Testout Network Pro Ch 1-8 Exams and
Labs
You want to maintain security on your internal network - Answer- 53
Using the Netstat command, you notice that a remote system - Answer- Downloading a
file
You want to allow your users to download files from a server running the TCP - Answer-
FTP
After blocking a number of ports to secure your server - Answer- Open port 25 to allow
SMTP service
Users complain that they can't connect to the website when they type - Answer- The
HTTP port should be changed to 80
Which of the following does a router acting as a firewall use to control packets - Answer-
ACL
You have a company network that is connected to the Internet. You want all users -
Answer- Use firewalls to create a DMZ. Web Inside / Private Behind
You have just installed a packet-filtering firewall - Answer- Port number/source address
of a packet/destination address of a packet
Which of the following describes how access lists - Answer- An access list filters traffic
based on the IP header information such as source or destination IP address, protocol,
or socket numbers.
You have used firewalls to create a demilitarized zone - Answer- Put the Database on
the private network/Put the Web server inside the DMZ
when designing a firewall, what is the recommended approach - Answer- Close all
ports, open only ports required
Match the firewall type - Answer- Layer 2- V
Layer 3- R
Counts-R
,Does-V
Different-R
Same-V
Your Cisco router has three - Answer- Add a permit
Which firewall implementation creates a buffer - Answer- DMZ
Which of the following are true about routed firewalls - Answer- Supports
Counts
An All-in-one security appliance is best - Answer- a Remote
Which of the following features are common functions - Answer- Bandwith shaping
Spam Filtering
You recently installed a new all-in-one security appliance in a remote office - Answer-
Change the default
Configure the device's authentication
Which of the following prevents access based on website ratings - Answer- Content
filter
You manage a server that runs your company website - Answer- Proxy Server
Based on the diagram, which type of proxy is handling the client's request - Answer-
Reverse
Which of the following network services or protocols uses TCP/IP port 22 - Answer-
SSH
Which port number is used by SNMP - Answer- 161
Which protocol and port number is used by BOOTP - Answer- UDP 67
To increase security on your company's internal network - Answer- 443
You are monitoring network traffic on your network and you see a large amount of traffic
between a Windows - Answer- The workstation is using NetBIOS to access shared
resources on the server
You are monitoring network traffic on your network, and you see traffic between two
network hosts on port 2427 - Answer- Someone is using Voice over IP VOIP
You have been given a laptop to use for work - Answer- Host-based
,You have just installed a packet-filtering firewall on your network - Answer- Destination
address
Port number
Source address
You provide Internet access for a local school - Answer- Application Level
A small startup company has hired - Answer- The UTM represents a single point of
failure
Match the firewall type on the right - Answer- Packet Filtering Firewall- 3
Circuit Level Proxy - 5
Application Level Gateway - 7
Routed Firewall - 3
Transparent Firewall - 2
Which of the following prevents access based on website rating and classifications? -
Answer- Content filter
You manage a server that runs your company Web site. The Web server has reached
its capacity, and the number of client requests is greater than the server can handle.
You would like to find a solution so that static Web content can be offloaded to a
different server, while the Web server continues to process dynamic content.
Which solution should you implement? - Answer- Proxy server
Based on the diagram, which type of proxy server is handling the client's request? -
Answer- Reverse Proxy Server
Which of the following network services or protocols uses TCP/IP port 22? - Answer-
SSH
Which port number is used by SNMP? - Answer- 161
Which protocol and port number is used by BOOTP/DHCP? - Answer- UDP 67
To increase security on your company's internal network, the administrator has disabled
as many ports as possible. Now, however, though you can browse the Internet, you are
unable to perform secure credit card transactions. Which port needs to be enabled to
allow secure transactions? - Answer- 443
You are monitoring network traffic on your network and you see a large amount of traffic
between a Windows workstation and a Window server on the following ports:
*137
*138
, *139
Which is the source of this network traffic? - Answer- The workstation is using NetBIOS
to access shared resources on the server.
You are monitoring network traffic on your network, and you see the traffic between two
network hosts on port 2427. What is the source of this network traffic? - Answer-
Someone is using Voice over IP (VoIP) to make a telephone call.
You have been given a laptop to use for work. You connect the laptop to your company
network, use it from home, and use it while traveling. You want to protect the laptop
from Internet-based attacks.
What solution should you use? - Answer- Host-based firewall
You have just installed a packet-filtering firewall on your network. Which options will you
be able to set on your firewall? - Answer- Source address of a packet
Destination address of a packet
Port Number
You provide Internet access for a local school. You want to control Internet access
based on user, and prevent access to specific URLs. Which type of firewall should you
install? - Answer- Application-level
A small startup company has hired you to harden their new network. Because funds are
limited, you have decided to implement a unified threat management (UTM) device that
provides multiple security features in a single network appliance:
• Firewall
• VPN
• Anti-spam
• Antivirus
You join the UTM device to the company's Active Directory domain. The company's
traveling sales force will use the VPN functionality provided by the UTM device to
connect to the internal company network from hotel and airport public WiFi networks.
What weaknesses exist in this implementation? - Answer- The UTM represents a single
point of failure.
Match the firewall type on the right with the OSI layers at which it operates.
Note: Each OSI Layer can be used once, more than once, or not at all. - Answer-
Packet Filtering Firewall
OSI Layer 3
Circuit-level Proxy
OSI Layer 5
Application-level Gateway
OSI Layer 7
Routed Firewall
OSI Layer 3
Transparent Firewall
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller millyphilip. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.49. You're not tied to anything after your purchase.