You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable? |
53 |
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2012 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing? |
Downloading a file |
You want to allow your users to download files from a server running the TCP/IP protocol. You want to require user authentication to gain access to specific directories on the server. Which TCP/IP protocol should you implement to provide this capability? |
FTP |
After blocking a number of ports to secure your server, you are unable to send email. To allow email service which of the following needs to be done? |
Open port 25 to allow SMTP service |
You administer a web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.testsim.com. You configured the website as follows: IP address: 192.168.23.8 Users complain that they can’t connect to the website when they type www.westsim.com. What is the most likely source of the problem? |
The HTTP port should be changed to 80 |
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use? |
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ. |
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall? (select all that apply) |
Source address of a packet Port number Destination address of a packet |
Which of the following describes how access lists can be used to improve network security? |
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers. |
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accesible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (select two) |
Put the Web server inside the DMZ Put the database server on the private network |
When designing a firewall, what is the recommend approach for opening and closing ports? |
Close all ports; open only ports required by applications inside the DMZ |
Operate at Layer 2 |
Virtual firewall |
Operates at Layer 3 |
Router firewall |
Contains a hop in the path between hosts |
Routed firewall |
Does not count as a hop in the path between hosts |
Virtual firewall |
Each interface connects to a different network |
Routed firewall |
Your Cisco router has three network interfaces configured: -S0/1/0 is a WAN interface that is connected to an ISP. You have configured an access control list on this router using the following rules: -deny IP 192.168.1.0 0.0.0.255 any These rules will be applied to the WAN interface on the router. Your goal is to block any IP traffic coming in on the WAN interface that has a spoofed source address that makes it appear to be coming from the two internal networks. However, when you enable the ACL, you find that no traffic is being allowed through the WAN interface. What should you do? |
Add a permit statement to the bottom of the access list |
Which firewall implementation creates a buffer network that can be used to host email or web servers? |
DMZ |
Which of the following are true about routed firewalls? (select two) |
Supports multiple interfaces Counts as a router hop |
Packet Filtering Firewall |
OSI Layer 3 |
Circuit-level Proxy |
OSI Layer 5 |
Application level Gateway |
OSI Layer 7 |
Routed Firewall |
OSI Layer 3 |
Transparent Firewall |
OSI Layer 2 |
Each interfaces connects to the same network segment |
virtual firewall |
8.3 Firewall Design and Implementation
Share This
Unfinished tasks keep piling up?
Let us complete them for you. Quickly and professionally.
Check Price