Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Net def mod 5,6,
Net def mod 5,6,7
| Question | Answer |
|---|---|
| Which three layers of the OSI model include information that is commonly inspected by a stateful firewall? (Choose three.) | Layer 3,4,5 |
| How does a firewall handle traffic that is originating from the DMZ network and traveling to a private network? | Traffic is usually blocked when it is originating from the DMZ network and traveling to a private network. |
| Which type of firewall is supported by most routers and is the easiest to implement? | packet filtering firewall. |
| Which type of traffic is usually blocked when implementing a demilitarized zone? | traffic originating from the DMZ network and traveling to the private network |
| What are two benefits of implementing a firewall in a network? (Choose two.) | A firewall will sanitize protocol flow. A firewall will reduce security management complexity. |
| Which type of firewall is commonly part of a router firewall and allows or blocks traffic based on Layer 3 or 4 information? | packet filtering firewall |
| Which two protocols are stateless and do not generate connection information needed to build a state table? (Choose two.) | ICMP UDP |
| What is one benefit of using a next-generation firewall rather than a stateful firewall? | integrated use of an intrusion prevention system (IPS). |
| What are two characteristics of an application gateway firewall? (Choose two.) | Analyzes traffic at Layers 3, 4, 5 and 7 of the OSI model. Performs most filtering and firewall control in software. |
| Which type of firewall generally has a low impact on network performance? | stateless firewall |
| When implementing a ZPF, which statement describes a zone? | A zone is a group of one or more interfaces that have similar functions or features. |
| Which statement is a characteristic of a packet filtering firewall? | They are susceptible to IP spoofing. |
| Which statement describes a zone when implementing ZPF on a Cisco router? | A zone establishes a security border of a network. |
| When a Cisco IOS zone-based policy firewall is being configured, which two actions can be applied to a traffic class? (Choose two.) | drop inspect |
| Designing a ZPF requires several steps. Which step involves defining boundaries where traffic is subjected to policy restrictions as it crosses to another region of the network? | determine the zones |
| Which statement describes a feature of a zone-based policy firewall? | It does not depend on ACLs. |
| When configuring a class map for a zone-based policy firewall, how is the match criteria applied when using the match-all parameter? | Traffic must match all of the match criteria specified in the statement. |
| Which three statements describe zone-based policy firewall rules that govern interface behavior and the traffic moving between zone member interfaces? (Choose three.) | Pass, inspect, and drop options can only be applied between two zones. To permit traffic to and from a zone member interface, If traffic is to flow between all interfaces in a router, |
| In ZPF design, what is described as the self zone? | the router itself, including all interfaces with assigned IP addresses |
| Which statement describes a factor to be considered when configuring a zone-based policy firewall? | A zone must be configured with the zone security global command before it can be used in the zone-member security command. |
| In what step of zone-based policy firewall configuration is traffic identified for policy application? | configuring class maps |
| How does ZPF handle traffic between an interface that is a zone member and another interface that does not belong to any zone? | drop |
| Which statement describes one of the rules that govern interface behavior in the context of implementing a zone-based policy firewall configuration? | By default, traffic is allowed to flow among interfaces that are members of the same zone. |
| Which statement accurately describes Cisco IOS zone-based policy firewall operation? | The pass action works in only one direction. |
| Which type of firewall filters information at Layers 3, 4, 5, and 7 of the OSI reference model? | Application Gateway |
| Which type of firewall is a combination of various firewall types? | Hybrid |
| Which type of firewall is part of a router firewall, permitting or denying traffic based on Layer 3 and Layer 4 information? | Packet filtering |
| Which type of firewall is a PC or server with firewall software running on it? | Host-based |
| Which type of firewall filters IP traffic between a pair of bridged interfaces? | Transparent |
| Which network security design typically uses one inside interface, one outside interface, and one DMZ interface? | demilitarized |
| Which security design uses different types of firewalls and security measures that are combined at different areas of the network to add depth to the security of an organization ? | layered defense |
| Which three statements describe trusted and untrusted areas of the network? (Choose three.) | - The public internet is generally considered untrusted. - Internal networks, except the DMZ, are considered trusted. - In a ZPF network, traffic that moves within zones is generally considered trusted. |
| Which network design groups interfaces into zones with similar functions or features? | ZPF |
| What are two best practices when implementing firewall security policies? | - Disable unnecessary network services. - Strictly control physical access to firewall devices. |
Created by:
jajacoal