Testout Networking Chapter 8, Network Pro 8.1.6, 8.2.5, 8.3.9

You want to maintain security on your internal network
53
Using the Netstat command, you notice that a remote system
Downloading a file
You want to allow your users to download files from a server running the TCP
FTP
After blocking a number of ports to secure your server
Open port 25 to allow SMTP service
Users complain that they can’t connect to the website when they type
The HTTP port should be changed to 80
Which of the following does a router acting as a firewall use to control packets
ACL
You have a company network that is connected to the Internet. You want all users
Use firewalls to create a DMZ. Web Inside / Private Behind
You have just installed a packet-filtering firewall
Port number/source address of a packet/destination address of a packet
Which of the following describes how access lists
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
You have used firewalls to create a demilitarized zone
Put the Database on the private network/Put the Web server inside the DMZ
when designing a firewall, what is the recommended approach
Close all ports, open only ports required
Match the firewall type
Layer 2- V
Layer 3- R
Counts-R
Does-V
Different-R
Same-V
Your Cisco router has three
Add a permit
Which firewall implementation creates a buffer
DMZ
Which of the following are true about routed firewalls
Supports
Counts
An All-in-one security appliance is best
a Remote
Which of the following features are common functions
Bandwith shaping
Spam Filtering
You recently installed a new all-in-one security appliance in a remote office
Change the default
Configure the device’s authentication
Which of the following prevents access based on website ratings
Content filter
You manage a server that runs your company website
Proxy Server
Based on the diagram, which type of proxy is handling the client’s request
Reverse
Which of the following network services or protocols uses TCP/IP port 22
SSH
Which port number is used by SNMP
161
Which protocol and port number is used by BOOTP
UDP 67
To increase security on your company’s internal network
443
You are monitoring network traffic on your network and you see a large amount of traffic between a Windows
The workstation is using NetBIOS to access shared resources on the server
You are monitoring network traffic on your network, and you see traffic between two network hosts on port 2427
Someone is using Voice over IP VOIP
You have been given a laptop to use for work
Host-based
You have just installed a packet-filtering firewall on your network
Destination address
Port number
Source address
You provide Internet access for a local school
Application Level
A small startup company has hired
The UTM represents a single point of failure
Match the firewall type on the right
Packet Filtering Firewall- 3
Circuit Level Proxy – 5
Application Level Gateway – 7
Routed Firewall – 3
Transparent Firewall – 2
Which of the following prevents access based on website rating and classifications?
Content filter
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle.

You would like to find a solution so that static Web content can be offloaded to a different server, while the Web server continues to process dynamic content.

Which solution should you implement?

Proxy server
Based on the diagram, which type of proxy server is handling the client’s request?
Reverse Proxy Server
Which of the following network services or protocols uses TCP/IP port 22?
SSH
Which port number is used by SNMP?
161
Which protocol and port number is used by BOOTP/DHCP?
UDP 67
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443
You are monitoring network traffic on your network and you see a large amount of traffic between a Windows workstation and a Window server on the following ports:
*137
*138
*139
Which is the source of this network traffic?
The workstation is using NetBIOS to access shared resources on the server.
You are monitoring network traffic on your network, and you see the traffic between two network hosts on port 2427. What is the source of this network traffic?
Someone is using Voice over IP (VoIP) to make a telephone call.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks.
What solution should you use?
Host-based firewall
You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall?
Source address of a packet
Destination address of a packet
Port Number
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application-level
A small startup company has hired you to harden their new network. Because funds are limited, you have decided to implement a unified threat management (UTM) device that provides multiple security features in a single network appliance:
• Firewall
• VPN
• Anti-spam
• Antivirus
You join the UTM device to the company’s Active Directory domain. The company’s traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks. What weaknesses exist in this implementation?
The UTM represents a single point of failure.
Match the firewall type on the right with the OSI layers at which it operates.
Note: Each OSI Layer can be used once, more than once, or not at all.
Packet Filtering Firewall
OSI Layer 3
Circuit-level Proxy
OSI Layer 5
Application-level Gateway
OSI Layer 7
Routed Firewall
OSI Layer 3
Transparent Firewall
OSI Layer 2