CCSA Exam Questions and Answers 100% Solved | Graded A+
3 views 0 purchase
Course
CCSA
Institution
CCSA
CCSA Exam Questions and Answers
100% Solved | Graded A+
Security Management Server - Manages g/w's, pushes policies to
g/w's, monitors security events, logs, correlates, & provides info to admins.
Stores packages/licences in repositories.
AS - Anti-Spoofing
Anti-spoofing - Technique used by g...
Security Management Server - ✔✔Manages g/w's, pushes policies to
g/w's, monitors security events, logs, correlates, & provides info to admins.
Stores packages/licences in repositories.
AS - ✔✔Anti-Spoofing
Anti-spoofing - ✔✔Technique used by g/w's that verifies source IP of
packet is in the topology of the destination interface.
EX: Packets from internal network are validated to make sure they are for
internal network interface.
Stealth Rule - ✔✔Prevents users from connecting to g/w directly.
Should be placed above all rules UNLESS connections need to be made
directly to g/w's for functionality.
Cleanup Rule - ✔✔Recommended to determine how to handle
connections not matched by rules above.
Logs connections that would otherwise be dropped without logging by
default.
,Necessary for traffic logging.
Last explicit rule in rule base order.
Explicit Rules - ✔✔Manually created rules by admin.
Located between 1st rule and before last rule in rule base order.
Implied Rules - ✔✔Cannot be modified. Generated in rule base as part
of Global Properties. Applied before all other rules in rule base order.
Control Connection Types - ✔✔Defined by Implied Rules
1. G/W specific traffic
2. IKE & RDP for communication & encryption
3. Communication with various types of servers:
RADIUS, CVP, UFP, TACACS, LDAP
How many types of implied rules are enforced by SMS - ✔✔2
Before Last Implied Rule - ✔✔More specific implied rules enforced
before last rule in rule base order.
Last Explicit Rule - ✔✔a.k.a clean up rule. Last rule written by admins in
rule base order.
Last Implied Rule - ✔✔Applied after all other explicit & implied rules in
rule base order.
Except for the Implicit cleanup rule.
,Implicit Cleanup Rule - ✔✔Rule applied by default if no other rule is
matched.
Setting that is defined in the global properties for all policies
What happens if clean up rule is the last explicit rule? - ✔✔The last
implied rule and the implied cleanup rule are not applied.
3 mechanisms for controlling network traffic - ✔✔1. Packet Filtering
2. Stateful Inspection
3. Application Layer F/W's
Security Policy - ✔✔Collection of objects, settings, & rules that:
1. Control network traffic
2. Enforce org. guidelines for data protection
3. Access to resources w/ packet inspection
State Tables - ✔✔Key component of
Inspection Technology.
Maintains info needed to inspect packets.
EX. New packet contents is compared to _____ ______ which will
determine if traffic is permitted or denied.
Inspect Engine - ✔✔Installed on g/w.
Extracts state related info. from packets & stores in state tables.
, Packet Filtering - ✔✔Most basic form of F/W.
Pros:App independent
High performance
Scalable
Cons:Low Security and does not function above Network Layer
Controls access to network segments as directed by Rule Base.
Functions in network & Transport Layer
Packets:
Source Address
Destination Address
Source Port
Destination Port
Protocol
How many rules are needed for packet filtering connections? - ✔✔1.
Outgoing rule to allow external connection
2. Incoming rule to allow internal connection
Stateful Inspection - ✔✔Keep track of each communication, maintain a
table that contains data about each connection. Extracts detailed
information from packets and stores that information in state tables.
CRL - ✔✔Certificate Revocation List
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller NinjaNerd. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.