IS3220 CHAPTER 9 Flashcards Preview

IS3220 NETWORK SECURITY, FIREWALLS, & VPNS > IS3220 CHAPTER 9 > Flashcards

Flashcards in IS3220 CHAPTER 9 Deck (21):
1

Hacking and testing utilities that use a brute force technique to craft packets and other forms of input directed toward the target is called ___?
These stress a system to push it to react improperly, to fail, or reveal unknown vulnerabilities.

FUZZING TOOLS

2

1. All the following are considered firewall management best practices EXCEPT?

1. Have a written policy
2. Provide open communications
3. Maintain physical access control
4. Don't make assumptions
5. Develop a checklist

Provide open communications

3

2. All the following are firewall management best practices EXCEPT?

1. Lock, the watch
2. Backup, backup, backup
3. Keep it simple
4. Perform penetration testing
5. Implement fail-open response

Implement fail-open response

4

3. You are the security administrator for a small medical facility. To be in compliance with federal HIPAA regulations, you need to deploy a firewall to protect the entrée office network. You are concerned that a firewall failure could result in compliance violations as well as legal costs due to client court cases. Which of the following is the best choice of firewall for this situation?

1. Deploy a client system with a native OS firewall
2. Select any open-source firewall product
3. Use the firewall provided by the ISP connection device
4. Deploy a well-known commercial firewall from the approved products list
5. Use a multi-function device, such as a wireless access point

Deploy a well-known commercial firewall from the approved products list

5

4. From the following options, what is the most important factor in selecting a firewall?

1. Biometric authentication
2. Types of traffic to be filtered
3. Sales or discounts
4. Bastion host OS
5. Built-in antivirus scanning

Types of traffic to be filtered

6

5. A well-designed and configured firewall provides more than sufficient security protection without any additional safeguards.
TRUE OR FALSE

FALSE

7

6. Which of the following is a benefit of buying a ready-to deploy firewall over using a build-it-yourself firewall?

1. Minimal setup time
2. Less expensive
3. Repurpose existing hardware
4. Use open-source software
5. More complex troubleshooting

Minimal setup time

8

7. Which of the following is a benefit of using a build-it-yourself firewall over buying a ready-to-deploy firewall?

1. More costly
2. On-site technical support
3. Greater flexibility and customization
4. Product warranty
5. Requires skill and knowledge to deploy

Greater flexibility and customization

9

8. Which of the following is NOT one of the possible but rare attacks or exploits against a firewall?

1. Coding flaw exploitation
2. SMB share exploitation
3. Buffer overflow attacks
4. Firewalking
5. Fragmentation

SMB share exploitation

10

9. The exploit or attack known as ___ can be used to cause a DoS, confuse an IDS, or bypass firewall filtering.

1. Obfuscation
2. Trojan hors
3. SQL injection
4. Fragmentation overlapping
5. Spoofing

Fragmentation overlapping

11

10. Although successful attacks and exploits against firewalls are area, what is the best response or resolution to such compromises?

1. Deploy anti-malware scanning
2. Add additional rules to the set
3. Position the firewall on a non-choke point
4. Increase the transmission frequency
5. Patching and updating

Patching and updating

12

11. Tunneling across or through a firewall can be used to perform all of the following tasks EXCEPT?

1. Uses a closed port for covert communications
2. Bypass filtering restrictions
3. Use any open port to support communication
4. Allow external users access to internal resources
5. Support secure authorized remote access

Uses a closed port for covert communications

13

12. Which of the following statements is false?

1. ICMP can be used as a tunneling protocol
2. Encryption prevents filtering on content
3. Outbound communications don't need to be filtered
4. Tunnels can be created using almost any protocol
5. Tunnels can enable communications to bypass firewall filters

Outbound communications don't need to be filtered

14

13. Which of the following provides anonymous but not encrypted, tunneling services?

1. Cryptcat
2. JanusVM
3. TOR
4. PacketIX VPN
5. HotSpotShield

TOR

15

14. What is the best way to know that a firewall is functioning as expected?

1. Review the documentation
2. Presume it is until a patch is received from the vendor
3. Test it
4. Check the configuration
5. Watch the log files

Test it

16

15. Which method of testing a firewall grants the tester the greatest range of freedom to perform tests that might douse physical or logical damage to a firewall?

1. Live firewall tests
2. Virtual firewall tests
3. Laboratory test
4. Simulation tests
5. Production firewall tests

Virtual firewall tests

17

16. Which of the following tools tests and probes whether a port is open or closed?

1. nmap
2. netstat
3. tcpview
4. fport
5. wireshark

nmap

18

17. Which of the following testing tools is an open-source vulnerability assessment engine that scans for known vulnerabilities?

1. Snort
2. Nessus
3. Wireshark
4. Netcat
5. Syslog

Nessus

19

18. What is always the best tool for firewall troubleshooting?

1. Source code
2. Crimping tool
3. Vulnerability scanner
4. Information
5.Fuzzing tool

Information

20

19. Which of the following is NOT a recommended commonsense element of troubleshooting?

1. Isolate the problem
2. Set it aside and return to it later
3. Review change documentation
4. Make fixes one at a time
5. Have patience

Set it aside and return to it later

21

20. Which of the following is NOT part of a successful firewall use?

1. Written plan
2. Specific requirements
3. Purchasing guidelines
4. User survey of preferences
5. Documentation

User survey of preferences