ITN 266 Chapter 6 Test Questions with Correct Answers
7 views 0 purchase
Course
ITN 266
Institution
ITN 266
ITN 266 Chapter 6 Test Questions with Correct Answers
If a firewall receives a provable attack packet, the firewall will ________. - Answer- both log the packet and drop the packet
Zero-day attacks might be stopped by ________ detection. - Answer- anomaly
Nearly all main border walls today...
ITN 266 Chapter 6 Test Questions
with Correct Answers
If a firewall receives a provable attack packet, the firewall will ________. - Answer- both
log the packet and drop the packet
Zero-day attacks might be stopped by ________ detection. - Answer- anomaly
Nearly all main border walls today use ________ filtering. - Answer- stateful packet
inspection
The firewall should go through vulnerability testing after each change. - Answer- true
In ________ filtering, the firewall filters packets when they are leaving the network. -
Answer- Ingress (should be egress)
In ingress filtering, the firewall examines packets entering the network from the outside,
typically from the Internet. - Answer- true
Static packet filtering is sometimes used ________. - Answer- both as a secondary
filtering mechanism on an application proxy firewall and on border routers
Which IPS response to an attack is the most effective in stopping attacks? - Answer-
dropping packets
What type of host may be placed in the DMZ? - Answer- both public webservers and
eternal DNS servers
Firewalls do not stop provable attack packets - Answer- false
Firewall policies should govern ________. - Answer- both configuration and testing
Automatic protections for application proxy firewalls include ________. - Answer- both
protocol fidelity and header destruction
The basic strategy of log file reading is to determine what traffic is usual. - Answer- false
If an IPS identifies an attack, it can ________. - Answer- both drop the attack packet(s)
and limit suspicious traffic to a certain percentage of the total bandwidth
, A border firewall sits at the boundary between the corporate site and the external
Internet. - Answer- true
A ________ is a persistent conversation between different programs on different
computers. - Answer- connection
Most firewall database policies include less than 5 rules. - Answer- false
Bandwidth limitation for certain types of traffic is less risky than dropping packets. -
Answer- true
A connection designates a specific program designated by a port number on a specific
computer's IP address. - Answer- false
An internal firewall sits at the boundary between the corporate site and the Internet. -
Answer- false
The purpose of egress firewall filtering is to stop attack packets from entering the firm's
internal network. - Answer- false
Why is creating firewall policies desirable compared to just creating a list of ACL rules? -
Answer- policies are easier to understand
A connection opening is a state. - Answer- true
An application proxy firewall needs have multiple proxy programs if it is to filter multiple
application protocols. - Answer- true
It is better to have an ACL that permits access to a single internal webserver than one
that allows access to all internal webservers. - Answer- true
A ________ attack is an attack that is made before attack signatures for the threat are
defined. - Answer- zero-day
Wire speed is the maximum speed at which a firewall can filter packets. - Answer- false
The combination of high safety and low cost makes SPI firewalls extremely popular. -
Answer- true
Creating ACLs is the most time-consuming part of firewall management. - Answer- false
In ingress and egress filtering, an SPI firewall always considers its ACL rules when a
new packet arrives that attempts to open a connection. - Answer- true
Half-open TCP SYN attacks can be stopped by many border firewalls. - Answer- true
What type of filtering do UTM firewalls provide? - Answer- antivirus filtering
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.