CTS 1134 chapter 10 Network Access Security

What device is used to prevent a hacker or other security threats from entering the network?
Firewall
What firewall configuration uses three connections to create a separate DMZ?
Single Firewall Configuration
The simplest and most basic configuration uses only one firewall to protect the network. This type of firewall is sometimes referred to as a single firewall configuration. In this configuration, a single firewall is placed between the external network, usually the Internet, and the internal network. This configuration also allows the servers to be put on a designated DMZ.
What firewall configuration is the preferred method to create a DMZ?
Dual firewall configuration
What area acts a buffer between the internal and external networks?
DMZ
You are installing several servers that will be used as web servers to reach customers over the Internet. Where should you place the servers?
DMZ
What type of system tries to detect malicious activity, such as denial of service attacks and port scans?
Network Intrusion detection system
What software can protect an individual computer by blocking packets that may try to access a computer without your knowledge or consent?
Host based firewall
What type of firewall works with protocols and services to block TELNET, DNS, FTP, and HTTP?
application layer firewall
What type of firewall blocks packets based on IP address or port?
Packet Filter Firewall
Network layer firewalls, as the name implies, work on the Network layer of the TCP/IP model. This means that they target primarily packet communications. Because Network layer firewalls tend to target packet traffic on a network, they are often referred to as packet filters. The packets filtered by a Network layer firewall can be filtered based on a wide variety of criteria. Some criteria are source and destination IP addresses, port addresses, what higher level protocols the packet contains, and many others.
What type of firewall keeps track of conversations to determine what packets it will allow to flow through the firewall?
statefull firewall
Many firewalls, IDS, and anti-virus programs use _____________ or definitions to identify threats.
signatures
What type of firewall is based on groups of interfaces?
Question 12 options:
Zone based firewall
What do you call a list of rules or policies programmed into a router or other device that specifies what can gain access to a network?
ACL
What type of filtering uses physical addresses to allow or deny communications transit through a firewall?
MAC filter
On which protocol are many tunneling protocols based?
PPP
What PPP component is used to establish and configure the actual connection between two devices at the Data Link layer?
LCP. Link control protocol
What PPP component is used to establish a connection at the Layer 3 level?
NCP. Network Control Protocol
What process do you call a connection through a public network?
Tunneling is the process of establishing a connection through a public network that looks like a point-to-point connection to the devices on either end of it, but in reality is not. For tunneling to work, three different protocols are needed: the carrier protocol, the encapsulating protocol, and the passenger protocol.
What is used to encode the header or the entire packet of a network communication so that it cannot be read simply by opening it or looking at its content?
encription
What do you call data or text that is not encrypted?
plain text
What protocol does L2TP use to provide encryption?
IPSec
What IPSec protocol authenticates data packets but cannot encrypt them?
AH.
The Authentication Header (AH) authenticates data packets, but cannot encrypt them. By using AH for authentication, IPSec can provide integrity to the datagram it is authenticating. The authentication provided by AH also helps protect a packet from replay attacks.
What IPSec protocol is used to authenticate and encrypt data?
ESP. Encapsulating Security Payload
Which IPSec mode allows the payload to be encrypted?
Transport Mode
In transport mode, only the payload or the data in a packet is encrypted. However, in tunnel mode, the entire packet is encrypted and then surround by a new IP packet containing a new IP header
Which IPSec mode is used when using a VPN protocol?
tunnel mode
What is used to establish a connection from a client computer outside a local network to an enterprise LAN using the Internet or other public network?
VPN
Which VPN allows you to use port 443?
SSL. Secure Sockets Layers
What do you call terminal services in Windows Server 2008 R2?
Remote Desktop Services
What allows you to log in remotely to a machine running Linux using a graphical user interface?
VNC. Virtual Network Computing.
What protocol does Citrix use for terminal services?
ICA. Independent computing architecture
Which encryption does WPA use for wireless networks?
TKIP. Temporal Key Integrity Protocol
What encryption does WPA2 use for wireless networks?
AES.
What is an assessment recommended as the most appropriate way of handling a certain task, based on an observation of the way that several organizations handle that task?
Best Practices
What policies would you establish to specify how often a password needs to be changed?
Password policy
What do you need to do to keep your Windows computer secure?
Make sure the operating system has the newest updates
What technology users PPP inside an Ethernet frame?
PPPoE
For a network, what is considered the weakest link?
Users
Any time a security break is discovered, it should be immediately __________.
reported to IT
What is the best way to protect against social engineering?
User Training