Chapter 5-7 Flashcards
1
Q
To provide a one-to-one mapping of a recyclable pool of public IP addresses to internal clients, this NAT type should be used: A: Policy NAT/PAT B: Dynamic PAT C: Static NAT D: Dynamic NAT
A
D: Dynamic NAT
2
Q
2. Which NAT technology is limited by the number of ports available? A: Dynamic PAT B: Static NAT C: Policy NAT/PAT D: Dynamic NAT
A
A: Dynamic PAT
3
Q
- A web proxy server is an example of which type of firewall:
a) Application Layer Gateway
b) Application Inspection
c) Static Packet Filtering
d) Transparent Firewall
e) Stateful Packet Filtering
A
a) Application Layer Gateway
4
Q
- If the number of inside clients exceeds the number of public IP addresses available to an organization, then this NAT type must be used:
a) Static NAT
b) Policy NAT/PAT
c) Dynamic NAT
d) Dynamic PAT
A
d) Dynamic PAT
5
Q
- Cisco ACL’s are an example of which type of firewall:
a) Stateful Packet Filtering
b) Application Layer Gateway
c) Transparent Firewall
d) Static Packet Filtering
e) Application Inspection
A
d) Static Packet Filtering
6
Q
- IP Addresses that should not be seen coming from the Internet are referred to as:
a) private addresses
b) bogons
c) supernets
d) darknet
A
b) bogons
7
Q
- If a client needs to be NAT’ed to a certain public IP ONLY in specific cases, this type of NAT should be used:
a) Dynamic NAT
b) Dynamic PAT
c) Static NAT
d) Policy NAT/PAT
A
d) Policy NAT/PAT
8
Q
- This firewall type is not visible to most network scanners.
a) Transparent Firewall
b) Static Packet Filtering
c) Stateful Packet Filtering
d) Application Inspection
e) Application Layer Gateway
A
a) Transparent Firewall
9
Q
- If a single inside client requires a single public IP address to be consistently assigned, this NAT type should be used:
a) Dynamic NAT
b) Dynamic PAT
c) Policy NAT/PAT
d) Static NAT
A
d) Static NAT
10
Q
- This firewall type is able to track communication streams that switch from one network port to another.
a) Application Inspection
b) Static Packet Filtering
c) Stateful Packet Filtering
d) Application Layer Gateway
e) Transparent Firewall
A
a) Application Inspection
11
Q
- When developing a risk rating, this factor is assigned by the creator to indicate the importance of the signature
a) Global Correlation
b) Attack Relevancy
c) Signature Fidelity Rating
d) Target Value Rating
e) Attack Severity Rating
A
e) Attack Severity Rating
12
Q
- Using community participation to create a database of threats which are shared to the community is using which method:
a) Signature-based
b) Reputation-based
c) Policy-based
d) Anomaly-based
e) Question 3
A
b) Reputation-based
13
Q
- Which of these methods typically comes pre-loaded onto an IPS/IDs?
a) Policy-based
b) Anomaly-based
c) Reputation-based
d) Signature-based
A
d) Signature-based
14
Q
- Creating a baseline of network traffic and alerting when it deviates from this is using which method:
a) Policy-based
b) Signature-based
c) Anomaly-based
d) Reputation-based
A
c) Anomaly-based
15
Q
- In order to get the best visibility into the security of a client, this device should be used:
a) HIDS
b) NIDS
c) Firewalls
d) IPS
A
a) HIDS