100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
ITN 266 Chapter 6 Test Questions with Correct Answers $12.99   Add to cart

Exam (elaborations)

ITN 266 Chapter 6 Test Questions with Correct Answers

 7 views  0 purchase
  • Course
  • ITN 266
  • Institution
  • ITN 266

ITN 266 Chapter 6 Test Questions with Correct Answers If a firewall receives a provable attack packet, the firewall will ________. - Answer- both log the packet and drop the packet Zero-day attacks might be stopped by ________ detection. - Answer- anomaly Nearly all main border walls today...

[Show more]

Preview 2 out of 6  pages

  • October 10, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • itn 266
  • ITN 266
  • ITN 266
avatar-seller
Scholarsstudyguide
ITN 266 Chapter 6 Test Questions
with Correct Answers

If a firewall receives a provable attack packet, the firewall will ________. - Answer- both
log the packet and drop the packet

Zero-day attacks might be stopped by ________ detection. - Answer- anomaly

Nearly all main border walls today use ________ filtering. - Answer- stateful packet
inspection

The firewall should go through vulnerability testing after each change. - Answer- true

In ________ filtering, the firewall filters packets when they are leaving the network. -
Answer- Ingress (should be egress)

In ingress filtering, the firewall examines packets entering the network from the outside,
typically from the Internet. - Answer- true

Static packet filtering is sometimes used ________. - Answer- both as a secondary
filtering mechanism on an application proxy firewall and on border routers

Which IPS response to an attack is the most effective in stopping attacks? - Answer-
dropping packets

What type of host may be placed in the DMZ? - Answer- both public webservers and
eternal DNS servers

Firewalls do not stop provable attack packets - Answer- false

Firewall policies should govern ________. - Answer- both configuration and testing

Automatic protections for application proxy firewalls include ________. - Answer- both
protocol fidelity and header destruction

The basic strategy of log file reading is to determine what traffic is usual. - Answer- false

If an IPS identifies an attack, it can ________. - Answer- both drop the attack packet(s)
and limit suspicious traffic to a certain percentage of the total bandwidth

, A border firewall sits at the boundary between the corporate site and the external
Internet. - Answer- true

A ________ is a persistent conversation between different programs on different
computers. - Answer- connection

Most firewall database policies include less than 5 rules. - Answer- false

Bandwidth limitation for certain types of traffic is less risky than dropping packets. -
Answer- true

A connection designates a specific program designated by a port number on a specific
computer's IP address. - Answer- false

An internal firewall sits at the boundary between the corporate site and the Internet. -
Answer- false

The purpose of egress firewall filtering is to stop attack packets from entering the firm's
internal network. - Answer- false

Why is creating firewall policies desirable compared to just creating a list of ACL rules? -
Answer- policies are easier to understand

A connection opening is a state. - Answer- true

An application proxy firewall needs have multiple proxy programs if it is to filter multiple
application protocols. - Answer- true

It is better to have an ACL that permits access to a single internal webserver than one
that allows access to all internal webservers. - Answer- true
A ________ attack is an attack that is made before attack signatures for the threat are
defined. - Answer- zero-day

Wire speed is the maximum speed at which a firewall can filter packets. - Answer- false

The combination of high safety and low cost makes SPI firewalls extremely popular. -
Answer- true

Creating ACLs is the most time-consuming part of firewall management. - Answer- false

In ingress and egress filtering, an SPI firewall always considers its ACL rules when a
new packet arrives that attempts to open a connection. - Answer- true

Half-open TCP SYN attacks can be stopped by many border firewalls. - Answer- true

What type of filtering do UTM firewalls provide? - Answer- antivirus filtering

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

62491 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.99
  • (0)
  Add to cart