Question 1

A connection opening is a state.

Accepted Answer

A) True 
 B)False

Question 2

________ detection looks for specific patterns in the network traffic to identify a threat.

Accepted Answer

A)   Signature
B)   Anomaly
C)   Both A and B
D)   Neither A nor B

Question 3

A state is a distinct phase in a connection between two applications.

Accepted Answer

A) True 
 B)False

Question 4

Automatic protections for application proxy firewalls include ________.

Accepted Answer

A)   protocol fidelity
B)   header destruction
C)   Both A and B
D)   Neither A nor B

Question 5

IDSs tend to issue many false negatives.

Accepted Answer

A) True 
 B)False

Question 6

What is the SPI firewall rule for packets that do not attempt to open connections?

Accepted Answer

A)   Drop the packet unless it is permitted by an ACL
B)   Pass the packet unless it is forbidden by an ACL
C)   Pass the packet if it is part of a previously approved connection
D)   Either A or B

Question 7

It is getting easier for attackers to bypass the border firewall.

Accepted Answer

A) True 
 B)False

Question 8

Firewalls will drop ________.

Accepted Answer

A)   suspicious packets
B)   provable attack packets
C)   Both A and B
D)   Neither A nor B

Question 9

________ detection looks at traffic patterns for deviations from set norms.

Accepted Answer

A)   Signature
B)   Anomaly
C)   Both A and B
D)   Neither A nor B

Question 10

Static packet filtering firewalls are limited to ________.

Accepted Answer

A)   inspecting packets for which there are good application proxy filtering rules
B)   inspecting packets in isolation from their context
C)   Both A and B
D)   Neither A nor B

Question 11

If a firewall receives a suspicious packet, the firewall will ________.

Accepted Answer

A)   log the packet
B)   drop the packet
C)   Both A and B
D)   Neither A nor B

Question 12

If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

Accepted Answer

A)   good because it will prevent possible attack packets from entering the network
B)   bad because valid, non-attack packets will be dropped and this will effectively created a self-generated DOS attack
C)   Both A and B
D)   Neither A nor B

Question 13

Static packet filtering is sometimes used ________.

Accepted Answer

A)   as a secondary filtering mechanism on an application proxy firewall
B)   on border routers
C)   Both A and B
D)   Neither A nor B

Question 14

The ________ is a subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world.

Accepted Answer

A)   Internet subnet
B)   server subnet
C)   external subnet
D)   None of the above

Question 15

Ingress ACL rules typically permit a specific type of externally originated connection to network resources.

Accepted Answer

A) True 
 B)False

Question 16

If an IPS identifies an attack, it can ________.

Accepted Answer

A)   drop the attack packet(s) 
B)   limit suspicious traffic to a certain percentage of the total bandwidth
C)   Both A and B
D)   Neither A nor B

Question 17

SPI firewalls can conduct ________ inspection.

Accepted Answer

A)   stateful packet
B)   static packet filtering
C)   Both A and B
D)   Neither A nor B

Question 18

Stateful packet inspection firewalls are ________.

Accepted Answer

A)   expensive
B)   fairly safe in practice
C)   Both A and B
D)   Neither A nor B

Question 19

IDSs need to filter individual packets rather than packet streams.

Accepted Answer

A) True 
 B)False

Question 20

A ________ attack is an attack that is made before attack signatures for the threat are defined.

Accepted Answer

A)   zero-day
B)   vulnerability based
C)   stealth
D)   anomaly based

Exam 6: Firewalls

SPI firewalls can conduct ________ inspection.

Correct AnswerverifiedShow Answer

A state is a distinct phase in a connection between two applications.

Correct AnswerverifiedShow Answer

Ingress ACL rules typically permit a specific type of externally originated connection to network resources.

Correct AnswerverifiedShow Answer

If a firewall receives a suspicious packet, the firewall will ________.

Correct AnswerverifiedShow Answer

A connection opening is a state.

Correct AnswerverifiedShow Answer

Static packet filtering is sometimes used ________.

Correct AnswerverifiedShow Answer

Static packet filtering firewalls are limited to ________.

Correct AnswerverifiedShow Answer

The ________ is a subnet that contains all of the servers and application proxy firewalls that must be accessible to the outside world.

Correct AnswerverifiedShow Answer

Stateful packet inspection firewalls are ________.

Correct AnswerverifiedShow Answer

IDSs tend to issue many false negatives.

Correct AnswerverifiedShow Answer

Automatic protections for application proxy firewalls include ________.

Correct AnswerverifiedShow Answer

________ detection looks for specific patterns in the network traffic to identify a threat.

Correct AnswerverifiedShow Answer

Firewalls will drop ________.

Correct AnswerverifiedShow Answer

It is getting easier for attackers to bypass the border firewall.

Correct AnswerverifiedShow Answer

What is the SPI firewall rule for packets that do not attempt to open connections?

Correct AnswerverifiedShow Answer

IDSs need to filter individual packets rather than packet streams.

Correct AnswerverifiedShow Answer

If a firewall has to drop packets because it cannot keep up with traffic volume, this is ________.

Correct AnswerverifiedShow Answer

A ________ attack is an attack that is made before attack signatures for the threat are defined.

Correct AnswerverifiedShow Answer

________ detection looks at traffic patterns for deviations from set norms.

Correct AnswerverifiedShow Answer

If an IPS identifies an attack, it can ________.

Correct AnswerverifiedShow Answer

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified

Correct Answer
verified