Homework Help
This preview shows page 1 - 2 out of 2 pages.
9. Which statement regarding a demilitarized Zone (DMZ) is NOT true?
Get answer to your question and much more
10. Which statement about network address translation (NAT) is true?
Get answer to your question and much more
11. Which of these is NOT an advantage of a load balancer?
Get answer to your question and much more
12. A (n) Proxy serverintercepts internal user requests and then processes those requests on behalf of the users.13. A reverse proxy Routes incoming requests to a correct server.14. Which is the preferred location for installation of a spam filter?With the SMTP server15. A network intrusion detection system (NIDS)watches for attacks and sounds an alert only when one occurs.16. A multipurpose security device is known as UTM (unified threat management).
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
CompTIA Security+ Guide to Network Security Fundamentals
Ciampa
Expert Verified
17. Each of these can be used to hide information about the internal network EXCEPT a protocol analyzer.
18. What is the difference between a network intrusion detection system (NIDS) and a network intrusionprevention system (NIPS)?
Get answer to your question and much more
19. If a device is determined to have an out-of-state virus signature file, then Network Access Control (NAC) canredirect that device to a network by Address Resolution Protocol (ARP) Poisoning.20. A firewall using stateful packet filteringis the most secure type of firewall.
End of preview. Want to read all 2 pages?
Upload your study docs or become a
Course Hero member to access this document
Tags
IP address, Network address translation, Intrusion detection system, Network Intrusion Detection
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
The document you are viewing contains questions related to this textbook.
CompTIA Security+ Guide to Network Security Fundamentals
Ciampa
Expert Verified
Newly Uploaded Documents
Newly Uploaded Documents
focusNode
Didn't know it?
click below
Knew it?
click below
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Which secure feature does a load balancer NOT provide? | filter packets based on protocol settings |
Which of these would not be filtering mechanisms found in a firewall rule? | date |
A(n) __ can identify the application that send packets and then make decisions about filtering based on it. | application-aware firewall |
Which function doesn't Internet content filter not perform? | intrusion detection |
How does network address translation improves security? | It discards unsolicited packets, it filters based on protocol, it masks the IP address of the NAT device |
How does a virtual LAN allow devices to be grouped? | logically |
Which device is easiest for an attacker to take advantage of in order to capture and analyze packets? | hub |
Which of these is not an attack against the switch? | ARP address impersonation |
Which statement regarding a demilitarized zone is not true? | it contains servers that are used only by internal network users |
Which statement about network address translation is true? | it removes private addresses when the packet leaves the network |
Which of these is not an advantage of a load balancer? | the risk of overloading a desktop client is reduced |
A(n) __ intercepts internal user request and then processes those requests on the half of the users? | proxy server |
A reverse proxy __ | routes incoming requests to the correct server |
Which is the preferred location for installation of a spam filter? | with the SMTP server |
A __ watches for attacks and sounds alert only when one occurs. | unified threat management |
Each of these can be used to hide information about the internal network except | a protocol analyzer |
What is the difference between the network intrusion detection system and a network intrusion prevention system? | a nips can take actions more quickly to combat an attack |
If a device is determined to have an out-of-date virus signature file, then network access control can redirect that device to a network by __ | address resolution protocol poisoning |
A firewall using __ is the most secure type of firewall. | statefull packet filtering |
Which of the following is NOT a firewall rule parameter?
Which firewall rule action implicitly denies all other traffic unless
explicitly allowed?
Allow:Explicitly allows traffic that matches the
rule to pass, and then implicitly denies everything.
Bypass:Allows traffic to bypass both firewall and
intrusion prevention analysis.
Leah is researching information on firewalls. She needs a firewall that
allows for more generic statements instead of creating specific rules.
What type of firewall should Leah consider purchasing that supports
her need?
Emilie is reviewing a log file of a new firewall. She notes that the log
indicates packets are being dropped for incoming packets for which
the internal endpoint did not initially create the request. What kind of
firewall is this?
Packet filtering firewall
What is a virtual firewall?
A firewall appliance that runs on a LAN
Which of these appliances provides the broadest protection by
combining several security functions?
Fortinet, Barcuuda, Stormshiel, Zyxel, & Untangle
Which of the following contains honeyfiles and fake telemetry?
High-interaction honeypot
Maja has been asked to investigate DDoS mitigations. Which of the
following should Maja consider?
Which type of monitoring methodology looks for statistical deviations
from a baseline?
Anomaly-based intrusion detection system (AIDS)
Which statement regarding a demilitarized zone (DMZ) is NOT true?
It contains servers that are used only by internal
network users.
Which of these is NOT used in scheduling a load balancer?
The IP address of the destination packet
In which of the following configurations are all the load balancers
always active?
Which device intercepts internal user requests and then processes
those requests on behalf of the users?
Sofie needs to configure the VPN to preserve bandwidth. Which
configuration would she choose?
Which of the following is not a basic configuration management tool?
Which of the following is NOT correct about L2TP?
It must be used on HTML5 compliant devices.
Hanna has received a request for a data set of actual data for testing a
new app that is being developed. She does not want the sensitive
elements of the data to be exposed. What technology should she use?
Data Object Obfuscation (DOO)
How does BPDU guard provide protection?
BPDU Guard feature allows STP to shut an access
port in the event of receiving a BPDU.Root Guard
ensures that the port on which root guard is
enabled is the designated port.