Chapters 8-10 Network Pro | Questions And Answers Latest {2024- 2025} A+ Graded |
100% Verified
An all-in-one security appliance is best suited for which type of implementation? - A remote office with
no on-site technician.
Which of the following features are common functions of an all-in-one security appliance? (Select two.) -
Spam filtering
Bandwidth shaping
You recently installed a new all-in-one security appliance in a remote office. You are in the process of
configuring the device. You need to:
Increase the security of the device.
Enable remote management from the main office.
Allow users to be managed through Active Directory.
You want to configure the device so you can access it from the main office. You also want to make sure
the device is as secure as possible.
Which of the following tasks should you carry out? (Select two.) - Change the default username and
password
Configure the device's authentication type to use Active Directory
Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used
once, more than once, or not at all.
Packet filtering firewall - OSI Layer 3
Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used
once, more than once, or not at all.
Circuit-level proxy - OSI Layer 5
Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used
once, more than once, or not at all.
Application-level gateway - OSI Layer 7
,Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used
once, more than once, or not at all.
Routed firewall - OSI Layer 3
Match the firewall type on the right with the OSI layer at which it operates. Each OSI Layer may be used
once, more than once, or not at all.
Transparent firewall - OSI Layer 2
Your company has a connection to the internet that allows users to access the internet. You also have a
web server and an email server that you want to make available to internet users. You want to create a
DMZ for these two servers.
Which type of device should you use to create the DMZ? - Network-based firewall
You have used firewalls to create a demilitarized zone. You have a web server that needs to be
accessible to internet users. The web server must communicate with a database server for retrieving
product, customer, and order information.
How should you place devices on the network to best protect the servers? (Select two.) - Put the web
server inside the DMZ
Put the database server on the private network
You have a router that is configured as a firewall. The router is a Layer 3 device only. Which of the
following does the router use for identifying allowed or denied packets? - IP address
You have just installed a packet filtering firewall on your network. Which options will you be able to set
on your firewall? (Select all that apply.) - Port number
Destination address of a packet
Source address of a packet
Which of the following describes how access lists can be used to improve network security? - An access
list filters traffic based on the IP header information such as source or destination IP address, protocol,
or socket numbers
,Which of the following is likely to be located in a DMZ? - FTP server
In which of the following situations would you most likely implement a demilitarized zone (DMZ)? - You
want to protect a public web server from attack
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Operates at Layer 2 - Virtual firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Operates at Layer 3 - Routed firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Counts as a hop in the path between hosts - Routed firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Does not count as a hop in the path between hosts - Virtual firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Each interface connects to a different network - Routed firewall
Match the firewall type on the left with its associated characteristics on the right. Each firewall type may
be used once, more than once, or not at all.
Each interface connects to the same network segment - Virtual firewall
When designing a firewall, what is the recommended approach for opening and closing ports? - Close all
ports; open only ports required by applications inside the DMZ
, After blocking a number of ports to secure your server, you are unable to send email. To allow email
service, which of the following needs to be done? - Open port 25 to allow SMTP service
You administer a web server on your network. The computer has multiple IP addresses. They are
192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the
website as follows:
IP address: 192.168.23.8
HTTP Port: 1030
SSL Port: 443
Users complain that they can't connect to the website when they type www.westsim.com. What is the
most likely source of the problem? - The HTTP port should be changed to 80
You want to maintain tight security on your internal network, so you restrict access to the network
through certain port numbers. If you want to allow users to continue to use DNS, which port should you
enable? - 53
In the output of the netstat command, you notice that a remote system has made a connection to your
Windows Server 2016 system using TCP/IP port 21.
Which of the following actions is the remote system most likely performing? - Downloading a file
You want to allow users to download files from a server running the TCP/IP protocol. You want to
require user authentication to gain access to specific directories on the server.
Which TCP/IP protocol should you implement to provide this capability? - FTP
Which of the following is a firewall function? - Packet filtering
You would like to control internet access based on users, time of day, and websites visited. How can you
do this? - Install a proxy server. Allow internet access only through the proxy server
Which of the following are true of a circuit proxy filter firewall? (Select two.) - Verifies sequencing of
session packets
Operates at the Session layer
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.