Chapter Three. Which of the following protocols is a file transfer protocol using SSH? A.SFTP B.TFTP C.SICMP D.CCMP.

Slides:



Advertisements
Similar presentations
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
IUT– Network Security Course 1 Network Security Firewalls.
FIREWALLS Chapter 11.
5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security.
Principles of Information Security, 2nd Edition1 Firewalls and VPNs.
Guide to Network Defense and Countermeasures Third Edition
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Security Awareness: Applying Practical Security in Your World
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls: General Principles & Configuration (in Linux)
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Course 201 – Administration, Content Inspection and SSL VPN
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.
FortiGateAntivirusFirewallOverview. 2 Fortinet Technologies Network Security Network security can be viewed from three perspectives: t controlling access.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Why do we need Firewalls? Internet connectivity is a must for most people and organizations  especially for me But a convenient Internet connectivity.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Intranet, Extranet, Firewall. Intranet and Extranet.
COEN 252 Computer Forensics
Chapter 6: Packet Filtering
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Wireless Networks and the NetSentron By: Darren Critchley.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
TCP/IP Protocols Contains Five Layers
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Module 4 Quiz. 1. Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution.
Firewall Security.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
OV Copyright © 2005 Element K Content LLC. All rights reserved. Hardening Internetwork Devices and Services  Harden Internetwork Connection Devices.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Security fundamentals Topic 10 Securing the network perimeter.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
CompTIA CompTIA Academic/E2C Security+ Study Guide JK0-022
CHAPTER THREE TEST REVIEW COMPTIA SECURITY+ SYO-401.
Chapter 4 Review McKinley Technology High School – Ms. Wiscount.
Defining Network Infrastructure and Network Security Lesson 8.
Security fundamentals
CompTIA Security+ Study Guide (SY0-401)
1.
Securing the Network Perimeter with ISA 2004
Click to edit Master subtitle style
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Chapter 2: Basic Switching Concepts and Configuration
CompTIA Security+ Study Guide (SY0-401)
2018 Real CompTIA N Exam Questions Killtest
Firewalls Routers, Switches, Hubs VPNs
Firewalls Chapter 8.
Presentation transcript:

Chapter Three

Which of the following protocols is a file transfer protocol using SSH? A.SFTP B.TFTP C.SICMP D.CCMP

 Of the following choices, which one provides the most security for FTP? A.FTP active mode B.FTPS C.TFTP D.SCP

 Of the following choices, what is a benefit for IPsec? A.MAC filtering B.Flood guard C.Load balancing D.Payload encryption

 What protocol is used to monitor and configure network devices? A.ICMP B.SFTP C.SNMP D.DNS

 Which of the following is an IPv6 address? A B /128 C.FE80:20D4:3FF7:003F:DE62 D.FE80:0000:0000:0000:20D4:3FF7:003F:DE62

 Which of the following IP addresses are on the same subnet? (Choose all that apply) A , B , C , D ,

 An administrator decides to block Telnet access to an internal network from any remote device on the internet. Which of the following is the best choice to accomplish this? A.Block port 22 at the host firewall B.Block port 22 on the internal routers C.Block port 23 at the network firewall D.Block port 23 on internal routers

 What port does SFTP use? A.22 B.23 C.443 D.1443

 What ports do HTTP and HTTPS use? A.20 and 21 B.22 and 25 C.80 and 443 D.80 and 1433

 What port does SMTP use? A.22 B.25 C.110 D.143

 Of the following choices, what ports are used by NetBIOS? (Choose two.) A.80 B.137 C.139 D.3389

 Your organization uses switches for connectivity. Of the following choices, what will protect the switch? A.Disable unused MAC addresses B.Disable unused ports C.Disable unused IPv4 addresses D.Disable unused IPv6 addresses

 YA user unplugged a cable into two RJ-45 wall jacks connected to unused ports on a switch. In a short period, this disrupted the overall network performance. What should you do to protect against this problem in the future? A.Enable loop protection on the switch B.Disable port security C.Use a VLAN D.Create DMZ

 What can you use to logically separate computers in two different departments within a company? A.A hub B.A VLAN C.NAT D.A flood guard

 Most firewalls have a default rule placed at the end of the firewall’s ACL. Which of the following is the most likely default rule? A.Deny any any B.Deny ICMP all C.Allow all all D.Allow TCP all

 Of the following choices, what best describes a method of managing the flow of network traffic by allowing or denying traffic based on ports, protocols and addresses? A.Implicit deny B.Firewall rules C.Proxy server content filter D.Firewall logs

 Of the following choices, what represents the best choice to prevent intrusions on an individual computer? A. HIDS B. NIDS C. Host-based firewall D. Network-based firewalls

 Your network includes a subnet that hosts accounting server with sensitive data. You want to ensure that users in the Marketing Department (on a separate subnet) cannot access these servers. Of the following choices, what would be the easiest to achieve the goal? A. Enable load balancing B. Enable port security C. Use an ACL D. Add a host-based firewall to each server

 Of the following choices, what controls traffic between networks? A. A firewall B. Load balancer C. VPN connector D. Protocol analyzer

 An organization has a web security gateway installed. What function is this performing? A. MAC filtering B. Caching content C. Hiding internal IP addresses D. Content filtering

 Your organization hosts a large website served by multiple servers. They need to optimize the workload and distribute it equally among all servers. What should they use? A. Proxy server B. Load balancer C. Web security gateway D. Security appliance

 Of the following choices, what can be used to allow access to specific servers from the internet while protecting access to an internal network? A. SSH B. Implicit deny C. DMZ D. Port security

 Of the following choices, what hides the IP addresses of computers inside a network from computers outside the network? A. Web security gateway B. Replacing all hubs with switches C. WAF D. NAT

 Of the following choices, what is the best choice for a device to filter and cache content from web pages? A. Web security gateway B. VPN connector C. Proxy server D. MAC filtering

 In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access? (Select TWO). A. Subnetting B. NAT C. Firewall D. NAC E. VPN

 Which of the following can prevent an unauthorized person from accessing the network by plugging into an open network jack? A x B. DHCP C q D. NIPS

 After verifying that the server and database are running, Jane, the administrator, is still unable to make a TCP connection to the database. Which of the following is the MOST likely cause for this? A. The server has data execution prevention enabled B. The server has TPM based protection enabled C. The server has HIDS installed D. The server is running a host-based firewall

 A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check? A. Firewall B. Application C. IDS D. Security

 Which of the following devices would MOST likely have a DMZ interface? A. Firewall B. Switch C. Load balancer D. Proxy

 Which of the following tools would Matt, a security administrator, MOST likely use to analyze a malicious payload? A. Vulnerability scanner B. Fuzzer C. Port scanner D. Protocol analyzer

 Which of the following BEST describes a protective countermeasure for SQL injection? A. Eliminating cross-site scripting vulnerabilities B. Installing an IDS to monitor network traffic C. Validating user input in web applications D. Placing a firewall between the Internet and database servers

 Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? A. Connect the WAP to a different switch. B. Create a voice VLAN. C. Create a DMZ. D. Set the switch ports to 802.1q mode.

 Which of the following IP addresses would be hosts on the same subnet given the subnet mask ? (Select TWO). A B C D E

 Matt, an administrator, notices a flood fragmented packet and retransmits from an server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue? A. Spam filter B. Protocol analyzer C. Web application firewall D. Load balancer

 An ACL placed on which of the following ports would block IMAP traffic? A. 110 B. 143 C. 389 D. 465

 Mike, a network administrator, has been asked to passively monitor network traffic to the company’s sales websites. Which of the following would be BEST suited for this task? A. HIDS B. Firewall C. NIPS D. Spam filter

 Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? A. Packet filtering firewall B. VPN gateway C. Switch D. Router

 Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished? A. Create a VLAN without a default gateway. B. Remove the network from the routing table. C. Create a virtual switch. D. Commission a stand-alone switch.

 A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A. 20 B. 21 C. 22 D. 23

 Which of the following protocols would be implemented to secure file transfers using SSL? A. TFTP B. SCP C. SFTP D. FTPS

 Which of the following are used to implement VPNs? (Select TWO). A. SFTP B. IPSec C. HTTPS D. SNMP E. SSL

 Matt, a security administrator, is receiving reports about several SQL injections and buffer overflows through his company’s website. Which of the following would reduce the amount of these attack types? A. Antivirus B. Anti-spam C. Input validation D. Host based firewalls

 Pete, the security administrator, wants to ensure that traffic to the corporate intranet is secure using HTTPS. He configures the firewall to deny traffic to port 80. Now users cannot connect to the intranet even through HTTPS. Which of the following is MOST likely causing the issue? A. The web server is configured on the firewall’s DMZ interface. B. The VLAN is improperly configured. C. The firewall’s MAC address has not been entered into the filtering list. D. The firewall executes an implicit deny.

 Which of the following protocols can be used to secure traffic for telecommuters? A. WPA B. IPSec C. ICMP D. SMTP

 Which of the following must Jane, a security administrator, implement to ensure all wired ports are authenticated before a user is allowed onto the network? A. Intrusion prevention system B. Web security gateway C. Network access control D. IP access control lists

 A security administrator needs to open ports on the firewall to allow for secure data transfer. Which of the following TCP ports would allow for secure transfer of files by default? A. 21 B. 22 C. 23 D. 25

 Which of the following technologies would allow for a secure tunneled connection from one site to another? (Select TWO). A. SFTP B. IPSec C. SSH D. HTTPS E. ICMP

 Which of the following network design elements provides for a one-to-one relationship between an internal network address and an external network address? A. NAT B. NAC C. VLAN D. PAT

 Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement? A. Video surveillance B. Mantrap C. Access list D. Alarm

 Sara, a security technician, has been asked to design a solution which will enable external users to have access to a Web server, while keeping the internal network unaffected by this access. Which of the following would BEST meet this objective? A. Place the Web server on a VLAN B. Place the Web server inside of the internal firewall C. Place the Web server in a DMZ D. Place the Web server on a VPN