DCOM258: QUIZ7: NETWORK PERIMETER SECURITY(CH8)+ EXAM QUESTIONS AND ANSWERS WITH COMPLETE SOLUTIONS GRADED A++

DCOM258: QUIZ7: NETWORK PERIMETER SECURITY(CH8)+

EXAM QUESTIONS AND ANSWERS WITH COMPLETE

SOLUTIONS GRADED A++


A firewall can use NAT and packet filters(T/F)

True

NAT filtering accepts or rejects packets based on rules(T/F)

False

A stateless packet filter is vulnerable to IP spoofing attacks (T/F)

True

Circuit-level gateways work at the session layer of the OSI model (T/F)

True

NAT filtering matches incoming traffic to corresponding outbound IP connections

by matching the IP address and port(T/F)

True

An IP proxy serves client requests by caching HTTP information. (T/F)

False

An IP proxy can be the victim of denial-of-service attacks(T/F)

True

A honeypot is a device that caches information for hackers(T/F)

False

, Honeynets are ore or more computers or servers used to counteract attempts at

unauthorized access to a network(T/F)

True

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious

traffic. (T/F)

False

Which of the following are examples of protocol analyzers? (Select 2) (Wireshark,

HTTP Proxy, NAT Filter, Network Monitor)

Wireshark

Network Monitor

Where would a NIDS sit on a network? (best answer):

-Inline

-On the extranet

-On the DMZ

-Back to Back

Inline

What are Snort and Bro examples of?

-Firewalls

-Proxy Servers

-IDS

-SPI

IDS