Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
132 Cards in this Set
- Front
- Back
A bastion host typically provides _____ service.
|
one
|
|
You should have five bastion hosts if you have a firewall program, a ___ server, an ___ server, a ___ server, and an ____ server on the perimeter.
|
web
FTP DNS SMTP |
|
You should have at least _____ of storage on a bastion host.
|
500Mb
|
|
You should create a ____ file on your hard disk so that you can make use of additional memory if needed.
|
page
|
|
____ is the most popular operating system used to provide services on the World Wide Web.
|
UNIX
|
|
SSL and TCP wrapper are ____________ security software.
|
supplemental
|
|
The UNIX utility _________ reports on the services that are currently started.
|
chkconfig
|
|
When using UNIX you need to do logging through the ______ daemon.
|
syslog
|
|
The following services should be disabled on a Windows XP bastion host: _______ interface, ______ service, and ___________ service.
|
NETBIOS
server workstation |
|
The following events need to logged; account _____, object ______, policy _______ , and privilege ___.
|
logon
access changes use |
|
An ___ is a document that can serve as a complete service agreement.
|
SLA (Service License Agreement)
|
|
____-________ analysis will help you quantify what you will gain by outsourcing.
|
Risk-benefit
|
|
You should create ___ partitions on a Windows XP operating system.
|
two
|
|
_________ system files should be on the C: drive of the Windows XP operating system when used as a bastion host.
|
Operating
|
|
The ____ filesystem should be used for file storage on a Windows 2000 system.
|
NTFS
|
|
NTFS meets the _-_ U.S government security classification.
|
C-2
|
|
You find the latest version of the _____ operating system at www.redhat.com.
|
Linux
|
|
You can find the latest version of the _______ operating system at 222.sun.com.
|
Solaris
|
|
You find the latest version of the ___ operating system at www.ibm.com.
|
AIX
|
|
The name given to a server that is placed in the DMZ and whose sole purpose is to direct hackers away from bastion host servers is ________ server.
|
honeypot
|
|
On a UNIX host you should run a trusted computing base check which makes sure that any software you run is a _______ program.
|
trusted
|
|
On UNIX, enable the _____ logging if you plan to run the _____ daemon on the server.
|
inetd (Internet Daemon)
|
|
A _______ _______ server is a secure system with an extra-large storage capacity from which to search all log files for a malicious activity.
|
central logging
|
|
The two utilities "________ ________ analyzer" and "___ ________ tool" should be used if you are configuring a bastion host using Windows XP.
|
baseline security
IIS lockdown |
|
The most important service you should disable on a bastion host is IP __________.
|
forwarding
|
|
You need to enable port __ and port ___ on a bastion host that will function as a Web server.
|
80
443 |
|
_______ is a hacker-style tool that you should use to test your bastion host configuration.
|
NetScan
|
|
________ is the final step to perform after putting the bastion host online.
|
Auditing
|
|
The following UNIX services should be disabled: all accounts except _____________, the _ ______ system, the ___-___ fileset, and the ________ daemon.
|
administrator
X window PPP-run swagentd |
|
_______ leased lines have traditionally connected remote users or branch offices to a central administrative site.
|
Private
|
|
__________, _____________ , and _____________ are used by VPNs.
|
Encryption
encapsulation authentication |
|
The initials VPN stand for _______ _______ _______.
|
Virtual Private Network
|
|
An IPSec ____________ uses a complex set of security protocols to protect information.
|
concentrator
|
|
Information that passes to and from TCP/IP-based networks travel in manageable chunks called _______.
|
packets
|
|
A ______ is a secure channel used by a VPN that runs through the Internet.
|
tunnel
|
|
Another name for a VPN endpoint is a __________.
|
terminator
|
|
A Network Access Point is located on a high-speed part of the Internet called the ________.
|
backbone
|
|
The following devices are end points for a VPN: a VPN _________, a ________/VPN combination, and a ______-based VPN.
|
appliance
firewall router |
|
Encapsulation hides the ______ and ___________ information of the actual data packets.
|
source
destination |
|
Header information is not encrypted in packets passing through a VPN when using the _________ method.
|
transport
|
|
A key is a value that is generated by a formula called an _________.
|
algorithm
|
|
______________ is essential because hosts in the network that receive VPN communications need to know that the host originating the communications is an approved user of the VPN.
|
Authentication
|
|
When using __________ keys, the private key is used to generate the public key.
|
asymmetric
|
|
One advantage of a VPN is control which allows you to decide exactly at what _____ data passing through the VPN will be encrypted.
|
level
|
|
VPN traffic can be encrypted at the ________ and ___________ level.
|
physical
application |
|
The following devices can be used with ___________ authentication: smart card, retinal scan, fingerprint, and a token.
|
multifactor
|
|
______-__-____ VPN makes a network accessible to remote users who need dial-in access.
|
Client-to-site
|
|
A VPN _________ is the name of the hardware device specifically designed to terminate VPNs.
|
Appliance
|
|
____ different VPN products make up the SonicWALL series of VPN hardware devices.
|
Nine
|
|
The high end SonicWALL hardware devices can support ____ _______ concurrent connections.
|
five hundred
|
|
The following are features of the ________ Firewall/VPN appliance: web management interface, automatic backup with dial-up access, built-in autosense switch, and support for 40 simultaneous connections.
|
Symantec
|
|
Novell's BorderManager VPN services can support ___ sites per tunnel.
|
256
|
|
Novell's directory service used by BorderManager called __________.
|
eDirectory
|
|
The maximum number of simultaneous users that can be supported by the Cisco 3000 Series VPN Concentrators is __,___.
|
10,000
|
|
In network __________ mode, the Cisco 3000 Series act like a hardware device enabling a secure site-to-site VPN connection.
|
extension
|
|
The ____ VPN configuration makes use of security associations.
|
mesh
|
|
___-___-_____ VPN configuration requires all computers participating int he VPN to connect to a central server.
|
Hub-and-spoke
|
|
The ____ developed the IPSec Standard.
|
IETF(Internet Engineering Task Force)
|
|
The L2TP protocol is an extension of ___.
|
PPP (Point-to-Point Protocol)
|
|
Desktop firewalls designed to run on ___ computer.
|
one
|
|
The following types of traffic can be blocked by desktop firewalls: __ address, ____ address, and ___________.
|
Ip
port application |
|
An unauthorized access point is called a _____ access point.
|
rogue
|
|
___________ management has helped to reduce the criticism of desktop firewalls.
|
Centralized
|
|
The ____ test and certifies firewalls.
|
ICSA (International Computer Security Association)
|
|
The Tiny Personal Firewall is made up of several different components called "_______".
|
engines
|
|
Tiny Personal Firewall can be set to filter a packet based on its contents. The following options are available: ______, ____, and ___.
|
permit
deny ask |
|
An administrator needs to create _______ address groups in Tiny Personal Firewall if they want to create filtering rules that apply to groups.
|
trusted
|
|
Trusted address groups in Tiny Personal Firewall can be based on a single __ address, a ______, or a _____ of network IP addresses.
|
IP
subnet range |
|
A ______ horse is a malicious program that pretends to be a regular and known program.
|
Trojan
|
|
An MD5 signature is based on the contents of ___________ data.
|
application
|
|
The purpose of Tiny Personal Firewall's Intrusion Detection System is to monitor the firewall ______.
|
engine
|
|
Javascript is considered to be ______ active content.
|
engine
|
|
________ technology protects computers and networks against attacks generated through programs that run in web browsers.
|
Sandbox
|
|
The sandbox object that prevents active content from reformatting a hard drive is referred to as _______.
|
devices
|
|
The sandbox objects ___ and ________ prevent unauthorized access to other programs and data.
|
OLE
Spawning |
|
The sandbox object ________ prevents Trojan horse applications from being installed.
|
services
|
|
Sygate Secure Enterprise is made up of __________ server and ________ server.
|
management
security |
|
_______ traffic, ________ traffic, and _______ ____ libraries are checked by Sygate Security Server firewall.
|
Inbound
outbound dynamic link |
|
The most flexible firewall configuration restricts packets based on either ___ port or ____________.
|
TCP
applications |
|
Creating and checking the signatures of an application program is a process called ______________.
|
fingerprinting
|
|
Personal Firewall Pro can separately _______ and ___________ each dll that is loaded by an application.
|
inspect
fingerprint |
|
The following features are available on the free version of Sygate personal firewall: ___________ blocking, IP ________ protection, and TCP ____ blocking.
|
application
spoofing port |
|
Windows 95 is not supported by the __________ firewall.
|
ZoneAlarm
|
|
The ZoneAlarm Internet Lock blocks all Internet traffic when the computer is __________.
|
unattended
|
|
The ZoneAlarm feature ____________ includes information about potential break-ins.
|
AlertAdvisor
|
|
Another name for a Web address is a _______ ________ _______.
|
Uniform Resource Locator (URL)
|
|
IP ____________ occurs when a single data transmission is sent to multiple recipients simultaneously.
|
Multicasting
|
|
Web publishing rules are used to configure the ___ Server to forward requests from external users to internal network Web servers.
|
ISA (Internet Security and Acceleration Server)
|
|
The bandwidth ISA Server rules are based on _______ __ _______
. |
Quality of Service (QoS)
|
|
The following commands can dynamically reallocate memory in Linux: ________ and ________.
|
malloc()
realloc() |
|
A network administrator should be concerned when CPU utilization climbs above __ percent.
|
60
|
|
The following types of hardware should be listed as being part of your protected network: ____________, _______, ________, and ___ appliances.
|
workstations
routers gateways VPN |
|
The American Red Cross published a guide called "_________ ____ ________ ___ ___ ___________"
|
Preparing Your Business for the Unthinkable
|
|
____ password and ____ password are other names for a Boot-up password.
|
BIOS
CMOS |
|
The maximum number of firewalls that rules can be established for when using the Global Enterprise Management System for the McAfee Gauntlet firewall is ___.
|
500
|
|
A ________ ___________ __________ (SIM) device is a GUI program that can be used to remotely manage a firewall.
|
Security Information Management
|
|
The following events should be monitored in a log file check-list: _____ messages, ______ connections, and _______ packets.
|
error
denied dropped |
|
The "_____ only this __________" option immediately terminates the selected connection and blocks all future attempts to establish a connection from the same source IP address to the same destination IP address and port.
|
block
connection |
|
The "_____ _______ of this ______" option terminates the active connection and all future attempts to make connections by this source IP address will be denied, no matter what the destination IP address and port.
|
block
access source |
|
The _____ ______ to this ___________ option terminates the selected connection, and all future attempts to establish a connection to the destination IP address will be denied no matter what the source IP address is.
|
block
access destination |
|
______ was developed by the well-known hacker group L0pht.
|
NetCat
|
|
In the field of computer forensics, ______________ occurs when you determine that the data is the same as the originally seized data.
|
authentication
|
|
A company would hire an outside firm to check and administer the company _________ to free up the network administrator's time.
|
firewalls
|
|
A network-based IDS system is the best to use if your network has been subject to ____ scanning.
|
port
|
|
A network-based IDS system is best to use if you want to ensure a _______ amount of impact on network performance.
|
minimum
|
|
A ____-based IDS system does not monitor actual network packets.
|
host
|
|
A _________-based IDS system will not only tell you when intrusion attempts occur, but can also help you prevent future attacks.
|
signature
|
|
A _________ IDS system is good at identifying new types of attacks.
|
heuristic
|
|
An _____ IDS notification can display a pop-up message.
|
alert
|
|
________ is a network auditing tool that will report on any new programs or files that have been added to the system at a particular point in time.
|
Tripwire
|
|
A high-availability firewall should operate __ hours a day.
|
24
|
|
The advanced firewall function "____ _______" stores Web site content on a local drive.
|
data caching
|
|
____ balancing is an advanced firewall function that occurs when a hot standby system is configured to take over all traffic if the primary firewall fails.
|
Load
|
|
The advantage of a hot standby system is the ____ and _______ with which it can be set up and the quick back-up system it provides for the network.
|
ease
economy |
|
The "__ _______" configuration should be used if your server configuration changes frequently and you want to filter requests using the most up-to-date criteria.
|
no caching
|
|
Load _________ and load ________ are advanced firewall functions that will help to maximize the firewall's uptime and smooth operation.
|
balancing
sharing |
|
____ is a routing protocol that can route traffic based on its IP type.
|
OSPF (Open Shortest Path First)
|
|
30. "B" in the figure above is a ___.
|
DMZ
|
|
"C" in the figure above is a ______.
|
router
|
|
"D" in the figure above is a ____ ________.
|
load balancer
|
|
“E” in the figure above is a LAN _______.
|
gateway
|
|
The type of VPN configuration displayed in the figure above is ____.
|
mesh
|
|
The type of VPN configuration displayed in the figure above is ___-___-_____.
|
hub-and-spoke
|
|
In the figure above, the Intranet is located at _.
|
B
|
|
In the figure above an __________ firewall configuration is depicted.
|
enterprise
|
|
________ ________ Pro generated the screen above.
|
Personal Firewall
|
|
____ Alarm generated the screen above.
|
Zone
|
|
____ sharing is depicted in the figure above.
|
Load
|
|
____ sharing is depicted in the figure above.
|
Load
|
|
A ___ standby setup is depicted in the figure above.
|
hot
|
|
_____ _____ ______ Manager is displayed in the figure above.
|
Check Point Status
|
|
The _____ _____ secure update screen is displayed in the figure above.
|
Check Point
|