8.3.9 Practice Questions

Your page rank:

Total word count: 978
Pages: 4

Calculate the Price

- -
275 words
Looking for Expert Opinion?
Let us have a look at your work and suggest how to improve it!
Get a Consultant

Match the firewall type on the right with the OSI layer at which it operates.
Each OSI Layer may be used once, more than once, or not at all.

None

packet-filtering firewall OSI Layer

Layer 3

Circuit-level proxy OSI Layer

Layer 5

Application-Level Gateways OSI Layer

Layer 7

Router Firewalls OSI Layer

Layer 3

Transparent Firewalls OSI Layer

Layer 2

Your company has a connection to the internet that allows users to access the internet. You also have a web server and an email server that you want to make available to internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
•VPN concentrator
•Network-based firewall
•IDS
•Host-based firewall
•IPS

Network-based firewall

You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers? (Select two.)
•Put the web server inside the DMZ.
•Put the web server on the private network.
•Put the database server inside the DMZ.
•Put the database server on the private network.

•Put the web server inside the DMZ. •Put the database server on the private network.

You have a router that is configured as a firewall. The router is a Layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
•Username and password
•Session ID
•MAC address
•IP address

•IP address

You have just installed a packet filtering firewall on your network. Which options will you be able to set on your firewall? (Select all that apply.)
•Acknowledgement number
•Checksum
•Sequence number
•Source address of a packet
•Port number
•Destination address of a packet
•Digital signature

•Source address of a packet •Port number •Destination address of a packet

Which of the following describes how access lists can be used to improve network security?
•An access list looks for patterns of traffic between multiple packets and takes action to stop detected attacks.
•An access list filters traffic based on the frame header such as source or destination MAC address.
•An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
•An access list identifies traffic that must use authentication or encryption.

•An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.

Which of the following is likely to be located in a DMZ?
•FTP server
•User workstations
•Domain controller
•Backup server

•FTP server

In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
•You want to encrypt data sent between two hosts using the internet.
•You want to detect and respond to attacks in real time.
•You want to protect a public web server from attack.
•You want internet users to see a single IP address when accessing your company network.

•You want to protect a public web server from attack.

Match the firewall type on the left with its associated characteristics on the right. Each firewall type may be used once, more than once, or not at all.

None

Operates at Layer 2

Virtual firewall

Operates at Layer 3.

Routed firewall

Counts as a hop in the path between hosts.

Routed firewall

Does not count as a hop in the path between hosts.

Virtual firewall

Each interface connects to a different network.

Routed firewall

Each interface connects to the same network segment.

Virtual firewall

When designing a firewall, what is the recommended approach for opening and closing ports?
•Close all ports.
•Open all ports; close ports that expose common network attacks.
•Close all ports; open ports 20, 21, 53, 80, and 443.
•Close all ports; open only ports required by applications inside the DMZ.
•Open all ports; close ports that show improper traffic or attacks in progress.

Close all ports; open only ports required by applications inside the DMZ

After blocking a number of ports to secure your server, you are unable to send email. To allow email service, which of the following needs to be done?
•Open port 25 to allow SMTP service.
•Open port 80 to allow SNMP service.
•Open port 110 to allow SMTP service.
•Open port 25 to allow SNMP service.
•Open port 80 to allow SMTP service.
•Open port 110 to allow POP3 service.

•Open port 25 to allow SMTP service.

You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the website as follows:
• IP address: 192.168.23.8
• HTTP Port: 1030
• SSL Port: 443
Users complain that they can’t connect to the website when they type www.westsim.com. What is the most likely source of the problem?
•The HTTP port should be changed to 80.
•FTP is not configured on the server.
•Clients are configured to look for the wrong IP address.
•SSL is blocking internet traffic.

The HTTP port should be changed to 80.

You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
•443
•42
•80
•21
•53

53

In the output of the netstat command, you notice that a remote system has made a connection to your Windows Server 2016 system using TCP/IP port 21.
Which of the following actions is the remote system most likely performing?
•Downloading a file
•Downloading a web page
•Performing a name resolution request
•Downloading email

•Downloading a file

You want to allow users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server.
Which TCP/IP protocol should you implement to provide this capability?
•HTML
•IP
•FTP
•HTTP
•TFTP
•TCP

•FTP

Share This
Flashcard

More flashcards like this

NCLEX 10000 Integumentary Disorders

When assessing a client with partial-thickness burns over 60% of the body, which finding should the nurse report immediately? a) ...

Read more

NCLEX 300-NEURO

A client with amyotrophic lateral sclerosis (ALS) tells the nurse, "Sometimes I feel so frustrated. I can’t do anything without ...

Read more

NASM Flashcards

Which of the following is the process of getting oxygen from the environment to the tissues of the body? Diffusion ...

Read more

Unfinished tasks keep piling up?

Let us complete them for you. Quickly and professionally.

Check Price

Successful message
sending