Question 1

I am trying to reach a web server, www.chicago.edu. The response message from the DNS server tells my computer the _____.&#10;A) domain name of the www.chicago.edu server&#10;B) IP address of the www.chicago.edu server&#10;C) IP address of the DNS root server&#10;D) IP address of the DNS authority server&#10;E) MAC address of the www.chicago.edu server

Accepted Answer

The response message from the DNS server tells the computer the IP address of the web server it is trying to reach, in this case, www.chicago.edu. This IP address is necessary for the computer to establish a connection with the web server and retrieve the requested information.

Question 2

Which command is issued to obtain the IP address of a domain name, &#34;www.sdsu.edu&#34;, as in the figure?&#10;   &#10;A) C:>ipconfig /flushdns www.sdsu.edu&#10;B) C:>ipconfig /displaydns&#10;C) C:>nslookup www.sdsu.edu&#10;D) C:>netstat -n&#10;E) C:>ipconfig /all

Accepted Answer

The command "nslookup" is used to obtain the IP address of a domain name. Therefore, option C is the correct choice. Option A flushes the DNS cache, option B displays the DNS cache, option D shows active network connections, and option E displays detailed IP configuration information.

Question 3

The uniform resource locator (URL) field includes information on:&#10;A) protocol + DNS authority server&#10;B) protocol + domain name&#10;C) domain name + DNS authority server&#10;D) domain name + HTTP server&#10;E) domain name + ISP router address

Accepted Answer

The URL field includes the protocol (e.g. http, https, ftp), followed by the domain name which can be identified by a domain name system (DNS) authority server. Therefore, the correct choice is protocol + domain name.

Question 4

The authoritative server concept applies to the _________ protocol.&#10;A) DHCP&#10;B) HTTP&#10;C) SMTP&#10;D) DNS&#10;E) FTP

Accepted Answer

The authoritative server concept applies to the DNS (Domain Name System) protocol. An authoritative DNS server is the final authority on a domain and contains the definitive information for that domain. It is responsible for providing answers to DNS queries for the domain it is authoritative for.

Question 5

The 'root' and 'authority' server concepts are relevant to the _________ protocol.&#10;A) DHCP&#10;B) HTTP&#10;C) SMTP&#10;D) DNS&#10;E) FTP

Accepted Answer

The root and authority server concepts are relevant to the DNS (Domain Name System) protocol, which is responsible for translating domain names into IP addresses. The root servers maintain the list of top-level domains while authority servers maintain information about specific domain names.

Question 6

The statement, &#34;127.0.0.1 localhost&#34;, should be in included in the _________ file of a computer.&#10;A) DHCP&#10;B) HTTP&#10;C) SMTP&#10;D) DNS&#10;E) FTP

Accepted Answer

The statement "127.0.0.1 localhost" is used to map the address "localhost" to the loopback IP address 127.0.0.1 on the local computer. This mapping is stored in the hosts file of the computer, which is used by the DNS resolver to look up IP addresses for hostnames. Therefore, the correct choice is the DNS file.

Question 7

Which of the following filtering rules is considered a 'complete' rule on a firewall?&#10;A) If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x.&#10;B) If TCP destination port = 21.&#8207;&#10;C) If HTML message contains 'sex' or 'entertainment'. &#8207;&#10;D) If destination IP = 161.154.23.59 and TCP port = 25.&#10;E) None of the above

Accepted Answer

The answer of Which of the following filtering rules is...

Question 8

Which of the following filtering rules of the firewall is considered a stateful rule ?&#10;A) If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet.&#10;B) If TCP destination port = 21, then drop the packet. &#8207;&#10;C) If the URL = www.darkspace.xxx, then drop the packet.&#8207;&#10;D) If destination IP = 161.154.23.59 and TCP port = 80, then pass the packet.&#10;E) If the source and destination sockets of an arriving packet match those of a session established, then pass the packet.

Accepted Answer

Stateful filtering rules track the state of a connection, which means they monitor traffic to ensure that it belongs to an established connection. Option E is the only choice that mentions a session established, indicating that it is a stateful rule. The other options are static rules that do not consider the state of the connection.

Question 9

Which filtering rule of a firewall is more likely a 'stateful' rule than the others?&#10;A) If source IP = 172.16.x.x to 172.31.x.x or 192.168.x.x, then drop the packet.&#10;B) If TCP destination port = 21, then allow the packet. &#8207;&#10;C) If HTML message contains 'sex' or 'entertainment', then drop the packet. &#8207;&#10;D) If destination IP = 161.154.23.59 and TCP port = 25, then allow the packet.&#10;E) If source=192.168.1.34, dest.=163.43.24.11, source port=1075, dest. port=21, then allow the packet.

Accepted Answer

Stateful firewall rules are characterized by tracking the state of active connections and making decisions based on the context of the traffic, not just the individual packets. Option E specifies a rule that includes both source and destination addresses and ports, implying it is tracking a specific session or connection, which is a characteristic of stateful filtering.

Question 10

Choose a CORRECT pairing between a security layer and its corresponding technical solution (remember to choose the most accurate one).&#10;A) Application security -- Hardening intermediary devices&#10;B) Data security -- Host-based firewall&#10;C) Perimeter security -- DMZ (Demilitarized zone)&#10;D) Host security -- Proxy server&#10;E) Internal network security -- Server hardening

Accepted Answer

Perimeter security involves protecting the network's borders from unauthorized access or attacks. A DMZ (Demilitarized Zone) is a common technical solution for creating a buffer zone between the public internet and an organization's internal network, effectively serving as a part of perimeter security measures.

Question 11

The following represent technical measures relevant to the host security layer EXCEPT:&#10;A) Host-based intrusion detection&#10;B) Proxy servers&#10;C) Anti-virus protection&#10;D) OS patch/security update management&#10;E) Server hardening (e.g., authentication, and auditing)

Accepted Answer

The answer of The following represent technical measures relevant to...

Question 12

Which CORRECTLY pairs a security layer and a technology solution?&#10;A) data security - operating system patch management&#10;B) application security - hardening intermediary devices&#10;C) host security - subnetwork segmentations&#10;D) internal network security - corporate-wide data encryption&#10;E) perimeter security - access control list on border routers

Accepted Answer

The answer of Which CORRECTLY pairs a security layer and...

Question 13

The ____ packet filtering screens individual packets in isolation.&#10;A) stateful&#10;B) random&#10;C) stateless&#10;D) dynamic&#10;E) independent

Accepted Answer

The answer of The ____ packet filtering screens individual packets...

Question 14

Which protocol information may be LEAST used by the firewall to filter packets?&#10;A) IP (Internet protocol)&#10;B) TCP (Transport control protocol)&#10;C) UDP (User datagram protocol)&#10;D) ICMP (Internet control message protocol)&#10;E) ARP (Address resolution protocol)

Accepted Answer

The answer of Which protocol information may be LEAST used...

Question 15

The _____ is better positioned to conduct 'deep packet inspection'.&#10;A) host computer firewall&#10;B) application-aware/application layer firewall&#10;C) stateless packet filtering firewall&#10;D) stateful packet filtering firewall&#10;E) access control list of a router

Accepted Answer

The answer of The _____ is better positioned to conduct...

Question 16

Which of the following technologies is NOT used for authentication?&#10;A) Password and passphrase&#10;B) Digital signature and digital certificate&#10;C) Biometric solution (e.g., face recognition).&#10;D) Security token&#10;E) Access control list

Accepted Answer

The answer of Which of the following technologies is NOT...

Question 17

The intrusion detection and intrusion prevention systems are designed to enable/provide ______.&#10;A) data confidentiality (privacy)&#10;B) data integrity&#10;C) data authentication&#10;D) access control&#10;E) spoofing detection

Accepted Answer

The answer of The intrusion detection and intrusion prevention systems...

Question 18

&#34;If destination IP = 161.154.23.59 and TCP port = 25, then pass the packet&#34; is a form of the _____ filtering rule.&#10;A) stateful&#10;B) random&#10;C) stateless&#10;D) dynamic&#10;E) independent

Accepted Answer

The answer of &#34;If destination IP = 161.154.23.59 and TCP...

Question 19

The analyst of cyber threat intelligence more likely uses ________ heavily for day-to-day tasks.&#10;A) forward proxy server&#10;B) anti-virus and anti-malware&#10;C) honeypot&#10;D) software defined network&#10;E) security information and event management (SIEM)

Accepted Answer

The answer of The analyst of cyber threat intelligence more...

Deck 9: Cybersecurity: Network and Host Protection