Question 1

A ________ attack is an attack that is made before attack signatures for the threat are defined.

Accepted Answer

A)   zero-day
B)   vulnerability based
C)   stealth
D)   anomaly based

Question 2

SPI firewalls can conduct ________ inspection.

Accepted Answer

A)   stateful packet
B)   static packet filtering
C)   Both A and B
D)   Neither A nor B

Question 3

If an IPS identifies an attack, it can ________.

Accepted Answer

A)   drop the attack packet(s) 
B)   limit suspicious traffic to a certain percentage of the total bandwidth
C)   Both A and B
D)   Neither A nor B

Question 4

It is getting easier for attackers to bypass the border firewall.

Accepted Answer

A) True 
 B)False

Question 5

Firewalls will drop ________.

Accepted Answer

A)   suspicious packets
B)   provable attack packets
C)   Both A and B
D)   Neither A nor B

Question 6

IDSs need to filter individual packets rather than packet streams.

Accepted Answer

A) True 
 B)False

Question 7

Stateful packet inspection firewalls are ________.

Accepted Answer

A)   expensive
B)   fairly safe in practice
C)   Both A and B
D)   Neither A nor B

Question 8

IDSs tend to issue many false negatives.

Accepted Answer

A) True 
 B)False

Question 9

Static packet filtering firewalls are limited to ________.

Accepted Answer

A)   inspecting packets for which there are good application proxy filtering rules
B)   inspecting packets in isolation from their context
C)   Both A and B
D)   Neither A nor B

Question 10

Automatic protections for application proxy firewalls include ________.

Accepted Answer

A)   protocol fidelity
B)   header destruction
C)   Both A and B
D)   Neither A nor B

Question 11

The ________ is a subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world.

Accepted Answer

A)   Internet subnet
B)   server subnet
C)   external subnet
D)   None of the above

Question 12

A connection opening is a state.

Accepted Answer

A) True 
 B)False

Question 13

Ingress ACL rules typically permit a specific type of externally originated connection to network resources.

Accepted Answer

A) True 
 B)False

Question 14

What is the SPI firewall rule for packets that do not attempt to open connections?

Accepted Answer

A)   Drop the packet unless it is permitted by an ACL
B)   Pass the packet unless it is forbidden by an ACL
C)   Pass the packet if it is part of a previously approved connection
D)   Either A or B

Question 15

If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

Accepted Answer

A)   good because it will prevent possible attack packets from entering the network
B)   bad because valid, non-attack packets will be dropped and this will effectively created a self-generated DOS attack
C)   Both A and B
D)   Neither A nor B

Question 16

A state is a distinct phase in a connection between two applications.

Accepted Answer

A) True 
 B)False

Question 17

If a firewall receives a suspicious packet, the firewall will ________.

Accepted Answer

A)   log the packet
B)   drop the packet
C)   Both A and B
D)   Neither A nor B

Question 18

Static packet filtering is sometimes used ________.

Accepted Answer

A)   as a secondary filtering mechanism on an application proxy firewall
B)   on border routers
C)   Both A and B
D)   Neither A nor B

Question 19

________ detection looks for specific patterns in the network traffic to identify a threat.

Accepted Answer

A)   Signature
B)   Anomaly
C)   Both A and B
D)   Neither A nor B

Question 20

________ detection looks at traffic patterns for deviations from set norms.

Accepted Answer

A)   Signature
B)   Anomaly
C)   Both A and B
D)   Neither A nor B

Exam 6: Firewalls

Ingress ACL rules typically permit a specific type of externally originated connection to network resources.

Correct AnswerverifiedShow Answer

If an IPS identifies an attack, it can ________.

Correct AnswerverifiedShow Answer

Stateful packet inspection firewalls are ________.

Correct AnswerverifiedShow Answer

________ detection looks at traffic patterns for deviations from set norms.

Correct AnswerverifiedShow Answer

A state is a distinct phase in a connection between two applications.

Correct AnswerverifiedShow Answer

If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

Correct AnswerverifiedShow Answer

Static packet filtering firewalls are limited to ________.

Correct AnswerverifiedShow Answer

________ detection looks for specific patterns in the network traffic to identify a threat.

Correct AnswerverifiedShow Answer

IDSs need to filter individual packets rather than packet streams.

Correct AnswerverifiedShow Answer

What is the SPI firewall rule for packets that do not attempt to open connections?

Correct AnswerverifiedShow Answer

Firewalls will drop ________.

Correct AnswerverifiedShow Answer

A ________ attack is an attack that is made before attack signatures for the threat are defined.

Correct AnswerverifiedShow Answer

SPI firewalls can conduct ________ inspection.

Correct AnswerverifiedShow Answer

If a firewall receives a suspicious packet, the firewall will ________.

Correct AnswerverifiedShow Answer

The ________ is a subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world.

Correct AnswerverifiedShow Answer

Static packet filtering is sometimes used ________.

Correct AnswerverifiedShow Answer

A connection opening is a state.

Correct AnswerverifiedShow Answer

IDSs tend to issue many false negatives.

Correct AnswerverifiedShow Answer

It is getting easier for attackers to bypass the border firewall.

Correct AnswerverifiedShow Answer

Automatic protections for application proxy firewalls include ________.

Correct AnswerverifiedShow Answer

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified