Question 1

How can vulnerability to flooding attacks be reduced with an application gateway?&#10;A)Authenticating users&#10;B)External systems never see the gateway&#10;C)Packets are continually checked during the connection&#10;D)Vulnerability to flooding attacks with an application gateway cannot be mitigated

Accepted Answer

A

Question 2

Which type of firewall is included in Windows XP and many distributions of Linux operating systems?&#10;A)Application proxy&#10;B)Packet filter&#10;C)Stateful packet inspection&#10;D)User authentication

Accepted Answer

Windows XP and many Linux distributions include a packet filter firewall, which examines each packet's header information to determine whether to allow or block it.

Question 3

At what OSI layer do packet filters function?&#10;A)Physical layer&#10;B)Data link layer&#10;C)Network layer&#10;D)Transport layer

Accepted Answer

Packet filters function at the Network layer of the OSI model, which is responsible for routing packets across a network.

Question 4

Identifying abnormal activity on a firewall requires that one establish a:&#10;A)baseline&#10;B)bastion host&#10;C)proxy server&#10;D)screened host

Accepted Answer

Establishing a baseline is crucial for identifying abnormal activity on a firewall because it defines what normal traffic looks like, thereby making it possible to detect deviations or anomalies.

Question 5

Which is a term used to refer to the process of authentication and verification?&#10;A)Connecting&#10;B)Filtering&#10;C)Negotiation&#10;D)Screening

Accepted Answer

The answer of Which is a term used to refer...

Question 6

A term used to refer to the process of authentication and verification as accomplished on some gateways is ____________.

Accepted Answer

The answer of A term used to refer to the...

Question 7

A firewall configuration using a server as a router and running multiple network interfaces with automatic routing disabled is an example of a:&#10;A)dual-homed host&#10;B)network host-based&#10;C)router-based&#10;D)screened host

Accepted Answer

The answer of A firewall configuration using a server as...

Question 8

In comparing a packet filter firewall with a stateful packet inspection firewall (SPI),the SPI firewall is:&#10;A)LESS susceptible to ping and SYN floods and LESS susceptible to IP spoofing.&#10;B)LESS susceptible to ping and SYN floods but MORE susceptible to IP spoofing&#10;C)MORE susceptible to ping and SYN floods and LESS susceptible to IP spoofing&#10;D)MORE susceptible to ping and SYN floods and MORE susceptible to IP spoofing

Accepted Answer

Stateful Packet Inspection (SPI) firewalls keep track of the state of active connections and make decisions based on the context of the traffic, which makes them less susceptible to various attacks such as ping and SYN floods, as well as IP spoofing, compared to basic packet filter firewalls.

Question 9

Which type of firewall negotiates between the server and client to permit or deny connection based on the type of software and connection requested?&#10;A)Application gateway&#10;B)Circuit level gateway&#10;C)Packet filter&#10;D)Stateful packet inspection

Accepted Answer

Application gateways, also known as proxy firewalls, work at the application layer to filter incoming traffic between your network and the traffic source. They effectively negotiate between the server and client, permitting or denying connections based on the type of software and connection requested, thus providing a high level of security.

Question 10

Once a circuit level gateway verifies the user's logon,it creates a virtual circuit between:&#10;A)the external server and the proxy server&#10;B)the internal client and the proxy server&#10;C)the internal client and the external server&#10;D)the external server and the firewall

Accepted Answer

CCircuit level gateways work by verifying the user's logon credentials and then establishing a virtual circuit for the duration of the session. This virtual circuit is created between the internal client and the proxy server (B), allowing the proxy server to relay data between the internal client and the external server without a direct connection, effectively also creating a virtual circuit between the internal client and the external server (C). This mechanism ensures that direct connections between internal and external networks are avoided, enhancing security.

Question 11

A firewall that uses a combination of approaches rather than a single approach to protect the network is called:&#10;A)dual-homed&#10;B)hybrid&#10;C)multi-homed&#10;D)open source

Accepted Answer

The answer of A firewall that uses a combination of...

Question 12

Using a server running the Linux operating system with its built-in firewall as the network firewall is one example of which firewall configuration?&#10;A)dual-homed host&#10;B)network host-based&#10;C)router-based&#10;D)screened host

Accepted Answer

The answer of Using a server running the Linux operating...

Question 13

In a ____________ firewall configuration,each incoming packet is examined.

Accepted Answer

The answer of In a ____________ firewall configuration,each incoming packet...

Question 14

An open source software circuit level gateway is available from which of the following?&#10;A)Amrita Labs&#10;B)SonicWALL&#10;C)Teros&#10;D)Watchguard Technologies

Accepted Answer

The answer of An open source software circuit level gateway...

Question 15

Which firewall configuration would be appropriate within a network to separate and protect various subnets of a network to provide greater security?&#10;A)bastion host&#10;B)demilitarized zone&#10;C)dual-homed host&#10;D)router-based

Accepted Answer

The answer of Which firewall configuration would be appropriate within...

Question 16

A standalone technology that hides internal addresses from the outside and only allows connections that originate from inside the network is called:&#10;A)DMZ&#10;B)HTTP&#10;C)NAT&#10;D)TFTP

Accepted Answer

The answer of A standalone technology that hides internal addresses...

Question 17

Which firewall denies or permits access based in part on data determined from previous packets in the conversation?&#10;A)Application gateway&#10;B)Circuit level gateway&#10;C)Packet filter&#10;D)Stateful packet inspection

Accepted Answer

The answer of Which firewall denies or permits access based...

Question 18

In many typical configurations with multiple firewalls,e-mail servers and FTP servers are located in the:&#10;A)corporate Intranet&#10;B)demilitarized zone&#10;C)external network&#10;D)internal corporate network

Accepted Answer

The answer of In many typical configurations with multiple firewalls,e-mail...

Question 19

Which type of firewall is generally the simplest and least expensive?&#10;A)Application gateway&#10;B)Circuit level gateway&#10;C)Packet filter&#10;D)Stateful packet inspection

Accepted Answer

The answer of Which type of firewall is generally the...

Question 20

Which serves as a single contact point between the Internet and the private network?&#10;A)Bastion host&#10;B)DMZ&#10;C)Dual-homed host&#10;D)Screened host

Accepted Answer

The answer of Which serves as a single contact point...

Question 21

Although very similar to application gateways,_____________ are more secure and usually found on more expensive equipment.

Accepted Answer

The answer of Although very similar to application gateways,_____________ are...

Question 22

Taking security precautions such as keeping patches updated,uninstalling unneeded applications,closing unused ports,and turning off unused services is called ____________ the operating system.

Accepted Answer

The answer of Taking security precautions such as keeping patches...

Question 23

The stateful packet inspection (SPI)firewall is based on the ____________ firewall.

Accepted Answer

The answer of The stateful packet inspection (SPI)firewall is based...

Question 24

A ____________ firewall solution is actually a combination of several different firewall systems in a single system.

Accepted Answer

The answer of A ____________ firewall solution is actually a...

Question 25

The first rule of firewalls dictates that to provide the best security,they not only must be installed properly,but they must also be ____________ properly.

Accepted Answer

The answer of The first rule of firewalls dictates that...

Question 26

With a circuit level gateway in place,external users only see the IP address of the ____________.

Accepted Answer

The answer of With a circuit level gateway in place,external...

Question 27

Establishing a(n)____________ upon initial setup and configuration of a firewall permits better identification of abnormal traffic versus normal traffic.

Accepted Answer

The answer of Establishing a(n)____________ upon initial setup and configuration...

Deck 3: Fundamentals of Firewalls