Question 1

NAT is not a specific device,technology,or protocol.It is a technique for substituting IP addresses.

Accepted Answer

NAT (Network Address Translation) is a technique for substituting IP addresses, it is not a specific device, technology or protocol. It is used to allow multiple devices to share a single IP address, and is commonly used in home and small office networks to allow multiple devices to connect to the internet through a single internet connection.

Question 2

Select the technology that can be used to examine content through application-level filtering.&#10;A)Application gateway&#10;B)Security proxy&#10;C)Web security gateway&#10;D)Firewall

Accepted Answer

Web security gateway technology can be used to examine content through application-level filtering. It offers advanced threat protection by automatically blocking access to malicious content and enabling safe access to legitimate websites and applications. Application gateway and security proxy may offer some level of application-level filtering, but they are not specifically designed for web content filtering. A firewall typically offers network-level filtering, but may not provide application-level filtering capabilities.

Question 3

Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.

Accepted Answer

Behavior-based monitoring is designed to be more adaptive and proactive, using machine learning and other techniques to identify patterns of behavior and detect anomalies before they become full-blown security threats. This approach is intended to reduce the risk of false positives and provide more accurate and timely security alerts.

Question 4

A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?&#10;A)Stateful frame filtering&#10;B)Stateless frame filtering&#10;C)Stateful packet filtering&#10;D)Stateless packet filtering

Accepted Answer

Stateful packet filtering is a technology that monitors the state of a connection by keeping track of the context and content of the packets transmitted between two devices. In contrast, stateless packet filtering only examines individual packets without considering the context in which they are transmitted. Stateful frame filtering and stateless frame filtering are not recognized technical terms in the context of firewalls.

Question 5

A security advantage of VLANs is that they can be used to prevent direct communication between servers.

Accepted Answer

By placing servers in different VLANs and configuring access control policies, communication between them can be restricted or completely blocked, enhancing overall network security.

Question 6

What technology enables authorized users to use an unsecured public network,such as the Internet as if it were a secure private network?&#10;A)IKE tunnel&#10;B)VPN&#10;C)endpoint&#10;D)router

Accepted Answer

VPN (Virtual Private Network) technology enables authorized users to use an unsecured public network, such as the Internet, as if it were a secure private network. It creates an encrypted connection between the user's device and a remote server, which allows them to securely access the private network resources, such as files, applications, and databases, from anywhere in the world. The encrypted connection also ensures that the user's sensitive data, such as login credentials and personal information, are protected from unauthorized access and interception by hackers or cybercriminals.

Question 7

One use of data loss prevention (DLP)is blocking the copying of files to a USB flash drive.

Accepted Answer

Data loss prevention (DLP) can prevent unauthorized copying of sensitive or confidential data to external storage devices such as USB flash drives. This can help prevent data breaches caused by insider threats or unintentional data leaks.

Question 8

Workgroup switches must work faster than core switches.

Accepted Answer

This statement is false. Core switches are designed to handle larger amounts of traffic and must work faster than workgroup switches.

Question 9

All modern operating systems include a hardware firewall,usually called a host-based firewall.

Accepted Answer

Modern operating systems often include a software-based firewall, not a hardware firewall. Hardware firewalls are separate devices or integrated into routers.

Question 10

What data unit is associated with the Open Systems Interconnection layer four?&#10;A)segment&#10;B)packet&#10;C)frame&#10;D)bit

Accepted Answer

Layer four of the OSI model is the transport layer, which is responsible for providing end-to-end data delivery through segmentation, flow control, and error checking. The unit of data associated with layer four is called a segment.

Question 11

The OSI model breaks networking steps down into a series of six layers.

Accepted Answer

The answer of The OSI model breaks networking steps down...

Question 12

What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?&#10;A)forward proxy server&#10;B)DNS server&#10;C)VPN server&#10;D)telnet server

Accepted Answer

The answer of What is the name of a computer...

Question 13

An administrator has two servers that host the same web content,but only one server is utilized at a given time.What can be configured that can help to evenly distribute work across the network,and make use of both servers in a manner that is transparent to the end users?

A)stateful packet filtering
B)Load balancing
C)failover servers
D)proxy servers

Accepted Answer

The answer of An administrator has two servers that host...

Question 14

An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?&#10;A)switch&#10;B)router&#10;C)firewall&#10;D)hub

Accepted Answer

The answer of An early networking device that functioned at...

Question 15

An intranet is a separate open network that anyone can access without prior authorization.

Accepted Answer

The answer of An intranet is a separate open network...

Question 16

Which of the following is a server that routes incoming requests coming from an external network to the correct internal server?&#10;A)forward proxy&#10;B)application proxy&#10;C)system proxy&#10;D)reverse proxy

Accepted Answer

The answer of Which of the following is a server...

Question 17

Anomaly monitoring is designed for detecting statistical anomalies.

Accepted Answer

The answer of Anomaly monitoring is designed for detecting statistical...

Question 18

What data unit is associated with the Open Systems Interconnection layer two?&#10;A)segment&#10;B)packet&#10;C)frame&#10;D)bit

Accepted Answer

The answer of What data unit is associated with the...

Question 19

An agent may be a permanent NAC agent and reside on end devices until uninstalled,but it cannot be a dissolvable NAC agent.

Accepted Answer

The answer of An agent may be a permanent NAC...

Question 20

What kind of networking device forwards packets across different computer networks by reading destination addresses?&#10;A)switch&#10;B)router&#10;C)bridge&#10;D)firewall

Accepted Answer

The answer of What kind of networking device forwards packets...

Question 21

When a private network uses a single public IP address,and each outgoing TCP packet uses a different port to allow for proper translation,what networking technology is in use?&#10;A)PAT&#10;B)PNAT&#10;C)NAPT&#10;D)NAT

Accepted Answer

The answer of When a private network uses a single...

Question 22

What vendor neutral protocol implements support for VLAN tagging?&#10;A)ISL&#10;B)VTP&#10;C)802.1Q&#10;D)VSTP

Accepted Answer

The answer of What vendor neutral protocol implements support for...

Question 23

What dedicated hardware device aggregates hundreds or thousands of VPN connections?&#10;A)VPN server&#10;B)VPN gateway&#10;C)VPN switch&#10;D)VPN concentrator

Accepted Answer

The answer of What dedicated hardware device aggregates hundreds or...

Question 24

What specific type of hardware card inserts into a web server that contains one or more co-processors to handle SSL/TLS?processing?&#10;A)SSL/TLS accelerator&#10;B)media gateway&#10;C)SSL decryptor&#10;D)security module

Accepted Answer

The answer of What specific type of hardware card inserts...

Question 25

A web server must be accessible to untrusted outside users.What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?&#10;A)Install a VPN,configure host&#10;B)Set up a proxy in front of the web server&#10;C)Create a DMZ,add necessary hosts.&#10;D)Configure a reduction point on a firewall

Accepted Answer

The answer of A web server must be accessible to...

Question 26

The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches.How can this be done?&#10;A)Create a subnet for each network switch in use&#10;B)Create additional subnets for the separate groups&#10;C)Add all users to a single network segment&#10;D)Create a VLAN and add the users' computers / ports to the correct VLAN

Accepted Answer

The answer of The management in your corporate office needs...

Question 27

If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration?&#10;A)physical network segregation&#10;B)complete network segregation&#10;C)network isolation&#10;D)logical network segregation

Accepted Answer

The answer of If a network is completely isolated by...

Question 28

What type of dedicated cryptographic processor that provides protection for cryptographic keys?&#10;A)SSL/TLS accelerator&#10;B)media gateway&#10;C)SSL decryptor&#10;D)hardware security module

Accepted Answer

The answer of What type of dedicated cryptographic processor that...

Question 29

What type of monitoring compares network traffic,activities,transactions,or behavior against a database of known attack patterns?&#10;A)application-based&#10;B)protocol-based&#10;C)behavioral-based&#10;D)signature-based

Accepted Answer

The answer of What type of monitoring compares network traffic,activities,transactions,or...

Question 30

When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet,what technology is being used?&#10;A)priority tunnel&#10;B)split tunneling&#10;C)full tunnel&#10;D)shared tunneling

Accepted Answer

The answer of When VPN network traffic is routing only...

Question 31

Which of the following is a software-based application that runs on a local host computer that can detect an attack as?it occurs?&#10;A)local-based intrusion detection system&#10;B)host-based intrusion detection system&#10;C)host-based application protection&#10;D)local-based application protection

Accepted Answer

The answer of Which of the following is a software-based...

Question 32

What type of network is a private network that can also be accessed by authorized external customers,vendors,and partners?&#10;A)extranet&#10;B)intranet&#10;C)enterprise network&#10;D)guest network

Accepted Answer

The answer of What type of network is a private...

Question 33

What type of network is a private network that belongs to an organization that can only be accessed by approved internal users?&#10;A)extranet&#10;B)intranet&#10;C)enterprise network&#10;D)guest network

Accepted Answer

The answer of What type of network is a private...

Question 34

Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?&#10;A)USB blocking&#10;B)content inspection&#10;C)storage sensors&#10;D)data loss prevention

Accepted Answer

The answer of Which of the following is a system...

Question 35

Which of the following is defined as a security analysis of the transaction within its approved context?&#10;A)USB blocking&#10;B)content inspection&#10;C)storage sensors&#10;D)data loss prevention

Accepted Answer

The answer of Which of the following is defined as...

Question 36

What type of network access control uses Active Directory to scan a device to verify that it is in compliance?&#10;A)agentless NAC&#10;B)dissolvable NAC&#10;C)dependent NAC&#10;D)permanent NAC

Accepted Answer

The answer of What type of network access control uses...

Question 37

What term is used to describe the software agents that are used by NAC and installed on devices to gather information?&#10;A)NAC check agents&#10;B)server health agents&#10;C)host agent health checks&#10;D)network health agents

Accepted Answer

The answer of What term is used to describe the...

Question 38

What technology will examine the current state of a network device before allowing it can to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network?

A)network access control
B)virtual LANs
C)network address translation
D)host health checks

Accepted Answer

The answer of What technology will examine the current state...

Question 39

What is the name of an instruction that interrupts a program being executed and requests a service from the operating system?&#10;A)system call&#10;B)unit call&#10;C)hardware instruction&#10;D)system exception

Accepted Answer

The answer of What is the name of an instruction...

Question 40

Which network address below is not a private IP address network?&#10;A)10.4.5.0&#10;B)172.63.255.0&#10;C)192.168.255.0&#10;D)172.17.16.0

Accepted Answer

The answer of Which network address below is not a...

Question 41

What is the difference between anomaly based monitoring and signature based monitoring?

Accepted Answer

The answer of What is the difference between anomaly based...

Question 42

List and describe two advantages of a proxy server.

Accepted Answer

The answer of List and describe two advantages of a...

Question 43

Describe how Internet content filters are used.

Accepted Answer

The answer of Describe how Internet content filters are used....

Question 44

How does a Unified Threat Management (UTM)security product help reduce administrative overhead?

Accepted Answer

The answer of How does a Unified Threat Management (UTM)security...

Question 45

Describe how Network Access Control (NAC)works.

Accepted Answer

The answer of Describe how Network Access Control (NAC)works....

Question 46

Discuss the two advantages that NAT provides.

Accepted Answer

The answer of Discuss the two advantages that NAT provides....

Question 47

What are the two TCP/IP protocols that are used by mail servers for clients accessing incoming mail?

Accepted Answer

The answer of What are the two TCP/IP protocols that...

Question 48

Describe how VLAN communication takes place.

Accepted Answer

The answer of Describe how VLAN communication takes place....

Question 49

Describe the difference between subnetting and VLANs.

Accepted Answer

The answer of Describe the difference between subnetting and VLANs....

Question 50

Describe how a mail gateway operates?

Accepted Answer

The answer of Describe how a mail gateway operates?...

Deck 6: Network Security Devices, Design, and Technology