Help
Options
Question
Firewalls fall into ________ major processing-mode categories.
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Question
________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information.
Remaining cards (36)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Q3
| Question | Answer |
|---|---|
| Firewalls fall into ________ major processing-mode categories. | FIVE |
| ________ firewalls examine every incoming packet header and can selectively filter packets based on header information such as destination address, source address, packet type, and other key information. | PACKET-FILTERING |
| The restrictions most commonly implemented in packet-filtering firewalls are based on ____. | d. All of the above |
| ____ filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall. | STATIC |
| ____ filtering firewall can react to an emergent event and update or create rules to deal with the event. | DYNAMIC |
| ____ inspection firewalls keep track of each network connection between internal and external systems. | STATEFUL |
| The application gateway is also known as a(n) | APPLICATION-LEVEL FIREWALL. |
| The proxy server is often placed in an unsecured area of the network or is placed in the ____ zone. | DEMILITARIZED |
| The ____ is an intermediate area between a trusted network and an untrusted network | DMZ |
| ____ firewalls are designed to operate at the media access control sublayer of the data link layer of the OSI network model. | MAC LAYER |
| In recent years, the broadband router devices that can function as packetfiltering firewalls have been enhanced to combine the features of | WAPs |
| Since the bastion host stands as a sole defender on the network perimeter, it is commonly referred to as the ____ host. | SACRIFICIAL |
| The dominant architecture used to secure network access today is the | SCREENED subnet firewall. |
| the protocol for handling TCP traffic through a proxy server. | SOCKS |
| Telnet protocol packets usually go to TCP port | 23 |
| ICMP uses port __ to request a response to a query and can be the first indicator of a malicious attack. | 7 |
| In most common implementation models, the content filter has two components: | RATING AND FILTERING. |
| ____ and TACACS are systems that authenticate the credentials of users who are trying to access an organization’s network via a dial-up connection. | RADIUS |
| Which of the following is a valid version of TACACS? | All of the above |
| ____ generates and issues session keys in Kerberos. | KDC |
| Kerberos ____ provides tickets to clients who request services. | TGS |
| In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n) ____ . | PAC |
| A(n) ____ is “a private data network that makes use of the public telecommunication infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.” | VPN |
| In ____ mode, the data within an IP packet is encrypted, but the header information is not. | TRANSPORT |
| ISA Server can use ______________ technology. | POINT TO POINT TUNNELING PROTOCOL |
| A(n) ______________ is an information security program that prevents specific types of information from moving between the outside world and the inside world. | FIREWALL |
| A packet-______________ firewall installed on a TCP/IP based network typically functions at the IP level and determine whether to drop a packet or forward it to the next network connection based on the rules programmed into the firewall. | FILTERING |
| Simple firewall models enfors address ______________ , which are rules designed to prohibit packets with certain addresses or partial addresses from passing through the device. | RESTRICTIONS |
| The ______________ packet-filtering firewall allows only a particular packet with a particular source, destination, and port address to enter through a firewall. | DYNAMIC |
| The application firewall is also known as a(n) ______________ server. | PROXY |
| The circuit gateway firewall operates at the ______________ layer. | TRANSPORT |
| ______________ firewalls combine the elements of other types of firewalls - that is, the elements of packet filtering and proxy services, or of packet filtering and circuit gateways. | HYBRID |
| The fifth generation firewalls include the ______________ proxy, a specialized form that works under Windows NT Executive, which is the kernel of Windows NT. | KERNEL |
| Since the bastion host stands as the sole defender on the network perimeter, it is commonly referred to as the ______________ host. | SACRIFICIAL |
| The architecture of a ______________ firewall provides a DMZ. | SCREENED SUBNET |
| The general approach of the ______________ protocol is to place the filtering requirements on the individual workstation rather than on a single point of defense. | SOCKS |
| The firewall device is never accessible directly from the ______________ network. | PUBLIC |
Created by:
majbala