47 terms

Security Fundamentals 98-367: Lesson 4

STUDY
PLAY

Terms in this set (...)

Host operating syst
Application Conflicts
Stability
Which of the following elements and issues should be considered when deciding whether to use a software or hardware firewall? (Choose all that apply)
-Host operating system
-Application conflicts
-Operating system version
-Firewall service efficiency
-Stability
Physical
Application
Network
Which of the following are layers of the OSI model? (Choose all that apply)
-Physical
-Control
-Application
-Network
-Encryption
Network
At which layer of the OSI model does routing occur?
Packet filtering
Application
Which of the following are valid firewall types? (Choose the best answer)
-Virtual
-Network
-Packet filtering
-IPsec
-Application
IP address of the sending host
IP address of the receiving host
Data packet type
Which of the following pieces of information are typically examined by a stateful inspection firewall?
-IP address of the sending host
-IP address of the receiving host
-IP address of the router
-Data packet type
-Data packet size
NAP controls what systems are permitted to connect to a network
What is the purpose of NAP? (Choose the best answer)
-NAP translates private IP addresses to Internet-routable IP addresses.
-NAP permits a firewall to perform deep inspection on packets
-NAP provides a mechanism to perform network analysis on captured packets.
-NAP controls what systems are permitted to connect to a network
Cross-site scripting
An attack that relies on having a user execute a malicious script embedded in a web page is which kind of attack? (Choose the best answer)
-Man in the middle
-Brute force
-Cross-site scripting
-SQL injection
Data link
You have just purchased a new wireless access point for your small computer services company, and you want to ensure that only your systems are able to connect to the wireless network. To that end, you enable MAC address filtering and put the MAC addresses of all your computers in the permitted table. At what layer of the OSI model does this filtering occur?
Application
You are the Information Security Officer for a medium-sized manufacturing company, and your sales team has just deployed a new e-commerce application to allow for the direct sale of your products to your customers. To secure this application, you are deploying an application firewall. At what layer of the OSI model does this filtering occur? (Select all answers that apply)
-Physical
-Data link
-Network
-Presentation
-Application
Health policy compliance
Limited access mode
Health state validation
Which of the following are components of Network Access Protection? (Choose all that apply)
-MAC address compliance
-Health policy compliance
-Limited access mode
-IP address mode
-Health state validation
Brute force attacks
Dictionary attacks
Which of the following are password-based attacks? (Choose all that apply)
-Replay attacks
-Network sniffer attacks
-Brute force attacks
-Man in the middle attacks
-Dictionary attacks
Man in the middle attack
What type of attack relies on the attacker tricking the sending host into thinking his or her system is the receiving host, and the receiving host into thinking his or her system is the sending host? (Choose the best answer)
-Replay attack
-Brute force attack
-Man in the middle attack
-Cross-site scripting attack
-SQL injection attack
Windows 7 Home
Windows XP Service Pack 2
Which of the following systems cannot participate in a NAP implementation? (Choose all that apply)
-Windows 7 Home
-Windows 7 Home Premium
-Windows XP Service Pack 2
-Windows Vista Ultimate
-Windows 7 Professional
Remote Access
Extranet connection
Which of the following are common uses for a VPN?
-Remote Access
-Server isolation
-Intrusion detection
-Extranet connection
-Domain isolation
Distance vector
Link state
Which of the following are common types of routing protocols? (Choose all that apply)
-Link vector
-Dynamic link
-Distance link
-Distance vector
-Link state
DNSSEC
You are a network administrator, and you have just been put in charge of registering your company's domain name and setting up the DNS so that people on the Internet can get to your website. Here, _____ can be used to ensure that your DNS entries are not poisoned by an attacker.
IPsec
SSL/TLS
The two most common protocols you can use to create a VPN are _____ and _____.
ARP spoofing
DNS spoofing
IP address spoofing
The three common types of protocol spoofing are _____ , _____ , and _____.
software vulnerability attack
The type of attack that relies on a weakness in an operating system or an application is known as a(n) ______.
network sniffing
An attack that relies on access to a physical LAN segment is known as a(n) _____ attack.
replay attack
An attack that records a stream of data, modifies it, and then resends it is known as a(n) _____ attack.
static
dynamic
The two common types of Network Address Translation are _____ and _____.
WPA/WPA2
If you are setting up a WLAN in a corporate environment and you want to use 802.1x and a RADIUS server to secure the connections, you need to use _____ keys.
IPsec enforcement
802.1x enforcement
VPN enforcement
DHCP enforcement
The four mechanisms used by NAP to restrict network access and enforce policies are _____ , ______ , _____ , and _____.
honeypot
A(n) _____ can be deployed to distract an attacker from the critical systems on your network.
application-level firewall
Also known as proxy servers. Works by performing a deep inspection of application data as it traverses the firewall. Rules are set by analyzing client requests and application responses, then enforcing correct application behavior.
circuit-level firewall
Typically considered second-generation firewall technology. They work in a similar fashion to packet-filtering firewalls, but they operate at the transport and session layers of the OSI model.
DMZ (demilitarized zone)
A firewall configuration used to secure hosts on a network segment. In most DMZs, the hosts on the DMZ are connected behind a firewall that is connected to a public network like the Internet.
DNS Security Extensions (DNSec)
Adds security provisions to DNS so that computers can verify they have been directed to proper servers.
DNS poisoning
An attack against the cached information on your DNS server
DNS spoofing
_____ occurs when an attacker is able to intercept a DNS request and respond to the request before the DNS server is able to.
firewall
A system that is designed to protect a computer or a computer network form network-based attacks. A _____ does this by filtering the data packets that are traversing the network.
Honey net
A collection of honeypots used to present an attacker with an even more realistic attack environment.
Honeypot
A trap for hackers
host firewall
A type of software firewall installed on a host and used to protect the host from network-based attacks.
intrusion detection systems (IDS)
A solution designed to detect unauthorized user activities, attacks, and network compromises.
intrusion prevention systems (IPS)
A solution designed to detect unauthorized user activities, attacks, and network compromises that can also take action to prevent a breach from occurring.
MAC address
The physical or hardware address burned into each NIC (for example, 96-4C-E5-48-78-C7)
Network Access Protection (NAP)
A Microsoft solution that allows administrators a more powerful way to control access to network resources. NAP's controls are based on the client computer's identity and whether that computer complies with the configured network governance policies.
network firewall
A category of software firewall consists of applications that are installed on servers used to protect network segments from other network segments.
Open Systems Interconnect (OSI)
The _____ model is a conceptual model, created by the International Organization for Standardization (ISO) to describe a network architecture that allows the passage of data between computer systems. Although never fully utilized as a model for a protocol, the _____ model is nonetheless the standard for discussing how networking works.
padded cell
A system that waits for an IDS to detect an attacker and then transfers the attacker to a special host where he or she cannot do any damage to the production environment.
personal firewall
A type of software firewall installed on a host and used to protect the host from network-based attacks.
Secure Content Management (SCM)
Software protection against spyware, phishing, viruses and email spam.
spoofing
The misuse of a network protocol to perpetrate a hoax on a host or network device.
stateful inspection
In addition to examining the header information of the packets traversing the firewall, a _____ firewall considers other factors when determining whether traffic should be permitted across the firewall. _____ also determines whether a packet is part of an existing session, and that information can be used to decide whether to permit or deny a packet.
Unified Threat Management (UTM)
A comprehensive security product that includes protection against multiple threats. A UTM product typically includes a firewall, antivirus software, content filtering and a spam filter in a single integrated package.