CNIT 455 UPDATRD 2023 GRADE A+

CNIT 455 UPDATRD 2023 GRADE A+ Confidentiality, Integrity, Availability *Authentication, Authorization, Encryption, Non-Repudiation - CORRECT ANSWERWhat are the components of the Basic Security Model? Prevention, Detection, Response - CORRECT ANSWER-What are the components of the Security Trinity? Prevention, Detection, Containment, Investigation, Recovery, Follow-Up - CORRECT ANSWER-What should be the components of the Security Trinity? Security Trinity - CORRECT ANSWER-The blank security model is incident-oriented. Assets, Threats, Vulnerabilities (exposures), Attacks, Risk - CORRECT ANSWER-What are the components of security? ingress; egress - CORRECT ANSWER-Packet filters block blank and blank traffic. F (software) - CORRECT ANSWER-T/F: A packet filter is hardware that limits connectivity. rule - CORRECT ANSWER-Packet filters use blank-based filtering. rulesets - CORRECT ANSWER-Packet filter rules are combined into blank. T - CORRECT ANSWER-T/F: Packet filter best practice is to allow what you want and then deny all else. F - CORRECT ANSWER-T/F: All packet filters contain a firewall. packet filter - CORRECT ANSWER-A firewall always includes a blank. T - CORRECT ANSWER-T/F: Packet filters are vulnerable to IP address spoofing directly and indirectly. specialized network device (hardware firewall) - CORRECT ANSWER-Cisco PIX/ASA and Juniper NetScreen are what type of packet filter? software firewalls - CORRECT ANSWER-Windows firewall, iptables, and pfSense are examples of blank. replacement IP stack - CORRECT ANSWER-Bastion host is an example of a blank packet filter. F (replacement IP stack) - CORRECT ANSWER-T/F: Specialized network devices are the rarest packet filters. Loose Source Record Routing - CORRECT ANSWER-What enables a machine to spoof an address and traffic still properly identifies it? Loose Source Record Routing - CORRECT ANSWER-blank can allow access to networks that would otherwise be unreachable. T - CORRECT ANSWER-T/F: Packet filters are often implemented as a specialized network device. IP; DNS - CORRECT ANSWER-One should always use blank rather than blank when configuring a packet filter, as the latter is far easier to spoof. source; destination - CORRECT ANSWER-When filtering by IP, one should control access based on the blank/blank IP address. T - CORRECT ANSWER-T/F: Packet filters are vulnerable to IP address spoofing via ARP. ports - CORRECT ANSWER-UDP and TCP communication is based on numbered blank. F (only destination) - CORRECT ANSWER-T/F: UDP and TCP source and destination ports are standardized. source; 1024 - CORRECT ANSWER-UDP and TCP blank ports are chosen randomly, from port blank and above static; dynamic - CORRECT ANSWER-The two types of port filtering are blank and blank. stateful packet inspection - CORRECT ANSWER-Dynamic port filtering is also known as blank. Static - CORRECT ANSWER-blank port filtering involves only allowing traffic based on port number or IP/port number combination. static - CORRECT ANSWER-In blank port filtering, each packet is checked independently. Dynamic - CORRECT ANSWER-blank port filtering checks the context of the packet as well as source and destination addresses. F (destination port number) - CORRECT ANSWER-T/F: Destination static port filtering involves examining and filtering based on source port number. Dynamic source - CORRECT ANSWER-blank port filtering only works if a server responds to incoming messages on the port received. T - CORRECT ANSWER-T/F: Static source port forwarding is difficult to do effectively. 1023 - CORRECT ANSWER-In source static port forwarding, source ports are typically randomly chosen from numbers above blank. blocked - CORRECT ANSWER-In source static port forwarding, after a server sends a message using a random port 1023, the return traffic will be blank by the firewall. allow - CORRECT ANSWER-To work around the blocking caused by source static port forwarding, you must blank incoming traffic for ports 1023. bi-directional static filters - CORRECT ANSWER-What filters are based on destination port number for egress traffic and source port numbers for ingress traffic? ACK; outgoing - CORRECT ANSWER-TCP static source port filtering consists of performing a check on the ACK bit of blank TCP traffic. T - CORRECT ANSWER-T/F: TCP static source port filtering does not work for flows that dynamically open multiple connections, such as FTP or H.323. UDP is connectionless - CORRECT ANSWER-UDP source port static filtering is bad because blank. deny UDP - CORRECT ANSWER-UDP source port static filtering best practice is to blank. UDP source port - CORRECT ANSWER-blank static filtering might not be possible because of the reliance on DNS. Dynamic - CORRECT ANSWER-blank packet filtering keeps ports closed until needed. Dynamic - CORRECT ANSWER-Static/Dynamic packet filtering builds a state table of information about communications. T - CORRECT ANSWER-T/F: The state table in dynamic packet filtering keeps track of sequence numbers of TCP packets and UDP data flows. F - CORRECT ANSWER-T/F: Dynamic packet filtering cannot perform authentication upon session startup. T - CORRECT ANSWER-T/F: Dynamic packet filtering can examine the application layer to ensure the traffic is what it says it is. nothing - CORRECT ANSWER-The safest solution when deciding to block traffic is to send blank. Speed - CORRECT ANSWER-blank is the primary strength of a packet filter. T - CORRECT ANSWER-T/F: Packet filters have limited to no logging and limited authentication. F - CORRECT ANSWER-T/F A properly configured packet filter is immune to IP address spoofing. T - CORRECT ANSWER-T/F All modern packet filters implement stateful (dynamic) packet inspection. F (Stateful packet inspection is a filtering method. As such packets are delivered from the source to the destination. An application layer gateway breaks the data flow into two separate sessions: one between the target and the ALG and one from the requester and the ALG.) - CORRECT ANSWER-T/F: Stateful packet inspection is another term for application layer gateway. T - CORRECT ANSWER-T/F The biggest disadvantage of packet filtering is that a direct connection is made between the source and destination hosts. T - CORRECT ANSWER-T/F: Using UDP static filtering and allowing outgoing connections effectively opens up all non-reserved UDP ports for incoming traffic. inter-networking - CORRECT ANSWER-Routers, bridges, and switches are examples of blank devices. Firewalls - CORRECT ANSWER-blank are inter-networking devices that contain a packet filter. switch - CORRECT ANSWER-A blank is a multi-port bridge. 2 - CORRECT ANSWER-A bridge is a Layer blank device. 3 - CORRECT ANSWER-A router is a Layer blank device.