Security Pro Ch5 UPDATED Exam Questions and CORRECT Answers
1 view 0 purchase
Course
Security Pro Ch5
Institution
Security Pro Ch5
Security Pro Ch5 UPDATED Exam
Questions and CORRECT Answers
Where should an organization's web server be placed? - CORRECT ANSWER- DMZ
Which of the following is a privately controlled portion of a network that is accessible to
some specific external entities? - CORRECT ANSWER- Extranet
You w...
Security Pro Ch5 UPDATED Exam
Questions and CORRECT Answers
Where should an organization's web server be placed? - CORRECT ANSWER- DMZ
Which of the following is a privately controlled portion of a network that is accessible to
some specific external entities? - CORRECT ANSWER- Extranet
You want to create a collection of computers on your network that appear to have valuable
data but actually store fake data that could entice a potential intruder. Once the intruder
connects, you want to be able to observe and gather information about the attacker's methods.
Which feature should you implement? - CORRECT ANSWER- Honeynet
A honeypot is used for which purpose? - CORRECT ANSWER- To delay intruders in order
to gather auditing data
Which of the following devices can apply quality of service and traffic-shaping rules based
on what created the network traffic? - CORRECT ANSWER- Application-aware devices
You are the office manager of a small financial credit business. Your company handles
personal financial information for clients seeking small loans over the internet. You are aware
of your obligation to secure clients records, but the budget is an issue for your company.
Which item would provide the BEST security for this situation? - CORRECT ANSWER- All-
in-one security appliance
You are implementing security at a local high school that is concerned with students
accessing inappropriate material on the internet from the library's computers. The students
use the computers to search the internet for research paper content. The school budget is
limited.
Which content filtering option would you choose? - CORRECT ANSWER- Restrict content
based on content categories.
Which of the following BEST describes a honeyfile? - CORRECT ANSWER- A single file
setup to entice and trap attackers.
,Members of the sales team use laptops to connect to the company network. While traveling,
they connect their laptops to the internet through airport and hotel networks.
You are concerned that these computers could pick up viruses that could spread to your
private network. You would like to implement a solution that prevents the laptops from
connecting to your network unless antivirus software and the latest operating system patches
are installed.
Which solution should you use? - CORRECT ANSWER- NAC
A proxy server can be configured to do which of the following? - CORRECT ANSWER-
Restrict users on the inside of a network from getting out to the internet.
Which of the following terms describes a network device that is exposed to attacks and has
been hardened against those attacks? - CORRECT ANSWER- Bastion or sacrificial host
Of the following security zones, which one can serve as a buffer network between a private
secured network and the untrusted internet? - CORRECT ANSWER- DMZ
Which of the following is the MOST likely to happen if the firewall managing traffic into the
DMZ fails? - CORRECT ANSWER- Only the servers in the DMZ are compromised, but the
LAN will stay protected.
You have a company network that is connected to the internet. You want all users to have
internet access, but you need to protect your private network and users. You also need to
make a web server publicly available to internet users.
Which solution should you use? - CORRECT ANSWER- Use firewalls to create a DMZ.
Place the web server inside the DMZ and the private network behind the DMZ.
How many network interfaces does a dual-homed gateway typically have? - CORRECT
ANSWER- 3
What needs to be configured on a firewall to allow traffic directed to the public resource in
the DMZ? - CORRECT ANSWER- Packet filters
, You have used firewalls to create a demilitarized zone. You have a web server that needs to
be accessible to internet users. The web server must communicate with a database server for
retrieving product, customer, and order information.
How should you place devices on the network to best protect the servers? (Select two.) -
CORRECT ANSWER- Put the database server on the private network.
Put the web server inside the DMZ.
In which of the following situations would you most likely implement a demilitarized zone
(DMZ)? - CORRECT ANSWER- You want to protect a public web server from attack.
Which of the following is another name for a firewall that performs router functions? -
CORRECT ANSWER- Screening router
Which of the following is the BEST solution to allow access to private resources from the
internet? - CORRECT ANSWER- VPN
Which of the following describes how access control lists can be used to improve network
security? - CORRECT ANSWER- An access control list filters traffic based on the IP header
information, such as source or destination IP address, protocol, or socket number.
Which of the following are features of an application-level gateway? (Select two.) -
CORRECT ANSWER- Stops each packet at the firewall for inspection
Reassembles entire messages
You want to install a firewall that can reject packets that are not part of an active session.
Which type of firewall should you use? - CORRECT ANSWER- Circuit-level gateway
Jessica needs to set up a firewall to protect her internal network from the internet. Which of
the following would be the BEST type of firewall for her to use? - CORRECT ANSWER-
Hardware
You have been given a laptop to use for work. You connect the laptop to your company
network, use it from home, and use it while traveling.
You want to protect the laptop from internet-based attacks. Which solution should you use? -
CORRECT ANSWER- Host-based firewall
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller MGRADES. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.
