Flashcards in IS3220 CHAPTER 9 Deck (21):
Hacking and testing utilities that use a brute force technique to craft packets and other forms of input directed toward the target is called ___?
These stress a system to push it to react improperly, to fail, or reveal unknown vulnerabilities.
1. All the following are considered firewall management best practices EXCEPT?
1. Have a written policy
2. Provide open communications
3. Maintain physical access control
4. Don't make assumptions
5. Develop a checklist
Provide open communications
2. All the following are firewall management best practices EXCEPT?
1. Lock, the watch
2. Backup, backup, backup
3. Keep it simple
4. Perform penetration testing
5. Implement fail-open response
Implement fail-open response
3. You are the security administrator for a small medical facility. To be in compliance with federal HIPAA regulations, you need to deploy a firewall to protect the entrée office network. You are concerned that a firewall failure could result in compliance violations as well as legal costs due to client court cases. Which of the following is the best choice of firewall for this situation?
1. Deploy a client system with a native OS firewall
2. Select any open-source firewall product
3. Use the firewall provided by the ISP connection device
4. Deploy a well-known commercial firewall from the approved products list
5. Use a multi-function device, such as a wireless access point
Deploy a well-known commercial firewall from the approved products list
4. From the following options, what is the most important factor in selecting a firewall?
1. Biometric authentication
2. Types of traffic to be filtered
3. Sales or discounts
4. Bastion host OS
5. Built-in antivirus scanning
Types of traffic to be filtered
5. A well-designed and configured firewall provides more than sufficient security protection without any additional safeguards.
TRUE OR FALSE
6. Which of the following is a benefit of buying a ready-to deploy firewall over using a build-it-yourself firewall?
1. Minimal setup time
2. Less expensive
3. Repurpose existing hardware
4. Use open-source software
5. More complex troubleshooting
Minimal setup time
7. Which of the following is a benefit of using a build-it-yourself firewall over buying a ready-to-deploy firewall?
1. More costly
2. On-site technical support
3. Greater flexibility and customization
4. Product warranty
5. Requires skill and knowledge to deploy
Greater flexibility and customization
8. Which of the following is NOT one of the possible but rare attacks or exploits against a firewall?
1. Coding flaw exploitation
2. SMB share exploitation
3. Buffer overflow attacks
SMB share exploitation
9. The exploit or attack known as ___ can be used to cause a DoS, confuse an IDS, or bypass firewall filtering.
2. Trojan hors
3. SQL injection
4. Fragmentation overlapping
10. Although successful attacks and exploits against firewalls are area, what is the best response or resolution to such compromises?
1. Deploy anti-malware scanning
2. Add additional rules to the set
3. Position the firewall on a non-choke point
4. Increase the transmission frequency
5. Patching and updating
Patching and updating
11. Tunneling across or through a firewall can be used to perform all of the following tasks EXCEPT?
1. Uses a closed port for covert communications
2. Bypass filtering restrictions
3. Use any open port to support communication
4. Allow external users access to internal resources
5. Support secure authorized remote access
Uses a closed port for covert communications
12. Which of the following statements is false?
1. ICMP can be used as a tunneling protocol
2. Encryption prevents filtering on content
3. Outbound communications don't need to be filtered
4. Tunnels can be created using almost any protocol
5. Tunnels can enable communications to bypass firewall filters
Outbound communications don't need to be filtered
13. Which of the following provides anonymous but not encrypted, tunneling services?
4. PacketIX VPN
14. What is the best way to know that a firewall is functioning as expected?
1. Review the documentation
2. Presume it is until a patch is received from the vendor
3. Test it
4. Check the configuration
5. Watch the log files
15. Which method of testing a firewall grants the tester the greatest range of freedom to perform tests that might douse physical or logical damage to a firewall?
1. Live firewall tests
2. Virtual firewall tests
3. Laboratory test
4. Simulation tests
5. Production firewall tests
Virtual firewall tests
16. Which of the following tools tests and probes whether a port is open or closed?
17. Which of the following testing tools is an open-source vulnerability assessment engine that scans for known vulnerabilities?
18. What is always the best tool for firewall troubleshooting?
1. Source code
2. Crimping tool
3. Vulnerability scanner
19. Which of the following is NOT a recommended commonsense element of troubleshooting?
1. Isolate the problem
2. Set it aside and return to it later
3. Review change documentation
4. Make fixes one at a time
5. Have patience
Set it aside and return to it later