Study

Which of the following are performed by proxies?
Block employees from accessing certain Web sites.
Cache web pages.
What port does Telnet use?
23
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home and use it while traveling.
You want to protect the laptop from Internet-based attacks.
Which solution should you use?
Host based firewall.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers?
Put the database server on the private network.
Put the Web server on the DMZ.
Which of the following are characteristics of a circuit-level gateway?
Filters based on sessions.
Stateful.
You administer a Web server on your network. The computer has multiple IP addresses. They are 192.198.23.8 and 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows:
-IP address: 192.168.23.8
-HTTP Port: 1030
-SSL Port: 443

Users complain that they can’t connect to the Web site when they type www.westsim.com. What is the most likely source of the problem?

The HTTP port should be changed to 80.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance.
What is the best way to do this?
Install a proxy server.
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address.
You are configuring a firewall to allow access to a server hosted on the demilitarized zone on your network. You open TCP/IP ports 80, 25, 110, and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
Web server, e-mail server.
To increase security on your computer’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions.
Which port needs to be enabled to allow secure transactions?
443.
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs.
Which type of firewall should you install?
Application level.
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL.
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users.
Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
Which protocol and port is used by BOOTP/DHCP?
UDP 67
After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service which of the following needs to be done?
Open port 25 and allow STMP service.
Which of the following network services or protocols uses TCP/IP port 69?
TFTP.
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
Which protocol and port number is used by TFTP?
UDP 69.
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers.
Which type of device should you use to create the DMZ?
Network based firewall.