CSE 4471 - Final Review Exam Questions And
Answers 100% Correct
Beginning with the introduction of residual risk, the three risk management lifecycle phases
(in order) are - ANSWER - risk identification
- risk assessment
- risk control
A policy of assigning a fixed routable IP address to each corporate internet device. - ANSWER
static IP addressing
The basic function of a packet-filtering firewall is to - ANSWER allowing packets to or denying
packets from transiting a firewall from one network to another network.
Which of the following are true regarding the staff needed to properly configure and
maintain current firewall systems: - ANSWER - they may be difficult to locate, hire and retain
- they require vendor-specific knowledge and skills
- they require periodic (re-)training
Accurate and secure firewall configuration relies on: - ANSWER - specialized technical
expertise
- organizational domain-specific knowledge
, - product domain-specific knowledge
The five basic parts of a packet-filtering firewall rule are: - ANSWER - source IP address
- destination IP address
- source port number
- destination port number
- action
Some current recommended firewall best practices are: - ANSWER - block telnet to internal
servers
- block firewall access from public networks
- ICMP (internet control messaging protocol) data (port 1) denied
- web services restricted to "DMZ," not allowed on internal networks
- SMTP (email) protocol only supported through a well-configured gateway
- always use a clean-up rule
- document and back-up your firewall rules
the most secure type of network firewall - ANSWER sneaker-net
a dedicated network device with specialized software to perform a specific purpose. -
ANSWER appliance
Answers 100% Correct
Beginning with the introduction of residual risk, the three risk management lifecycle phases
(in order) are - ANSWER - risk identification
- risk assessment
- risk control
A policy of assigning a fixed routable IP address to each corporate internet device. - ANSWER
static IP addressing
The basic function of a packet-filtering firewall is to - ANSWER allowing packets to or denying
packets from transiting a firewall from one network to another network.
Which of the following are true regarding the staff needed to properly configure and
maintain current firewall systems: - ANSWER - they may be difficult to locate, hire and retain
- they require vendor-specific knowledge and skills
- they require periodic (re-)training
Accurate and secure firewall configuration relies on: - ANSWER - specialized technical
expertise
- organizational domain-specific knowledge
, - product domain-specific knowledge
The five basic parts of a packet-filtering firewall rule are: - ANSWER - source IP address
- destination IP address
- source port number
- destination port number
- action
Some current recommended firewall best practices are: - ANSWER - block telnet to internal
servers
- block firewall access from public networks
- ICMP (internet control messaging protocol) data (port 1) denied
- web services restricted to "DMZ," not allowed on internal networks
- SMTP (email) protocol only supported through a well-configured gateway
- always use a clean-up rule
- document and back-up your firewall rules
the most secure type of network firewall - ANSWER sneaker-net
a dedicated network device with specialized software to perform a specific purpose. -
ANSWER appliance
