GCGA Ch. 3 Basic Networking Devices (ST)

Question 1

Switch

Answer 1

connects computer on local network; map MAC addresses to physical ports

Question 2

Port security

Answer 2

limits access to switch ports; includes limiting # of MAC addresses per port and disabling unused ports

Question 3

Router

Answer 3

connect networks to each other; direct traffic based on destination IP address; routers (and firewalls) use rules w/in access control lists (ACLs) to allow or block traffic

Question 4

Route command

Answer 4

used to view/manipulate routing table

Question 5

Implicit deny

Answer 5

indicates that unless explicitly allowed, it is denied; last rule in an ACL

Question 6

Host-based firewalls

Answer 6

filter traffic in/out of individual hosts

Question 7

Network-based firewalls

Answer 7

filter traffic in/out of network, such as between Internet/internal network

Question 8

Stateless firewall

Answer 8

controls traffic between networks using rules within ACL; ACL can block traffic based on ports, IP addresses, subnets, and some protocols. Stateful firewalls, additionally, filter traffic based on state of a packet w/in session

Question 9

WAF

Answer 9

web application firewall - protects a web server against web application attacks; typically placed in screened subnet, will alert administrators of suspicious events; works @ application layer (7)

Question 10

NGFW

Answer 10

next generation firewall - perform deep packet inspection, analyzing traffic @ application layer (7)

Question 11

Stateful inspection firewall

Answer 11

In computing, a stateful firewall is a network-based firewall that individually tracks sessions of network connections traversing it; also known as layer 4 firewalls

Question 12

Fail-open vs fail-closed devices

Answer 12

fail-open devices allow all traffic to pass when device fails; fail-closed devices allow no traffic to pass when device fails; fail-closed provide greater security