The dmz can be a dedicated port on the firewall device linking a single bastion host.

1.The DMZ cannot be a dedicated port on the firewall device linking a single bastion host.A) TrueB) False

Points Earned:0.0/10.0Correct Answer(s):FalseFalse, EXTRANETTrue2.Firewalls fall into ____ major processing-mode categories.

3.In addition to recording intrusion attempts, a(n) routercan be configured to use the contact information tonotify the firewall administrator of the occurrence of an intrusion attempt.Points Earned:0.0/10.0

4.A ____ filtering firewall can react to an emergent event and update or create rules to deal with the event.Points Earned:10.0/10.0

5.Good policy and practice dictates that each firewall device, whether a filtering router, bastion host, or otherfirewall implementation, must have its own set of configuration rules.A) TrueB) FalseCorrect Answer(s):TruePoints Earned:0.0/10.0

6.____ inspection firewalls keep track of each network connection between internal and external systems.Points Earned:10.0/10.0

7.When Web services are offered outside the firewall, HTTP traffic should be blocked from internal networksthrough the use of some form of proxy access or DMZ architecture.Points Earned:10.0/10.0

8.____ and TACACS are systems that authenticate the credentials of users who are trying to access anorganization’s network via a dial-up connection.Points Earned:10.0/10.0

9.The ____ is an intermediate area between a trusted network and an untrusted network.A) perimeterB) DMZC) domainD) firewallCorrect Answer(s):BPoints Earned:10.0/10.0

10.Access control is achieved by means of a combination of policies, programs, and technologies.Points Earned:0.0/10.0

1.Even if Kerberos servers are subjected to denial-of-service attacks, a client can request additional services.Points Earned:10.0/10.0

2.Though not used much in Windows environments, Telnet is still useful to systems administrators onUnix/Linux systems.Points Earned:10.0/10.0

3.Kerberos uses asymmetrickey encryption to validate an individual user to various network resources.A) TrueB) False

Points Earned:0.0/10.0Correct Answer(s):False

Question 9(2.5 points)Saved

The DMZ can be a dedicated port on the firewall device linking a single bastion host.

Question 10(2.5 points)SavedA __________ filtering firewall can react to an emergent event and update or create rules to deal withthe event.

Question 11(2.5 points)SavedFirewalls can be categorized by processing mode, development era, or structure.

Question 12(2.5 points)SavedIn most common implementation models, the content filter has two components: __________.Question 12 options:encryption and decryptionfiltering and encodingrating and decryptionrating and filtering

Question 13(2.5 points)Saved

Accountability is the matching of an authenticated entity to a list of information assets andcorresponding access levels.

Question 14(2.5 points)SavedThe screened subnet protects the DMZ systems and information from outside threats by providing anetwork with intermediate security, which means the network is less secure than the general-publicnetworks but more secure than the internal network.

Question 15(2.5 points)Saved__________ and TACACS are systems that authenticate the credentials of users who are trying toaccess an organization’s network via a dial-up connection.

Question 16(2.5 points)SavedThe ability of a router to restrict traffic to a specific service is an advanced capability and notconsidered a standard feature for most routers.Question 16 options:TrueFalse

Is an intermediate area between a trusted network and an untrusted network?

When Web services are offered outside the firewall HTTP traffic should be blocked from internal networks through the use of some form of proxy access?

Which of the following service of Kerberos provides tickets to clients who request services?

What the packet filtering firewall checks besides a set of rules to decide whether to block or transfer a packet?