Which statement regarding a demilitarized zone (dmz) is not true?

School Emily Griffith Technical College
Course Title NETWORKING 312
Type
Homework Help
Table of Contents Show
Pages 2
Ratings 92% (13) 12 out of 13 people found this document helpful

This preview shows page 1 - 2 out of 2 pages.

9. Which statement regarding a demilitarized Zone (DMZ) is NOT true?

Get answer to your question and much more

10. Which statement about network address translation (NAT) is true?

Get answer to your question and much more

11. Which of these is NOT an advantage of a load balancer?

Get answer to your question and much more

12. A (n) Proxy serverintercepts internal user requests and then processes those requests on behalf of the users.13. A reverse proxy Routes incoming requests to a correct server.14. Which is the preferred location for installation of a spam filter?With the SMTP server15. A network intrusion detection system (NIDS)watches for attacks and sounds an alert only when one occurs.16. A multipurpose security device is known as UTM (unified threat management).

We have textbook solutions for you!

The document you are viewing contains questions related to this textbook.

CompTIA Security+ Guide to Network Security Fundamentals

Ciampa

Expert Verified

17. Each of these can be used to hide information about the internal network EXCEPT a protocol analyzer.

18. What is the difference between a network intrusion detection system (NIDS) and a network intrusionprevention system (NIPS)?

Get answer to your question and much more

19. If a device is determined to have an out-of-state virus signature file, then Network Access Control (NAC) canredirect that device to a network by Address Resolution Protocol (ARP) Poisoning.20. A firewall using stateful packet filteringis the most secure type of firewall.

End of preview. Want to read all 2 pages?

Upload your study docs or become a

Course Hero member to access this document

We have textbook solutions for you!

The document you are viewing contains questions related to this textbook.

CompTIA Security+ Guide to Network Security Fundamentals

Ciampa

Expert Verified

Newly Uploaded Documents

focusNode

Didn't know it?
click below

Knew it?
click below

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

Question	Answer
Which secure feature does a load balancer NOT provide?	filter packets based on protocol settings
Which of these would not be filtering mechanisms found in a firewall rule?	date
A(n) __ can identify the application that send packets and then make decisions about filtering based on it.	application-aware firewall
Which function doesn't Internet content filter not perform?	intrusion detection
How does network address translation improves security?	It discards unsolicited packets, it filters based on protocol, it masks the IP address of the NAT device
How does a virtual LAN allow devices to be grouped?	logically
Which device is easiest for an attacker to take advantage of in order to capture and analyze packets?	hub
Which of these is not an attack against the switch?	ARP address impersonation
Which statement regarding a demilitarized zone is not true?	it contains servers that are used only by internal network users
Which statement about network address translation is true?	it removes private addresses when the packet leaves the network
Which of these is not an advantage of a load balancer?	the risk of overloading a desktop client is reduced
A(n) __ intercepts internal user request and then processes those requests on the half of the users?	proxy server
A reverse proxy __	routes incoming requests to the correct server
Which is the preferred location for installation of a spam filter?	with the SMTP server
A __ watches for attacks and sounds alert only when one occurs.	unified threat management
Each of these can be used to hide information about the internal network except	a protocol analyzer
What is the difference between the network intrusion detection system and a network intrusion prevention system?	a nips can take actions more quickly to combat an attack
If a device is determined to have an out-of-date virus signature file, then network access control can redirect that device to a network by __	address resolution protocol poisoning
A firewall using __ is the most secure type of firewall.	statefull packet filtering

Which of the following is NOT a firewall rule parameter?

Which firewall rule action implicitly denies all other traffic unless

explicitly allowed?

Allow:Explicitly allows traffic that matches the

rule to pass, and then implicitly denies everything.

Bypass:Allows traffic to bypass both firewall and

intrusion prevention analysis.

Leah is researching information on firewalls. She needs a firewall that

allows for more generic statements instead of creating specific rules.

What type of firewall should Leah consider purchasing that supports

her need?

Emilie is reviewing a log file of a new firewall. She notes that the log

indicates packets are being dropped for incoming packets for which

the internal endpoint did not initially create the request. What kind of

firewall is this?

Packet filtering firewall

What is a virtual firewall?

A firewall appliance that runs on a LAN

Which of these appliances provides the broadest protection by

combining several security functions?

Fortinet, Barcuuda, Stormshiel, Zyxel, & Untangle

Which of the following contains honeyfiles and fake telemetry?

High-interaction honeypot

Maja has been asked to investigate DDoS mitigations. Which of the

following should Maja consider?

Which type of monitoring methodology looks for statistical deviations

from a baseline?

Anomaly-based intrusion detection system (AIDS)

Which statement regarding a demilitarized zone (DMZ) is NOT true?

It contains servers that are used only by internal

network users.

Which of these is NOT used in scheduling a load balancer?

The IP address of the destination packet

In which of the following configurations are all the load balancers

always active?

Which device intercepts internal user requests and then processes

those requests on behalf of the users?

Sofie needs to configure the VPN to preserve bandwidth. Which

configuration would she choose?

Which of the following is not a basic configuration management tool?

Which of the following is NOT correct about L2TP?

It must be used on HTML5 compliant devices.

Hanna has received a request for a data set of actual data for testing a

new app that is being developed. She does not want the sensitive

elements of the data to be exposed. What technology should she use?

Data Object Obfuscation (DOO)

How does BPDU guard provide protection?

BPDU Guard feature allows STP to shut an access

port in the event of receiving a BPDU.Root Guard

ensures that the port on which root guard is

enabled is the designated port.

What is the Korean DMZ quizlet?

DMZ. an area in which treaties or agreements between nations, military powers or contending groups forbid military installations, activities or personnel. promote. to support or actively encourage. the Korean peninsula.

Which device is easiest for an attacker to take advantage of in order to capture and analyze packets?

Chapter 7 RQ's.

Which function S does an Internet content filter not perform?

Which function does an Internet content filter NOT perform? intrusion detection. How does network address translation (NAT) improve security? How does a virtual LAN (VLAN) allow devices to be grouped?

Which of the following offerings can be provided by a cloud access service broker CASB?

To protect against threats coming from cloud services, the CASB can use capabilities such as adaptive access control, static and dynamic malware analysis, prioritized analysis, and threat intelligence to block malware.