?
answer
A. Forward Proxy server
question
Which of the following is a server that routes incoming requests coming from an external network to the correct internal server?
answer
D. reverse proxy
question
What technology enables authorized users to use an unsecured public network, such as the Internet as if it were a secure private network?
answer
B. VPN
question
Select the technology that can be used to examine content through application-level filtering.
answer
C. Web security gateway
question
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?
answer
D. Signature-based
question
What is the name of an instruction that interrupts a program being executed and requests a service from the operating system?
answer
A. System call
question
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?
answer
A. PAT
question
Which network address below is not a private IP address network?
answer
B. 172.63.255.0
question
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
answer
C. Create a DMZ, add necessary hosts.
question
What vendor neutral protocol implements support for VLAN tagging?
answer
C. 802.1Q
question
The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?
answer
D. Create a VLAN and add the users' computers / ports to the correct VLAN
question
What technology will examine the current state of a network device before allowing it can to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network?
answer
A. Network access control
question
What type of dedicated cryptographic processor that provides protection for cryptographic keys?
answer
D. Hardware security module
question
Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs?
answer
B. host-based intrusion detection system
question
When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used?
answer
B. Split tunneling
question
What dedicated hardware device aggregates hundreds or thousands of VPN connections?
answer
D. VPN concentrator
question
What specific type of hardware card inserts into a web server that contains one or more co-processors to handle SSL/TLS processing?
answer
A. SSL/TLS accelerator
question
What type of network is a private network that belongs to an organization that can only be accessed by approved internal users?
answer
B. Intranet
question
What type of network is a private network that can also be accessed by authorized external customers, vendors, and partners?
answer
A. Extranet
question
If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration?
answer
physical network segregation
question
What term is used to describe the software agents that are used by NAC and installed on devices to gather information?
answer
C. Host agent health checks
question
What type of network access control uses Active Directory to scan a device to verify that it is in compliance?
answer
A. agentless NAC
question
Which of the following is defined as a security analysis of the transaction within its approved context?
answer
B. Content inspection
question
Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?
answer
D. data loss prevention